An intelligent situation awareness support system for safety-critical environments

Operators handling abnormal situations in safety-critical environments need to be supported from a cognitive perspective to reduce their workload, stress, and consequent error rate. Of the various cognitive activities, a correct understanding of the situation, i.e. situation awareness (SA), is a crucial factor in improving performance and reducing error. However, existing system safety researches focus mainly on technical issues and often neglect SA. This study presents an innovative cognition-driven decision support system called the situation awareness support system (SASS) to manage abnormal situations in safety-critical environments in which the effect of situational complexity on human decision-makers is a concern. To achieve this objective, a situational network modeling process and a situation assessment model that exploits the specific capabilities of dynamic Bayesian networks and risk indicators are first proposed. The SASS is then developed and consists of four major elements: 1) a situation data collection component that provides the current state of the observable variables based on online conditions and monitoring systems, 2) a situation assessment component based on dynamic Bayesian networks (DBN) to model the hazardous situations in a situational network and a fuzzy risk estimation method to generate the assessment result, 3) a situation recovery component that provides a basis for decision-making to reduce the risk level of situations to an acceptable level, and 4) a human-computer interface. The SASS is partially evaluated by a sensitivity analysis, which is carried out to validate DBN-based situational networks, and SA measurements are suggested for a full evaluation of the proposed system. The performance of the SASS is demonstrated by a case taken from US Chemical Safety Board reports, and the results demonstrate that the SASS provides a useful graphical, mathematically consistent system for dealing with incomplete and uncertain information to help operators maintain the risk of dynamic situations at an acceptable level. © 2014 Elsevier B.V. All rights reserved

Injecting FPGA Configuration Faults in Parallel

When using SRAM-based FPGA devices in safety critical applications testing against bitflips in the device configuration memory is essential. Often such tests are achieved by corrupting configuration memory bits of a running device, but this has many scalability, reliability, and flexibility challenges. In this paper, we present a framework and a concrete implementation of a parallel fault injection cluster that addresses these challenges. Scalability is addressed by using multiple identical FPGA devices, each testing a different region in parallel. Reliability is addressed by using reconfigurable system-on-chip devices, that are isolated from each other. Flexibility is addressed by using a pending commit structure, that continually checkpoints the overall experiment and allows elastic scaling. We test and showcase our approach by exhaustively flipping every bit in the configuration memory of the CHStone benchmark suite and a VivadoHLS generated k-means clustering image processing application. Our results show that: linear scaling is possible as the number of devices increases; the majority of error inducing bitflips in the k-means application do not significantly impact the output; and that the Xilinx Essential bits tool may miss some bits that can induce errors

A situation risk awareness approach for process systems safety

Promoting situation awareness is an important design objective for a wide variety of domains, especially for process systems where the information flow is quite high and poor decisions may lead to serious consequences. In today's process systems, operators are often moved to a control room far away from the physical environment, and increasing amounts of information are passed to them via automated systems, they therefore need a greater level of support to control and maintain the facilities in safe conditions. This paper proposes a situation risk awareness approach for process systems safety where the effect of ever-increasing situational complexity on human decision-makers is a concern. To develop the approach, two important aspects - addressing hazards that arise from hardware failure and reducing human error through decision-making - have been considered. The proposed situation risk awareness approach includes two major elements: an evidence preparation component and a situation assessment component. The evidence preparation component provides the soft evidence, using a fuzzy partitioning method, that is used in the subsequent situation assessment component. The situation assessment component includes a situational network based on dynamic Bayesian networks to model the abnormal situations, and a fuzzy risk estimation method to generate the assessment result. A case from US Chemical Safety Board investigation reports has been used to illustrate the application of the proposed approach. © 2013 Elsevier Ltd

A fuzzy dynamic bayesian network-based situation assessment approach

Situation awareness (SA), a state in the mind of a human, is essential to conduct decision-making activities. It is about the perception of the elements in the environment, the comprehension of their meaning, and the projection of their status in the near future. Two decades of investigation and analysis of accidents have showed that SA was behind of many serious large-scale technological systems' accidents. This emphasizes the importance of SA support systems development for complex and dynamic environments. This paper presents a fuzzy dynamic Bayesian network-based situation assessment approach to support the operators in decision making process in hazardous situations. The approach includes a dynamic Bayesian network-based situational network to model the hazardous situations where the existence of the situations can be inferred by sensor observations through the SCADA monitoring system using a fuzzy quantizer method. In addition to generate the assessment result, a fuzzy risk estimation method is proposed to show the risk level of situations. Ultimately a hazardous environment from U.S. Chemical Safety Board investigation reports has been used to illustrate the application of proposed approach. © 2013 IEEE

CEEME: compensating events based execution monitoring enforcement for Cyber-Physical Systems

Fundamentally, inherently observable events in Cyber-Physical Systems with tight coupling between cyber and physical components can result in a confidentiality violation. By observing how the physical elements react to cyber commands, adversaries can identify critical links in the system and force the cyber control algorithm to make erroneous decisions. Thus, there is a propensity for a breach in confidentiality leading to further attacks on availability or integrity. Due to the highly integrated nature of Cyber-Physical Systems, it is also extremely difficult to map the system semantics into a security framework under existing security models. The far-reaching objective of this research is to develop a science of selfobfuscating systems based on the composition of simple building blocks. A model of Nondeducibility composes the building blocks under Information Flow Security Properties. To this end, this work presents fundamental theories on external observability for basic regular networks and the novel concept of event compensation that can enforce Information Flow Security Properties at runtime --Abstract, page iii

Resilience Model for Teams of Autonomous Unmanned Aerial Vehicles (UAV) Executing Surveillance Missions

Teams of low-cost Unmanned Aerial Vehicles (UAVs) have gained acceptance as an alternative for cooperatively searching and surveilling terrains. These UAVs are assembled with low-reliability components, so unit failures are possible. Losing UAVs to failures decreases the team\u27s coverage efficiency and impacts communication, given that UAVs are also communication nodes. Such is the case of a Flying Ad Hoc Network (FANET), where the failure of a communication node may isolate segments of the network covering several nodes. The main goal of this study is to develop a resilience model that would allow us to analyze the effects of individual UAV failures on the team\u27s performance to improve the team\u27s resilience. The proposed solution models and simulates the UAV team using Agent-Based Modeling and Simulation. UAVs are modeled as autonomous agents, and the searched terrain as a two-dimensional M x N grid. Communication between agents permits having the exact data on the transit and occupation of all cells in real time. Such communication allows the UAV agents to estimate the best alternatives to move within the grid and know the exact number of all agents\u27 visits to the cells. Each UAV is simulated as a hobbyist, fixed-wing airplane equipped with a generic set of actuators and a generic controller. Individual UAV failures are simulated following reliability Fault Trees. Each affected UAV is disabled and eliminated from the pool of active units. After each unit failure, the system generates a new topology. It produces a set of minimum-distance trees for each node (UAV) in the grid. The new trees will thus depict the rearrangement links as required after a node failure or if changes occur in the topology due to node movement. The model should generate parameters such as the number and location of compromised nodes, performance before and after the failure, and the estimated time of restitution needed to model the team\u27s resilience. The study addresses three research goals: identifying appropriate tools for modeling UAV scenarios, developing a model for assessing UAVs team resilience that overcomes previous studies\u27 limitations, and testing the model through multiple simulations. The study fills a gap in the literature as previous studies focus on system communication disruptions (i.e., node failures) without considering UAV unit reliability. This consideration becomes critical as using small, low-cost units prone to failure becomes widespread

Space Station Freedom data management system growth and evolution report

The Information Sciences Division at the NASA Ames Research Center has completed a 6-month study of portions of the Space Station Freedom Data Management System (DMS). This study looked at the present capabilities and future growth potential of the DMS, and the results are documented in this report. Issues have been raised that were discussed with the appropriate Johnson Space Center (JSC) management and Work Package-2 contractor organizations. Areas requiring additional study have been identified and suggestions for long-term upgrades have been proposed. This activity has allowed the Ames personnel to develop a rapport with the JSC civil service and contractor teams that does permit an independent check and balance technique for the DMS