Detecting Mode Inconsistencies in Component-Based Embedded Software

To deal with increasing size and complexity, componentbased software development has been employed in embedded systems. These systems comprise a set of components each of which implements a particular functionality. The system utilizes the components to provide the functionalities that are required in a set of working modes. Components can also be considered to have a set of working modes. They should work in harmony and consistent with the working mode of the system. Due to several errors that remain undetected during the design and implementation phases, components can make wrong assumptions about the working mode of the system and the working modes of the other components. These errors may lead to severe failures. Fault tolerance is required to prevent these failures at runtime. The first step to achieve fault tolerance is error detection. To detect mode inconsistencies at run-time, we propose a "lightweight" error detection mechanism, which can be integrated with component-based embedded systems. We define three dependent levels of abstractions: the run-time behavior of components, the working mode specifications of components and the specification of the working modes of the system. We define explicit links among these levels by specifying a mutual consistency condition. This allows us to detect the user observable run-time errors. The effectiveness of the approach is demonstrated by implementing a software monitor integrated into a TV system

Safety component-based approach and its application to ERTMS/ETCS on-board train control system

International audienceSafety-critical software is becoming more and more complex and at the same time it operates in frequently changing environments on which it reacts by reconfiguring its architecture. Thus, an appropriate modelling approach is needed to reduce the complexity of designing and to enable the verification of dynamic reconfiguration behaviour before the deployment at runtime. The paradigm of software component-based engineering provides an essential support for this. However, composing software from many reconfigurable components can lead to a huge number of possible compositional configurations difficult to handle at design time. Moreover, analysing all possible sequences of reconfiguration, including failure situations, is far beyond feasibility without an appropriate abstraction and granularity levels. In this paper, we propose a hierarchical component-based design approach to reduce the complexity of designing and to analyse the dynamic reconfiguration behaviour. We illustrate our approach with a case study derived from ERTMS/ETCS level 2

Programming Sensor Networks Using REMORA Component Model

International audienceThe success of high-level programming models in Wireless Sensor Networks (WSNs) is heavily dependent on factors such as ease of programming, code well-structuring, degree of code reusability, and required software development effort. Component-based programming has been recognized as an effective approach to meet such requirements. Most of componentization efforts inWSNs were ineffective due to various reasons, such as high resource demand or limited scope of use. In this paper, we present REMORA, a new approach to practical and efficient component-based programming in WSNs. REMORA offers a well-structured programming paradigm that fits very well with resource limitations of embedded systems, including WSNs. Furthermore, the special attention to event handling in REMORA makes our proposal more practical for WSN applications, which are inherently event-driven. More importantly, the mutualism between REMORA and underlying system software promises a new direction towards separation of concerns in WSNs. Our evaluation results show that a well-configured REMORA application has an acceptable memory overhead and a negligible CPU cost

Programming Sensor Networks Using REMORA Component Model

International audienceThe success of high-level programming models in Wireless Sensor Networks (WSNs) is heavily dependent on factors such as ease of programming, code well-structuring, degree of code reusability, and required software development effort. Component-based programming has been recognized as an effective approach to meet such requirements. Most of componentization efforts inWSNs were ineffective due to various reasons, such as high resource demand or limited scope of use. In this paper, we present REMORA, a new approach to practical and efficient component-based programming in WSNs. REMORA offers a well-structured programming paradigm that fits very well with resource limitations of embedded systems, including WSNs. Furthermore, the special attention to event handling in REMORA makes our proposal more practical for WSN applications, which are inherently event-driven. More importantly, the mutualism between REMORA and underlying system software promises a new direction towards separation of concerns in WSNs. Our evaluation results show that a well-configured REMORA application has an acceptable memory overhead and a negligible CPU cost

A service-oriented middleware for integrated management of crowdsourced and sensor data streams in disaster management

The increasing number of sensors used in diverse applications has provided a massive number of continuous, unbounded, rapid data and requires the management of distinct protocols, interfaces and intermittent connections. As traditional sensor networks are error-prone and difficult to maintain, the study highlights the emerging role of “citizens as sensors” as a complementary data source to increase public awareness. To this end, an interoperable, reusable middleware for managing spatial, temporal, and thematic data using Sensor Web Enablement initiative services and a processing engine was designed, implemented, and deployed. The study found that its approach provided effective sensor data-stream access, publication, and filtering in dynamic scenarios such as disaster management, as well as it enables batch and stream management integration. Also, an interoperability analytics testing of a flood citizen observatory highlighted even variable data such as those provided by the crowd can be integrated with sensor data stream. Our approach, thus, offers a mean to improve near-real-time applications

A Generic Component-based Approach for Programming, Composing and Tuning Sensor Software

International audienceWireless sensor networks (WSNs) are being extensively deployed today in various monitoring and control applications by enabling rapid deployments at low cost and with high flexibility. However, high-level software development is still one of the major challenges to wide-spread WSN adoption. The success of high-level programming approaches in WSNs is heavily dependent on factors such as ease of programming, code well-structuring, degree of code reusability, required software development effort and the ability to tune the sensor software for a particular application. Component-based programming has been recognized as an effective approach to satisfy such requirements. However, most of the componentization efforts in WSNs were ineffective due to various reasons, such as high resource demand or limited scope of use. In this article, we present Remora, a novel component-based approach to overcome the hurdles of WSN software implementation and configuration. Remora offers a well-structured programming paradigm that fits very well with resource limitations of embedded systems, including WSNs. Furthermore, the special attention to event handling in Remora makes our proposal more practical for embedded applications, which are inherently event-driven. More importantly, the mutualism between Remora and underlying system software promises a new direction towards separation of concerns in WSNs. This feature also offers a practical way to develop sensor middleware services which should be generic and developed close to the operating system. Additionally, it allows the customization of sensor software--deploying only application-required system-level services on nodes, instead of installing a fixed large system software image for any application. Our evaluation results show that the deployed Remora applications have an acceptable memory overhead and a negligible CPU cost compared with the state-of-the-art development models

Distributed Control Architecture

This document describes the development and testing of a novel Distributed Control Architecture (DCA). The DCA developed during the study is an attempt to turn the components used to construct unmanned vehicles into a network of intelligent devices, connected using standard networking protocols. The architecture exists at both a hardware and software level and provides a communication channel between control modules, actuators and sensors. A single unified mechanism for connecting sensors and actuators to the control software will reduce the technical knowledge required by platform integrators and allow control systems to be rapidly constructed in a Plug and Play manner. DCA uses standard networking hardware to connect components, removing the need for custom communication channels between individual sensors and actuators. The use of a common architecture for the communication between components should make it easier for software to dynamically determine the vehicle s current capabilities and increase the range of processing platforms that can be utilised. Implementations of the architecture currently exist for Microsoft Windows, Windows Mobile 5, Linux and Microchip dsPIC30 microcontrollers. Conceptually, DCA exposes the functionality of each networked device as objects with interfaces and associated methods. Allowing each object to expose multiple interfaces allows for future upgrades without breaking existing code. In addition, the use of common interfaces should help facilitate component reuse, unit testing and make it easier to write generic reusable software

Ein mehrschichtiges sicheres Framework für Fahrzeugsysteme

In recent years, significant developments were introduced within the vehicular domain, evolving the vehicles to become a network of many embedded systems distributed throughout the car, known as Electronic Control Units (ECUs). Each one of these ECUs runs a number of software components that collaborate with each other to perform various vehicle functions. Modern vehicles are also equipped with wireless communication technologies, such as WiFi, Bluetooth, and so on, giving them the capability to interact with other vehicles and roadside infrastructure. While these improvements have increased the safety of the automotive system, they have vastly expanded the attack surface of the vehicle and opened the door for new potential security risks. The situation is made worse by a lack of security mechanisms in the vehicular system which allows the escalation of a compromise in one of the non-critical sub-systems to threaten the safety of the entire vehicle and its passengers. This dissertation focuses on providing a comprehensive framework that ensures the security of the vehicular system during its whole life-cycle. This framework aims to prevent the cyber-attacks against different components by ensuring secure communications among them. Furthermore, it aims to detect attacks which were not prevented successfully, and finally, to respond to these attacks properly to ensure a high degree of safety and stability of the system.In den letzten Jahren wurden bedeutende Entwicklungen im Bereich der Fahrzeuge vorgestellt, die die Fahrzeuge zu einem Netzwerk mit vielen im gesamten Fahrzeug verteile integrierte Systeme weiterentwickelten, den sogenannten Steuergeräten (ECU, englisch = Electronic Control Units). Jedes dieser Steuergeräte betreibt eine Reihe von Softwarekomponenten, die bei der Ausführung verschiedener Fahrzeugfunktionen zusammenarbeiten. Moderne Fahrzeuge sind auch mit drahtlosen Kommunikationstechnologien wie WiFi, Bluetooth usw. ausgestattet, die ihnen die Möglichkeit geben, mit anderen Fahrzeugen und der straßenseitigen Infrastruktur zu interagieren. Während diese Verbesserungen die Sicherheit des Fahrzeugsystems erhöht haben, haben sie die Angriffsfläche des Fahrzeugs erheblich vergrößert und die Tür für neue potenzielle Sicherheitsrisiken geöffnet. Die Situation wird durch einen Mangel an Sicherheitsmechanismen im Fahrzeugsystem verschärft, die es ermöglichen, dass ein Kompromiss in einem der unkritischen Subsysteme die Sicherheit des gesamten Fahrzeugs und seiner Insassen gefährdet kann. Diese Dissertation konzentriert sich auf die Entwicklung eines umfassenden Rahmens, der die Sicherheit des Fahrzeugsystems während seines gesamten Lebenszyklus gewährleistet. Dieser Rahmen zielt darauf ab, die Cyber-Angriffe gegen verschiedene Komponenten zu verhindern, indem eine sichere Kommunikation zwischen ihnen gewährleistet wird. Darüber hinaus zielt es darauf ab, Angriffe zu erkennen, die nicht erfolgreich verhindert wurden, und schließlich auf diese Angriffe angemessen zu reagieren, um ein hohes Maß an Sicherheit und Stabilität des Systems zu gewährleisten