Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00094
F. Machida, P. Maciel
In this article, we introduce the book chapter “Markov Chains and Petri Nets” in the “Handbook of Software Aging and Rejuvenation” [1]. The chapter reviews the literature of Markov and Petri net models developed for analyzing software rejuvenation systems. Besides the summary of the chapter, we also discuss the recent advances in this research field and some future research directions.
{"title":"Markov chains and Petri nets for software rejuvenation systems","authors":"F. Machida, P. Maciel","doi":"10.1109/ISSREW51248.2020.00094","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00094","url":null,"abstract":"In this article, we introduce the book chapter “Markov Chains and Petri Nets” in the “Handbook of Software Aging and Rejuvenation” [1]. The chapter reviews the literature of Markov and Petri net models developed for analyzing software rejuvenation systems. Besides the summary of the chapter, we also discuss the recent advances in this research field and some future research directions.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"292 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123112369","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00088
Carmen Cârlan, D. Petrisor, B. Gallina, Hannes Schoenhaar
In the automotive domain, the employment of agile development is currently hindered by the fact that the safety lifecycle, which implies the creation and maintenance of safety work products, is manually executed, being a complex and expensive process. Given a change in the system under consideration, ISO 26262 recommends that the impact of that change on the safety case of the system shall be assessed and that the safety case shall be correspondingly updated. To this end, in this paper, while assuming a model-based system and safety engineering context, we propose checkable safety case models, which are semantically rich safety case models integrated with system and safety engineering models (i.e., work products of a model-based safety lifecycle). The semantically rich specification and the model integration allow for automated consistency checks between the safety case and the system, specifically its engineering models. We exemplify our contributions via an in-vehicle driver assistance system for driving through intersections.
{"title":"Checkable Safety Cases: Enabling Automated Consistency Checks between Safety Work Products","authors":"Carmen Cârlan, D. Petrisor, B. Gallina, Hannes Schoenhaar","doi":"10.1109/ISSREW51248.2020.00088","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00088","url":null,"abstract":"In the automotive domain, the employment of agile development is currently hindered by the fact that the safety lifecycle, which implies the creation and maintenance of safety work products, is manually executed, being a complex and expensive process. Given a change in the system under consideration, ISO 26262 recommends that the impact of that change on the safety case of the system shall be assessed and that the safety case shall be correspondingly updated. To this end, in this paper, while assuming a model-based system and safety engineering context, we propose checkable safety case models, which are semantically rich safety case models integrated with system and safety engineering models (i.e., work products of a model-based safety lifecycle). The semantically rich specification and the model integration allow for automated consistency checks between the safety case and the system, specifically its engineering models. We exemplify our contributions via an in-vehicle driver assistance system for driving through intersections.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122180250","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00074
A. Bertolino, F. Lonetti, V. Neves
The complex and dynamic nature of Systems of Systems (SoSs) poses many challenges on their validation and testing, but so far few effective test strategies exist to address them. On the other hand, extensive research has been conducted in the testing of Software Product Lines (SPLs), which present interesting convergence points with SoSs, as both disciplines aim at reducing development costs and time-to-market thanks to extensive reuse of existing artifacts. In this paper, we outline commonalities and differences between the SoS and SPL paradigms from the point of view of testing and investigate how existing methods and tools from SPL testing could be leveraged to address the challenges of SoS testing.
{"title":"Standing on the Shoulders of Software Product Line Research for Testing Systems of Systems","authors":"A. Bertolino, F. Lonetti, V. Neves","doi":"10.1109/ISSREW51248.2020.00074","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00074","url":null,"abstract":"The complex and dynamic nature of Systems of Systems (SoSs) poses many challenges on their validation and testing, but so far few effective test strategies exist to address them. On the other hand, extensive research has been conducted in the testing of Software Product Lines (SPLs), which present interesting convergence points with SoSs, as both disciplines aim at reducing development costs and time-to-market thanks to extensive reuse of existing artifacts. In this paper, we outline commonalities and differences between the SoS and SPL paradigms from the point of view of testing and investigate how existing methods and tools from SPL testing could be leveraged to address the challenges of SoS testing.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128423344","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/issrew51248.2020.00025
{"title":"Message from the SHIFT + IWSF 2020 Workshop Chairs","authors":"","doi":"10.1109/issrew51248.2020.00025","DOIUrl":"https://doi.org/10.1109/issrew51248.2020.00025","url":null,"abstract":"","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124594177","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00029
João Lima, Filipe Apolinário, Nelson Escravana, Carlos Ribeiro
Intrusion detection systems typically suffer from effectiveness problems, of being incapable of detecting new threats, or generating too many false alarms to be of any usefulness. Specification-based intrusion detection systems tackle these problems, exhibiting low false alarm rates and being able to detect new threats, however, they have been seldom used, because they require to completely specify every acceptable action of the monitored system. On the other hand, safety-critical systems would greatly benefit from effective intrusion detection systems, as they are often well specified from a business process point of view, which makes them specially suited for these systems, provided that one translates high-level business process specifications into intrusion detection rules. This paper proposes BP-IDS, a specification-based intrusion detection system that automatically performs this translation. BP-IDS was tested on a critical transportation infrastructure and was able to exhibit good detection results.
{"title":"BP-IDS: Using business process specification to leverage intrusion detection in critical infrastructures","authors":"João Lima, Filipe Apolinário, Nelson Escravana, Carlos Ribeiro","doi":"10.1109/ISSREW51248.2020.00029","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00029","url":null,"abstract":"Intrusion detection systems typically suffer from effectiveness problems, of being incapable of detecting new threats, or generating too many false alarms to be of any usefulness. Specification-based intrusion detection systems tackle these problems, exhibiting low false alarm rates and being able to detect new threats, however, they have been seldom used, because they require to completely specify every acceptable action of the monitored system. On the other hand, safety-critical systems would greatly benefit from effective intrusion detection systems, as they are often well specified from a business process point of view, which makes them specially suited for these systems, provided that one translates high-level business process specifications into intrusion detection rules. This paper proposes BP-IDS, a specification-based intrusion detection system that automatically performs this translation. BP-IDS was tested on a critical transportation infrastructure and was able to exhibit good detection results.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"4 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113968328","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/issrew51248.2020.00019
Raffaele Della Corte, Gutierrez Christopher, Jin B. Hong, Marta Catillo
RSDA represents a forum to stimulate scientific research and discuss analysis techniques, procedures and tools that are adopted to manage, analyze or evaluate reliability and security data sets. RSDA concentrates ideas and contributions from academic and industrial organizations addressing reliability and security of computer systems through data analysis. RSDA gathers highquality papers on data-driven methodologies, measurements from production systems, and analysis of large datasets. The expected output of the workshop is establishing the agenda of future research activities in the field of reliability and security data analysis, with the ambition of creating concrete synergies among researchers.
{"title":"Message from the RSDA 2020 Workshop Chairs","authors":"Raffaele Della Corte, Gutierrez Christopher, Jin B. Hong, Marta Catillo","doi":"10.1109/issrew51248.2020.00019","DOIUrl":"https://doi.org/10.1109/issrew51248.2020.00019","url":null,"abstract":"RSDA represents a forum to stimulate scientific research and discuss analysis techniques, procedures and tools that are adopted to manage, analyze or evaluate reliability and security data sets. RSDA concentrates ideas and contributions from academic and industrial organizations addressing reliability and security of computer systems through data analysis. RSDA gathers highquality papers on data-driven methodologies, measurements from production systems, and analysis of large datasets. The expected output of the workshop is establishing the agenda of future research activities in the field of reliability and security data analysis, with the ambition of creating concrete synergies among researchers.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127902495","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00052
Raul Sena Ferreira
Machine learning (ML) provides no guarantee of safe operation in safety-critical systems such as autonomous vehicles. ML decisions are based on data that tends to represent a partial and imprecise knowledge of the environment. Such probabilistic models can output wrong decisions even with 99% of confidence, potentially leading to catastrophic consequences. Moreover, modern ML algorithms such as deep neural networks (DNN) have a high level of uncertainty in their decisions, and their outcomes are not easily explainable. Therefore, a fault tolerance mechanism, such as a safety monitor (SM), should be applied to guarantee the property correctness of these systems. However, applying an SM for ML components can be complex in terms of detection and reaction. Thus, aiming at dealing with this challenging task, this work presents a benchmark architecture for testing ML components with SM, and the current work for dealing with specific ML threats. We also highlight the main issues regarding monitoring ML in safety-critical environments.
{"title":"Towards safety monitoring of ML-based perception tasks of autonomous systems","authors":"Raul Sena Ferreira","doi":"10.1109/ISSREW51248.2020.00052","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00052","url":null,"abstract":"Machine learning (ML) provides no guarantee of safe operation in safety-critical systems such as autonomous vehicles. ML decisions are based on data that tends to represent a partial and imprecise knowledge of the environment. Such probabilistic models can output wrong decisions even with 99% of confidence, potentially leading to catastrophic consequences. Moreover, modern ML algorithms such as deep neural networks (DNN) have a high level of uncertainty in their decisions, and their outcomes are not easily explainable. Therefore, a fault tolerance mechanism, such as a safety monitor (SM), should be applied to guarantee the property correctness of these systems. However, applying an SM for ML components can be complex in terms of detection and reaction. Thus, aiming at dealing with this challenging task, this work presents a benchmark architecture for testing ML components with SM, and the current work for dealing with specific ML threats. We also highlight the main issues regarding monitoring ML in safety-critical environments.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131037301","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00056
N. Ivaki, Nuno Antunes
An effective way for building secure software is to embed security into software in the early stages of software development. Thus, we aim to study several evidences of code anomalies introduced during the software development phase, that may be indicators of security issues in software, such as code smells, structural complexity represented by diverse software metrics, the issues detected by static code analysers, and finally missing security best practices. To use such evidences for vulnerability prediction and removal, we first need to understand how they are correlated with security issues. Then, we need to discover how these imperfect raw data can be integrated to achieve a reliable, accurate and valuable decision about a portion of code. Finally, we need to construct a security actuator providing suggestions to the developers to remove or fix the detected issues from the code. All of these will lead to the construction of a framework, including security monitoring, security analyzer, and security actuator platforms, that are necessary for a security-aware integrated development environment (SIDE).
{"title":"SIDE: Security-aware Integrated Development Environment","authors":"N. Ivaki, Nuno Antunes","doi":"10.1109/ISSREW51248.2020.00056","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00056","url":null,"abstract":"An effective way for building secure software is to embed security into software in the early stages of software development. Thus, we aim to study several evidences of code anomalies introduced during the software development phase, that may be indicators of security issues in software, such as code smells, structural complexity represented by diverse software metrics, the issues detected by static code analysers, and finally missing security best practices. To use such evidences for vulnerability prediction and removal, we first need to understand how they are correlated with security issues. Then, we need to discover how these imperfect raw data can be integrated to achieve a reliable, accurate and valuable decision about a portion of code. Finally, we need to construct a security actuator providing suggestions to the developers to remove or fix the detected issues from the code. All of these will lead to the construction of a framework, including security monitoring, security analyzer, and security actuator platforms, that are necessary for a security-aware integrated development environment (SIDE).","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"119 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133132740","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/issrew51248.2020.00061
Tomohiko Takagi, Koichiro Sakata
This paper shows test-first using EFSM (Extended Finite State Machine). Each state transition in an EFSM model is constructed based on various unit test cases, and goes through red, green, and refactoring phases. Unit test cases are automatically and repeatedly applied to the EFSM model in accordance with our execution process.
{"title":"Test-First for Abstracted Behavior of Software Using Extended Finite State Machine","authors":"Tomohiko Takagi, Koichiro Sakata","doi":"10.1109/issrew51248.2020.00061","DOIUrl":"https://doi.org/10.1109/issrew51248.2020.00061","url":null,"abstract":"This paper shows test-first using EFSM (Extended Finite State Machine). Each state transition in an EFSM model is constructed based on various unit test cases, and goes through red, green, and refactoring phases. Unit test cases are automatically and repeatedly applied to the EFSM model in accordance with our execution process.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"119 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117274053","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: