Fault detection and isolation in critical infrastructure systems

Critical infrastructure systems (CIS) are complex large-scale systems which in turn require highly sophisticated supervisory control systems to ensure that high performance can be achieved and maintained under adverse conditions. The global CIS Real-Time Control (RTC) need of operating in adverse conditions involves, with a high probability, sensor and actuator malfunctions (faults). This problem calls for the use of an on-line Fault Detection and Isolation (FDI) system able to detect such faults. This paper proposes a FDI mechanism that extends the classical Boolean fault signature matrix concept taking into account several fault signal properties to isolate faults in CIS. To exemplify the proposed FDI scheme in CIS, the Barcelona drinking water network is used as a case study.Preprin

“Why can’t I do that?”: tracing adaptive security decisions

One of the challenges of any adaptive system is to ensure that users can understand how and why the behaviour of the system changes at runtime. This is particularly important for adaptive security behaviours which are essential for applications that are used in many different contexts, such as those hosted in the cloud. In this paper, we propose an approach for using traceability information, enriched with causality relations and contextual attributes of the deployment environment, when providing feedback to the users. We demonstrate, using a cloud storage-as-a-service environment, how our approach provides users of cloud applications better information, explanations and assurances about the security decisions made by the system. This enables the user to understand why a certain security adaptation has occurred, how the adaptation is related to current context of use of the application, and a guarantee that the application still satisfies its security requirements after an adaptation

Software faults Diagnosis in complex OTS based safety critical systems

This work addresses the problem of software fault diagnosis in complex safety critical software systems. The transient manifestations of software faults represent a challenging issue since they hamper a complete knowledge of the system fault model at design/development time. By taking into account existing diagnosis techniques, the paper proposes a novel diagnosis approach, which combines the detection and location processes. More specifically, detection and location modules have been designed to deal with partial knowledge about the system fault model. To this aim, they are tuned during system execution in order to improve diagnosis during system lifetime. A diagnosis engine has been realized to diagnose software faults in a real world middleware platform for safety critical applications. Preliminary experimental campaigns have been conducted to evaluate the proposed approach