Semantic Support for Log Analysis of Safety-Critical Embedded Systems

Testing is a relevant activity for the development life-cycle of Safety Critical Embedded systems. In particular, much effort is spent for analysis and classification of test logs from SCADA subsystems, especially when failures occur. The human expertise is needful to understand the reasons of failures, for tracing back the errors, as well as to understand which requirements are affected by errors and which ones will be affected by eventual changes in the system design. Semantic techniques and full text search are used to support human experts for the analysis and classification of test logs, in order to speedup and improve the diagnosis phase. Moreover, retrieval of tests and requirements, which can be related to the current failure, is supported in order to allow the discovery of available alternatives and solutions for a better and faster investigation of the problem.Comment: EDCC-2014, BIG4CIP-2014, Embedded systems, testing, semantic discovery, ontology, big dat

Safety-oriented Testing for High-speed Rail Onboard Equipment Using Petri Nets

With its ability to operate at high speeds and capacity, high-speed rail offers a fast, dependable, and ecofriendly urban transportation option. Safety-critical systems such as high-speed rail signaling systems must be tested regularly to assess compliance with specifications and ensure reliable performance. Given that the onboard equipment is the core component of the signaling system, conducting safety testing on this equipment is of utmost importance. Current methods of analyzing test requirements mainly rely on human interpretation of specifications. However, the official technical specifications usually only outline standard operational scenarios, which could result in an inefficient and unclear safety analysis. This paper focuses on safety-oriented testing for onboard equipment. In particular, we propose a Petri net based approach to generate test cases for diverse operational scenarios. This approach improves both the efficiency and reliability of the testing process while ensuring compliance with safety requirements

Modeling and Detecting False Data Injection Attacks against Railway Traction Power Systems

Modern urban railways extensively use computerized sensing and control technologies to achieve safe, reliable, and well-timed operations. However, the use of these technologies may provide a convenient leverage to cyber-attackers who have bypassed the air gaps and aim at causing safety incidents and service disruptions. In this paper, we study false data injection (FDI) attacks against railways' traction power systems (TPSes). Specifically, we analyze two types of FDI attacks on the train-borne voltage, current, and position sensor measurements - which we call efficiency attack and safety attack -- that (i) maximize the system's total power consumption and (ii) mislead trains' local voltages to exceed given safety-critical thresholds, respectively. To counteract, we develop a global attack detection (GAD) system that serializes a bad data detector and a novel secondary attack detector designed based on unique TPS characteristics. With intact position data of trains, our detection system can effectively detect the FDI attacks on trains' voltage and current measurements even if the attacker has full and accurate knowledge of the TPS, attack detection, and real-time system state. In particular, the GAD system features an adaptive mechanism that ensures low false positive and negative rates in detecting the attacks under noisy system measurements. Extensive simulations driven by realistic running profiles of trains verify that a TPS setup is vulnerable to the FDI attacks, but these attacks can be detected effectively by the proposed GAD while ensuring a low false positive rate.Comment: IEEE/IFIP DSN-2016 and ACM Trans. on Cyber-Physical System

The European Project STRUCTURES : Challenges and Results

The project STRUCTURES, funded by the European Union, started in July 2012 to study problems related to the emerging threats of electromagnetic attacks to critical infrastructures. Partners of the team have worked to list possible threats, identify the main characteristics of the critical infrastructures our way of living depends on, test current protection strategies with different simulation and measurement techniques, and condensate the results in guidelines accessible to an audience wider than the one of people working in the field. Here, we summarize the challenges, the solutions, and the results of almost three years of work

Safety component-based approach and its application to ERTMS/ETCS on-board train control system

International audienceSafety-critical software is becoming more and more complex and at the same time it operates in frequently changing environments on which it reacts by reconfiguring its architecture. Thus, an appropriate modelling approach is needed to reduce the complexity of designing and to enable the verification of dynamic reconfiguration behaviour before the deployment at runtime. The paradigm of software component-based engineering provides an essential support for this. However, composing software from many reconfigurable components can lead to a huge number of possible compositional configurations difficult to handle at design time. Moreover, analysing all possible sequences of reconfiguration, including failure situations, is far beyond feasibility without an appropriate abstraction and granularity levels. In this paper, we propose a hierarchical component-based design approach to reduce the complexity of designing and to analyse the dynamic reconfiguration behaviour. We illustrate our approach with a case study derived from ERTMS/ETCS level 2

Certifications of Critical Systems – The CECRIS Experience

In recent years, a considerable amount of effort has been devoted, both in industry and academia, to the development, validation and verification of critical systems, i.e. those systems whose malfunctions or failures reach a critical level both in terms of risks to human life as well as having a large economic impact.Certifications of Critical Systems – The CECRIS Experience documents the main insights on Cost Effective Verification and Validation processes that were gained during work in the European Research Project CECRIS (acronym for Certification of Critical Systems). The objective of the research was to tackle the challenges of certification by focusing on those aspects that turn out to be more difficult/important for current and future critical systems industry: the effective use of methodologies, processes and tools.The CECRIS project took a step forward in the growing field of development, verification and validation and certification of critical systems. It focused on the more difficult/important aspects of critical system development, verification and validation and certification process. Starting from both the scientific and industrial state of the art methodologies for system development and the impact of their usage on the verification and validation and certification of critical systems, the project aimed at developing strategies and techniques supported by automatic or semi-automatic tools and methods for these activities, setting guidelines to support engineers during the planning of the verification and validation phases

RF Systems Design for Simultaneous Wireless Information and Power Transfer (SWIPT) in Automation and Transportation

This work presents some recent solutions that exploit the wireless power transfer (WPT) technology for energizing moving vehicles and machinery tools. Such technology is currently experiencing unprecedented interests in non-traditional RF/microwave sectors fields, such the industrial automation and the railway transportation safety. Near-field electromagnetic coupling solutions are presented showing that, in order to obtain efficient performances for broad ranges of operating conditions, the nonlinear electromagnetic co-design of the entire WPT system, from the energy source to the receiver load, needs to be carried out. This technology can be combined with wireless data transfer, thus realizing integrated systems able to simultaneously control the energy transfer and the transmission of data. The adopted operating frequencies are in the MHz range, which is only recently considered for this kind of applications. In particular this work focuses on three different systems: the first one demonstrates the constant powering of “on the move” industrial charts at 6.78 MHz, regardless of the relative position of the transmitter and the receiver sub-systems; the second one presents a novel design of a balise transportation system adopting a high efficiency GaN-based transmitter designed to keep its performance over a wide range of loading conditions; the last one consists of the simultaneous wireless power and data transfer, to a rotating machinery tool, automatically controlled by the powering system based on the coexistence of frequency-diverse inductive and capacitive couplings

Improving Human Reliability Analysis for Railway Systems Using Fuzzy Logic

The International Union of Railway provides an annually safety report highlighting that human factor is one of the main causes of railway accidents every year. Consequently, the study of human reliability is fundamental, and it must be included within a complete reliability assessment for every railway-related system. However, currently RARA (Railway Action Reliability Assessment) is the only approach available in literature that considers human task specifically customized for railway applications. The main disadvantages of RARA are the impact of expert’s subjectivity and the difficulty of a numerical assessment for the model parameters in absence of an exhaustive error and accident database. This manuscript introduces an innovative fuzzy method for the assessment of human factor in safety-critical systems for railway applications to address the problems highlighted above. Fuzzy logic allows to simplify the assessment of the model parameters by means of linguistic variables more resemblant to human cognitive process. Moreover, it deals with uncertain and incomplete data much better than classical deterministic approach and it minimizes the subjectivity of the analyst evaluation. The output of the proposed algorithm is the result of a fuzzy interval arithmetic, $\alpha$ -cut theory and centroid defuzzification procedure. The proposed method has been applied to the human operations carried out on a railway signaling system. Four human tasks and two scenarios have been simulated to analyze the performance of the proposed algorithm. Finally, the results of the method are compared with the classical RARA procedure underline compliant results obtain with a simpler, less complex and more intuitive approach