The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Property directed reachability (PDR) has been introduced as a very efficient verification method for synchronous hardware circuits which is based on induction rather than fixpoint computation. The method incrementally refines a sequence of clause sets that over-approximate the states that are reachable in finitely many steps. Even being valid, safety properties may not be provable by induction due...
Fundamentals of diversity and multi-version systems (MVS) are overviewed. Main concepts and taxonomy of multi-version computing, methods of diversity assessment and technologies of development are analyzed. Principle D3 (Defense-in-Depth&Diversity) is researched using FTA (failure tree analysis) to understand its influence on safety and security considering physical, design faults and attacks...
We present a dual technique for generating and verifying proof certificates in SMT-based model checkers, focusing on proofs of invariant properties. Certificates for two major model checking algorithms are extracted as k-inductive invariants, minimized and then reduced to a formal proof term with the help of an independent proof-producing SMT solver. SMT-based model checkers typically translate input...
This paper considers a methodological approach to automated detection and resolution of conflicts of information security software of train traffic control information system, based on the analysis of system performance, finding the conflicts in configuration files, registry keys, and dynamic libraries assessment. Models of conflicting objects of computer system and a method for calculation of a composite...
NASA's Unmanned Aerial System (UAS) Traffic Management (UTM) project aims at enabling near-term, safe operations of small UAS vehicles in uncontrolled airspace, i.e., Class G airspace. A far-term goal of UTM research and development is to accommodate the expected rise in small UAS traffic density throughout the National Airspace System (NAS) at low altitudes for beyond visual line-of-sight operations...
DO-331 is the supplement of DO-178C for model-based development. DO-331 is an objective-based guidance, which defines a set of objectives that have to be achieved for the model-based development of aeronautical software. The guidance also recommends the evidence in terms of activities and work products that should respectively be carried out and produced to meet the objectives. To explain why the...
This paper presents a summary and analysis deployment of a secure Intelligent Electronic Device (IED) management system at two different utilities in North America. Each of these utilities began their investigation into technologies and methodologies for securing their system for North America Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards. This report is intended...
In traditional computing systems, software problems are often resolved by platform restarts. This approach, however, cannot be naïvely used in cyber-physical systems (CPS). In fact, in this class of systems, ensuring safety strictly depends on the ability to respect hard real-time constraints. Several adaptations of the Simplex architecture have been proposed to guarantee safety in spite of misbehaving...
Electronic systems, like they are embedded in road vehicles, have to be compliant to functional safety standards like ISO 26262 [1], which limit the impacts of malfunctions for safety critical systems. ISO 26262, for instance, defines different safety levels for road vehicles, which require different means and measures for a safety compliant system and its development process like risk analysis and...
Mobile robots are advanced systems that often need to operate in unstructured environments, which increases software complexity. Many components are key to the overall reliability and safety of a robot, yet reducing the risk of errors by making the software resilient is both complicated and expensive. A commercially successful robot has to remain safe while providing as much as possible from the functionality...
Automated manufacturing systems are becoming increasingly flexible in order to support a growing number of different products and product variations, as well as shortening lot sizes and product life cycles. Many manufacturing resource are already multi-purpose. But they are integrated in an automation infrastructure that may require significant effort to adapt. In this contribution, we present a system...
This paper describes the design and characterization of a safety critical module for Eurobalise railway signalling. The design of the module is done on a HW/SW platform to include compliance to the safety regulations both at HW and SW level. The safety of the obtained design implemented on FPGA is then characterized through a fault injection campaign. The fault injection campaign isolated some corner...
Manufacturers of road vehicles have to comply with the functional standard ISO 26262. This standard requires the creation of a safety case, which compiles all the work products of the life-cycle in a traceable manner. The creation of a safety case is extremely time-consuming. Its creation is needed for the purpose of self-assessment in order to manage the liability risk. To speed up such creation,...
Assuring functional correctness of smart mobility platforms is a critical task for enhancing reliability and safety. Hierarchical State Transition Matrix (HSTM) is a popular software design language, which can also be used for designing fundamental software of smart mobility platforms. For HSTM designs with complex hierarchical structure, it is often helpful if paths, which lead from the first-time...
This work develops a new basis for evaluating the reliability benefits of diverse software, based on fault injection testing. In particular, the work investigates new forms of argumentation that could in principle be used to justify diversity as a basis for the construction of safety claims. Failure distributions of two versions of diverse software under various fault conditions are revealed separately...
Additional specific requirements to supplement the criteria and requirements of IEEE Std 603(TM) are specified for programmable digital devices. Within the context of this standard, the term programmable digital device is any device that relies on software instructions or programmable logic to accomplish a function. Examples include a computer, a programmable hardware device, or a device with firmware...
Unmanned Aerial Vehicles (UAVs) are increasingly demanded in civil, military and research purposes. However, they also possess serious threats to the society because faults in UAVs can lead to physical damage or even loss of life. While increasing their intelligence, for example, adding vision-based sense-and-avoid capability, has a potential to reduce the safety threats, increased software complexity...
Open source electrophysiology (ephys) recording systems have several advantages over commercial systems such as customization and affordability enabling more researchers to conduct ephys experiments. Notable open source ephys systems include Open-Ephys, NeuroRighter and more recently Willow, all of which have high channel count (64+), scalability, and advanced software to develop on top of. However,...
With expanding weight on the need to lessen CO2 emanations and fuel utilization, engine producers and vehicle integrators are searching for more radical approaches to build engine proficiency. One strategy is to draw vitality from various waste warmth sources. A turbocharger is a minimal and effective method for accomplishing this end and Cummins Turbo Technologies is working with various clients...
We perform systematic mapping study in the field of security requirements engineering covering the time period of 2010-2015. Our aim is to find problems that the literature has addressed during the five year period. Our primary studies comprised of 251 studies. We identified 15 clusters regarding problems faced in security requirements engineering and identified their solutions. Our future work includes...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.