Transforming informal specifications to formal specifications is an effective approach to clarifying user's requirements. However, how to keep the consistency between the informal specification and the formal specification is a major challenge. In this paper, we propose an inspection method for verifying whether all requirements described in an informal specification are formalized in the corresponding formal specification. Inspection is a static analysis technique based upon a checklist containing questions that should be answered. Our proposed inspection method advocates the principle that the checklist is created based on the trace ability of specifications and animation is used as a reading technique for checking through the formal specification. The trace ability reflects connections between informal and formal specifications, which can facilitate the inspector to check whether all requirements have been realized. The animation provides an intuitive way to guide the inspector in reading the formal specification. We use a case study to demonstrate how an inspection is performed.
{"title":"Traceability-Based Formal Specification Inspection","authors":"Mo Li, Shaoying Liu","doi":"10.1109/SERE.2014.30","DOIUrl":"https://doi.org/10.1109/SERE.2014.30","url":null,"abstract":"Transforming informal specifications to formal specifications is an effective approach to clarifying user's requirements. However, how to keep the consistency between the informal specification and the formal specification is a major challenge. In this paper, we propose an inspection method for verifying whether all requirements described in an informal specification are formalized in the corresponding formal specification. Inspection is a static analysis technique based upon a checklist containing questions that should be answered. Our proposed inspection method advocates the principle that the checklist is created based on the trace ability of specifications and animation is used as a reading technique for checking through the formal specification. The trace ability reflects connections between informal and formal specifications, which can facilitate the inspector to check whether all requirements have been realized. The animation provides an intuitive way to guide the inspector in reading the formal specification. We use a case study to demonstrate how an inspection is performed.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"91 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115504786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ting Su, G. Pu, Bin Fang, Jifeng He, Jun Yan, Siyuan Jiang, Jianjun Zhao
Recently code transformations or tailored fitness functions are adopted to achieve coverage (structural or logical criterion) driven testing to ensure software reliability. However, some internal threats like negative impacts on underlying search strategies or local maximum exist. So we propose a dynamic symbolic execution (DSE) based framework combined with a path filtering algorithm and a new heuristic path search strategy, i.e., predictive path search, to achieve faster coverage-driven testing with lower testing cost. The empirical experiments (three open source projects and two industrial projects) show that our approach is effective and efficient. For the open source projects w.r.t branch coverage, our approach in average reduces 25.5% generated test cases and 36.3% solved constraints than the traditional DSE-based approach without path filtering. And the presented heuristic strategy, on the same testing budget, improves the branch coverage by 26.4% and 35.4% than some novel search strategies adopted in KLEE and CREST.
{"title":"Automated Coverage-Driven Test Data Generation Using Dynamic Symbolic Execution","authors":"Ting Su, G. Pu, Bin Fang, Jifeng He, Jun Yan, Siyuan Jiang, Jianjun Zhao","doi":"10.1109/SERE.2014.23","DOIUrl":"https://doi.org/10.1109/SERE.2014.23","url":null,"abstract":"Recently code transformations or tailored fitness functions are adopted to achieve coverage (structural or logical criterion) driven testing to ensure software reliability. However, some internal threats like negative impacts on underlying search strategies or local maximum exist. So we propose a dynamic symbolic execution (DSE) based framework combined with a path filtering algorithm and a new heuristic path search strategy, i.e., predictive path search, to achieve faster coverage-driven testing with lower testing cost. The empirical experiments (three open source projects and two industrial projects) show that our approach is effective and efficient. For the open source projects w.r.t branch coverage, our approach in average reduces 25.5% generated test cases and 36.3% solved constraints than the traditional DSE-based approach without path filtering. And the presented heuristic strategy, on the same testing budget, improves the branch coverage by 26.4% and 35.4% than some novel search strategies adopted in KLEE and CREST.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128766009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mohammad R. Eletriby, Mohammed A. Sobh, A. Eldin, H. Fahmy
Due to the fast evolving of trusted computing environments and internet-of-things an eager need has been established for open platforms which support interchangeable technologies to co-exist without threatening system's security. Certainly, future embedded applications will need high performance operating systems to support the intensive-computing algorithms required for satisfying acceptable response and secure the application inside the vulnerable open environment, hence, new inevitable requirements for embedded operating systems have arisen including hard real-time response, support for native applications, system openness and system scalability. This paper introduces a new design for secure and open smart card operating system, called ESCOS (Egypt Smart Card Operating System), based on the prevalent Java Card technology. The new design provides competitive characteristics in the main three factors of judging smart card platforms, namely, system security, supported technology and system response. In addition, ESCOS is designed to have high degree of modularity and re-configurability to meet fast-changing business needs and diverse hardware platforms.
{"title":"High Performance Java Card Operating System","authors":"Mohammad R. Eletriby, Mohammed A. Sobh, A. Eldin, H. Fahmy","doi":"10.1109/SERE.2014.16","DOIUrl":"https://doi.org/10.1109/SERE.2014.16","url":null,"abstract":"Due to the fast evolving of trusted computing environments and internet-of-things an eager need has been established for open platforms which support interchangeable technologies to co-exist without threatening system's security. Certainly, future embedded applications will need high performance operating systems to support the intensive-computing algorithms required for satisfying acceptable response and secure the application inside the vulnerable open environment, hence, new inevitable requirements for embedded operating systems have arisen including hard real-time response, support for native applications, system openness and system scalability. This paper introduces a new design for secure and open smart card operating system, called ESCOS (Egypt Smart Card Operating System), based on the prevalent Java Card technology. The new design provides competitive characteristics in the main three factors of judging smart card platforms, namely, system security, supported technology and system response. In addition, ESCOS is designed to have high degree of modularity and re-configurability to meet fast-changing business needs and diverse hardware platforms.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114365852","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Smartphones have become common tools in people's daily life. Lots of popular applications (e.g., social network applications) have immigrated from traditional computers to smartphones. With the growth of the apps, attacks on these apps are also increasing. One serious attack adds malicious payloads or advertisements to legitimate apps. These modified apps, called repackaged apps, share similar functionalities with the original apps, which makes them easily spread. To mitigate this attack, we embed watermarks into Android apps. Specially, to make the watermarks robust, we embed a new kind of watermarks called picture-based watermarks into Android apps. By making the inherent characteristics of pictures, it is resilient to obfuscation. We implemented a prototype call AppMark. We evaluated its effectiveness and performance overhead. According to the results, the picture-based watermark is both effective and efficient.
{"title":"AppMark: A Picture-Based Watermark for Android Apps","authors":"Yingjun Zhang, Kai Chen","doi":"10.1109/SERE.2014.19","DOIUrl":"https://doi.org/10.1109/SERE.2014.19","url":null,"abstract":"Smartphones have become common tools in people's daily life. Lots of popular applications (e.g., social network applications) have immigrated from traditional computers to smartphones. With the growth of the apps, attacks on these apps are also increasing. One serious attack adds malicious payloads or advertisements to legitimate apps. These modified apps, called repackaged apps, share similar functionalities with the original apps, which makes them easily spread. To mitigate this attack, we embed watermarks into Android apps. Specially, to make the watermarks robust, we embed a new kind of watermarks called picture-based watermarks into Android apps. By making the inherent characteristics of pictures, it is resilient to obfuscation. We implemented a prototype call AppMark. We evaluated its effectiveness and performance overhead. According to the results, the picture-based watermark is both effective and efficient.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128710015","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Previous studies have shown that process metrics are useful for building fault-proneness prediction models. In particular, it has been found that those process metrics incorporating developer experience (defined as the percentage of the code a developer contributes) exhibit a good ability to predict fault-proneness. However, developer quality, which we strongly believe should have a great influence on software quality, is surprisingly ignored. In this paper, we first quantify the quality of a developer via the percentage of history bug-introduce commits over all his/her commits during the development process. Then, we leverage developer quality information to develop eight file quality metrics. Finally, we empirically study the usefulness of these eight file quality metrics for fault-proneness prediction. Based on eight open source software systems, our experiment results show that: 1) these proposed file quality metrics capture additional information compared with existing process metrics, 2) almost all the proposed file quality metrics have a significant association with fault-proneness in an expected direction, and 3) the proposed file quality metrics can in general improve the effectiveness of fault-proneness prediction models when together used with existing process metrics. These results suggest that developer quality has a strong influence on software quality and should be taken into account when predicting software fault-proneness.
{"title":"The Influence of Developer Quality on Software Fault-Proneness Prediction","authors":"Yangsong Wu, Yibiao Yang, Yangyang Zhao, Hongmin Lu, Yuming Zhou, Baowen Xu","doi":"10.1109/SERE.2014.14","DOIUrl":"https://doi.org/10.1109/SERE.2014.14","url":null,"abstract":"Previous studies have shown that process metrics are useful for building fault-proneness prediction models. In particular, it has been found that those process metrics incorporating developer experience (defined as the percentage of the code a developer contributes) exhibit a good ability to predict fault-proneness. However, developer quality, which we strongly believe should have a great influence on software quality, is surprisingly ignored. In this paper, we first quantify the quality of a developer via the percentage of history bug-introduce commits over all his/her commits during the development process. Then, we leverage developer quality information to develop eight file quality metrics. Finally, we empirically study the usefulness of these eight file quality metrics for fault-proneness prediction. Based on eight open source software systems, our experiment results show that: 1) these proposed file quality metrics capture additional information compared with existing process metrics, 2) almost all the proposed file quality metrics have a significant association with fault-proneness in an expected direction, and 3) the proposed file quality metrics can in general improve the effectiveness of fault-proneness prediction models when together used with existing process metrics. These results suggest that developer quality has a strong influence on software quality and should be taken into account when predicting software fault-proneness.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133006054","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Software fault prediction is valuable in predicting fault proneness of software modules and then limited test resources can be effectively allocated for software quality assurance. Researchers have proved that either feature selection or instance reduction can improve the performance of classification models used for fault prediction. However, to the best of our knowledge, few researchers have combined them to study the effects on classification models. Therefore we propose a novel two-stage data preprocessing approach, which incorporates both feature selection and instance reduction. In particular, in the feature selection stage, we propose a new algorithm using both feature selection and threshold-based clustering which contains both relevance analysis and redundancy control. Then in the instance reduction stage, we apply random sampling to keep the balance between the faulty and non-faulty classes. In empirical studies, we implemented five different data preprocessing schemes based on our proposed approach, and performed a comparative study on the prediction performance of the commonly used classification models. The final results demonstrate the effectiveness of our approach and further provide a guideline for achieving cost-effective data preprocessing when using our approach.
{"title":"A Two-Stage Data Preprocessing Approach for Software Fault Prediction","authors":"Jiaqiang Chen, Shulong Liu, Wangshu Liu, Xiang Chen, Qing Gu, Daoxu Chen","doi":"10.1109/SERE.2014.15","DOIUrl":"https://doi.org/10.1109/SERE.2014.15","url":null,"abstract":"Software fault prediction is valuable in predicting fault proneness of software modules and then limited test resources can be effectively allocated for software quality assurance. Researchers have proved that either feature selection or instance reduction can improve the performance of classification models used for fault prediction. However, to the best of our knowledge, few researchers have combined them to study the effects on classification models. Therefore we propose a novel two-stage data preprocessing approach, which incorporates both feature selection and instance reduction. In particular, in the feature selection stage, we propose a new algorithm using both feature selection and threshold-based clustering which contains both relevance analysis and redundancy control. Then in the instance reduction stage, we apply random sampling to keep the balance between the faulty and non-faulty classes. In empirical studies, we implemented five different data preprocessing schemes based on our proposed approach, and performed a comparative study on the prediction performance of the commonly used classification models. The final results demonstrate the effectiveness of our approach and further provide a guideline for achieving cost-effective data preprocessing when using our approach.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"196 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125266327","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yen Ju Liu, Chong Kuan Chen, Michael Cheng Yi Cho, S. Shieh
To evade VM-based malware analysis systems, VM-aware malware equipped with the ability to detect the presence of virtual machine has appeared. To cope with the problem, detecting VM-aware malware and locating VM-sensitive divergence points of VM-aware malware is in urgent need. In this paper, we propose a novel block-based divergence locator. In contrast to the conventional instruction-based schemes, the block-based divergence locator divides malware program into basic blocks, instead of binary instructions, and uses them as the analysis unit. The block-based divergence locator significantly decrease the cost of behavior logging and trace comparison, as well as the size of behavior traces. As the evaluation showed, behavior logging is 23.87-39.49 times faster than the conventional schemes. The total number of analysis unit, which is highly related to the cost of trace comparisons, is 11.95%-16.00% of the conventional schemes. Consequently, VM-sensitive divergence points can be discovered more efficiently. The correctness of our divergence point discovery algorithm is also proved formally in this paper.
{"title":"Fast Discovery of VM-Sensitive Divergence Points with Basic Block Comparison","authors":"Yen Ju Liu, Chong Kuan Chen, Michael Cheng Yi Cho, S. Shieh","doi":"10.1109/SERE.2014.33","DOIUrl":"https://doi.org/10.1109/SERE.2014.33","url":null,"abstract":"To evade VM-based malware analysis systems, VM-aware malware equipped with the ability to detect the presence of virtual machine has appeared. To cope with the problem, detecting VM-aware malware and locating VM-sensitive divergence points of VM-aware malware is in urgent need. In this paper, we propose a novel block-based divergence locator. In contrast to the conventional instruction-based schemes, the block-based divergence locator divides malware program into basic blocks, instead of binary instructions, and uses them as the analysis unit. The block-based divergence locator significantly decrease the cost of behavior logging and trace comparison, as well as the size of behavior traces. As the evaluation showed, behavior logging is 23.87-39.49 times faster than the conventional schemes. The total number of analysis unit, which is highly related to the cost of trace comparisons, is 11.95%-16.00% of the conventional schemes. Consequently, VM-sensitive divergence points can be discovered more efficiently. The correctness of our divergence point discovery algorithm is also proved formally in this paper.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"251 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114535100","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Under the increasing complexity and time-to-market pressures, functional validation is becoming a major bottleneck of smartphone applications running on mobile platforms (e.g., Android, iOS). Due to the GUI (Graphical User Interface) intensive nature, the execution of smartphone applications heavily relies on the interactions with users. Manual GUI testing is extremely slow and unacceptably expensive in practice. However, the lack of formal models of user behaviors in the design phase hinders the automation of GUI testing (i.e., test case generation and test evaluation). While thorough test efforts are required to ensure the consistency between user behavior specifications and GUI implementations, few of existing testing approaches can automatically utilize the design phase information to test complex smartphone applications. Based on UML activity diagrams, this paper proposes an automated GUI testing framework called AD Automation, which supports user behavior modeling, GUI test case generation, and post-test analysis and debugging. The experiments using two industrial smartphone applications demonstrate that our approach can not only drastically reduce overall testing time, but also improve the quality of designs.
{"title":"ADAutomation: An Activity Diagram Based Automated GUI Testing Framework for Smartphone Applications","authors":"Ang Li, Zishan Qin, Mingsong Chen, Jing Liu","doi":"10.1109/SERE.2014.20","DOIUrl":"https://doi.org/10.1109/SERE.2014.20","url":null,"abstract":"Under the increasing complexity and time-to-market pressures, functional validation is becoming a major bottleneck of smartphone applications running on mobile platforms (e.g., Android, iOS). Due to the GUI (Graphical User Interface) intensive nature, the execution of smartphone applications heavily relies on the interactions with users. Manual GUI testing is extremely slow and unacceptably expensive in practice. However, the lack of formal models of user behaviors in the design phase hinders the automation of GUI testing (i.e., test case generation and test evaluation). While thorough test efforts are required to ensure the consistency between user behavior specifications and GUI implementations, few of existing testing approaches can automatically utilize the design phase information to test complex smartphone applications. Based on UML activity diagrams, this paper proposes an automated GUI testing framework called AD Automation, which supports user behavior modeling, GUI test case generation, and post-test analysis and debugging. The experiments using two industrial smartphone applications demonstrate that our approach can not only drastically reduce overall testing time, but also improve the quality of designs.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123395186","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Dependability modeling describes a set of approaches for analyzing the reliability of software and hardware systems. The most prominent approach are fault trees, which hierarchically express the causal dependencies between basic faults and an undesired failure event. Dynamic fault trees allow to express sequence-dependent error propagation, which is commonly found in software systems. In this paper, we present a complete behavioral specification of well-known dynamic fault tree concepts. We provide a novel connection rule definition for all commonly accepted node types, in combination with a description of their behavioral semantics in generalized stochastic petri nets. Both specifications together are not available in literature so far. The application of these specifications in fault tree generation and modeling tools can help to prevent syntactical and semantical ambiguity in the generated output.
{"title":"Specification of Dynamic Fault Tree Concepts with Stochastic Petri Nets","authors":"Lena Feinbube, Peter Tröger","doi":"10.1109/SERE.2014.31","DOIUrl":"https://doi.org/10.1109/SERE.2014.31","url":null,"abstract":"Dependability modeling describes a set of approaches for analyzing the reliability of software and hardware systems. The most prominent approach are fault trees, which hierarchically express the causal dependencies between basic faults and an undesired failure event. Dynamic fault trees allow to express sequence-dependent error propagation, which is commonly found in software systems. In this paper, we present a complete behavioral specification of well-known dynamic fault tree concepts. We provide a novel connection rule definition for all commonly accepted node types, in combination with a description of their behavioral semantics in generalized stochastic petri nets. Both specifications together are not available in literature so far. The application of these specifications in fault tree generation and modeling tools can help to prevent syntactical and semantical ambiguity in the generated output.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132320291","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jang Jin Kwon, Doohwan Kim, J. Park, Jang-Eui Hong
The importance of safety-critical systems is increasing, as seen with the terrible accidents recently occurring in nuclear power plants and with airplanes. To ensure the safety of those systems, system engineers should consider how to prevent system hazards during the design phase of system development. Although existing techniques such as event tree analysis and cause-consequence analysis provide various ways of hazard prevention for safety-critical systems, previous studies did not provide a solution for the situation where any two actions of hazard prevention collide. This paper suggests a collision analysis technique of safety device using fault prevention tree and resource map as a method to identify and analyze colliding actions. The proposed technique would help design robust systems to prevent hazards, and also fulfill the software requirement of safety in practical system development.
{"title":"Collision Analysis of Safety Devices to Prevent Hazards in Safety Critical Systems","authors":"Jang Jin Kwon, Doohwan Kim, J. Park, Jang-Eui Hong","doi":"10.1109/SERE.2014.38","DOIUrl":"https://doi.org/10.1109/SERE.2014.38","url":null,"abstract":"The importance of safety-critical systems is increasing, as seen with the terrible accidents recently occurring in nuclear power plants and with airplanes. To ensure the safety of those systems, system engineers should consider how to prevent system hazards during the design phase of system development. Although existing techniques such as event tree analysis and cause-consequence analysis provide various ways of hazard prevention for safety-critical systems, previous studies did not provide a solution for the situation where any two actions of hazard prevention collide. This paper suggests a collision analysis technique of safety device using fault prevention tree and resource map as a method to identify and analyze colliding actions. The proposed technique would help design robust systems to prevent hazards, and also fulfill the software requirement of safety in practical system development.","PeriodicalId":248957,"journal":{"name":"2014 Eighth International Conference on Software Security and Reliability","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122874025","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: