The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Presents the introductory welcome message from the conference proceedings. May include the conference officers' congratulations to all involved with the conference event and publication of the proceedings record.
The actions taken by software should be consistent with relevant constraints arising in the real world. For example, computations should not mix values that are understood as being expressed in incompatible physical units. To enable checking of such consistency our previous work introduced: (a) a new structure, the interpreted formalism, that is a software analog of the notion of an informal interpretation...
The efficiency and maintainability of fault tolerance mechanisms in a computer system has typically not been a major topic of concern, mostly because fault tolerance is a non-functional system requirement. This paper proposes a Holistic Fault Tolerance architecture, based on a centralised fault tolerance management, with related functionality distributed across the entire system. The most suitable...
We consider binary voting in a replica voting setup with a small number of redundant components. Seeking to understand the implications of corrupted components on voting schemes, we consider a simplified setup where one node is highly compromised and the remaining nodes are functionally homogenous. We show that if the homogenous nodes are slightly better than average at voting correctly and the highly...
Reducing defects in critical systems is a challenge faced every day by industry experts and researchers in the dependability and quality assurance fields. However, the state of the art and practice of Root Cause Analysis (RCA) is largely ad hoc. In this paper we develop a corpus of root causes that are evaluated across a broad survey in the industry and academia. The results provide several key insights...
Cyber physical systems, like power plants, medical devices and data centers have to meet high standards, both in terms of safety (i.e. absence of unintentional failures) and security(i.e. no disruptions due to malicious attacks). This paper presents attack fault trees (AFTs), a formalism thatmarries fault trees (safety) and attack trees (security). We equipAFTs with stochastic model checking techniques,...
The increasing number of cyber-attacks on industriesdemands immediate attention for providing more securemechanisms to safeguard industries and minimize risks. Cyberphysical systems (CPS) being used in industries such as oil and gas, chemical process plants and the like are termed Industrial Control Systems (ICS). Control system security is aimed at preventing intentional or unintentional interference...
An approach for integrating Six-Step Model (SSM) with Information Flow Diagrams (IFDs) is proposed. SSM is a model for Cyber-Physical System (CPS) safety and security analysis, which incorporates six hierarchies of CPS, namely, functions, structure, failures, safety countermeasures, cyber-attacks, and security countermeasures. Relationship matrices are used in SSM to identify inter-relationships between...
An effective defense-in-depth in cyber security applies multiple layers of defense throughout a system. The goalis to defend a system against cyber-attack using severalindependent methods. Therefore, a cyber-attack that is able to penetrate one layer of defense may be unsuccessful in other layers. Common layers of cyber defense include: attack avoidance, prevention, detection, survivability and recovery...
We observed that safety arguments are prone tostay too abstract, e.g. solutions refer to large packages, argumentstrategies to complex reasoning steps, contexts and assumptionslack traceability. These issues can reduce the confidence werequire of such arguments. In this paper, we investigate theconstruction of confident arguments from (i) hazard analysis(HA) results and (ii) the design of safety measures,...
In the railway domain, an interlocking is the system ensuring safe train traffic inside a station by controlling its active elements such as the signals or points. Modern interlockings are configured using particular data, called application data, reflecting the track layout and defining the actions that the interlocking can take. The safety of the train traffic relies thereby on application data...
Ensuring software security is essential for developing a reliable software. A software can suffer from security problems due to the weakness in code constructs during software development. Our goal is to relate software security with different code constructs so that developers can be aware very early of their coding weaknesses that might be related to a software vulnerability. In this study, we chose...
With the rise of cloud computing and virtualization of resources, cloud management systems are becoming a key differentiator for the quality of service offered by the cloud providers. OpenStack is considered the de-facto open-source cloud management system at the infrastructure as a service layer. Despite the efforts of hardening the high availability of OpenStack, its fault tolerance during the provisioning...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.