Evaluating Resilience of Cyber-Physical-Social Systems

Nowadays, protecting the network is not the only security concern. Still, in cyber security, websites and servers are becoming more popular as targets due to the ease with which they can be accessed when compared to communication networks. Another threat in cyber physical social systems with human interactions is that they can be attacked and manipulated not only by technical hacking through networks, but also by manipulating people and stealing users’ credentials. Therefore, systems should be evaluated beyond cy- ber security, which means measuring their resilience as a piece of evidence that a system works properly under cyber-attacks or incidents. In that way, cyber resilience is increas- ingly discussed and described as the capacity of a system to maintain state awareness for detecting cyber-attacks. All the tasks for making a system resilient should proactively maintain a safe level of operational normalcy through rapid system reconfiguration to detect attacks that would impact system performance. In this work, we broadly studied a new paradigm of cyber physical social systems and defined a uniform definition of it. To overcome the complexity of evaluating cyber resilience, especially in these inhomo- geneous systems, we proposed a framework including applying Attack Tree refinements and Hierarchical Timed Coloured Petri Nets to model intruder and defender behaviors and evaluate the impact of each action on the behavior and performance of the system.Hoje em dia, proteger a rede não é a única preocupação de segurança. Ainda assim, na segurança cibernética, sites e servidores estão se tornando mais populares como alvos devido à facilidade com que podem ser acessados quando comparados às redes de comu- nicação. Outra ameaça em sistemas sociais ciberfisicos com interações humanas é que eles podem ser atacados e manipulados não apenas por hackers técnicos através de redes, mas também pela manipulação de pessoas e roubo de credenciais de utilizadores. Portanto, os sistemas devem ser avaliados para além da segurança cibernética, o que significa medir sua resiliência como uma evidência de que um sistema funciona adequadamente sob ataques ou incidentes cibernéticos. Dessa forma, a resiliência cibernética é cada vez mais discutida e descrita como a capacidade de um sistema manter a consciência do estado para detectar ataques cibernéticos. Todas as tarefas para tornar um sistema resiliente devem manter proativamente um nível seguro de normalidade operacional por meio da reconfi- guração rápida do sistema para detectar ataques que afetariam o desempenho do sistema. Neste trabalho, um novo paradigma de sistemas sociais ciberfisicos é amplamente estu- dado e uma definição uniforme é proposta. Para superar a complexidade de avaliar a resiliência cibernética, especialmente nesses sistemas não homogéneos, é proposta uma estrutura que inclui a aplicação de refinamentos de Árvores de Ataque e Redes de Petri Coloridas Temporizadas Hierárquicas para modelar comportamentos de invasores e de- fensores e avaliar o impacto de cada ação no comportamento e desempenho do sistema

A SysML profile for smart city applications

A smart city is an urban center that integrates a variety of solutions to enhance infrastructure performance and achieve sustainable urban development. Urban roads are a critical infrastructure highly demanded by citizens and organizations interested in their deployment, performance, and safety. Urban traffic signal control is a major and challenging problem in the real world, which aims to monitor and enhance traffic congestion. Therefore, the deployment of traffic signals for vehicles or pedestrians at a junction is a complex activity, as it is necessary to establish rules to control the flow of vehicles and pedestrians. Also, traffic flow at intersections changes constantly, depending on weather conditions, day of the week, and period of the year, as well as road works and accidents that further influence complexity and performance. This thesis first describes SmartCitySysML, a proposed profile that adapts SysML with special elements that are specific to smart cities. In addition, an extension of the SmartCitySysML profile to the design of the dimensions of smart cities is proposed. Finally, integration of models is performed, that is, the integration of the SmartCitySysML profile with Petri Net to separately model the basic architectural elements (sensor, controller, and actuator) of an urban traffic control system as sub-models to describe the behavior of each element, and the integration of the SmartCitySysML profile with Timed Coloured Petri Nets (TCPN) for modeling, simulation, and verification of properties of an urban traffic signal control system. CPN tools allow the evaluation of the model behavior through simulation and property verification and perform a simulation-based performance. Model simulation allows observing the behavior of the system under conditions that would be difficult to organize in a truly controlled environment. Consequently, a preliminary evaluation can be performed in the early stages of system development, significantly reducing costs of improvements and increasing quality of the final product.Coordenação de Aperfeiçoamento de Pessoal de Nível Superior - CAPESUma cidade inteligente é um centro urbano que integra uma variedade de soluções para melhorar o desempenho da infraestrutura e alcançar um desenvolvimento urbano sustentável. As estradas urbanas são uma infraestrutura crucial altamente exigida pelos cidadãos e organizações interessadas em sua implantação, desempenho e segurança. O controle de sinais de trânsito urbano é um problema importante e desafiador no mundo real, que visa monitorar e melhorar o congestionamento de trânsito. Portanto, a implantação de semáforos para veículos ou pedestres em um cruzamento é uma atividade complexa, pois é necessário estabelecer regras para controlar o fluxo de veículos e pedestres. O fluxo de tráfego no cruzamento muda constantemente, dependendo das condições climáticas, dia da semana e período do ano, assim como obras e acidentes rodoviários que influenciam ainda mais a complexidade e o desempenho. Esta dissertação descreve primeiro o SmartCitySysML, um perfil proposto que adapta a SysML com elementos especiais que são específicos para cidades inteligentes. Depois, é elaborada uma extensão do perfil SmartCitySysML para o design das dimensões das cidades inteligentes. Em seguida, é realizada a integração de modelos, ou seja, a integração do perfil SmartCitySysML com Redes de Petri para modelar separadamente os elementos arquiteturais básicos (sensor, controlador e atuador) de um sistema de controle de tráfego urbano como sub-modelos para demonstrar o comportamento de cada elemento, e a integração do perfil SmartCitySysML com Redes de Petri Colorida Temporizada (TCPN) para modelagem, simulação e verificação de propriedades do sistema de controle de sinais de trânsito urbano. As ferramentas CPN permitem avaliar o comportamento do modelo por meio de simulação e verificação de propriedades e realizar um desempenho baseado em simulação. A simulação de modelos permite observar o comportamento do sistema sob condições que seriam difíceis de organizar em um ambiente realmente controlado. Consequentemente, uma avaliação preliminar pode ser realizada nos estágios iniciais de desenvolvimento do sistema, reduzindo significativamente os custos de melhorias e aumentando a qualidade do produto final.São Cristóvão, S

An Intelligent Transportation System to control air pollution and road traffic in cities ntegrating CEP and Colored Petri Nets

Air pollution generated by road traffic in large cities is a great concern in today’s society since pollution has an important impact on human health, even causing premature deaths. To address the problem, this paper presents an Intelligent Transportation System model based on Complex Event Processing technology and Colored Petri Nets (CPNs). It takes into consideration the levels of environmental pollution and road traffic, according to the air quality levels accepted by the international recommendations as well as the handbook emission factors for road transport methodology. This proposal, therefore, tackles a common problem in today’s large cities, where traffic restrictions must be applied due to environmental pollution. CPNs are used in this work as a tool to make decisions about traffic regulations, so as to reduce pollution levels

Petri Nets Models for Analysis and Control of Public Bicycle-Sharing Systems

International audienc

Survivability modeling for cyber-physical systems subject to data corruption

Cyber-physical critical infrastructures are created when traditional physical infrastructure is supplemented with advanced monitoring, control, computing, and communication capability. More intelligent decision support and improved efficacy, dependability, and security are expected. Quantitative models and evaluation methods are required for determining the extent to which a cyber-physical infrastructure improves on its physical predecessors. It is essential that these models reflect both cyber and physical aspects of operation and failure. In this dissertation, we propose quantitative models for dependability attributes, in particular, survivability, of cyber-physical systems. Any malfunction or security breach, whether cyber or physical, that causes the system operation to depart from specifications will affect these dependability attributes. Our focus is on data corruption, which compromises decision support -- the fundamental role played by cyber infrastructure. The first research contribution of this work is a Petri net model for information exchange in cyber-physical systems, which facilitates i) evaluation of the extent of data corruption at a given time, and ii) illuminates the service degradation caused by propagation of corrupt data through the cyber infrastructure. In the second research contribution, we propose metrics and an evaluation method for survivability, which captures the extent of functionality retained by a system after a disruptive event. We illustrate the application of our methods through case studies on smart grids, intelligent water distribution networks, and intelligent transportation systems. Data, cyber infrastructure, and intelligent control are part and parcel of nearly every critical infrastructure that underpins daily life in developed countries. Our work provides means for quantifying and predicting the service degradation caused when cyber infrastructure fails to serve its intended purpose. It can also serve as the foundation for efforts to fortify critical systems and mitigate inevitable failures --Abstract, page iii

Second Workshop on Modelling of Objects, Components and Agents

This report contains the proceedings of the workshop Modelling of Objects, Components, and Agents (MOCA'02), August 26-27, 2002.The workshop is organized by the 'Coloured Petri Net' Group at the University of Aarhus, Denmark and the 'Theoretical Foundations of Computer Science' Group at the University of Hamburg, Germany. The homepage of the workshop is: http://www.daimi.au.dk/CPnets/workshop02