Methodologies synthesis

This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

Built-In Return-Oriented Programs in Embedded Systems and Deep Learning for Hardware Trojan Detection

Microcontrollers and integrated circuits in general have become ubiquitous in the world today. All aspects of our lives depend on them from driving to work, to calling our friends, to checking our bank account balance. People who would do harm to individuals, corporations and nation states are aware of this and for that reason they seek to find or create and exploit vulnerabilities in integrated circuits. This dissertation contains three papers dealing with these types of vulnerabilities. The first paper talks about a vulnerability that was found on a microcontroller, which is a type of integrated circuit. The final two papers deal with hardware trojans. Hardware trojans are purposely added to the design of an integrated circuit in secret so that the manufacturer doesn’t know about it. They are used to damage the integrated circuit, leak confidential information, or in other ways alter the circuit. Hardware trojans are a major concern for anyone using integrated circuits because an attacker can alter a circuit in almost any way if they are successful in inserting one. A known method to prevent hardware trojan insertion is discussed and a type of circuit for which this method does not work is revealed. The discussion of hardware trojans is concluded with a new way to detect them before the integrated circuit is manufactured. Modern deep learning models are used to detect the portions of the hardware trojan called triggers that activate them

Differential Fault Analysis Automation

Characterization of all possible faults in a cryptosystem exploitable for fault attacks is a problem which is of both theoretical and practical interest for the cryptographic community. The complete knowledge of exploitable fault space is desirable while designing optimal countermeasures for any given crypto-implementation. In this paper, we address the exploitable fault characterization problem in the context of Differential Fault Analysis (DFA) attacks on block ciphers. The formidable size of the fault spaces demands an automated albeit fast mechanism for verifying each individual fault instance and neither the traditional, cipher-specific, manual DFA techniques nor the generic and au- tomated Algebraic Fault Attacks (AFA) [10] fulfill these criteria. Further, the diversified structures of different block ciphers suggest that such an automation should be equally applicable to any block cipher. This work presents an automated framework for DFA identification, fulfilling all aforemen- tioned criteria, which, instead of performing the attack just estimates the attack complexity for each individual fault instance. A generic and extendable data-mining assisted dynamic analysis frame- work capable of capturing a large class of DFA distinguishers is devised, along with a graph-based complexity analysis scheme. The framework significantly outperforms another recently proposed one [6], in terms of attack class coverage and automation effort. Experimental evaluation on AES and PRESENT establishes the effectiveness of the proposed framework in detecting most of the known DFAs, which eventually enables the characterization of the exploitable fault space

Development of direct measurement techniques for the in-situ internal alignment of accelerating structures

Las exigentes tolerancias de alineación en los componentes de los futuros colisionadores lineales de partículas requieren el desarrollo de nuevas técnicas de alineación más precisas que las existentes. Este es el caso del Colisionador Lineal Compacto (Compact Linear Collider, CLIC), cuyos objetivos altamente restrictivos de alineamiento alcanzan los 10 um. Para poder lograr el máximo rendimiento del acelerador, es necesario que el posicionamiento de las estructuras que aceleran las partículas y de los campos que las guían cumplan las tolerancias de alineación para dirigir el haz a lo largo de la trayectoria diseñada. Dicho procedimiento consiste en relacionar la posición de los ejes de referencia de cada componente con respecto a objetos externos, o fiduciales, lo cual resulta muy tedioso y económicamente costoso. Los errores sistemáticos y aleatorios se van acumulando en cada paso del proceso y, en consecuencia, la precisión final de alineamiento es todo un desafío. En este contexto, nace el proyecto PACMAN (Particle Accelerator Components Metrology and Alignment to the Nanometre scale), subvencionado por la Unión Europea en el programa FP7 de financiación para la investigación e innovación. El objetivo principal de PACMAN es investigar, desarrollar e implementar una solución integrada alternativa que incorpore todos los pasos de alineación en una misma ubicación, con el objetivo de mejorar la precisión de alineación de los componentes de los aceleradores, en concreto: las estructuras aceleradoras, los cuadrupolos y los monitores de posición de haz. La viabilidad de las soluciones desarrolladas y la precisión de alineamiento alcanzada deben de demostrarse en un banco de pruebas utilizando componentes de CLIC. La estrategia de PACMAN para alcanzar el objetivo técnico se divide en tres pasos. El primero consiste en la fiducialización de los componentes y sus soportes. El segundo paso es el ensamblaje de los componentes en dos tipos de soporte, uno compuesto por un monitor de posición de haz y un cuadrupolo, y otro con cuatro estructuras aceleradoras, tomando como referencia su centro electromagnético. Finalmente, ambos soportes se transportan al túnel para su alineación final utilizando técnicas de hilos tensados. En esta tesis doctoral, se describe el desarrollo de una nueva técnica no destructiva para localizar los ejes electromagnéticos de estructuras aceleradoras y su validación experimental. Para ello, se ha utilizado una estructura aceleradora de CLIC conocida como TD24. Debido a la complejidad mecánica de la TD24, su difícil acceso y su diámetro medio de iris de 5.5 mm, se desarrolla una nueva técnica denominada en esta tesis como 'el método perturbativo' y se realiza una propuesta experimental de validación. El estudio de viabilidad de este método, cumpliendo con los requisitos impuestos de precisión en la medida de 10 um, ha sido realizado con una campaña extensa de simulaciones de campos electromagnéticos en tres dimensiones utilizando la herramienta de software conocida como HFSS. Los resultados de simulación han permitido el desarrollo de un algoritmo muy completo de medidas y han proporcionado las especificaciones técnicas para el diseño conceptual de un banco de pruebas para la medida de los ejes electromagnéticos de la TD24. El preciso ensamblaje del banco de pruebas y sus correspondientes calibraciones, la incorporación de nuevos tratamientos de las medidas en el algoritmo final y la caracterización de fuentes de error en la medida, favorecieron la localización del centro electromagnético en la TD24 con una precisión menor a 1 um con un error estimado menor que 8.5 um, cumplimiendo con los objetivos de precisión establecidos.In the next generation of linear particle accelerators, challenging alignment tolerances are required in the positioning of the components focusing, accelerating and detecting the beam over the accelerator length in order to achieve the maximum machine performance. In the case of the Compact Linear Collider (CLIC), accelerating structures, beam position monitors and quadrupole magnets need to be aligned in their support with respect to their reference axes with an accuracy of 10 um. To reach such objective, the PACMAN (Particle Accelerator Components Metrology and Alignment to the Nanometer Scale) project strives for the improvement of the current alignment accuracy by developing new methods and tools, whose feasibility should be validated using the major CLIC components. This Ph.D. thesis concerns the investigation, development and implementation of a new non-destructive intracavity technique, referenced here as 'the perturbative method', to determine the electromagnetic axes of accelerating structures by means of a stretched wire, acting as a reference of alignment. Of particular importance is the experimental validation of the method through the 5.5 mm iris-mean aperture CLIC prototype known as TD24, with complex mechanical features and difficult accessibility, in a dedicated test bench. In the first chapter of this thesis, the alignment techniques in particle accelerators and the novel proposals to be implemented in the future linear colliders are introduced, and a detailed description of the PACMAN project is provided. The feasibility study of the method, carried out with extensive electromagnetic fields simulations, is described in chapter 2, giving as a result, the knowledge of the theoretical accuracy expected in the measurement of the electromagnetic axes and facilitating the development of a measurement algorithm. The conceptual design, manufacturing and calibration of the automated experimental set-up, integrating the solution developed to measure the electromagnetic axes of the TD24, are covered in chapter 3. The future lines of research and developments of the perturbative method are also explored. In chapter 4, the most significant results obtained from an extensive experimental work are presented, analysed and compared with simulations. The proof-of-principle is completed, the measurement algorithm is optimised and the electromagnetic centre is measured in the TD24 with a precision less than 1 um and an estimated error less than 8.5 um. Finally, in chapter 5, the developments undertaken along this research work are summarised, the innovative achievements accomplished within the PACMAN project are listed and its impact is analysed.En la generació pròxima d'acceleradors de partícules lineals, desafiant toleràncies d'alineament és requerit en el posicionament dels components que enfoquen, accelerant i detectant la biga sobre la longitud d'accelerador per tal d'aconseguir l'actuació de màquina màxima. En el cas del Colisionador Compacte Lineal (CLIC), accelerant estructures, monitors de posició de fes i imants necessiten ser alineats en el seu suport amb respectar a les seves destrals de referència amb una precisió de 10 um. Per assolir tal objectiu, el PACMAN (Metrologia de Components de l'Accelerador de partícules i Alineament al Nanometer Escala) projecte s'esforça per la millora de l'actual precisió d'alineament per mètodes nous en desenvolupament i eines, la viabilitat dels quals hauria de ser validada utilitzant els components de CLIC importants. Aquesta tesi concerneix la investigació, desenvolupament i implementació d'un nou no-destructiu tècnica interna, va referenciar ací mentre 'el mètode de pertorbació' per determinar les destrals electromagnètiques d'accelerar estructures mitjançant un cable estès, actuant com a referència d'alineament. De la importància particular és la validació experimental del mètode a través del 5.5 mm iris-roí obertura prototipus de CLIC sabut com TD24, amb característiques mecàniques complexes i accessibilitat difícil, en un banc de prova dedicat. En el primer capítol d'aquesta tesi, les tècniques d'alineament en acceleradors de partícules i les propostes novelles per ser implementades en el futur colisionador lineal és introduït, i una descripció detallada del projecte PACMAN és proporcionat. L'estudi de viabilitat el mètode de pertorbació, va dur a terme amb simulacres de camps electromagnètics extensos, és descrit dins capitol 2, donant com a resultat, el coneixement de la precisió teòrica esperada en la mida de les destrals electromagnètiques i facilitant el desenvolupament d'un algoritme de mida. El disseny conceptual, fabricació i calibratge del conjunt experimental automatitzat-amunt, integrant la solució desenvolupada per mesurar les destrals electromagnètiques del TD24, és cobert dins capitol 3. Les línies futures de recerca i desenvolupaments del mètode és també va explorar. Dins capitol 4, la majoria de resultats significatius van obtenir d'una faena experimental extensa és presentada, analitzat i comparat amb simulacres. La prova-de-el principi és completat, l'algoritme de mida és optimitzat i el centre electromagnètic és mesurat en el TD24 amb una precisió menys d'1 um i un error calculat menys de 8.5 um. Finalment, dins capitol 5, els desenvolupaments empresos al llarg d'aquesta faena de recerca és resumit, les consecucions innovadores van acomplir dins del projecte PACMAN és llistat i el seu impacte és analitzat.   Galindo Muñoz, N. (2018). Development of direct measurement techniques for the in-situ internal alignment of accelerating structures [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/100488TESI

A fluid analysis framework for a Markovian process algebra

Markovian process algebras, such as PEPA and stochastic π-calculus, bring a powerful compositional approach to the performance modelling of complex systems. However, the models generated by process algebras, as with other interleaving formalisms, are susceptible to the state space explosion problem. Models with only a modest number of process algebra terms can easily generate so many states that they are all but intractable to traditional solution techniques. Previous work aimed at addressing this problem has presented a fluid-flow approximation allowing the analysis of systems which would otherwise be inaccessible. To achieve this, systems of ordinary differential equations describing the fluid flow of the stochastic process algebra model are generated informally. In this paper, we show formally that for a large class of models, this fluid-flow analysis can be directly derived from the stochastic process algebra model as an approximation to the mean number of component types within the model. The nature of the fluid approximation is derived and characterised by direct comparison with the Chapman–Kolmogorov equations underlying the Markov model. Furthermore, we compare the fluid approximation with the exact solution using stochastic simulation and we are able to demonstrate that it is a very accurate approximation in many cases. For the first time, we also show how to extend these techniques naturally to generate systems of differential equations approximating higher order moments of model component counts. These are important performance characteristics for estimating, for instance, the variance of the component counts. This is very necessary if we are to understand how precise the fluid-flow calculation is, in a given modelling situation

Computer Aided Verification

This open access two-volume set LNCS 10980 and 10981 constitutes the refereed proceedings of the 30th International Conference on Computer Aided Verification, CAV 2018, held in Oxford, UK, in July 2018. The 52 full and 13 tool papers presented together with 3 invited papers and 2 tutorials were carefully reviewed and selected from 215 submissions. The papers cover a wide range of topics and techniques, from algorithmic and logical foundations of verification to practical applications in distributed, networked, cyber-physical, and autonomous systems. They are organized in topical sections on model checking, program analysis using polyhedra, synthesis, learning, runtime verification, hybrid and timed systems, tools, probabilistic systems, static analysis, theory and security, SAT, SMT and decisions procedures, concurrency, and CPS, hardware, industrial applications

Computer Aided Verification

This open access two-volume set LNCS 10980 and 10981 constitutes the refereed proceedings of the 30th International Conference on Computer Aided Verification, CAV 2018, held in Oxford, UK, in July 2018. The 52 full and 13 tool papers presented together with 3 invited papers and 2 tutorials were carefully reviewed and selected from 215 submissions. The papers cover a wide range of topics and techniques, from algorithmic and logical foundations of verification to practical applications in distributed, networked, cyber-physical, and autonomous systems. They are organized in topical sections on model checking, program analysis using polyhedra, synthesis, learning, runtime verification, hybrid and timed systems, tools, probabilistic systems, static analysis, theory and security, SAT, SMT and decisions procedures, concurrency, and CPS, hardware, industrial applications

Third Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools, Aarhus, Denmark, August 29-31, 2001

This booklet contains the proceedings of the Third Workshop on Practical Use of Coloured Petri Nets and the CPN Tools, August 29-31, 2001. The workshop is organised by the CPN group at Department of Computer Science, University of Aarhus, Denmark. The papers are also available in electronic form via the web pages: http://www.daimi.au.dk/CPnets/workshop01