8,133 research outputs found
Restart-Based Fault-Tolerance: System Design and Schedulability Analysis
Embedded systems in safety-critical environments are continuously required to
deliver more performance and functionality, while expected to provide verified
safety guarantees. Nonetheless, platform-wide software verification (required
for safety) is often expensive. Therefore, design methods that enable
utilization of components such as real-time operating systems (RTOS), without
requiring their correctness to guarantee safety, is necessary.
In this paper, we propose a design approach to deploy safe-by-design embedded
systems. To attain this goal, we rely on a small core of verified software to
handle faults in applications and RTOS and recover from them while ensuring
that timing constraints of safety-critical tasks are always satisfied. Faults
are detected by monitoring the application timing and fault-recovery is
achieved via full platform restart and software reload, enabled by the short
restart time of embedded systems. Schedulability analysis is used to ensure
that the timing constraints of critical plant control tasks are always
satisfied in spite of faults and consequent restarts. We derive schedulability
results for four restart-tolerant task models. We use a simulator to evaluate
and compare the performance of the considered scheduling models
Software Defined Networks based Smart Grid Communication: A Comprehensive Survey
The current power grid is no longer a feasible solution due to
ever-increasing user demand of electricity, old infrastructure, and reliability
issues and thus require transformation to a better grid a.k.a., smart grid
(SG). The key features that distinguish SG from the conventional electrical
power grid are its capability to perform two-way communication, demand side
management, and real time pricing. Despite all these advantages that SG will
bring, there are certain issues which are specific to SG communication system.
For instance, network management of current SG systems is complex, time
consuming, and done manually. Moreover, SG communication (SGC) system is built
on different vendor specific devices and protocols. Therefore, the current SG
systems are not protocol independent, thus leading to interoperability issue.
Software defined network (SDN) has been proposed to monitor and manage the
communication networks globally. This article serves as a comprehensive survey
on SDN-based SGC. In this article, we first discuss taxonomy of advantages of
SDNbased SGC.We then discuss SDN-based SGC architectures, along with case
studies. Our article provides an in-depth discussion on routing schemes for
SDN-based SGC. We also provide detailed survey of security and privacy schemes
applied to SDN-based SGC. We furthermore present challenges, open issues, and
future research directions related to SDN-based SGC.Comment: Accepte
Data-driven resiliency assessment of medical cyber-physical systems
Advances in computing, networking, and sensing technologies have resulted in the ubiquitous deployment of medical cyber-physical systems in various clinical and personalized settings. The increasing complexity and connectivity of such systems, the tight coupling between their cyber and physical components, and the inevitable involvement of human operators in supervision and control have introduced major challenges in ensuring system reliability, safety, and security.
This dissertation takes a data-driven approach to resiliency assessment of medical cyber-physical systems. Driven by large-scale studies of real safety incidents involving medical devices, we develop techniques and tools for (i) deeper understanding of incident causes and measurement of their impacts, (ii) validation of system safety mechanisms in the presence of realistic hazard scenarios, and (iii) preemptive real-time detection of safety hazards to mitigate adverse impacts on patients.
We present a framework for automated analysis of structured and unstructured data from public FDA databases on medical device recalls and adverse events. This framework allows characterization of the safety issues originated from computer failures in terms of fault classes, failure modes, and recovery actions. We develop an approach for constructing ontology models that enable automated extraction of safety-related features from unstructured text. The proposed ontology model is defined based on device-specific human-in-the-loop control structures in order to facilitate the systems-theoretic causality analysis of adverse events. Our large-scale analysis of FDA data shows that medical devices are often recalled because of failure to identify all potential safety hazards, use of safety mechanisms that have not been rigorously validated, and limited capability in real-time detection and automated mitigation of hazards.
To address those problems, we develop a safety hazard injection framework for experimental validation of safety mechanisms in the presence of accidental failures and malicious attacks. To reduce the test space for safety validation, this framework uses systems-theoretic accident causality models in order to identify the critical locations within the system to target software fault injection.
For mitigation of safety hazards at run time, we present a model-based analysis framework that estimates the consequences of control commands sent from the software to the physical system through real-time computation of the system’s dynamics, and preemptively detects if a command is unsafe before its adverse consequences manifest in the physical system.
The proposed techniques are evaluated on a real-world cyber-physical system for robot-assisted minimally invasive surgery and are shown to be more effective than existing methods in identifying system vulnerabilities and deficiencies in safety mechanisms as well as in preemptive detection of safety hazards caused by malicious attacks
A Fault-Tolerant Emergency-Aware Access Control Scheme for Cyber-Physical Systems
Access control is an issue of paramount importance in cyber-physical systems
(CPS). In this paper, an access control scheme, namely FEAC, is presented for
CPS. FEAC can not only provide the ability to control access to data in normal
situations, but also adaptively assign emergency-role and permissions to
specific subjects and inform subjects without explicit access requests to
handle emergency situations in a proactive manner. In FEAC, emergency-group and
emergency-dependency are introduced. Emergencies are processed in sequence
within the group and in parallel among groups. A priority and dependency model
called PD-AGM is used to select optimal response-action execution path aiming
to eliminate all emergencies that occurred within the system. Fault-tolerant
access control polices are used to address failure in emergency management. A
case study of the hospital medical care application shows the effectiveness of
FEAC
- …