Assisted coverage closure

Malfunction of safety-critical systems may cause damage to people and the environment. Software within those systems is rigorously designed and verified according to domain specific guidance, such as ISO26262 for automotive safety. This paper describes academic and industrial co-operation in tool development to support one of the most stringent of the requirements --- achieving full code coverage in requirements-driven testing. We present a verification workflow supported by a tool that integrates the coverage measurement tool RapiCover with the test-vector generator FShell. The tool assists closing the coverage gap by providing the engineer with test vectors that help in debugging coverage-related code quality issues and creating new test cases, as well as justifying the presence of unreachable parts of the code in order to finally achieve full effective coverage according to the required criteria. We illustrate the tool's practical utility on automotive industry benchmarks. It generates 8 times more MC/DC coverage than random search

C-FLAT: Control-FLow ATtestation for Embedded Systems Software

Remote attestation is a crucial security service particularly relevant to increasingly popular IoT (and other embedded) devices. It allows a trusted party (verifier) to learn the state of a remote, and potentially malware-infected, device (prover). Most existing approaches are static in nature and only check whether benign software is initially loaded on the prover. However, they are vulnerable to run-time attacks that hijack the application's control or data flow, e.g., via return-oriented programming or data-oriented exploits. As a concrete step towards more comprehensive run-time remote attestation, we present the design and implementation of Control- FLow ATtestation (C-FLAT) that enables remote attestation of an application's control-flow path, without requiring the source code. We describe a full prototype implementation of C-FLAT on Raspberry Pi using its ARM TrustZone hardware security extensions. We evaluate C-FLAT's performance using a real-world embedded (cyber-physical) application, and demonstrate its efficacy against control-flow hijacking attacks.Comment: Extended version of article to appear in CCS '16 Proceedings of the 23rd ACM Conference on Computer and Communications Securit

A survey on online monitoring approaches of computer-based systems

This report surveys forms of online data collection that are in current use (as well as being the subject of research to adapt them to changing technology and demands), and can be used as inputs to assessment of dependability and resilience, although they are not primarily meant for this use

AutoPlug: An Automotive Test-bed for Electronic Controller Unit Testing and Verification

In 2010, over 20.3 million vehicles were recalled. Software issues related to automotive controls such as cruise control, anti-lock braking system, traction control and stability control, account for an increasingly large percentage of the overall vehicles recalled. There is a need for new and scalable methods to evaluate automotive controls in a realistic and open setting. We have developed AutoPlug, an automotive Electronic Controller Unit (ECU) test-bed to diagnose, test, update and verify controls software. AutoPlug consists of multiple ECUs interconnected by a CAN bus, a race car driving simulator which behaves as the plant model and a vehicle controls monitor in Matlab. As the ECUs drive the simulated vehicle, the physicsbased simulation provides feedback to the controllers in terms of acceleration, yaw, friction and vehicle stability. This closedloop platform is then used to evaluate multiple vehicle control software modules such as traction, stability and cruise control. With this test-bed we highlight approaches for runtime ECU software diagnosis and testing of the stability and performance of the vehicle. Code updates can be executed via a smart phone so drivers may remotely “patch” their vehicle. This closedloop automotive control test-bed allows the automotive research community to explore the capabilities and challenges of safe and secure remote code updates for vehicle recalls management

European White Book on Real-Time Power Hardware in the Loop Testing : DERlab Report No. R- 005.0

The European White Book on Real-Time-Powerhardware-in-the-Loop testing is intended to serve as a reference document on the future of testing of electrical power equipment, with specifi c focus on the emerging hardware-in-the-loop activities and application thereof within testing facilities and procedures. It will provide an outlook of how this powerful tool can be utilised to support the development, testing and validation of specifi cally DER equipment. It aims to report on international experience gained thus far and provides case studies on developments and specifi c technical issues, such as the hardware/software interface. This white book compliments the already existing series of DERlab European white books, covering topics such as grid-inverters and grid-connected storag

A Survey of Current Rotorcraft Propulsion Health Monitoring Technologies

A brief review is presented on the state-of-the-art in rotorcraft engine health monitoring technologies including summaries on current practices in the area of sensors, data acquisition, monitoring and analysis. Also, presented are guidelines for verification and validation of Health Usage Monitoring System (HUMS) and specifically for maintenance credits to extend part life. Finally, a number of new efforts in HUMS are summarized as well as lessons learned and future challenges. In particular, gaps are identified to supporting maintenance credits to extend rotorcraft engine part life. A number of data sources were consulted and include results from a survey from the HUMS community, Society of Automotive Engineers (SAE) documents, American Helicopter Society (AHS) papers, as well as references from Defence Science & Technology Organization (DSTO), Civil Aviation Authority (CAA), and Federal Aviation Administration (FAA)