Identifying dependability requirements for space software systems

Computer systems are increasingly used in space, whether in launch vehicles, satellites, ground support and payload systems. Software applications used in these systems have become more complex, mainly due to the high number of features to be met, thus contributing to a greater probability of hazards related to software faults. Therefore, it is fundamental that the specification activity of requirements have a decisive role in the effort of obtaining systems with high quality and safety standards. In critical systems like the embedded software of the Brazilian Satellite Launcher, ambiguity, non-completeness, and lack of good requirements can cause serious accidents with economic, material and human losses. One way to assure quality with safety, reliability and other dependability attributes may be the use of safety analysis techniques during the initial phases of the project in order to identify the most adequate dependability requirements to minimize possible fault or failure occurrences during the subsequent phases. This paper presents a structured software dependability requirements analysis process that uses system software requirement specifications and traditional safety analysis techniques. The main goal of the process is to help to identify a set of essential software dependability requirements which can be added to the software requirement previously specified for the system. The final results are more complete, consistent, and reliable specifications

Dependability analysis and recovery support for smart grids

The increasing scale and complexity of power grids exacerbate concerns about failure propagation. A single contingency, such as outage of a transmission line due to overload or weather-related damage, can cause cascading failures that manifest as blackouts. One objective of smart grids is to reduce the likelihood of cascading failure through the use of power electronics devices that can prevent, isolate, and mitigate the effects of faults. Given that these devices are themselves prone to failure, we seek to quantify the effects of their use on dependability attributes of smart grid. This thesis articulates analytical methods for analyzing two dependability attributes - reliability and survivability - and proposes a recovery strategy that limits service degradation. Reliability captures the probability of system-level failure; Survivability describes degraded operation in the presence of a fault. System condition and service capacity are selected as measures of degradation. Both reliability and survivability are evaluated using N-1 contingency analysis. Importance analysis is used to determine a recovery strategy that maintains the highest survivability in the course of the recovery process. The proposed methods are illustrated by application to the IEEE 9-bus test system, a simple model system that allows for clear articulation of the process. Simulation is used to capture the effect of faults in both physical components of the power grid and the cyber infrastructure that differentiates it as a smart grid --Abstract, page iii

Resource Allocation in Networking and Computing Systems: A Security and Dependability Perspective

In recent years, there has been a trend to integrate networking and computing systems, whose management is getting increasingly complex. Resource allocation is one of the crucial aspects of managing such systems and is affected by this increased complexity. Resource allocation strategies aim to effectively maximize performance, system utilization, and profit by considering virtualization technologies, heterogeneous resources, context awareness, and other features. In such complex scenario, security and dependability are vital concerns that need to be considered in future computing and networking systems in order to provide the future advanced services, such as mission-critical applications. This paper provides a comprehensive survey of existing literature that considers security and dependability for resource allocation in computing and networking systems. The current research works are categorized by considering the allocated type of resources for different technologies, scenarios, issues, attributes, and solutions. The paper presents the research works on resource allocation that includes security and dependability, both singularly and jointly. The future research directions on resource allocation are also discussed. The paper shows how there are only a few works that, even singularly, consider security and dependability in resource allocation in the future computing and networking systems and highlights the importance of jointly considering security and dependability and the need for intelligent, adaptive and robust solutions. This paper aims to help the researchers effectively consider security and dependability in future networking and computing systems.publishedVersio

Distributed Predictive Control for MVDC Shipboard Power System Management

Shipboard Power System (SPS) is known as an independent controlled small electric network powered by the distributed onboard generation system. Since many electric components are tightly coupled in a small space and the system is not supported with a relatively stronger grid, SPS is more susceptible to unexpected disturbances and physical damages compared to conventional terrestrial power systems. Among different distribution configurations, power-electronic based DC distribution is considered the trending technology for the next-generation U.S. Navy fleet design to replace the conventional AC-based distribution. This research presents appropriate control management frameworks to improve the Medium-Voltage DC (MVDC) shipboard power system performance. Model Predictive Control (MPC) is an advanced model-based approach which uses the system model to predict the future output states and generates an optimal control sequence over the prediction horizon. In this research, at first, a centralized MPC is developed for a nonlinear MVDC SPS when a high-power pulsed load exists in the system. The closed-loop stability analysis is considered in the MPC optimization problem. A comparison is presented for different cases of load prediction for MPC, namely, no prediction, perfect prediction, and Autoregressive Integrated Moving Average (ARIMA) prediction. Another centralized MPC controller is also designed to address the reconfiguration problem of the MVDC system in abnormal conditions. The reconfiguration goal is to maximize the power delivered to the loads with respect to power balance, generation limits and load priorities. Moreover, a distributed control structure is proposed for a nonlinear MVDC SPS to develop a scalable power management architecture. In this framework, each subsystem is controlled by a local MPC using its state variables, parameters and interaction variables from other subsystems communicated through a coordinator. The Goal Coordination principle is used to manage interactions between subsystems. The developed distributed control structure brings out several significant advantages including less computational overhead, higher flexibility and a good error tolerance behavior as well as a good overall system performance. To demonstrate the efficiency of the proposed approach, a performance analysis is accomplished by comparing centralized and distributed control of global and partitioned MVDC models for two cases of continuous and discretized control inputs

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

Resilient network design: Challenges and future directions

This paper highlights the complexity and challenges of providing reliable services in the evolving communications infrastructure. The hurdles in providing end-to-end availability guarantees are discussed and research problems identified. Avenues for overcoming some of the challenges examined are presented. This includes the use of a highly available network spine embedded in a physical network together with efficient crosslayer mapping to offer survivability and differentiation of traffic into classes of resilience. © 2013 Springer Science+Business Media New York

A holistic approach for measuring the survivability of SCADA systems

Supervisory Control and Data Acquisition (SCADA) systems are responsible for controlling and monitoring Industrial Control Systems (ICS) and Critical Infrastructure Systems (CIS) among others. Such systems are responsible to provide services our society relies on such as gas, electricity, and water distribution. They process our waste; manage our railways and our traffic. Nevertheless to say, they are vital for our society and any disruptions on such systems may produce from financial disasters to ultimately loss of lives. SCADA systems have evolved over the years, from standalone, proprietary solutions and closed networks into large-scale, highly distributed software systems operating over open networks such as the internet. In addition, the hardware and software utilised by SCADA systems is now, in most cases, based on COTS (Commercial Off-The-Shelf) solutions. As they evolved they became vulnerable to malicious attacks. Over the last few years there is a push from the computer security industry on adapting their security tools and techniques to address the security issues of SCADA systems. Such move is welcome however is not sufficient, otherwise successful malicious attacks on computer systems would be non-existent. We strongly believe that rather than trying to stop and detect every attack on SCADA systems it is imperative to focus on providing critical services in the presence of malicious attacks. Such motivation is similar with the concepts of survivability, a discipline integrates areas of computer science such as performance, security, fault-tolerance and reliability. In this thesis we present a new concept of survivability; Holistic survivability is an analysis framework suitable for a new era of data-driven networked systems. It extends the current view of survivability by incorporating service interdependencies as a key property and aspects of machine learning. The framework uses the formalism of probabilistic graphical models to quantify survivability and introduces new metrics and heuristics to learn and identify essential services automatically. Current definitions of survivability are often limited since they either apply performance as measurement metric or use security metrics without any survivability context. Holistic survivability addresses such issues by providing a flexible framework where performance and security metrics can be tailored to the context of survivability. In other words, by applying performance and security our work aims to support key survivability properties such as recognition and resistance. The models and metrics here introduced are applied to SCADA systems as such systems insecurity is one of the motivations of this work. We believe that the proposed work goes beyond the current status of survivability models. Holistic survivability is flexible enough to support the addition of other metrics and can be easily used with different models. Because it is based on a well-known formalism its definition and implementation are easy to grasp and to apply. Perhaps more importantly, this proposed work is aimed to a new era where data is being produced and consumed on a large-scale. Holistic survivability aims to be the catalyst to new models based on data that will provide better and more accurate insights on the survivability of systems