Formalizing Mobile Ad Hoc and Sensor Networks Using VDM-SL

AbstractMobile ad hoc and sensor networks (MAHSNs) are expected to become the fabric of modern societies. Despite considerable advancements, these networks are yet unable to surmount many operational challenges especially in safety-critical large-scale applications. Most of the published research focused on performance analysis of nonfunctional properties and ignore correctness of the approach which is vital in large and complex systems. This paper investigates an alternative formal specification and analysis technique for MAHSNs. We model MAHSNs as dynamic graph and employ VDM-SL for formal specification and verification of LASCNN algorithm. Constraints are put on the data where required to support validation of the formal algorithm. Pre and post conditions are defined for correct operation of communication in terms of messages. VDM-SL is used because it is a formal specification language to describe detailed examination of the system. The specification is analyzed and validated using VDM-SL toolbox

Sensing Systems for Respiration Monitoring: A Technical Systematic Review

Respiratory monitoring is essential in sleep studies, sport training, patient monitoring, or health at work, among other applications. This paper presents a comprehensive systematic review of respiration sensing systems. After several systematic searches in scientific repositories, the 198 most relevant papers in this field were analyzed in detail. Different items were examined: sensing technique and sensor, respiration parameter, sensor location and size, general system setup, communication protocol, processing station, energy autonomy and power consumption, sensor validation, processing algorithm, performance evaluation, and analysis software. As a result, several trends and the remaining research challenges of respiration sensors were identified. Long-term evaluations and usability tests should be performed. Researchers designed custom experiments to validate the sensing systems, making it difficult to compare results. Therefore, another challenge is to have a common validation framework to fairly compare sensor performance. The implementation of energy-saving strategies, the incorporation of energy harvesting techniques, the calculation of volume parameters of breathing, or the effective integration of respiration sensors into clothing are other remaining research efforts. Addressing these and other challenges outlined in the paper is a required step to obtain a feasible, robust, affordable, and unobtrusive respiration sensing system

Executable Model Synthesis and Property Validation for Message Sequence Chart Specifications

Message sequence charts (MSC’s) are a formal language for the specification of scenarios in concurrent real-time systems. The thesis addresses the synthesis of executable object-oriented design-time models from MSC specifications. The synthesis integrates with the software development process, its purpose being to automatically create working prototypes from specifications without error and create executable models on which properties may be validated. The usefulness of existing algorithms for the synthesis of ROOM (Real-Time Object Oriented Modeling) models from MSC’s has been evaluated from the perspective of an applications programmer ac-cording to various criteria. A number of new synthesis features have been proposed to address them, and applied to a telephony call management system for illustration. These include the specification and construction of hierarchical structure and behavior of ROOM actors, views, multiple containment, replication, resolution of non-determinism and automatic coordination. Generalizations and algorithms have been provided. The hierarchical actor structure, replication, FSM merging, and global coordinator algorithms have been implemented in the Mesa CASE tool. A comparison is made to other specification and modeling languages and their synthesis, such as SDL, LSC’s, and statecharts. Another application of synthesis is to generate a model with support for the automated validation of safety and liveness properties. The Mobility Management services of the GSM digital mobile telecommunications system were specified in MSC’s. A Promela model of the system was then synthesized. A number of optimizations have been proposed to reduce the complexity of the model in order to successfully perform a validation of it. Properties of the system were encoded in Linear Temporal Logic, and the Promela model was used to automatically validate a number of identified properties using the model checker Spin. A ROOM model was then synthesized from the validated MSC specification using the proposed refinement features

Modeling of systems

The handbook contains the fundamentals of modeling of complex systems. The classification of mathematical models is represented and the methods of their construction are given. The analytical modeling of the basic types of processes in the complex systems is considered. The principles of simulation, statistical and business processes modeling are described. The handbook is oriented on students of higher education establishments that obtain a degree in directions of “Software engineering” and “Computer science” as well as on lecturers and specialists in the domain of computer modeling

e-Sanctuary: open multi-physics framework for modelling wildfire urban evacuation

The number of evacuees worldwide during wildfire keep rising, year after year. Fire evacuations at the wildland-urban interfaces (WUI) pose a serious challenge to fire and emergency services and are a global issue affecting thousands of communities around the world. But to date, there is a lack of comprehensive tools able to inform, train or aid the evacuation response and the decision making in case of wildfire. The present work describes a novel framework for modelling wildfire urban evacuations. The framework is based on multi-physics simulations that can quantify the evacuation performance. The work argues that an integrated approached requires considering and integrating all three important components of WUI evacuation, namely: fire spread, pedestrian movement, and traffic movement. The report includes a systematic review of each model component, and the key features needed for the integration into a comprehensive toolkit

Interactive Model-Based Compilation: A Modeller-Driven Development Approach

There is a growing tendency for using domain-specific languages, which help domain experts to stay focussed on abstract problem solutions. It is important to carefully design these languages and tools, which fundamentally perform model-to-model transformations. The quality of both usually decides the effectiveness of the subsequent development and therefore the quality of the final applications. However, as the complexity and safety requirements of modern systems grow, it becomes increasingly burdensome to create highly customized languages and difficult to provide reasonable overviews within these tools. This thesis introduces a new interactive model-based compilation methodology. Compilations for arbitrary model-to-model transformations are themselves described as models. They can be instantiated for particular inputs, e. g. a program, to create concrete compilation runs, which return the result of that compilation. The compilation instance is interactively observable. Intermediate results serve as new inputs and as documentation. They can be used to create highly customized views and facilitate understandability. This methodology guides modellers from the start of the compilation to the final result so that they can interactively refine their models. The methodology has been implemented and validated as the KIELER Compiler (KiCo) and is available as part of the KIELER open-source project. It is used to implement the current reference compiler for the SCCharts language, a statecharts dialect designed for specifying safety-critical reactive systems based on a synchronous model of computation. The interactive model-based compilation approach was key to the rapid prototyping of three different compilation strategies, as well as new language extensions, variations and closely related languages. The results are verified with benchmarks, which are again modelled using the same approach and technology. The usability of the SCCharts language and the KiCo tooling is documented with long-term surveys and real-life industrial, academic and teaching examples

On the Secure and Resilient Design of Connected Vehicles: Methods and Guidelines

Vehicles have come a long way from being purely mechanical systems to systems that consist of an internal network of more than 100 microcontrollers and systems that communicate with external entities, such as other vehicles, road infrastructure, the manufacturer’s cloud and external applications. This combination of resource constraints, safety-criticality, large attack surface and the fact that millions of people own and use them each day, makes securing vehicles particularly challenging as security practices and methods need to be tailored to meet these requirements.This thesis investigates how security demands should be structured to ease discussions and collaboration between the involved parties and how requirements engineering can be accelerated by introducing generic security requirements. Practitioners are also assisted in choosing appropriate techniques for securing vehicles by identifying and categorising security and resilience techniques suitable for automotive systems. Furthermore, three specific mechanisms for securing automotive systems and providing resilience are designed and evaluated. The first part focuses on cyber security requirements and the identification of suitable techniques based on three different approaches, namely (i) providing a mapping to security levels based on a review of existing security standards and recommendations; (ii) proposing a taxonomy for resilience techniques based on a literature review; and (iii) combining security and resilience techniques to protect automotive assets that have been subject to attacks. The second part presents the design and evaluation of three techniques. First, an extension for an existing freshness mechanism to protect the in-vehicle communication against replay attacks is presented and evaluated. Second, a trust model for Vehicle-to-Vehicle communication is developed with respect to cyber resilience to allow a vehicle to include trust in neighbouring vehicles in its decision-making processes. Third, a framework is presented that enables vehicle manufacturers to protect their fleet by detecting anomalies and security attacks using vehicle trust and the available data in the cloud

Simulated penetration testing and mitigation analysis

Da Unternehmensnetzwerke und Internetdienste stetig komplexer werden, wird es immer schwieriger, installierte Programme, Schwachstellen und Sicherheitsprotokolle zu überblicken. Die Idee hinter simuliertem Penetrationstesten ist es, Informationen über ein Netzwerk in ein formales Modell zu transferiern und darin einen Angreifer zu simulieren. Diesem Modell fügen wir einen Verteidiger hinzu, der mittels eigener Aktionen versucht, die Fähigkeiten des Angreifers zu minimieren. Dieses zwei-Spieler Handlungsplanungsproblem nennen wir Stackelberg planning. Ziel ist es, Administratoren, Penetrationstestern und der Führungsebene dabei zu helfen, die Schwachstellen großer Netzwerke zu identifizieren und kosteneffiziente Gegenmaßnahmen vorzuschlagen. Wir schaffen in dieser Dissertation erstens die formalen und algorithmischen Grundlagen von Stackelberg planning. Indem wir dabei auf klassischen Planungsproblemen aufbauen, können wir von gut erforschten Heuristiken und anderen Techniken zur Analysebeschleunigung, z.B. symbolischer Suche, profitieren. Zweitens entwerfen wir einen Formalismus für Privilegien-Eskalation und demonstrieren die Anwendbarkeit unserer Simulation auf lokale Computernetzwerke. Drittens wenden wir unsere Simulation auf internetweite Szenarien an und untersuchen die Robustheit sowohl der E-Mail-Infrastruktur als auch von Webseiten. Viertens ermöglichen wir mittels webbasierter Benutzeroberflächen den leichten Zugang zu unseren Tools und Analyseergebnissen.As corporate networks and Internet services are becoming increasingly more complex, it is hard to keep an overview over all deployed software, their potential vulnerabilities, and all existing security protocols. Simulated penetration testing was proposed to extend regular penetration testing by transferring gathered information about a network into a formal model and simulate an attacker in this model. Having a formal model of a network enables us to add a defender trying to mitigate the capabilities of the attacker with their own actions. We name this two-player planning task Stackelberg planning. The goal behind this is to help administrators, penetration testing consultants, and the management level at finding weak spots of large computer infrastructure and suggesting cost-effective mitigations to lower the security risk. In this thesis, we first lay the formal and algorithmic foundations for Stackelberg planning tasks. By building it in a classical planning framework, we can benefit from well-studied heuristics, pruning techniques, and other approaches to speed up the search, for example symbolic search. Second, we design a theory for privilege escalation and demonstrate the applicability of our framework to local computer networks. Third, we apply our framework to Internet-wide scenarios by investigating the robustness of both the email infrastructure and the web. Fourth, we make our findings and our toolchain easily accessible via web-based user interfaces