Lenz Belzner, Michael Till Beck, Thomas Gabor, H. Roelle, Horst Sauer
We discuss key challenges of software engineering for distributed autonomous real-time systems and introduce a taxonomy for areas of interest with respect to the development of such systems.
我们讨论了分布式自主实时系统软件工程的主要挑战,并介绍了与此类系统开发相关的兴趣领域的分类。
{"title":"Software Engineering for Distributed Autonomous Real-Time Systems","authors":"Lenz Belzner, Michael Till Beck, Thomas Gabor, H. Roelle, Horst Sauer","doi":"10.1145/2897035.2897040","DOIUrl":"https://doi.org/10.1145/2897035.2897040","url":null,"abstract":"We discuss key challenges of software engineering for distributed autonomous real-time systems and introduce a taxonomy for areas of interest with respect to the development of such systems.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128582808","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
An approach to analyzing the security of a cyber-physical system (CPS) is proposed, where the behavior of a physical plant and its controller are captured in approximate models, and their interaction is rigorously checked to discover potential attacks that involve a varying number of compromised sensors and actuators. As a preliminary study, this approach has been applied to a fully functional water treatment testbed constructed at the Singapore University of Technology and Design. The analysis revealed previously unknown attacks that were confirmed to pose serious threats to the safety of the testbed, and suggests a number of research challenges and opportunities for applying a similar type of formal analysis to cyber-physical security.
{"title":"Model-Based Security Analysis of a Water Treatment System","authors":"Eunsuk Kang, Sridhar Adepu, D. Jackson, A. Mathur","doi":"10.1145/2897035.2897041","DOIUrl":"https://doi.org/10.1145/2897035.2897041","url":null,"abstract":"An approach to analyzing the security of a cyber-physical system (CPS) is proposed, where the behavior of a physical plant and its controller are captured in approximate models, and their interaction is rigorously checked to discover potential attacks that involve a varying number of compromised sensors and actuators. As a preliminary study, this approach has been applied to a fully functional water treatment testbed constructed at the Singapore University of Technology and Design. The analysis revealed previously unknown attacks that were confirmed to pose serious threats to the safety of the testbed, and suggests a number of research challenges and opportunities for applying a similar type of formal analysis to cyber-physical security.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"144 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124590097","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cyber-physical systems integrate computational and physical processes and allow for smart applications like smart transportation, smart buildings, and safety systems. While some applications support us in our daily life, others are safety-critical like vehicular active safety systems. Systematic testing of such critical cyber-physical systems is a crucial, but very challenging task that so far has received little research attention. In this paper, we present an investigation on the state-of-the-art and future trends of testing critical cyber-physical systems on the example of active safety systems for vehicles. We conducted four focus groups with Swedish industrial partners as well as systematically studied proceedings of a recent active safety conference. Our results show that while the main testing processes and scenarios are supported, there is a clear need to enable testing of more complex scenarios in realistic settings, as well as increasing the degree of automating therefor to achieve better repeatability and a more effective test resource usage.
{"title":"Towards State-of-the-Art and Future Trends in Testing of Active Safety Systems","authors":"Alessia Knauss, C. Berger, H. Eriksson","doi":"10.1145/2897035.2897037","DOIUrl":"https://doi.org/10.1145/2897035.2897037","url":null,"abstract":"Cyber-physical systems integrate computational and physical processes and allow for smart applications like smart transportation, smart buildings, and safety systems. While some applications support us in our daily life, others are safety-critical like vehicular active safety systems. Systematic testing of such critical cyber-physical systems is a crucial, but very challenging task that so far has received little research attention. In this paper, we present an investigation on the state-of-the-art and future trends of testing critical cyber-physical systems on the example of active safety systems for vehicles. We conducted four focus groups with Swedish industrial partners as well as systematically studied proceedings of a recent active safety conference. Our results show that while the main testing processes and scenarios are supported, there is a clear need to enable testing of more complex scenarios in realistic settings, as well as increasing the degree of automating therefor to achieve better repeatability and a more effective test resource usage.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117210216","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Saurabh Chauhan, Pankesh Patel, Flávia Coimbra Delicato, S. Chaudhary
Application development for Cyber-Physical Systems (CPSs) is challenging because it involves dealing with the heterogeneity that exists both in Physical and Cyber worlds. Second, stakeholders involved in the application development have to address issues pertaining to different life-cycles ranging from design, implementation to deployment. Given these, a critical challenge is to enable an application development in CPSs with effectively and efficiently from various stakeholders. Several approaches to tackling this challenge have been proposed in the fields of Wireless Sensor Networks (WSN) and Pervasive Computing, regarded as precursors to the modern day of CPSs. However, existing approaches only cover limited subsets of the above-mentioned challenges when applied to the CPSs. In view of this, the contribution of this paper is twofold. First, we have built upon our existing framework and evolved it into a framework for developing CPSs, with substantial additions and enhancements in high-level modeling languages and their integration into the framework. Second, we present a comparative evaluation results with existing approaches. This provides the CPS community for further benchmarking. The evaluation is carried out on real devices exhibiting heterogeneity. Our experimental analysis and results demonstrate that our approach drastically reduces development effort for CPSs compared to existing approaches.
{"title":"A Development Framework for Programming Cyber-Physical Systems","authors":"Saurabh Chauhan, Pankesh Patel, Flávia Coimbra Delicato, S. Chaudhary","doi":"10.1109/SEsCPS.2016.016","DOIUrl":"https://doi.org/10.1109/SEsCPS.2016.016","url":null,"abstract":"Application development for Cyber-Physical Systems (CPSs) is challenging because it involves dealing with the heterogeneity that exists both in Physical and Cyber worlds. Second, stakeholders involved in the application development have to address issues pertaining to different life-cycles ranging from design, implementation to deployment. Given these, a critical challenge is to enable an application development in CPSs with effectively and efficiently from various stakeholders. Several approaches to tackling this challenge have been proposed in the fields of Wireless Sensor Networks (WSN) and Pervasive Computing, regarded as precursors to the modern day of CPSs. However, existing approaches only cover limited subsets of the above-mentioned challenges when applied to the CPSs. In view of this, the contribution of this paper is twofold. First, we have built upon our existing framework and evolved it into a framework for developing CPSs, with substantial additions and enhancements in high-level modeling languages and their integration into the framework. Second, we present a comparative evaluation results with existing approaches. This provides the CPS community for further benchmarking. The evaluation is carried out on real devices exhibiting heterogeneity. Our experimental analysis and results demonstrate that our approach drastically reduces development effort for CPSs compared to existing approaches.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131073604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In a electrical distribution network, the challenges involved in the decentralized power generation and the resilience of the network to handle the failures, can be easily anticipated. With the use of information technology, a better control can be achieved over the distributed generation units and the fault handling in them. In this contribution, the use of a graceful degradation strategy is proposed as a means to improve the availability of the system during a fault situation. The Graceful degradation is presented as a constraint satisfaction problem. The trigger and the computation of the degradation process are formulated as the constraints. The concept of the utility of the resources is used to support a dynamic decision to trigger the degradation process. The computation of the graceful degradation strategy is formalized as an SMT problem and analyzed using the Z3 SMTsolver. The approach is illustrated with the help of a use case of applying the degradation strategy on a prosumer node during the power outage in the distribution network. It illustrates the dynamic calculation capability of the degradation scheme in the face of an unpredictable power from a renewable energy resource.
{"title":"Constraint-Based Graceful Degradation in Smart Grids","authors":"P. Gupta, B. Schaetz","doi":"10.1145/2897035.2897043","DOIUrl":"https://doi.org/10.1145/2897035.2897043","url":null,"abstract":"In a electrical distribution network, the challenges involved in the decentralized power generation and the resilience of the network to handle the failures, can be easily anticipated. With the use of information technology, a better control can be achieved over the distributed generation units and the fault handling in them. In this contribution, the use of a graceful degradation strategy is proposed as a means to improve the availability of the system during a fault situation. The Graceful degradation is presented as a constraint satisfaction problem. The trigger and the computation of the degradation process are formulated as the constraints. The concept of the utility of the resources is used to support a dynamic decision to trigger the degradation process. The computation of the graceful degradation strategy is formalized as an SMT problem and analyzed using the Z3 SMTsolver. The approach is illustrated with the help of a use case of applying the degradation strategy on a prosumer node during the power outage in the distribution network. It illustrates the dynamic calculation capability of the degradation scheme in the face of an unpredictable power from a renewable energy resource.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131248484","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Bluetooth reliant devices are increasingly proliferating into various industry and consumer sectors as part of a burgeoning wearable market that adds convenience and awareness to everyday life. Relying primarily on a constantly changing hop pattern to reduce data sniffing during transmission, wearable devices routinely disconnect and reconnect with their base station (typically a cell phone), causing a connection repair each time. These connection repairs allow an adversary to determine what local wearable devices are communicating to what base stations. In addition, data transmitted to a base station as part of a wearable app may be forwarded onward to an awaiting web API even if the base station is in an insecure environment (e.g. a public Wi-Fi). In this paper, we introduce an approach to increase the security and privacy associated with using wearable devices by imposing transmission changes given situational awareness of the base station. These changes are asserted via policy rules based on the sensor information from the wearable devices collected and aggregated by the base system. The rules are housed in an application on the base station that adapts the base station to a state in which it prevents data from being transmitted by the wearable devices without disconnecting the devices. The policies can be updated manually or through an over the air update as determined by the user.
{"title":"Imposing Security Awareness on Wearables","authors":"Charles Walter, M. Hale, R. Gamble","doi":"10.1145/2897035.2897038","DOIUrl":"https://doi.org/10.1145/2897035.2897038","url":null,"abstract":"Bluetooth reliant devices are increasingly proliferating into various industry and consumer sectors as part of a burgeoning wearable market that adds convenience and awareness to everyday life. Relying primarily on a constantly changing hop pattern to reduce data sniffing during transmission, wearable devices routinely disconnect and reconnect with their base station (typically a cell phone), causing a connection repair each time. These connection repairs allow an adversary to determine what local wearable devices are communicating to what base stations. In addition, data transmitted to a base station as part of a wearable app may be forwarded onward to an awaiting web API even if the base station is in an insecure environment (e.g. a public Wi-Fi). In this paper, we introduce an approach to increase the security and privacy associated with using wearable devices by imposing transmission changes given situational awareness of the base station. These changes are asserted via policy rules based on the sensor information from the wearable devices collected and aggregated by the base system. The rules are housed in an application on the base station that adapts the base station to a state in which it prevents data from being transmitted by the wearable devices without disconnecting the devices. The policies can be updated manually or through an over the air update as determined by the user.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123730695","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sylvain Frey, A. Rashid, A. Zanutto, J. Busby, Karolina S. Follis
As cyber-physical systems (CPS) become prevalent in everyday life, it is critical to understand the factors that may impact the security of such systems. In this paper, we present insights from an initial study of historical security incidents to analyse such factors for a particular class of CPS: industrial control systems (ICS). Our study challenges the usual tendency to blame human fallibility or resort to simple explanations for what are often complex issues that lead to a security incident. We highlight that (i) perception errors are key in such incidents (ii) latent design conditions -- e.g., improper specifications of a system's borders and capabilities -- play a fundamental role in shaping perceptions, leading to security issues. Such design-time considerations are particularly critical for ICS, the life-cycle of which is usually measured in decades. Based on this analysis, we discuss how key characteristics of future smart CPS in such industrial settings can pose further challenges with regards to tackling latent design flaws.
{"title":"On the Role of Latent Design Conditions in Cyber-Physical Systems Security","authors":"Sylvain Frey, A. Rashid, A. Zanutto, J. Busby, Karolina S. Follis","doi":"10.1145/2897035.2897036","DOIUrl":"https://doi.org/10.1145/2897035.2897036","url":null,"abstract":"As cyber-physical systems (CPS) become prevalent in everyday life, it is critical to understand the factors that may impact the security of such systems. In this paper, we present insights from an initial study of historical security incidents to analyse such factors for a particular class of CPS: industrial control systems (ICS). Our study challenges the usual tendency to blame human fallibility or resort to simple explanations for what are often complex issues that lead to a security incident. We highlight that (i) perception errors are key in such incidents (ii) latent design conditions -- e.g., improper specifications of a system's borders and capabilities -- play a fundamental role in shaping perceptions, leading to security issues. Such design-time considerations are particularly critical for ICS, the life-cycle of which is usually measured in decades. Based on this analysis, we discuss how key characteristics of future smart CPS in such industrial settings can pose further challenges with regards to tackling latent design flaws.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"156 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127404339","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Christos Tsigkanos, Timo Kehrer, C. Ghezzi, L. Pasquale, B. Nuseibeh
Smart cyber-physical spaces indicate spatial environments which include both cyber and physical elements interacting with each other. In the construction industry, Building Information Models are the de facto standard for specifying complex information about building infrastructures, a representation which can also be extended for the specification of cyber-physical spaces. By providing formal static and dynamic semantics in terms of topological concepts of locality and connectivity of entities it is possible to support many forms of advanced analyses typically performed in software engineering. Static semantics aim to broadly support reasoning about latent qualities of a design. Dynamic semantics aim to deal with the dynamism that a space exhibits when additionally considering the ways it may change along with entities inhabiting it. Motivated by the setting of a smart hospital, we show how both qualitative and quantitative properties can be specified and verified.
{"title":"Adding Static and Dynamic Semantics to Building Information Models","authors":"Christos Tsigkanos, Timo Kehrer, C. Ghezzi, L. Pasquale, B. Nuseibeh","doi":"10.1145/2897035.2897042","DOIUrl":"https://doi.org/10.1145/2897035.2897042","url":null,"abstract":"Smart cyber-physical spaces indicate spatial environments which include both cyber and physical elements interacting with each other. In the construction industry, Building Information Models are the de facto standard for specifying complex information about building infrastructures, a representation which can also be extended for the specification of cyber-physical spaces. By providing formal static and dynamic semantics in terms of topological concepts of locality and connectivity of entities it is possible to support many forms of advanced analyses typically performed in software engineering. Static semantics aim to broadly support reasoning about latent qualities of a design. Dynamic semantics aim to deal with the dynamism that a space exhibits when additionally considering the ways it may change along with entities inhabiting it. Motivated by the setting of a smart hospital, we show how both qualitative and quantitative properties can be specified and verified.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"6 3","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131839061","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Roykrong Sukkerd, J. Cámara, D. Garlan, R. Simmons
Planning in CPSs requires temporal reasoning to handle the dynamics of the environment, including human behavior, as well as temporal constraints on system goals and durations of actions that systems and human actors may take. The discrete abstraction of time in a state space planning should have a time sampling parameter value that satisfies some relation to achieve a certain precision. In particular, the sampling period should be small enough to allow the dynamics of the problem domain to be modeled with sufficient precision. Meanwhile, in many cases, events in the far future (relative to the sampling period) may be relevant to the decision making earlier in the planning timeline; therefore, a longer planning look-ahead horizon can yield a closer-to-optimal plan. Unfortunately, planning with a uniform fine-grained discrete abstraction of time and a long look-ahead horizon is typically computationally infeasible. In this paper, we propose a multiscale temporal planning approach -- formulated as MDP planning -- to preserve the required time fidelity of the problem domain and at the same time approximate a globally optimal plan. We illustrate our approach in a middleware used to monitor large sensor networks.
{"title":"Multiscale Time Abstractions for Long-Range Planning under Uncertainty","authors":"Roykrong Sukkerd, J. Cámara, D. Garlan, R. Simmons","doi":"10.1145/2897035.2897044","DOIUrl":"https://doi.org/10.1145/2897035.2897044","url":null,"abstract":"Planning in CPSs requires temporal reasoning to handle the dynamics of the environment, including human behavior, as well as temporal constraints on system goals and durations of actions that systems and human actors may take. The discrete abstraction of time in a state space planning should have a time sampling parameter value that satisfies some relation to achieve a certain precision. In particular, the sampling period should be small enough to allow the dynamics of the problem domain to be modeled with sufficient precision. Meanwhile, in many cases, events in the far future (relative to the sampling period) may be relevant to the decision making earlier in the planning timeline; therefore, a longer planning look-ahead horizon can yield a closer-to-optimal plan. Unfortunately, planning with a uniform fine-grained discrete abstraction of time and a long look-ahead horizon is typically computationally infeasible. In this paper, we propose a multiscale temporal planning approach -- formulated as MDP planning -- to preserve the required time fidelity of the problem domain and at the same time approximate a globally optimal plan. We illustrate our approach in a middleware used to monitor large sensor networks.","PeriodicalId":167167,"journal":{"name":"2016 IEEE/ACM 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125879661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: