1,048 research outputs found
Test generation for high coverage with abstraction refinement and coarsening (ARC)
Testing is the main approach used in the software industry to expose failures. Producing thorough test suites is an expensive and error prone task that can greatly benefit from automation. Two challenging problems in test automation are generating test input and evaluating the adequacy of test suites: the first amounts to producing a set of test cases that accurately represent the software behavior, the second requires defining appropriate metrics to evaluate the thoroughness of the testing activities. Structural testing addresses these problems by measuring the amount of code elements that are executed by a test suite. The code elements that are not covered by any execution are natural candidates for generating further test cases, and the measured coverage rate can be used to estimate the thoroughness of the test suite. Several empirical studies show that test suites achieving high coverage rates exhibit a high failure detection ability. However, producing highly covering test suites automatically is hard as certain code elements are executed only under complex conditions while other might be not reachable at all. In this thesis we propose Abstraction Refinement and Coarsening (ARC), a goal oriented technique that combines static and dynamic software analysis to automatically generate test suites with high code coverage. At the core of our approach there is an abstract program model that enables the synergistic application of the different analysis components. In ARC we integrate Dynamic Symbolic Execution (DSE) and abstraction refinement to precisely direct test generation towards the coverage goals and detect infeasible elements. ARC includes a novel coarsening algorithm for improved scalability. We implemented ARC-B, a prototype tool that analyses C programs and produces test suites that achieve high branch coverage. Our experiments show that the approach effectively exploits the synergy between symbolic testing and reachability analysis outperforming state of the art test generation approaches. We evaluated ARC-B on industry relevant software, and exposed previously unknown failures in a safety-critical software component
Real-time Adaptive Detection and Recovery against Sensor Attacks in Cyber-physical Systems
Cyber-physical systems (CPSs) utilize computation to control physical objects in real-world environments, and an increasing number of CPS-based applications have been designed for life-critical purposes. Sensor attacks, which manipulate sensor readings to deceive CPSs into performing dangerous actions, can result in severe consequences. This urgent need has motivated significant research into reactive defense. In this dissertation, we present an adaptive detection method capable of identifying sensor attacks before the system reaches unsafe states. Once the attacks are detected, a recovery approach that we propose can guide the physical plant to a desired safe state before a safety deadline.Existing detection approaches tend to minimize detection delay and false alarms simultaneously, despite a clear trade-off between these two metrics. We argue that attack detection should dynamically balance these metrics according to the physical system\u27s current state. In line with this argument, we propose an adaptive sensor attack detection system comprising three components: an adaptive detector, a detection deadline estimator, and a data logger. This system can adapt the detection delay and thus false alarms in real-time to meet a varying detection deadline, thereby improving usability. We implement our detection system and validate it using multiple CPS simulators and a reduced-scale autonomous vehicle testbed. After identifying sensor attacks, it is essential to extend the benefits of attack detection. In this dissertation, we investigate how to eliminate the impact of these attacks and propose novel real-time recovery methods for securing CPSs. Initially, we target sensor attack recovery in linear CPSs. By employing formal methods, we are able to reconstruct state estimates and calculate a conservative safety deadline. With these constraints, we formulate the recovery problem as either a linear programming or a quadratic programming problem. By solving this problem, we obtain a recovery control sequence that can smoothly steer a physical system back to a target state set before a safe deadline and maintain the system state within the set once reached. Subsequently, to make recovery practical for complex CPSs, we adapt our recovery method for nonlinear systems and explore the use of uncorrupted sensors to alleviate uncertainty accumulation. Ultimately, we implement our approach and showcase its effectiveness and efficiency through an extensive set of experiments. For linear CPSs, we evaluate the approach using 5 CPS simulators and 3 types of sensor attacks. For nonlinear CPSs, we assess our method on 3 nonlinear benchmarks
Compensation of distributed delays in integrated communication and control systems
The concept, analysis, implementation, and verification of a method for compensating delays that are distributed between the sensors, controller, and actuators within a control loop are discussed. With the objective of mitigating the detrimental effects of these network induced delays, a predictor-controller algorithm was formulated and analyzed. Robustness of the delay compensation algorithm was investigated relative to parametric uncertainties in plant modeling. The delay compensator was experimentally verified on an IEEE 802.4 network testbed for velocity control of a DC servomotor
Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android
A common security architecture, called the permission-based security model
(used e.g. in Android and Blackberry), entails intrinsic risks. For instance,
applications can be granted more permissions than they actually need, what we
call a "permission gap". Malware can leverage the unused permissions for
achieving their malicious goals, for instance using code injection. In this
paper, we present an approach to detecting permission gaps using static
analysis. Our prototype implementation in the context of Android shows that the
static analysis must take into account a significant amount of
platform-specific knowledge. Using our tool on two datasets of Android
applications, we found out that a non negligible part of applications suffers
from permission gaps, i.e. does not use all the permissions they declare
Programming errors in traversal programs over structured data
Traversal strategies \'a la Stratego (also \'a la Strafunski and 'Scrap Your
Boilerplate') provide an exceptionally versatile and uniform means of querying
and transforming deeply nested and heterogeneously structured data including
terms in functional programming and rewriting, objects in OO programming, and
XML documents in XML programming. However, the resulting traversal programs are
prone to programming errors. We are specifically concerned with errors that go
beyond conservative type errors; examples we examine include divergent
traversals, prematurely terminated traversals, and traversals with dead code.
Based on an inventory of possible programming errors we explore options of
static typing and static analysis so that some categories of errors can be
avoided. This exploration generates suggestions for improvements to strategy
libraries as well as their underlying programming languages. Haskell is used
for illustrations and specifications with sufficient explanations to make the
presentation comprehensible to the non-specialist. The overall ideas are
language-agnostic and they are summarized accordingly
Security Analysis of System Behaviour - From "Security by Design" to "Security at Runtime" -
The Internet today provides the environment for novel applications and
processes which may evolve way beyond pre-planned scope and
purpose. Security analysis is growing in complexity with the increase
in functionality, connectivity, and dynamics of current electronic
business processes. Technical processes within critical
infrastructures also have to cope with these developments. To tackle
the complexity of the security analysis, the application of models is
becoming standard practice. However, model-based support for security
analysis is not only needed in pre-operational phases but also during
process execution, in order to provide situational security awareness
at runtime.
This cumulative thesis provides three major contributions to modelling
methodology.
Firstly, this thesis provides an approach for model-based analysis and
verification of security and safety properties in order to support
fault prevention and fault removal in system design or redesign.
Furthermore, some construction principles for the design of
well-behaved scalable systems are given.
The second topic is the analysis of the exposition of vulnerabilities
in the software components of networked systems to exploitation by
internal or external threats. This kind of fault forecasting allows
the security assessment of alternative system configurations and
security policies. Validation and deployment of security policies
that minimise the attack surface can now improve fault tolerance and
mitigate the impact of successful attacks.
Thirdly, the approach is extended to runtime applicability. An
observing system monitors an event stream from the observed system
with the aim to detect faults - deviations from the specified
behaviour or security compliance violations - at runtime.
Furthermore, knowledge about the expected behaviour given by an
operational model is used to predict faults in the near
future. Building on this, a holistic security management strategy is
proposed. The architecture of the observing system is described and
the applicability of model-based security analysis at runtime is
demonstrated utilising processes from several industrial scenarios.
The results of this cumulative thesis are provided by 19 selected
peer-reviewed papers
User Experience Enhancement on Smartphones using Wireless Communication Technologies
학위논문 (박사) -- 서울대학교 대학원 : 공과대학 전기·정보공학부, 2020. 8. 박세웅.Recently, various sensors as well as wireless communication technologies such as
Wi-Fi and Bluetooth Low Energy (BLE) have been equipped with smartphones. In
addition, in many cases, users use a smartphone while on the move, so if a wireless
communication technologies and various sensors are used for a mobile user, a better
user experience can be provided. For example, when a user moves while using Wi-Fi,
the user experience can be improved by providing a seamless Wi-Fi service. In addition,
it is possible to provide a special service such as indoor positioning or navigation
by estimating the users mobility in an indoor environment, and additional services
such as location-based advertising and payment systems can also be provided. Therefore,
improving the user experience by using wireless communication technology and
smartphones sensors is considered to be an important research field in the future.
In this dissertation, we propose three systems that can improve the user experience
or convenience by usingWi-Fi, BLE, and smartphones sensors: (i) BLEND: BLE
beacon-aided fast Wi-Fi handoff for smartphones, (ii) PYLON: Smartphone based Indoor
Path Estimation and Localization without Human Intervention, (iii) FINISH:
Fully-automated Indoor Navigation using Smartphones with Zero Human Assistance.
First, we propose fast handoff scheme called BLEND exploiting BLE as secondary
radio. We conduct detailed analysis of the sticky client problem on commercial smartphones
with experiment and close examination of Android source code. We propose
BLEND, which exploits BLE modules to provide smartphones with prior knowledge
of the presence and information of APs operating at 2.4 and 5 GHz Wi-Fi channels.
BLEND operating with only application requires no hardware and Android source code
modification of smartphones.We prototype BLEND with commercial smartphones and
evaluate the performance in real environment. Our measurement results demonstrate
that BLEND significantly improves throughput and video bitrate by up to 61% and
111%, compared to a commercial Android application, respectively, with negligible
energy overhead.
Second, we design a path estimation and localization system, termed PYLON,
which is plug-and-play on Android smartphones. PYLON includes a novel landmark
correction scheme that leverages real doors of indoor environments consisting of floor
plan mapping, door passing time detection and correction. It operates without any user
intervention. PYLON relaxes some requirements for localization systems. It does not
require any modifications to hardware or software of smartphones, and the initial location
of WiFi APs, BLE beacons, and users. We implement PYLON on five Android
smartphones and evaluate it on two office buildings with the help of three participants
to prove applicability and scalability. PYLON achieves very high floor plan mapping
accuracy with a low localization error.
Finally, We design a fully-automated navigation system, termed FINISH, which
addresses the problems of existing previous indoor navigation systems. FINISH generates
the radio map of an indoor building based on the localization system to determine
the initial location of the user. FINISH relaxes some requirements for current
indoor navigation systems. It does not require any human assistance to provide navigation
instructions. In addition, it is plug-and-play on Android smartphones. We implement
FINISH on five Android smartphones and evaluate it on five floors of an office
building with the help of multiple users to prove applicability and scalability. FINISH
determines the location of the user with extremely high accuracy with in one step.
In summary, we propose systems that enhance the users convenience and experience
by utilizing wireless infrastructures such as Wi-Fi and BLE and various smartphones
sensors such as accelerometer, gyroscope, and barometer equipped in smartphones.
Systems are implemented on commercial smartphones to verify the performance
through experiments. As a result, systems show the excellent performance that
can enhance the users experience.1 Introduction 1
1.1 Motivation 1
1.2 Overview of Existing Approaches 3
1.2.1 Wi-Fi handoff for smartphones 3
1.2.2 Indoor path estimation and localization 4
1.2.3 Indoor navigation 5
1.3 Main Contributions 7
1.3.1 BLEND: BLE Beacon-aided Fast Handoff for Smartphones 7
1.3.2 PYLON: Smartphone Based Indoor Path Estimation and Localization with Human Intervention 8
1.3.3 FINISH: Fully-automated Indoor Navigation using Smartphones with Zero Human Assistance 9
1.4 Organization of Dissertation 10
2 BLEND: BLE Beacon-Aided FastWi-Fi Handoff for Smartphones 11
2.1 Introduction 11
2.2 Related Work 14
2.2.1 Wi-Fi-based Handoff 14
2.2.2 WPAN-aided AP Discovery 15
2.3 Background 16
2.3.1 Handoff Procedure in IEEE 802.11 16
2.3.2 BSS Load Element in IEEE 802.11 16
2.3.3 Bluetooth Low Energy 17
2.4 Sticky Client Problem 17
2.4.1 Sticky Client Problem of Commercial Smartphone 17
2.4.2 Cause of Sticky Client Problem 20
2.5 BLEND: Proposed Scheme 21
2.5.1 Advantages and Necessities of BLE as Secondary Low-Power Radio 21
2.5.2 Overall Architecture 22
2.5.3 AP Operation 23
2.5.4 Smartphone Operation 24
2.5.5 Verification of aTH estimation 28
2.6 Performance Evaluation 30
2.6.1 Implementation and Measurement Setup 30
2.6.2 Saturated Traffic Scenario 31
2.6.3 Video Streaming Scenario 35
2.7 Summary 38
3 PYLON: Smartphone based Indoor Path Estimation and Localization without Human Intervention 41
3.1 Introduction 41
3.2 Background and Related Work 44
3.2.1 Infrastructure-Based Localization 44
3.2.2 Fingerprint-Based Localization 45
3.2.3 Model-Based Localization 45
3.2.4 Dead Reckoning 46
3.2.5 Landmark-Based Localization 47
3.2.6 Simultaneous Localization and Mapping (SLAM) 47
3.3 System Overview 48
3.3.1 Notable RSSI Signature 49
3.3.2 Smartphone Operation 50
3.3.3 Server Operation 51
3.4 Path Estimation 52
3.4.1 Step Detection 52
3.4.2 Step Length Estimation 54
3.4.3 Walking Direction 54
3.4.4 Location Update 55
3.5 Landmark Correction Part 1: Virtual Room Generation 56
3.5.1 RSSI Stacking Difference 56
3.5.2 Virtual Room Generation 57
3.5.3 Virtual Graph Generation 59
3.5.4 Physical Graph Generation 60
3.6 Landmark Correction Part 2: From Floor Plan Mapping to Path Correction 60
3.6.1 Candidate Graph Generation 60
3.6.2 Backbone Node Mapping 62
3.6.3 Dead-end Node Mapping 65
3.6.4 Final Candidate Graph Selection 66
3.6.5 Door Passing Time Detection 68
3.6.6 Path Correction 70
3.7 Particle Filter 71
3.8 Performance Evaluation 73
3.8.1 Implementation and Measurement Setup 73
3.8.2 Step Detection Accuracy 77
3.8.3 Floor Plan Mapping Accuracy 77
3.8.4 Door Passing Time 78
3.8.5 Walking Direction and Localization Performance 81
3.8.6 Impact of WiFi AP and BLE Beacon Number 84
3.8.7 Impact of Walking Distance and Speed 84
3.8.8 Performance on Different Areas 87
3.9 Summary 87
4 FINISH: Fully-automated Indoor Navigation using Smartphones with Zero Human Assistance 91
4.1 Introduction 91
4.2 Related Work 92
4.2.1 Localization-based Navigation System 92
4.2.2 Peer-to-peer Navigation System 93
4.3 System Overview 93
4.3.1 System Architecture 93
4.3.2 An Example for Navigation 95
4.4 Level Change Detection and Floor Decision 96
4.4.1 Level Change Detection 96
4.5 Real-time navigation 97
4.5.1 Initial Floor and Location Decision 97
4.5.2 Orientation Adjustment 98
4.5.3 Shortest Path Estimation 99
4.6 Performance Evaluation 99
4.6.1 Initial Location Accuracy 99
4.6.2 Real-Time Navigation Accuracy 100
4.7 Summary 101
5 Conclusion 102
5.1 Research Contributions 102
5.2 Future Work 103
Abstract (In Korean) 118
감사의 글Docto
Petri Nets Modeling of Dead-End Refinement Problems in a 3D Anisotropic hp-Adaptive Finite Element Method
We consider two graph grammar based Petri nets models for anisotropic refinements of three dimensional hexahedral grids. The first one detects possible dead-end problems during the graph grammar based anisotropic refinements of the mesh. The second one employs an enhanced graph grammar model that is actually dead-end free. We apply the resulting algorithm to the simulation of resistivity logging measurements for estimating the location of underground oil and/or gas formations. The graph grammar based Petri net models allow to fix the self-adaptive mesh refinement algorithm and finish the adaptive computations with the required accuracy needed by the numerical solution
Petri Nets Modeling of Dead-End Refinement Problems in a 3D Anisotropic hp-Adaptive Finite Element Method
We consider two graph grammar based Petri nets models for anisotropic refinements of three dimensional hexahedral grids. The first one detects possible dead-end problems during the graph grammar based anisotropic refinements of the mesh. The second one employs an enhanced graph grammar model that is actually dead-end free. We apply the resulting algorithm to the simulation of resistivity logging measurements for estimating the location of underground oil and/or gas formations. The graph grammar based Petri net models allow to fix the self-adaptive mesh refinement algorithm and finish the adaptive computations with the required accuracy needed by the numerical solution
- …