Generalized Fault Trees: from reliability to security

Fault Trees (FT) are widespread models in the reliability \ufb01eld, but they lack of modelling power. So, in the literature, several extensions have been proposed and introduced speci\ufb01c new modelling primitives. Attack Trees (AT) have gained acceptance in the \ufb01eld of security. They follow the same notation of standard FT,but they represent the combinations of actions necessary for the success of an attack to a computing system. In this paper, we extend the AT formalism by exploiting the new primitives introduced in speci\ufb01c FT extensions. This leads to more accurate models. The approach is applied to a case study: the AT is exploited to represent the attack mode and compute speci\ufb01c quantitative measures about the system security

Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

Improved dynamic dependability assessment through integration with prognostics

The use of average data for dependability assessments results in a outdated system-level dependability estimation which can lead to incorrect design decisions. With increasing availability of online data, there is room to improve traditional dependability assessment techniques. Namely, prognostics is an emerging field which provides asset-specific failure information which can be reused to improve the system level failure estimation. This paper presents a framework for prognostics-updated dynamic dependability assessment. The dynamic behaviour comes from runtime updated information, asset inter-dependencies, and time-dependent system behaviour. A case study from the power generation industry is analysed and results confirm the validity of the approach for improved near real-time unavailability estimations

A GSPN semantics for Continuous Time Bayesian Networks with Immediate Nodes

In this report we present an extension to Continuous Time Bayesian Networks (CTBN) called Generalized Continuous Time Bayesian Networks (GCTBN). The formalism allows one to model, in addition to continuous time delayed variables (with exponentially distributed transition rates), also non delayed or "immediate" variables, which act as standard chance nodes in a Bayesian Network. This allows the modeling of processes having both a continuous-time temporal component and an immediate (i.e. non-delayed) component capturing the logical/probabilistic interactions among the model\u2019s variables. The usefulness of this kind of model is discussed through an example concerning the reliability of a simple component-based system. A semantic model of GCTBNs, based on the formalism of Generalized Stochastic Petri Nets (GSPN) is outlined, whose purpose is twofold: to provide a well-de\ufb01ned semantics for GCTBNs in terms of the underlying stochastic process, and to provide an actual mean to perform inference (both prediction and smoothing) on GCTBNs. The example case study is then used, in order to highlight the exploitation of GSPN analysis for posterior probability computation on the GCTBN model

The safety case and the lessons learned for the reliability and maintainability case

This paper examine the safety case and the lessons learned for the reliability and maintainability case

A Hierarchical Approach for Dynamic Fault Trees Solution Through Semi-Markov Process

Dynamic fault tree (DFT) is a top-down deductive technique extended to model systems with complex failure behaviors and interactions. In two last decades, different methods have been applied to improve its capabilities, such as computational complexity reduction, modularization, intricate failure distribution, and reconfiguration. This paper uses semi-Markov process (SMP) theorem for DFT solution with the motivation of obviating the model state-explosion, considering nonexponential failure distribution through a hierarchical solution. In addition, in the proposed method, a universal SMP for static and dynamic gates is introduced, which can generalize dynamic behaviors like functional dependencies, sequences, priorities, and spares in a single model. The efficiency of the method regarding precision and competitiveness with commercial tools, repeated events consideration, computational complexity reduction, nonexponential failure distribution consideration, and repairable events in DFT is studied by a number of examples, and the results are then compared to those of the selected existing methods

Fault Tree Analysis: a survey of the state-of-the-art in modeling, analysis and tools

Fault tree analysis (FTA) is a very prominent method to analyze the risks related to safety and economically critical assets, like power plants, airplanes, data centers and web shops. FTA methods comprise of a wide variety of modelling and analysis techniques, supported by a wide range of software tools. This paper surveys over 150 papers on fault tree analysis, providing an in-depth overview of the state-of-the-art in FTA. Concretely, we review standard fault trees, as well as extensions such as dynamic FT, repairable FT, and extended FT. For these models, we review both qualitative analysis methods, like cut sets and common cause failures, and quantitative techniques, including a wide variety of stochastic methods to compute failure probabilities. Numerous examples illustrate the various approaches, and tables present a quick overview of results