The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Robotic technologies are continuously transforming the domestic and the industrial environments. Recently the Robotic Operating System (ROS), has been widely adopted both by industry and academia, becoming one of the most popular middleware frameworks for developing robot applications. Guaranteeing the correct behaviour of robotic systems is, however, challenging due to their potential for parameterization...
This paper presents a framework to ensure the correctness of service-oriented architectures based on runtime verification techniques. Traditionally, the reliability of safety critical systems is ensured by testing the complete system including all subsystems. When those systems are designed as service-oriented architectures, and independently developed subsystems are composed to new systems at runtime,...
Cyber-physical systems (CPS) may interact and manipulate objects in the physical world, and therefore ideally would have formal guarantees about their behavior. Performing static-time proofs of safety invariants, however, may be intractable for systems with distributed physical-world interactions. This is further complicated when realistic communication models are considered, for which there may not...
Cyber-Physical Systems (CPS) involve deep interactions between computation cores, communication networks, and physical environments. These systems are inherently complex and highly nondeterministic. This makes the traditional formal verification technology impractical to verify the complete system behavior, and testing alone is insufficient to guarantee correctness. Runtime monitoring, known as a...
This paper considers the problem of finding dynamic sensor activation policies that satisfy the property of K-diagnosability for discrete event systems modeled by finite state automata. We begin by choosing a suitable information state for the problem and defining a controller. We then define a structure called the most permissive observer, which provides all feasible solutions for the controller...
Service Level Agreements (SLAs) need to be monitored at runtime to assure that the Business Level Agreements (BLAs) / Business Level Objectives (BLOs) are indeed satisfied in the realized business workflow and allow the organization to adjust its business processes best to the environment. In this paper, we show how multiple SLAs specified on various observable attributes can be formally specified,...
The distributed nature of web services, absence of a single stakeholder and the resulting fact that there is no control on the individual web services makes it difficult to ensure that the computation underlying the web service composition proceeds as intended. Thus, it is essential to monitor the computations at runtime to satisfy the needs of the user safety and QoS properties. In this paper, we...
Execution monitoring (EM) is a ubiquitous way for monitoring untrusted applications. In this paper, we concern the characterization of security policies which was seldom concerned before. We define security policy as a security predicate which is a conjunction of two different sub-predicates: sequences predicate and states predicate. This work proves that different implementations of security policies...
This paper is motivated by the challenge to traditional development process of embedded systems from the evolution of dependability requirements, which leads to manual analysis and revision of system designs at design-time or post-implementation at a high cost, especially when the target system is complex or large. This paper proposes a complementary methodology, namely the model monitoring approach,...
Application of runtime monitoring to maintain the health of an embedded real-time software system requires that anomalous behavior be detected within a bounded time while preserving the temporal guarantees of the underlying system. Existing results can compute bounds on the detection latency of runtime monitors that are realized as a deferrable server running at the highest priority. In this paper,...
The complexity of software in embedded systems has increased significantly over the last years so that software verification now plays an important role in ensuring the overall product quality. In this context, bounded model checking has been successfully applied to discover subtle errors, but for larger applications, it often suffers from the state space explosion problem. This paper describes a...
Local policies represent security properties that are applied to (parts of) programs or services. They are amenable for developers since they provide for a full compositionality (through scope nesting), for a simple, automaton-like structure and for a direct enforcing through a corresponding execution monitor. Compliance w.r.t. local policies is statically verified against a safe over-approximation...
Deeply embedded infrastructures are pervasive systems that have significant cyber and physical components, interacting with each other in complex ways. These interactions can violate a system's security policy leading to unintended information flow. Execution monitor (EM) enforceability is the concept of monitoring a system during runtime for any security policy violations and terminating the execution...
We algebraically characterize a class of enforceable security policies by execution monitoring using a modal logic. We regard monitors as processes in Milnerpsilas CCS and security policies as formulas in the modal logic. We show that a set of processes occurring in a monitor must be within the greatest fixed point for the formula, following Schneiderpsilas definition on execution monitors. We also...
We propose a two-tiered hierarchical approach for detecting faults in embedded control software during their runtime operation: The observed behavior is monitored against the appropriate specifications at two different levels, namely, the software level and the controlled-system level. (The additional controlled- system level monitoring safeguards against any possible incompleteness at the software...
The continuous run-time monitoring of the behavior of a system is a technique that is used both as a complementary approach to formal verification and testing to ensure reliability, as well as a means to discover emergent properties in a distributed system, like intrusion and event correlation. The monitors in all these scenarios can be abstractly viewed as automata that process a (unbounded) stream...
Model-based testing techniques select test cases according to test goals, which might be coverage criteria or mutation adequacy. Complex criteria and large models lead to large test suites, and a test case created for one coverage item might cover several other items as well. Therefore, test case generation is optimized in order to avoid unnecessary test cases and minimize the test generation and...
The increased availability of mobile broadband connec- tions enables the expansion of software downloads to mobile devices. This leads to greater number of available services and a better utilisation of the computational power of mobile devices. The downside of this increased software availability is an increase in the possible attack vectors. One scenario is the misuse of resources, for example,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.