Advanced driver assistance systems (ADAS) take over more and more driving responsibilities from the human operator and, therefore, evolve into safety-critical systems. Thus, the dependability of such systems is of up-most importance. While upcoming automobiles themselves will implement fault-tolerance and robustness mechanisms, it can be beneficial to also take infrastructure measures into account when assessing the overall vehicle dependability. In this paper we discuss an example of an infrastructure measure that targets to improve the dependability of an on-board computer vision system. Based on this example we outline a cyber-physical systems (CPS) architecture for intelligent vehicles and address open research directions.
{"title":"Improving Intelligent Vehicle Dependability by Means of Infrastructure-Induced Tests","authors":"W. Steiner, Ayhan Mehmed, S. Punnekkat","doi":"10.1109/DSN-W.2015.14","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.14","url":null,"abstract":"Advanced driver assistance systems (ADAS) take over more and more driving responsibilities from the human operator and, therefore, evolve into safety-critical systems. Thus, the dependability of such systems is of up-most importance. While upcoming automobiles themselves will implement fault-tolerance and robustness mechanisms, it can be beneficial to also take infrastructure measures into account when assessing the overall vehicle dependability. In this paper we discuss an example of an infrastructure measure that targets to improve the dependability of an on-board computer vision system. Based on this example we outline a cyber-physical systems (CPS) architecture for intelligent vehicles and address open research directions.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126511035","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Online Failure Prediction allows improving system dependability by foreseeing incoming failures at runtime, enabling mitigation actions to be taken in advance, though prediction systems' learning and assessing is hard due to the scarcity of failure data. Realistic software fault injection has been identified as a valid solution for addressing the scarcity of failure data, as injecting software faults (the most occurring on computer systems) increases the probability of a system to fail, hence allowing the collection of failure-related data in short time. Moreover, realistic injection permits the emulation of software faults likely to exist in the target system after its deployment. However, besides the representativeness of the software faults injected is recognized as a necessary condition for generating valid failure data, studies on the representativeness of generated failure-related data has still not been addressed. In this work we present a preliminary study towards the assessment the representativeness of failure-related data by using G-SWFIT realistic software fault injection technique. We here address the definition of concepts and metrics for the representativeness estimation and assessment.
{"title":"Towards Assessing Representativeness of Fault Injection-Generated Failure Data for Online Failure Prediction","authors":"Ivano Irrera, M. Vieira","doi":"10.1109/DSN-W.2015.24","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.24","url":null,"abstract":"Online Failure Prediction allows improving system dependability by foreseeing incoming failures at runtime, enabling mitigation actions to be taken in advance, though prediction systems' learning and assessing is hard due to the scarcity of failure data. Realistic software fault injection has been identified as a valid solution for addressing the scarcity of failure data, as injecting software faults (the most occurring on computer systems) increases the probability of a system to fail, hence allowing the collection of failure-related data in short time. Moreover, realistic injection permits the emulation of software faults likely to exist in the target system after its deployment. However, besides the representativeness of the software faults injected is recognized as a necessary condition for generating valid failure data, studies on the representativeness of generated failure-related data has still not been addressed. In this work we present a preliminary study towards the assessment the representativeness of failure-related data by using G-SWFIT realistic software fault injection technique. We here address the definition of concepts and metrics for the representativeness estimation and assessment.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121202090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Daniel Baraldi Sesso, L. Vismari, A. V. S. Neto, P. Cugnasca, J. Camargo
The increasing demand for the densification of the national airspace in various social and economic applications have pressed aviation authorities to reduce aircraft separation, allowing more efficient operations in Air Traffic Management (ATM) in a given airspace. However, issues related to the safety of air traffic operations arise when considering the possibility of reducing aircraft separation. Surveillance plays a key role in monitoring and controlling air traffic in new scenarios in which a better flight performance is required. Accuracy of positional information provided by the Automatic Dependent Surveillance - Broadcast (ADS-B), originally designed to improve situational awareness for pilots and support controllers in air traffic management, is essential in order to avoid exposure to incidents and accidents such as events of loss of separation (AIRPROX) and collisions for new Global ATM paradigm. This paper presents a qualitative approach to assess safety when using ADS-B systems considering its data integrity as a relevant factor in aeronautical systems and operations for different scenarios. A testing platform -- the Integrated Platform for Testing Critical Embedded Systems (PIpE-SEC) -- is also presented as a possible solution for this safety evaluation.
{"title":"Using Data Integrity as an Improvement Characteristic to Assess the Safety of ADS-B-based Systems","authors":"Daniel Baraldi Sesso, L. Vismari, A. V. S. Neto, P. Cugnasca, J. Camargo","doi":"10.1109/DSN-W.2015.31","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.31","url":null,"abstract":"The increasing demand for the densification of the national airspace in various social and economic applications have pressed aviation authorities to reduce aircraft separation, allowing more efficient operations in Air Traffic Management (ATM) in a given airspace. However, issues related to the safety of air traffic operations arise when considering the possibility of reducing aircraft separation. Surveillance plays a key role in monitoring and controlling air traffic in new scenarios in which a better flight performance is required. Accuracy of positional information provided by the Automatic Dependent Surveillance - Broadcast (ADS-B), originally designed to improve situational awareness for pilots and support controllers in air traffic management, is essential in order to avoid exposure to incidents and accidents such as events of loss of separation (AIRPROX) and collisions for new Global ATM paradigm. This paper presents a qualitative approach to assess safety when using ADS-B systems considering its data integrity as a relevant factor in aeronautical systems and operations for different scenarios. A testing platform -- the Integrated Platform for Testing Critical Embedded Systems (PIpE-SEC) -- is also presented as a possible solution for this safety evaluation.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114844300","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
T. Matsumoto, L. Vismari, Ricardo A. V. Gimenes, J. R. Almeida, J. Camargo
The growing public interest for Unmanned Aircraft Systems (UAS) applications has stimulated the debate over the integration of this kind of aircraft into the civil aviation system. However, the concept of not having a human pilot inside the aircraft presents uncertainties that may impede the creation of proper regulation. Having safety as the main concern for civil aviation, one important principle of aviation to be addressed in an UAS is collision avoidance, a traditionally pilot-dependent functionality. In this regard, as a possible substitute for the pilot in the aircraft, we propose a method for implementing a learning-based autonomous control system focused in guaranteeing collision avoidance. Regarding that safety aspect, we expect such system to be able to compensate for the lack of a human pilot in the aircraft. The proposed approach utilizes the concept of 'Learning from Demonstration' in order to define a behaviour for the autonomous aircraft based on manoeuvres commanded by a human. Therefore, the proposed approach would represent a possible implementation of an autonomous unmanned aircraft that presents the same collision avoidance capabilities observed in (human-based) civil aviation. Additionally, we identify metrics that can be used to select a suitable learning-based method and to compare its performance to those observed in manned aircraft.
{"title":"A Learning-Based Autonomous Control System Approach for Collision Avoidance within an Unmanned Aircraft","authors":"T. Matsumoto, L. Vismari, Ricardo A. V. Gimenes, J. R. Almeida, J. Camargo","doi":"10.1109/DSN-W.2015.29","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.29","url":null,"abstract":"The growing public interest for Unmanned Aircraft Systems (UAS) applications has stimulated the debate over the integration of this kind of aircraft into the civil aviation system. However, the concept of not having a human pilot inside the aircraft presents uncertainties that may impede the creation of proper regulation. Having safety as the main concern for civil aviation, one important principle of aviation to be addressed in an UAS is collision avoidance, a traditionally pilot-dependent functionality. In this regard, as a possible substitute for the pilot in the aircraft, we propose a method for implementing a learning-based autonomous control system focused in guaranteeing collision avoidance. Regarding that safety aspect, we expect such system to be able to compensate for the lack of a human pilot in the aircraft. The proposed approach utilizes the concept of 'Learning from Demonstration' in order to define a behaviour for the autonomous aircraft based on manoeuvres commanded by a human. Therefore, the proposed approach would represent a possible implementation of an autonomous unmanned aircraft that presents the same collision avoidance capabilities observed in (human-based) civil aviation. Additionally, we identify metrics that can be used to select a suitable learning-based method and to compare its performance to those observed in manned aircraft.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121928069","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Chun-Jen Chung, Tianyi Xing, Dijiang Huang, D. Medhi, Kishor S. Trivedi
In the current enterprise data enter networking environment, a major hurdle in the development of network security is the lack of an orchestrated and resilient defensive mechanism that uses well-established quantifiable metrics, models, and evaluation methods. In this position paper, we describe an emerging Secure and Resilient Networking (SeReNe) service model to establish a programmable and dynamic defensive mechanism that can adjust the system's networking resources such as topology, bandwidth allocation, and traffic/flow forwarding policies, according to the network security situations. We posit that this requires addressing two interdependent technical areas: (a) a Moving Target Defense (MTD) framework both at networking and software levels, and (b) an Adaptive Security-enabled Traffic Engineering (ASeTE) approach to select optimal countermeasures by considering the effectiveness of countermeasures and network bandwidth allocations while minimizing the intrusiveness to the applications and the cost of deploying the countermeasures. We believe that our position can greatly benefit the virtual networking system established in data Centerior enterprise virtual networking systems that have adopted latest Open Flow technologies.
在当前的企业数据进入网络环境中,网络安全发展的一个主要障碍是缺乏一个协调的、有弹性的防御机制,该机制使用完善的可量化指标、模型和评估方法。在本文中,我们描述了一种新兴的安全弹性网络(Secure and Resilient Networking, SeReNe)服务模型,建立了一种可编程的动态防御机制,可以根据网络安全情况调整系统的网络资源,如拓扑、带宽分配和流量/流转发策略。我们认为这需要解决两个相互依赖的技术领域:(a)网络和软件层面的移动目标防御(MTD)框架,以及(b)自适应安全流量工程(ASeTE)方法,通过考虑对策和网络带宽分配的有效性来选择最佳对策,同时最大限度地减少对应用程序的侵入性和部署对策的成本。我们相信,我们的立场可以极大地有利于采用最新Open Flow技术的data center企业虚拟网络系统中建立的虚拟网络系统。
{"title":"SeReNe: On Establishing Secure and Resilient Networking Services for an SDN-based Multi-tenant Datacenter Environment","authors":"Chun-Jen Chung, Tianyi Xing, Dijiang Huang, D. Medhi, Kishor S. Trivedi","doi":"10.1109/DSN-W.2015.25","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.25","url":null,"abstract":"In the current enterprise data enter networking environment, a major hurdle in the development of network security is the lack of an orchestrated and resilient defensive mechanism that uses well-established quantifiable metrics, models, and evaluation methods. In this position paper, we describe an emerging Secure and Resilient Networking (SeReNe) service model to establish a programmable and dynamic defensive mechanism that can adjust the system's networking resources such as topology, bandwidth allocation, and traffic/flow forwarding policies, according to the network security situations. We posit that this requires addressing two interdependent technical areas: (a) a Moving Target Defense (MTD) framework both at networking and software levels, and (b) an Adaptive Security-enabled Traffic Engineering (ASeTE) approach to select optimal countermeasures by considering the effectiveness of countermeasures and network bandwidth allocations while minimizing the intrusiveness to the applications and the cost of deploying the countermeasures. We believe that our position can greatly benefit the virtual networking system established in data Centerior enterprise virtual networking systems that have adopted latest Open Flow technologies.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"2018 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131462655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Rosangela Melo, Maria Clara Bezerra, J. Dantas, Rúbens de Souza Matos Júnior, I. J. M. Filho, P. Maciel
Cloud computing environments have recently emerged as a new computing paradigm for organizing a shared pool of servers in data centres into a cloud infrastructure that can provide on demand service utilities. Due to the business potential of the pay-per-use model, as well as the advantages of easy scalability, up-to-date Multimedia Services can rely on cloud infrastructures to offer a wide variety of services, like video streaming, where the user can access their videos from cloud environments. Hierarchical analytical models are effective tools to evaluate the availability of complex systems and services such as these. This paper proposes the application of availability models to a cloud environment designed for a video streaming service. The hierarchical models thus created comprise Reliability Block Diagrams (RBDs) and Markov chains. Sensitivity analysis's used to determine the parameters that cause the greatest impact on the availability. The results obtained from case studies clearly demonstrate that sensitivity analysis is a valuable tool for identifying which components require attention when attempting to achieve increased availability in a system.
{"title":"Video on Demand Hosted in Private Cloud: Availability Modeling and Sensitivity Analysis","authors":"Rosangela Melo, Maria Clara Bezerra, J. Dantas, Rúbens de Souza Matos Júnior, I. J. M. Filho, P. Maciel","doi":"10.1109/DSN-W.2015.11","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.11","url":null,"abstract":"Cloud computing environments have recently emerged as a new computing paradigm for organizing a shared pool of servers in data centres into a cloud infrastructure that can provide on demand service utilities. Due to the business potential of the pay-per-use model, as well as the advantages of easy scalability, up-to-date Multimedia Services can rely on cloud infrastructures to offer a wide variety of services, like video streaming, where the user can access their videos from cloud environments. Hierarchical analytical models are effective tools to evaluate the availability of complex systems and services such as these. This paper proposes the application of availability models to a cloud environment designed for a video streaming service. The hierarchical models thus created comprise Reliability Block Diagrams (RBDs) and Markov chains. Sensitivity analysis's used to determine the parameters that cause the greatest impact on the availability. The results obtained from case studies clearly demonstrate that sensitivity analysis is a valuable tool for identifying which components require attention when attempting to achieve increased availability in a system.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"105 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114628413","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
V. Bonfiglio, Leonardo Montecchi, Ivano Irrera, Francesco Rossi, P. Lollini, A. Bondavalli
Safety is a fundamental property for a wide class of systems, which can be assessed through safety analysis. Recent standards, as the ISO26262 for the automotive domain, recommend safety analysis processes to be performed at system, hardware, and software levels. While Failure Modes and Effects Analysis (FMEA) is a well-known technique for safety assessment at system level, its application at software level is still an open problem, especially concerning its integration into certification processes. Fault injection has been envisioned as a viable approach for performing Software-FMEA (SW-FMEA), but it typically requires an advanced development stage where code is available. The approach we propose in this paper, aims to perform software fault injection at model-level, namely on fUML-ALF models obtained from a component-based UML description through transformations proposed in a previous work. Model-level fault injection allows SW-FMEA to assess the effectiveness of safety mechanisms from the early stages of system design. The work in this paper focuses on how the software fault injection is implemented, and on the study of fault propagation through appropriate points of observation to highlight possible violations of requirements, with the identification critical paths.
{"title":"Software Faults Emulation at Model-Level: Towards Automated Software FMEA","authors":"V. Bonfiglio, Leonardo Montecchi, Ivano Irrera, Francesco Rossi, P. Lollini, A. Bondavalli","doi":"10.1109/DSN-W.2015.26","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.26","url":null,"abstract":"Safety is a fundamental property for a wide class of systems, which can be assessed through safety analysis. Recent standards, as the ISO26262 for the automotive domain, recommend safety analysis processes to be performed at system, hardware, and software levels. While Failure Modes and Effects Analysis (FMEA) is a well-known technique for safety assessment at system level, its application at software level is still an open problem, especially concerning its integration into certification processes. Fault injection has been envisioned as a viable approach for performing Software-FMEA (SW-FMEA), but it typically requires an advanced development stage where code is available. The approach we propose in this paper, aims to perform software fault injection at model-level, namely on fUML-ALF models obtained from a component-based UML description through transformations proposed in a previous work. Model-level fault injection allows SW-FMEA to assess the effectiveness of safety mechanisms from the early stages of system design. The work in this paper focuses on how the software fault injection is implemented, and on the study of fault propagation through appropriate points of observation to highlight possible violations of requirements, with the identification critical paths.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133910756","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Dennis Böhmländer, Sinan Hasirlioglu, V. Yano, Christian Lauerer, T. Brandmeier, A. Zimmer
The paper discusses a new approach in contactless crash detection combining measurements of vehicle dynamics, exteroceptive sensors and vehicle-to-vehicle (V2V) communication data. The proposed architecture aims to activate vehicle safety functions prior an imminent collision to minimize the risk of suffering a major injury. An activation needs a precise prediction of time to collision (TTC), the crash severity (Cs) and other relevant crash parameters. This paper studies the contribution of V2V communication data to predict potential collisions and to realize a reliable activation. An algorithm is presented, that merges fused measurements of a video camera, a laser range finder (LRF) and ego vehicle motion sensors with V2V communication data to predict collisions. The benefit using V2V communication is demonstrated by evaluating collision prediction errors. This analysis is carried out based on experimental data produced by two scale model vehicles.
{"title":"Advantages in Crash Severity Prediction Using Vehicle to Vehicle Communication","authors":"Dennis Böhmländer, Sinan Hasirlioglu, V. Yano, Christian Lauerer, T. Brandmeier, A. Zimmer","doi":"10.1109/DSN-W.2015.23","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.23","url":null,"abstract":"The paper discusses a new approach in contactless crash detection combining measurements of vehicle dynamics, exteroceptive sensors and vehicle-to-vehicle (V2V) communication data. The proposed architecture aims to activate vehicle safety functions prior an imminent collision to minimize the risk of suffering a major injury. An activation needs a precise prediction of time to collision (TTC), the crash severity (Cs) and other relevant crash parameters. This paper studies the contribution of V2V communication data to predict potential collisions and to realize a reliable activation. An algorithm is presented, that merges fused measurements of a video camera, a laser range finder (LRF) and ego vehicle motion sensors with V2V communication data to predict collisions. The benefit using V2V communication is demonstrated by evaluating collision prediction errors. This analysis is carried out based on experimental data produced by two scale model vehicles.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"119 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115609656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Cooperative vehicular systems have the potential to significantly increase traffic efficiency and safety. However, they also raise the question of to what extent information that is received from other vehicles can be trusted. In this paper we present a novel approach for increasing the trustworthiness of cooperative driving through a model-based approach for verifying membership views in vehicular platoons. We define a formal model for platoon membership, cooperative awareness claims, and membership verification mechanisms. With the help of a satisfiability solver, we are able to quantitatively analyse the impact of different system parameters on the verifiability of received information. Our results demonstrate the importance of cross validating received messages, as well as the surprising difficulty in establishing correct membership views despite powerful verification mechanisms.
{"title":"Model-Based Membership Verification in Vehicular Platoons","authors":"Mikael Asplund","doi":"10.1109/DSN-W.2015.21","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.21","url":null,"abstract":"Cooperative vehicular systems have the potential to significantly increase traffic efficiency and safety. However, they also raise the question of to what extent information that is received from other vehicles can be trusted. In this paper we present a novel approach for increasing the trustworthiness of cooperative driving through a model-based approach for verifying membership views in vehicular platoons. We define a formal model for platoon membership, cooperative awareness claims, and membership verification mechanisms. With the help of a satisfiability solver, we are able to quantitatively analyse the impact of different system parameters on the verifiability of received information. Our results demonstrate the importance of cross validating received messages, as well as the surprising difficulty in establishing correct membership views despite powerful verification mechanisms.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127664326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this work we use our testing platform based on FaultCheck and QuickCheck that we apply on a quad copter simulator. We have used a hardware platform as the basis for the simulator and for deriving realistic fault models for our simulations. The quad copters have a collision-avoidance mechanism that shall take over control when the situation becomes hazardous, steer away from the potential danger and then give control back to the pilot, thereby preventing collisions regardless of what the pilot does. We use our testing platform to randomly generate thousands of simulations with different input stimuli (using QuickCheck) for hundreds of quad copters, while injecting faults simultaneously (using FaultCheck). This way, we can effectively adjust system parameters and enhance the collision-avoidance mechanism.
{"title":"Using Simulation, Fault Injection and Property-Based Testing to Evaluate Collision Avoidance of a Quadcopter System","authors":"Benjamin Vedder, J. Vinter, M. Jonsson","doi":"10.1109/DSN-W.2015.28","DOIUrl":"https://doi.org/10.1109/DSN-W.2015.28","url":null,"abstract":"In this work we use our testing platform based on FaultCheck and QuickCheck that we apply on a quad copter simulator. We have used a hardware platform as the basis for the simulator and for deriving realistic fault models for our simulations. The quad copters have a collision-avoidance mechanism that shall take over control when the situation becomes hazardous, steer away from the potential danger and then give control back to the pilot, thereby preventing collisions regardless of what the pilot does. We use our testing platform to randomly generate thousands of simulations with different input stimuli (using QuickCheck) for hundreds of quad copters, while injecting faults simultaneously (using FaultCheck). This way, we can effectively adjust system parameters and enhance the collision-avoidance mechanism.","PeriodicalId":202329,"journal":{"name":"2015 IEEE International Conference on Dependable Systems and Networks Workshops","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125756774","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: