Formal Model-Based Approaches for the Development of Composite

Software engineering (SE) is concerned about techniques and tools to develop software pieces. Structuring and composition techniques have always been a cornerstone in software engineering, from modules in the 70’s to the more recent component and service based approaches. These techniques support the application of the well-known divide-and-conquer approach to software development, and promote the construction of added-value software pieces by reusing existing one. More than providing a theoretical background for software engineering (which is nice, but not our objective here), formal methods (FM) support the development process and enable the automation of the whole, or parts of, the design and programming activities. In this talk, I will first present common principles of software architectures and (Web) service development. Then I will survey some of my recent works in the context of the application of formal methods to service-based software engineering. Three typical applications will be presented: software adaptation, automatic service composition, and verification (testing). Formal methods will be tackled (mainly) from a pragmatic perspective, demonstrating how, translating an issue from the SE domain to the FM domain, let state-of-the art formal verification tools do the work for the software developer.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tech

MOSTO: A toolkit to facilitate security auditing of ICS devices using Modbus/TCP

The integration of the Internet into industrial plants has connected Industrial Control Systems (ICS) worldwide, resulting in an increase in the number of attack surfaces and the exposure of software and devices not originally intended for networking. In addition, the heterogeneity and technical obsolescence of ICS architectures, legacy hardware, and outdated software pose significant challenges. Since these systems control essential infrastructure such as power grids, water treatment plants, and transportation networks, security is of the utmost importance. Unfortunately, current methods for evaluating the security of ICS are often ad-hoc and difficult to formalize into a systematic evaluation methodology with predictable results. In this paper, we propose a practical method supported by a concrete toolkit for performing penetration testing in an industrial setting. The primary focus is on the Modbus/TCP protocol as the field control protocol. Our approach relies on a toolkit, named MOSTO, which is licensed under GNU GPL and enables auditors to assess the security of existing industrial control settings without interfering with ICS workflows. Furthermore, we present a model-driven framework that combines formal methods, testing techniques, and simulation to (formally) test security properties in ICS networks

Reasoning about the Reliability of Diverse Two-Channel Systems in which One Channel is "Possibly Perfect"

This paper considers the problem of reasoning about the reliability of fault-tolerant systems with two "channels" (i.e., components) of which one, A, supports only a claim of reliability, while the other, B, by virtue of extreme simplicity and extensive analysis, supports a plausible claim of "perfection." We begin with the case where either channel can bring the system to a safe state. We show that, conditional upon knowing pA (the probability that A fails on a randomly selected demand) and pB (the probability that channel B is imperfect), a conservative bound on the probability that the system fails on a randomly selected demand is simply pA.pB. That is, there is conditional independence between the events "A fails" and "B is imperfect." The second step of the reasoning involves epistemic uncertainty about (pA, pB) and we show that under quite plausible assumptions, a conservative bound on system pfd can be constructed from point estimates for just three parameters. We discuss the feasibility of establishing credible estimates for these parameters. We extend our analysis from faults of omission to those of commission, and then combine these to yield an analysis for monitored architectures of a kind proposed for aircraft

A survey of agent-oriented methodologies

This article introduces the current agent-oriented methodologies. It discusses what approaches have been followed (mainly extending existing object oriented and knowledge engineering methodologies), the suitability of these approaches for agent modelling, and some conclusions drawn from the survey

What use are formal design and analysis methods to telecommunications services?

Have formal methods failed, or will they fail, to help us solve problems of detecting and resolving of feature interactions in telecommunications software? This paper contains SWOT(Strengths, Weaknesses, Opportunities and Threats) analysis of the use of formula design and analysis methods in feature interaction analysis and makes some suggestions for future research