首页 > 最新文献

ACM Transactions on Cyber-Physical Systems最新文献

英文 中文
An Error Protection Protocol for the Multicast Transmission of Data Samples in V2X Applications V2X应用中数据样本组播传输的错误保护协议
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-08-23 DOI: 10.1145/3617126
Alex Bendrick, Jonas Peeck, Rolf Ernst
There is a trend towards communication of larger data objects in wireless vehicle communication. In many cases, communication uses publish-subscribe protocols. Data rate requirements of such protocols are best addressed by wireless multicast protocols, but the existing protocols lack an error protection that is suitable for real-time and safety-critical applications. We present an application-aware protocol that supports the popular DDS (Data Distribution Service) middleware. By exploiting data object deadlines and slack for retransmissions and employing an adaptable, multicast-aware prioritization mechanism the reliable exchange of large data objects is enabled. The protocol is sufficiently general to be used on top of different communication standards such as 802.11- and cellular-based V2X (Vehicle-to-Everything) technologies. The protocol was implemented in an OMNeT++ simulation model and evaluated against recent state-of-the-art alternatives using parameters and constraints taken from a motivational truck platooning example. Furthermore, the protocol was implemented using an open-source DDS implementation as the basis and tested on a physical wireless demonstrator setup. The evaluation shows that the presented multicast protocol substantially outperforms the alternatives keeping streaming applications operational even under high frame error rates.
在无线车辆通信中,存在着较大数据对象的通信的趋势。在许多情况下,通信使用发布-订阅协议。这种协议的数据速率要求最好通过无线多播协议来解决,但现有协议缺乏适用于实时和安全关键应用的错误保护。我们提出了一个支持流行的DDS(数据分发服务)中间件的应用程序感知协议。通过利用数据对象的最后期限和延迟进行重传,并采用可适应的、多播感知的优先级机制,实现了大型数据对象的可靠交换。该协议足够通用,可以在不同的通信标准之上使用,例如802.11和基于蜂窝的V2X(车辆到一切)技术。该协议在OMNeT++模拟模型中实现,并使用来自动机卡车队列示例的参数和约束条件,根据最新的最先进的替代方案进行评估。此外,该协议是以开源DDS实现为基础实现的,并在物理无线演示器上进行了测试。评估表明,所提出的多播协议大大优于即使在高帧错误率下也能保持流应用程序运行的替代方案。
{"title":"An Error Protection Protocol for the Multicast Transmission of Data Samples in V2X Applications","authors":"Alex Bendrick, Jonas Peeck, Rolf Ernst","doi":"10.1145/3617126","DOIUrl":"https://doi.org/10.1145/3617126","url":null,"abstract":"There is a trend towards communication of larger data objects in wireless vehicle communication. In many cases, communication uses publish-subscribe protocols. Data rate requirements of such protocols are best addressed by wireless multicast protocols, but the existing protocols lack an error protection that is suitable for real-time and safety-critical applications. We present an application-aware protocol that supports the popular DDS (Data Distribution Service) middleware. By exploiting data object deadlines and slack for retransmissions and employing an adaptable, multicast-aware prioritization mechanism the reliable exchange of large data objects is enabled. The protocol is sufficiently general to be used on top of different communication standards such as 802.11- and cellular-based V2X (Vehicle-to-Everything) technologies. The protocol was implemented in an OMNeT++ simulation model and evaluated against recent state-of-the-art alternatives using parameters and constraints taken from a motivational truck platooning example. Furthermore, the protocol was implemented using an open-source DDS implementation as the basis and tested on a physical wireless demonstrator setup. The evaluation shows that the presented multicast protocol substantially outperforms the alternatives keeping streaming applications operational even under high frame error rates.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":" ","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46740464","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Periodic Event-Triggered Cooperative Adaptive Cruise Control and Communication Co-Design for Vehicle Platooning 基于周期事件触发的协同自适应巡航控制与车辆队列通信协同设计
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-08-21 DOI: 10.1145/3617125
A. Fu, Sijia Chen, Jun-Li Qiao, Chengpu Yu
Cooperative Adaptive Cruise Control (CACC) based vehicle platooning can increase safety and efficiency of traffics. This work looks into the communication and control problems of vehicle platooning, and proposes a control and communication co-design for CACC. First, an integrated radar system is presented. This system integrates sensing of relative position, speed, and communication between a predecessor and its follower. Second, a working scheme for the integrated radar system is presented. This scheme allows the radar systems to switch periodically between different working modes without interferences from other modes. Therefore, the relative position, speed, and communication can be asynchronously periodically updated to the controller. Third, a periodic event-triggered control approach is presented. This approach allows asynchronous periodic sampling of the output, and is deeply co-designed with the radar system and its working scheme. Delays are also considered in the control approach. The co-design CACC approach can guarantee the vehicle platoons to be string stable. Numerical example has shown the feasibility of the approach.
基于协同自适应巡航控制(CACC)的车辆队列可以提高交通的安全性和效率。本文研究了车辆队列的通信与控制问题,提出了一种CACC控制与通信协同设计方法。首先,提出了一种集成雷达系统。该系统集成了相对位置、速度的感知,以及前驱车和后驱车之间的通信。其次,提出了综合雷达系统的工作方案。该方案允许雷达系统周期性地在不同的工作模式之间切换,而不受其他模式的干扰。因此,相对位置、速度和通信可以异步定时更新到控制器。第三,提出了一种周期事件触发控制方法。该方法允许对输出进行异步周期性采样,并与雷达系统及其工作方案进行了深入的协同设计。在控制方法中也考虑了延迟。协同设计的CACC方法可以保证车辆排的稳定性。算例表明了该方法的可行性。
{"title":"Periodic Event-Triggered Cooperative Adaptive Cruise Control and Communication Co-Design for Vehicle Platooning","authors":"A. Fu, Sijia Chen, Jun-Li Qiao, Chengpu Yu","doi":"10.1145/3617125","DOIUrl":"https://doi.org/10.1145/3617125","url":null,"abstract":"Cooperative Adaptive Cruise Control (CACC) based vehicle platooning can increase safety and efficiency of traffics. This work looks into the communication and control problems of vehicle platooning, and proposes a control and communication co-design for CACC. First, an integrated radar system is presented. This system integrates sensing of relative position, speed, and communication between a predecessor and its follower. Second, a working scheme for the integrated radar system is presented. This scheme allows the radar systems to switch periodically between different working modes without interferences from other modes. Therefore, the relative position, speed, and communication can be asynchronously periodically updated to the controller. Third, a periodic event-triggered control approach is presented. This approach allows asynchronous periodic sampling of the output, and is deeply co-designed with the radar system and its working scheme. Delays are also considered in the control approach. The co-design CACC approach can guarantee the vehicle platoons to be string stable. Numerical example has shown the feasibility of the approach.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":" ","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45757904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
The Support of MISRA C++ Analyzer for Reliability of Embedded Systems MISRA c++分析仪对嵌入式系统可靠性的支持
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-07-31 DOI: 10.1145/3611390
Che-Chia Lin, Wei-Hsu Chu, Chia-Hsuan Chang, Hui-Hsin Liao, Chun-Chieh Yang, Jenq-Kuen Lee, Yi-Ping You, Tien-Yuan Hsieh
Cyber-Physical Systems (CPS) are increasingly used in many complex applications, such as autonomous delivery drones, the automotive CPS design, power grid control systems, and medical robotics. However, existing programming languages lack certain design patterns for CPS designs, including temporal semantics and concurrency models. Future research directions may involve programming language extensions to support CPS designs. On the other hand, JSF++, MISRA, and MISRA C++ are providing specifications intended to increase the reliability of safety-critical systems. This article also describes the development of rule checkers based on the MISRA C++ specification using the Clang open-source tool, which allows for the annotation of code and the easy extension of the MISRA C++ specification to other programming languages and systems. This is potentially useful for future CPS language research extensions to work with reliability software specifications using the Clang tool. Experiments were performed using key C++ benchmarks to validate our method in comparison with the well-known Coverity commercial tool. We illustrate key rules related to class, inheritance, template, overloading, and exception handling. Open-source benchmarks that violate the rules detected by our checkers are also illustrated. A random graph generator is further used to generate diamond case with multiple inheritance testdata for our software validations. The experimental results demonstrate that our method can provide information that is more detailed than that obtained using Coverity for nine open-source C++ benchmarks. Since the Clang tool is widely used, it will further allow developers to annotate their own extensions.
网络物理系统(CPS)越来越多地用于许多复杂的应用,如无人驾驶送货、汽车CPS设计、电网控制系统和医疗机器人。然而,现有的编程语言缺乏用于CPS设计的某些设计模式,包括时间语义和并发模型。未来的研究方向可能涉及支持CPS设计的编程语言扩展。另一方面,JSF++、MISRA和MISRA C++正在提供旨在提高安全关键系统可靠性的规范。本文还描述了使用Clang开源工具开发基于MISRA C++规范的规则检查器,该工具允许对代码进行注释,并将MISRA C++规格轻松扩展到其他编程语言和系统。这对于未来的CPS语言研究扩展使用Clang工具处理可靠性软件规范可能很有用。使用关键的C++基准进行了实验,以与著名的Coverity商业工具进行比较,验证我们的方法。我们展示了与类、继承、模板、重载和异常处理相关的关键规则。还说明了违反我们的检查器检测到的规则的开源基准测试。随机图生成器进一步用于生成具有多个继承测试数据的菱形案例,用于我们的软件验证。实验结果表明,我们的方法可以为九个开源C++基准测试提供比使用Coverity更详细的信息。由于Clang工具被广泛使用,它将进一步允许开发人员注释自己的扩展。
{"title":"The Support of MISRA C++ Analyzer for Reliability of Embedded Systems","authors":"Che-Chia Lin, Wei-Hsu Chu, Chia-Hsuan Chang, Hui-Hsin Liao, Chun-Chieh Yang, Jenq-Kuen Lee, Yi-Ping You, Tien-Yuan Hsieh","doi":"10.1145/3611390","DOIUrl":"https://doi.org/10.1145/3611390","url":null,"abstract":"Cyber-Physical Systems (CPS) are increasingly used in many complex applications, such as autonomous delivery drones, the automotive CPS design, power grid control systems, and medical robotics. However, existing programming languages lack certain design patterns for CPS designs, including temporal semantics and concurrency models. Future research directions may involve programming language extensions to support CPS designs. On the other hand, JSF++, MISRA, and MISRA C++ are providing specifications intended to increase the reliability of safety-critical systems. This article also describes the development of rule checkers based on the MISRA C++ specification using the Clang open-source tool, which allows for the annotation of code and the easy extension of the MISRA C++ specification to other programming languages and systems. This is potentially useful for future CPS language research extensions to work with reliability software specifications using the Clang tool. Experiments were performed using key C++ benchmarks to validate our method in comparison with the well-known Coverity commercial tool. We illustrate key rules related to class, inheritance, template, overloading, and exception handling. Open-source benchmarks that violate the rules detected by our checkers are also illustrated. A random graph generator is further used to generate diamond case with multiple inheritance testdata for our software validations. The experimental results demonstrate that our method can provide information that is more detailed than that obtained using Coverity for nine open-source C++ benchmarks. Since the Clang tool is widely used, it will further allow developers to annotate their own extensions.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":" ","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44241995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Reliable Wireless Protocol for Highway and Metered-Ramp CAV Collaborative Merging with Constant-Time-Headway Safety Guarantee 一种可靠的高速公路和计量匝道CAV协同融合无线协议,具有恒定时间的行车安全保证
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-07-14 DOI: 10.1145/3609227
Xueli Fan, Qixin Wang, Jie Liu
To realize the grand vision of automated driving in smart vehicle cyber-physical systems (CPS), one important task is to support the merging of connected automated vehicles (CAVs) from a metered-ramp to highway. Certain safety rules must be guaranteed. However, this demand is complicated by the inherently unreliable wireless communications. In this paper, we focus on the well adopted constant-time-headway (CTH) safety rule. We propose a highway and metered-ramp CAV collaborative merging protocol, and formally prove its guarantee of the CTH safety and liveness under arbitrary wireless data packet losses. These theoretical claims are further validated by our simulations. Furthermore, the simulation results also show significant improvements on the merging efficiency over other solution alternatives. Particularly, the merging success rates are more than (99% ) better in 11 out of 18 comparison pairs, and (0% ) (i.e. tied) (sim 71% ) better in the remaining 7 comparison pairs.
为了在智能车辆网络物理系统(CPS)中实现自动驾驶的宏伟愿景,一项重要任务是支持联网自动驾驶车辆(cav)从计量器匝道到高速公路的合并。某些安全规则必须得到保证。然而,这种需求由于无线通信本身的不可靠性而变得复杂。本文的重点是采用恒定时距(CTH)安全规则。提出了一种高速公路和计量匝道CAV协同合并协议,并正式证明了该协议在任意无线数据包丢失情况下保证CTH的安全性和活动性。我们的模拟进一步验证了这些理论主张。此外,仿真结果还表明,与其他方案相比,该方案的合并效率有显著提高。特别是,在18对比较对中,合并成功率在11对中(99% )更好,在其余7对比较对中(0% )(即并列)(sim 71% )更好。
{"title":"A Reliable Wireless Protocol for Highway and Metered-Ramp CAV Collaborative Merging with Constant-Time-Headway Safety Guarantee","authors":"Xueli Fan, Qixin Wang, Jie Liu","doi":"10.1145/3609227","DOIUrl":"https://doi.org/10.1145/3609227","url":null,"abstract":"To realize the grand vision of automated driving in smart vehicle cyber-physical systems (CPS), one important task is to support the merging of connected automated vehicles (CAVs) from a metered-ramp to highway. Certain safety rules must be guaranteed. However, this demand is complicated by the inherently unreliable wireless communications. In this paper, we focus on the well adopted constant-time-headway (CTH) safety rule. We propose a highway and metered-ramp CAV collaborative merging protocol, and formally prove its guarantee of the CTH safety and liveness under arbitrary wireless data packet losses. These theoretical claims are further validated by our simulations. Furthermore, the simulation results also show significant improvements on the merging efficiency over other solution alternatives. Particularly, the merging success rates are more than (99% ) better in 11 out of 18 comparison pairs, and (0% ) (i.e. tied) (sim 71% ) better in the remaining 7 comparison pairs.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":" ","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-07-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47616394","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Message Authentication and Provenance Verification for Industrial Control Systems 工业控制系统的消息认证和来源验证
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-07-06 DOI: 10.1145/3607194
Ertem Esiner, Utku Tefek, D. Mashima, Binbin Chen, Z. Kalbarczyk, D. Nicol
Successful attacks against industrial control systems (ICS) often exploit insufficient checking mechanisms. While firewalls, intrusion detection systems, and similar appliances introduce essential checks, their efficacy depends on the attackers’ ability to bypass such middleboxes. We propose a provenance solution to enable the verification of end-to-end message delivery path and the actions performed on a message. Fast and flexible provenance verification (F2-Pro) provides cryptographically verifiable evidence that a message has originated from a legitimate source and gone through the necessary checks before reaching its destination. F2-Pro relies on lightweight cryptographic primitives and flexibly supports various communication settings and protocols encountered in ICS thanks to its transparent, bump-in-the-wire design. We provide formal definitions and cryptographically prove F2-Pro ’s security. For human interaction with ICS via a field service device, F2-Pro features a multi-factor authentication mechanism that starts the provenance chain from a human user issuing commands. We compatibility tested F2-Pro on a smart power grid testbed and reported a sub-millisecond latency overhead per communication hop using a modest ARM Cortex-A15 processor.
针对工业控制系统(ICS)的成功攻击通常利用不足的检查机制。虽然防火墙、入侵检测系统和类似设备引入了必要的检查,但它们的有效性取决于攻击者绕过此类中间盒的能力。我们提出了一种出处解决方案,以实现对端到端消息传递路径和对消息执行的操作的验证。快速灵活的出处验证(F2 Pro)提供了可加密验证的证据,证明消息来源合法,并在到达目的地之前经过了必要的检查。F2 Pro依赖于轻量级的加密原语,并灵活地支持ICS中遇到的各种通信设置和协议,这得益于其透明的、内嵌式的设计。我们提供了形式化的定义,并以密码方式证明了F2 Pro的安全性。对于通过现场服务设备与ICS进行的人机交互,F2 Pro具有多因素身份验证机制,该机制从发出命令的人类用户开始启动来源链。我们在智能电网测试台上对F2 Pro进行了兼容性测试,并报告了使用适度的ARM Cortex-A15处理器的每个通信跳的亚毫秒延迟开销。
{"title":"Message Authentication and Provenance Verification for Industrial Control Systems","authors":"Ertem Esiner, Utku Tefek, D. Mashima, Binbin Chen, Z. Kalbarczyk, D. Nicol","doi":"10.1145/3607194","DOIUrl":"https://doi.org/10.1145/3607194","url":null,"abstract":"Successful attacks against industrial control systems (ICS) often exploit insufficient checking mechanisms. While firewalls, intrusion detection systems, and similar appliances introduce essential checks, their efficacy depends on the attackers’ ability to bypass such middleboxes. We propose a provenance solution to enable the verification of end-to-end message delivery path and the actions performed on a message. Fast and flexible provenance verification (F2-Pro) provides cryptographically verifiable evidence that a message has originated from a legitimate source and gone through the necessary checks before reaching its destination. F2-Pro relies on lightweight cryptographic primitives and flexibly supports various communication settings and protocols encountered in ICS thanks to its transparent, bump-in-the-wire design. We provide formal definitions and cryptographically prove F2-Pro ’s security. For human interaction with ICS via a field service device, F2-Pro features a multi-factor authentication mechanism that starts the provenance chain from a human user issuing commands. We compatibility tested F2-Pro on a smart power grid testbed and reported a sub-millisecond latency overhead per communication hop using a modest ARM Cortex-A15 processor.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":"1 1","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41797627","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Formal Specification, Verification and Repair of Contiki’s Scheduler Contiki调度程序的正式规范、验证和修复
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-07-04 DOI: 10.1145/3605948
Hassan Mousavi, Ali Ebnenasir, E. Mahmoudzadeh
This paper presents an approach for model extraction, formal specification, verification and repair of the scheduler of Contiki, which is an event-driven lightweight Operating System for the Internet of Things (IoT). We first derive a state machine-based abstraction of the scheduler’s modes of operation along with the control flow abstractions of the scheduler’s most important functions. We then use a set of transformation rules to formally specify the scheduler and all its internal functions in Promela. Additional contributions with respect to the conference version of this article include (1) modeling nested function calls in the Promela model of the scheduler using a novel technique amenable to model checking in SPIN; (2) modeling protothreads in Promela; (3) specifying and formally verifying twelve critical requirements of the scheduler; (4) detecting new design flaws in Contiki’s scheduler, for the first time (to the best of our knowledge); (5) repairing the model and the source code of Contiki’s scheduler towards fixing the flaws detected through verification, as well as regression verification of the entire model of the scheduler, and (6) experimentally analyzing the time and space costs of verification before and after repair. The proposed formal model of Contiki’s scheduler along with novel modeling techniques enhance our knowledge regarding the most critical components of Contiki, and provide reusable methods for formal specification and verification of other event-driven operating systems used in Cyber Physical Systems (CPS) and IoT.
本文提出了一种用于物联网(IoT)的事件驱动轻量级操作系统Contiki调度器的模型提取、形式化规范、验证和修复方法。我们首先推导了调度器操作模式的基于状态机的抽象,以及调度器最重要功能的控制流抽象。然后,我们使用一组转换规则来正式指定Promela中的调度器及其所有内部函数。关于本文的会议版本的其他贡献包括:(1)使用一种适用于SPIN中模型检查的新技术,在调度器的Promela模型中建模嵌套函数调用;(2) 在Promela中建模原线程;(3) 规定并正式验证调度器的十二个关键需求;(4) 首次在Contiki的调度器中检测到新的设计缺陷(据我们所知);(5) 修复Contiki调度器的模型和源代码,以修复通过验证检测到的缺陷,以及对调度器的整个模型进行回归验证,以及(6)实验分析修复前后验证的时间和空间成本。所提出的Contiki调度器的正式模型以及新颖的建模技术增强了我们对Contiki最关键组件的了解,并为网络物理系统(CPS)和物联网中使用的其他事件驱动操作系统的正式规范和验证提供了可重用的方法。
{"title":"Formal Specification, Verification and Repair of Contiki’s Scheduler","authors":"Hassan Mousavi, Ali Ebnenasir, E. Mahmoudzadeh","doi":"10.1145/3605948","DOIUrl":"https://doi.org/10.1145/3605948","url":null,"abstract":"This paper presents an approach for model extraction, formal specification, verification and repair of the scheduler of Contiki, which is an event-driven lightweight Operating System for the Internet of Things (IoT). We first derive a state machine-based abstraction of the scheduler’s modes of operation along with the control flow abstractions of the scheduler’s most important functions. We then use a set of transformation rules to formally specify the scheduler and all its internal functions in Promela. Additional contributions with respect to the conference version of this article include (1) modeling nested function calls in the Promela model of the scheduler using a novel technique amenable to model checking in SPIN; (2) modeling protothreads in Promela; (3) specifying and formally verifying twelve critical requirements of the scheduler; (4) detecting new design flaws in Contiki’s scheduler, for the first time (to the best of our knowledge); (5) repairing the model and the source code of Contiki’s scheduler towards fixing the flaws detected through verification, as well as regression verification of the entire model of the scheduler, and (6) experimentally analyzing the time and space costs of verification before and after repair. The proposed formal model of Contiki’s scheduler along with novel modeling techniques enhance our knowledge regarding the most critical components of Contiki, and provide reusable methods for formal specification and verification of other event-driven operating systems used in Cyber Physical Systems (CPS) and IoT.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":" ","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47497163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Safe Maintenance of Railways using COTS Mobile Devices: The Remote Worker Dashboard 使用COTS移动设备进行铁路安全维护:远程工人仪表板
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-07-04 DOI: 10.1145/3607193
T. Zoppi, Innocenzo Mungiello, A. Ceccarelli, Alberto Cirillo, Lorenzo Sarti, Lorenzo Esposito, G. Scaglione, Sergio Repetto, A. Bondavalli
The railway domain is regulated by rigorous safety standards to ensure that specific safety goals are met. Often, safety-critical systems rely on custom hardware-software components that are built from scratch to achieve specific functional and non-functional requirements. Instead, the (partial) usage of Commercial Off-The-Shelf (COTS) components is very attractive as it potentially allows reducing cost and time to market. Unfortunately, COTS components do not individually offer enough guarantees in terms of safety and security to be used in critical systems as they are. In such a context, RFI (Rete Ferroviaria Italiana), a major player in Europe for railway infrastructure management, aims at equipping track-side workers with COTS devices to remotely and safely interact with the existing interlocking system, drastically improving the performance of maintenance operations. This paper describes the first effort to update existing (embedded) railway systems to a more recent cyber-physical system paradigm. Our Remote Worker Dashboard (RWD) pairs the existing safe interlocking machinery alongside COTS mobile components, making cyber and physical components cooperate to provide the user with responsive, safe, and secure service. Specifically, the RWD is a SIL4 cyber-physical system to support maintenance of actuators and railways in which COTS mobile devices are safely used by track-side workers. The concept, development, implementation, verification and validation activities to build the RWD were carried out in compliance with the applicable CENELEC standards required by certification bodies to declare compliance with specific guidelines.
铁路领域受到严格的安全标准的监管,以确保达到特定的安全目标。通常,安全关键系统依赖于从头开始构建的自定义硬件软件组件,以实现特定的功能和非功能要求。相反,商用现货(COTS)组件的(部分)使用非常有吸引力,因为它可能会降低成本和上市时间。不幸的是,COTS组件在安全和安保方面并没有单独提供足够的保证,无法在关键系统中使用。在这种情况下,RFI(Rete Ferroviaria Italiana)是欧洲铁路基础设施管理的主要参与者,旨在为轨道侧工人配备COTS设备,以便与现有联锁系统进行远程安全交互,从而大幅提高维护操作的性能。本文描述了将现有(嵌入式)铁路系统更新为最新的网络物理系统范式的首次尝试。我们的远程工作者仪表板(RWD)将现有的安全联锁机械与COTS移动组件配对,使网络和物理组件协同工作,为用户提供响应迅速、安全可靠的服务。具体而言,RWD是一个SIL4网络物理系统,用于支持致动器和铁路的维护,轨道旁工人可以安全地使用COTS移动设备。RWD的概念、开发、实施、验证和验证活动是按照认证机构要求的适用CENELEC标准进行的,以声明符合特定指南。
{"title":"Safe Maintenance of Railways using COTS Mobile Devices: The Remote Worker Dashboard","authors":"T. Zoppi, Innocenzo Mungiello, A. Ceccarelli, Alberto Cirillo, Lorenzo Sarti, Lorenzo Esposito, G. Scaglione, Sergio Repetto, A. Bondavalli","doi":"10.1145/3607193","DOIUrl":"https://doi.org/10.1145/3607193","url":null,"abstract":"The railway domain is regulated by rigorous safety standards to ensure that specific safety goals are met. Often, safety-critical systems rely on custom hardware-software components that are built from scratch to achieve specific functional and non-functional requirements. Instead, the (partial) usage of Commercial Off-The-Shelf (COTS) components is very attractive as it potentially allows reducing cost and time to market. Unfortunately, COTS components do not individually offer enough guarantees in terms of safety and security to be used in critical systems as they are. In such a context, RFI (Rete Ferroviaria Italiana), a major player in Europe for railway infrastructure management, aims at equipping track-side workers with COTS devices to remotely and safely interact with the existing interlocking system, drastically improving the performance of maintenance operations. This paper describes the first effort to update existing (embedded) railway systems to a more recent cyber-physical system paradigm. Our Remote Worker Dashboard (RWD) pairs the existing safe interlocking machinery alongside COTS mobile components, making cyber and physical components cooperate to provide the user with responsive, safe, and secure service. Specifically, the RWD is a SIL4 cyber-physical system to support maintenance of actuators and railways in which COTS mobile devices are safely used by track-side workers. The concept, development, implementation, verification and validation activities to build the RWD were carried out in compliance with the applicable CENELEC standards required by certification bodies to declare compliance with specific guidelines.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":" ","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46807799","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Performance comparison of timing-based anomaly detectors for Controller Area Network: a reproducible study 控制器局域网中基于定时的异常检测器的性能比较:一项可重复的研究
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-06-15 DOI: 10.1145/3604913
Francesco Pollicino, Dario Stabili, Mirco Marchetti
This work presents an experimental evaluation of the detection performance of eight different algorithms for anomaly detection on the Controller Area Network (CAN) bus of modern vehicles based on the analysis of the timing or frequency of CAN messages. This work solves the current limitations of related scientific literature, that is based on private dataset, lacks of open implementations, and detailed description of the detection algorithms. These drawback prevent the reproducibility of published results, and makes it impossible to compare a novel proposal against related work, thus hindering the advancement of science. This paper solves these issues by publicly releasing implementations, labeled datasets and by describing an unbiased experimental comparisons.
本工作基于对CAN消息的时间或频率的分析,对现代车辆控制器局域网(CAN)总线上八种不同的异常检测算法的检测性能进行了实验评估。这项工作解决了相关科学文献目前的局限性,即基于私人数据集,缺乏开放的实现,以及对检测算法的详细描述。这些缺点阻碍了已发表结果的再现性,并使其无法将新的提案与相关工作进行比较,从而阻碍了科学的进步。本文通过公开发布实现、标记数据集和描述无偏的实验比较来解决这些问题。
{"title":"Performance comparison of timing-based anomaly detectors for Controller Area Network: a reproducible study","authors":"Francesco Pollicino, Dario Stabili, Mirco Marchetti","doi":"10.1145/3604913","DOIUrl":"https://doi.org/10.1145/3604913","url":null,"abstract":"This work presents an experimental evaluation of the detection performance of eight different algorithms for anomaly detection on the Controller Area Network (CAN) bus of modern vehicles based on the analysis of the timing or frequency of CAN messages. This work solves the current limitations of related scientific literature, that is based on private dataset, lacks of open implementations, and detailed description of the detection algorithms. These drawback prevent the reproducibility of published results, and makes it impossible to compare a novel proposal against related work, thus hindering the advancement of science. This paper solves these issues by publicly releasing implementations, labeled datasets and by describing an unbiased experimental comparisons.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":" ","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49426904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Scalable Pythagorean Mean based Incident Detection in Smart Transportation Systems 基于可扩展毕达哥拉斯均值的智能交通系统事件检测
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-06-05 DOI: 10.1145/3603381
Md. Jaminur Islam, J. P. Talusan, Shameek Bhattacharjee, F. Tiausas, Abhishek Dubey, K. Yasumoto, Sajal K. Das
Modern smart cities need smart transportation solutions to quickly detect various traffic emergencies and incidents in the city to avoid cascading traffic disruptions. To materialize this, roadside units and ambient transportation sensors are being deployed to collect speed data that enables the monitoring of traffic conditions on each road segment. In this paper, we first propose a scalable data-driven anomaly-based traffic incident detection framework for a city-scale smart transportation system. Specifically, we propose an incremental region growing approximation algorithm for optimal Spatio-temporal clustering of road segments and their data; such that road segments are strategically divided into highly correlated clusters. The highly correlated clusters enable identifying a Pythagorean Mean-based invariant as an anomaly detection metric that is highly stable under no incidents but shows a deviation in the presence of incidents. We learn the bounds of the invariants in a robust manner such that anomaly detection can generalize to unseen events, even when learning from real noisy data. Second, using cluster-level detection, we propose a folded Gaussian classifier to pinpoint the particular segment in a cluster where the incident happened in an automated manner. We perform extensive experimental validation using mobility data collected from four cities in Tennessee, compare with the state-of-the-art ML methods, to prove that our method can detect incidents within each cluster in real-time and outperforms known ML methods.
现代智慧城市需要智能交通解决方案来快速检测城市中的各种交通突发事件和事件,以避免连锁交通中断。为了实现这一目标,正在部署路边单元和周围交通传感器来收集速度数据,以便监测每个路段的交通状况。在本文中,我们首先为城市规模的智能交通系统提出了一个可扩展的数据驱动的基于异常的交通事件检测框架。具体而言,我们提出了一种增量区域增长近似算法,用于道路段及其数据的最优时空聚类;这样,路段被战略性地划分为高度相关的集群。高度相关的聚类可以识别基于毕达哥拉斯均值的不变量作为异常检测指标,该指标在没有事件的情况下高度稳定,但在事件存在时显示偏差。我们以鲁棒的方式学习不变量的边界,使得异常检测可以推广到看不见的事件,即使从真实的噪声数据中学习。其次,使用聚类级检测,我们提出了一个折叠高斯分类器,以自动方式精确定位事件发生的聚类中的特定片段。我们使用从田纳西州四个城市收集的移动数据进行了广泛的实验验证,并与最先进的ML方法进行了比较,以证明我们的方法可以实时检测每个集群中的事件,并且优于已知的ML方法。
{"title":"Scalable Pythagorean Mean based Incident Detection in Smart Transportation Systems","authors":"Md. Jaminur Islam, J. P. Talusan, Shameek Bhattacharjee, F. Tiausas, Abhishek Dubey, K. Yasumoto, Sajal K. Das","doi":"10.1145/3603381","DOIUrl":"https://doi.org/10.1145/3603381","url":null,"abstract":"Modern smart cities need smart transportation solutions to quickly detect various traffic emergencies and incidents in the city to avoid cascading traffic disruptions. To materialize this, roadside units and ambient transportation sensors are being deployed to collect speed data that enables the monitoring of traffic conditions on each road segment. In this paper, we first propose a scalable data-driven anomaly-based traffic incident detection framework for a city-scale smart transportation system. Specifically, we propose an incremental region growing approximation algorithm for optimal Spatio-temporal clustering of road segments and their data; such that road segments are strategically divided into highly correlated clusters. The highly correlated clusters enable identifying a Pythagorean Mean-based invariant as an anomaly detection metric that is highly stable under no incidents but shows a deviation in the presence of incidents. We learn the bounds of the invariants in a robust manner such that anomaly detection can generalize to unseen events, even when learning from real noisy data. Second, using cluster-level detection, we propose a folded Gaussian classifier to pinpoint the particular segment in a cluster where the incident happened in an automated manner. We perform extensive experimental validation using mobility data collected from four cities in Tennessee, compare with the state-of-the-art ML methods, to prove that our method can detect incidents within each cluster in real-time and outperforms known ML methods.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":" ","pages":""},"PeriodicalIF":2.3,"publicationDate":"2023-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43904763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
System Verification and Runtime Monitoring with Multiple Weakly-Hard Constraints 基于多个弱硬约束的系统验证和运行时监控
IF 2.3 Q3 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS Pub Date : 2023-06-05 DOI: 10.1145/3603380
Yi-Ting Hsieh, Tzu-Tao Chang, Chen-Jun Tsai, Shih-Lun Wu, C. Bai, Kai-Chieh Chang, Chung-Wei Lin, Eunsuk Kang, Chao Huang, Qi Zhu
A weakly-hard fault model can be captured by an (m,k) constraint, where 0≤ m≤ k, meaning that there are at most m bad events (faults) among any k consecutive events. In this article, we use a weakly-hard fault model to constrain the occurrences of faults in system inputs. We develop approaches to verify properties for all possible values of (m,k), where k is smaller than or equal to a given K, in an exact and efficient manner. By verifying all possible values of (m,k), we define weakly-hard requirements for the system environment and design a runtime monitor based on counting the number of faults in system inputs. If the system environment satisfies the weakly-hard requirements, then the satisfaction of desired properties is guaranteed; otherwise, the runtime monitor can notify the system to switch to a safe mode. This is especially essential for cyber-physical systems that need to provide guarantees with limited resources and the existence of faults. Experimental results with discrete second-order control, network routing, vehicle following, and lane changing demonstrate the generality and the efficiency of the proposed approaches.
弱硬故障模型可以由(m,k)约束捕获,其中0≤m≤k,这意味着在任何k个连续事件中最多有m个坏事件(故障)。在本文中,我们使用弱硬故障模型来约束系统输入中故障的发生。我们开发了一种方法来以精确有效的方式验证(m,k)的所有可能值的性质,其中k小于或等于给定的k。通过验证(m,k)的所有可能值,我们定义了系统环境的弱硬需求,并根据系统输入中的故障数量设计了运行时监视器。如果系统环境满足弱硬性要求,则保证所需属性的满足;否则,运行时监视器可以通知系统切换到安全模式。这对于需要在有限资源和存在故障的情况下提供保证的网络物理系统来说尤其重要。离散二阶控制、网络路由、车辆跟驰和变道的实验结果证明了所提出方法的通用性和有效性。
{"title":"System Verification and Runtime Monitoring with Multiple Weakly-Hard Constraints","authors":"Yi-Ting Hsieh, Tzu-Tao Chang, Chen-Jun Tsai, Shih-Lun Wu, C. Bai, Kai-Chieh Chang, Chung-Wei Lin, Eunsuk Kang, Chao Huang, Qi Zhu","doi":"10.1145/3603380","DOIUrl":"https://doi.org/10.1145/3603380","url":null,"abstract":"A weakly-hard fault model can be captured by an (m,k) constraint, where 0≤ m≤ k, meaning that there are at most m bad events (faults) among any k consecutive events. In this article, we use a weakly-hard fault model to constrain the occurrences of faults in system inputs. We develop approaches to verify properties for all possible values of (m,k), where k is smaller than or equal to a given K, in an exact and efficient manner. By verifying all possible values of (m,k), we define weakly-hard requirements for the system environment and design a runtime monitor based on counting the number of faults in system inputs. If the system environment satisfies the weakly-hard requirements, then the satisfaction of desired properties is guaranteed; otherwise, the runtime monitor can notify the system to switch to a safe mode. This is especially essential for cyber-physical systems that need to provide guarantees with limited resources and the existence of faults. Experimental results with discrete second-order control, network routing, vehicle following, and lane changing demonstrate the generality and the efficiency of the proposed approaches.","PeriodicalId":7055,"journal":{"name":"ACM Transactions on Cyber-Physical Systems","volume":"7 1","pages":"1 - 28"},"PeriodicalIF":2.3,"publicationDate":"2023-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47068232","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
ACM Transactions on Cyber-Physical Systems
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1