85,585 research outputs found
Forensic Attacks Analysis and the Cyber Security of Safety-Critical Industrial Control Systems
Industrial Control Systems (ICS) and SCADA (Supervisory Control And Data Acquisition) applications monitor
and control a wide range of safety-related functions. These include energy generation where failures could have
significant, irreversible consequences. They also include the control systems that are used in the manufacture of
safety-related products. In this case bugs in an ICS/SCADA system could introduce flaws in the production of
components that remain undetected before being incorporated into safety-related applications. Industrial Control
Systems, typically, use devices and networks that are very different from conventional IP-based infrastructures.
These differences prevent the re-use of existing cyber-security products in ICS/SCADA environments; the
architectures, file formats and process structures are very different. This paper supports the forensic analysis of
industrial control systems in safety-related applications. In particular, we describe how forensic attack analysis is
used to identify weaknesses in devices so that we can both protect components but also determine the information
that must be analyzed during the aftermath of a cyber-incident. Simulated attacks detect vulnerabilities; a risk-based
approach can then be used to assess the likelihood and impact of any breach. These risk assessments are then used
to justify both immediate and longer-term countermeasures
Integration of Safety Analysis in Model-Driven Software Development
I Safety critical software requires integrating verification techniques in software development methods. Software architectures must guarantee that developed systems will meet safety requirements and safety analyses are frequently used in the assessment. Safety engineers and software architects must reach a common understanding on an optimal architecture from both perspectives. Currently both groups of engineers apply different modelling techniques and languages: safety analysis models and software modelling languages. The solutions proposed seek to integrate both domains coupling the languages of each domain. It constitutes a sound example of the use of language engineering to improve efficiency in a software-related domain. A model-driven development approach and the use of a platform-independent language are used to bridge the gap between safety analyses (failure mode effects and criticality analysis and fault tree analysis) and software development languages (e.g. unified modelling language). Language abstract syntaxes (metamodels), profiles, language mappings (model transformations) and language refinements, support the direct application of safety analysis to software architectures for the verification of safety requirements. Model consistency and the possibility of automation are found among the benefits
On the suitability of time-randomized processors for secure and reliable high-performance computing
Time-randomized processor (TRP) architectures have been shown as one of the most promising approaches to deal with the overwhelming complexity of the timing analysis of high complex processor architectures for safety-related real-time systems. With TRPs the timing analysis step mainly relies on collecting measurements of the task under analysis rather than on complex timing models of the processor. Additionally, randomization techniques applied in TRPs provide increased reliability and security features. In this thesis, we elaborate on the reliability and security properties of TRPs and the suitability of extending this processor architecture design paradigm to the high-performance computing domain
Applying Model Based Techniques for Early Safety Evaluation of an Automotive Architecture in Compliance with the ISO 26262 Standard
International audienceIn 2011, the automotive industry introduced the application of a standardized process for functional safety-related development of automotive electronic products. The related international standard, ISO 26262 functional safety for road vehicles, has high demands on process documentation and analysis. Within an engineering context this challenges the tremendous increase of complexity for modern automotive systems and high productivity demands for industrial competiveness purpose. Model based development techniques based on an Architecture Description Language (ADL) has been identified as the best candidate to manage the system complexity and the related safety analysis with the benefit of formal description and capabilities for test automation. The proposed concept relies on the definition of a compositional error modeling approach tightly coupled with the system architecture model, capable to analyze the software and hardware architectures and implementations. This paper explains the results of the language extension based on the EAST-ADL and AUTOSAR domain model in terms of early safety evaluation of an automotive architecture, automating the qualitative and quantitative assessment of road vehicle products as claimed by the application of the ISO 26262
Forensic Attacks Analysis and the Cyber Security of Safety-Critical Industrial Control Systems
Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) applications monitor and control a wide range of safety-related functions. These include energy generation, where failures could have significant, irreversible consequences. They also include the control systems that are used in the manufacture of safety-related products. In this case, “bugs” in an ICS/SCADA system could introduce flaws in the production of components; these flaws remain undetected before being incorporated into safety-related applications. Industrial Control Systems, typically, use devices and networks that are different from conventional IP-based infrastructures. These differences prevent the re-use of existing cyber-security products in ICS/SCADA environments; the architectures, file formats and process structures are all different. This paper supports the forensic analysis of industrial control systems in safety-related applications. In particular, we describe how forensic attack analysis is used to identify weaknesses in devices so that we can both protect components and determine the information that must be analyzed during the aftermath of a cyber-incident. Simulated attacks detect vulnerabilities; a risk-based approach can then be used to assess the likelihood and impact of any breach. These risk assessments are then used to justify both immediate and longer-term countermeasures
Safety arguments for next generation location aware computing
Concerns over the accuracy, availability, integrity and
continuity of Global Navigation Satellite Systems (GNSS)
have limited the integration of GPS and GLONASS for
safety-critical applications. More recent augmentation
systems, such as the European Geostationary Navigation
Overlay Service (EGNOS) and the North American Wide
Area Augmentation System (WAAS) have begun to address
these concerns. Augmentation architectures build on the
existing GPS/GLONASS infrastructures to support locationbased services in Safety of Life (SoL) applications. Much of the technical development has been directed by air traffic management requirements, in anticipation of the more extensive support to be offered by GPS III and Galileo. WAAS has already been approved to provide vertical guidance against ICAO safety performance criteria for aviation applications. During the next twelve months, we will see the full certification of EGNOS for SoL applications.
This paper identifies strong similarities between the safety
assessment techniques used in Europe and North America.
Both have relied on hazard analysis techniques to derive
estimates of the Probability of Hazardously Misleading
Information (PHMI). Later sections identify significant
differences between the approaches adopted in application
development. Integrated fault trees have been developed by
regulatory and commercial organisations to consider both
infrastructure hazards and their impact on non-precision
RNAV/VNAV approaches using WAAS. In contrast,
EUROCONTROL and the European Space Agency have
developed a more modular approach to safety-case
development for EGNOS. It remains to be seen whether the
European or North American strategy offers the greatest
support as satellite based augmentation systems are used
within a growing range of SoL applications from railway
signalling through to Unmanned Airborne Systems. The key
contribution of this paper is to focus attention on the safety
arguments that might support this wider class of location
based services
On the tailoring of CAST-32A certification guidance to real COTS multicore architectures
The use of Commercial Off-The-Shelf (COTS) multicores in real-time industry is on the rise due to multicores' potential performance increase and energy reduction. Yet, the unpredictable impact on timing of contention in shared hardware resources challenges certification. Furthermore, most safety certification standards target single-core architectures and do not provide explicit guidance for multicore processors. Recently, however, CAST-32A has been presented providing guidance for software planning, development and verification in multicores. In this paper, from a theoretical level, we provide a detailed review of CAST-32A objectives and the difficulty of reaching them under current COTS multicore design trends; at experimental level, we assess the difficulties of the application of CAST-32A to a real multicore processor, the NXP P4080.This work has been partially supported by the Spanish Ministry of Economy and Competitiveness (MINECO) under grant
TIN2015-65316-P and the HiPEAC Network of Excellence.
Jaume Abella has been partially supported by the MINECO under Ramon y Cajal grant RYC-2013-14717.Peer ReviewedPostprint (author's final draft
Development and Validation of Functional Model of a Cruise Control System
Modern automobiles can be considered as a collection of many subsystems
working with each other to realize safe transportation of the occupants.
Innovative technologies that make transportation easier are increasingly
incorporated into the automobile in the form of functionalities. These new
functionalities in turn increase the complexity of the system framework present
and traceability is lost or becomes very tricky in the process. This hugely
impacts the development phase of an automobile, in which, the safety and
reliability of the automobile design should be ensured. Hence, there is a need
to ensure operational safety of the vehicles while adding new functionalities
to the vehicle. To address this issue, functional models of such systems are
created and analysed. The main purpose of developing a functional model is to
improve the traceability and reusability of a system which reduces development
time and cost. Operational safety of the system is ensured by analysing the
system with respect to random and systematic failures and including safety
mechanism to prevent such failures. This paper discusses the development and
validation of a functional model of a conventional cruise control system in a
passenger vehicle based on the ISO 26262 Road Vehicles - Functional Safety
standard. A methodology for creating functional architectures and an
architecture of a cruise control system developed using the methodology are
presented.Comment: In Proceedings FESCA 2016, arXiv:1603.0837
- …