Beyond the golden run : evaluating the use of reference run models in fault injection analysis

Fault injection (FI) has been shown to be an effective approach to assess- ing the dependability of software systems. To determine the impact of faults injected during FI, a given oracle is needed. This oracle can take a variety of forms, however prominent oracles include (i) specifications, (ii) error detection mechanisms and (iii) golden runs. Focusing on golden runs, in this paper we show that there are classes of software which a golden run based approach can not be used to analyse. Specifically we demonstrate that a golden run based approach can not be used when analysing systems which employ a main control loop with an irregular period. Further, we show how a simple model, which has been refined using FI, can be employed as an oracle in the analysis of such a system

An automated wrapper-based approach to the design of dependable software

The design of dependable software systems invariably comprises two main activities: (i) the design of dependability mechanisms, and (ii) the location of dependability mechanisms. It has been shown that these activities are intrinsically difficult. In this paper we propose an automated wrapper-based methodology to circumvent the problems associated with the design and location of dependability mechanisms. To achieve this we replicate important variables so that they can be used as part of standard, efficient dependability mechanisms. These well-understood mechanisms are then deployed in all relevant locations. To validate the proposed methodology we apply it to three complex software systems, evaluating the dependability enhancement and execution overhead in each case. The results generated demonstrate that the system failure rate of a wrapped software system can be several orders of magnitude lower than that of an unwrapped equivalent

On the tradeoff between privacy and energy in wireless sensor networks

Source location privacy is becoming an increasingly important property of some wireless sensor network applica- tions. The fake source technique has been proposed as an approach for handling the source location privacy problem in these situations. However, whilst the efficiency of the fake source techniques is well documented, there are several factors that limit the usefulness of current results: (i) the assumption that fake sources are known a priori, (ii) the selection of fake sources based on an prohibitively expensive pre-configuration phase and (iii) the lack of a commonly adopted attacker model. In this paper we address these limitations by investigating the efficiency of the fake source technique with respect to possible implementations, configurations and extensions that do not require a pre-configuration phase or a priori knowledge of fake sources. The results presented demonstrate that one possible implementation, in presence of a single attacker, can lead to a decrease in capture ratio of up to 60% when compared with a flooding baseline. In the presence of multiple attackers, the same implementation yields only a 30% decrease in capture ratio with respect to the same baseline. To address this problem we investigate a hybrid technique, known as phantom routing with fake sources, which achieves a corresponding 50% reduction in capture ratio

Optimisation of solvolysis for recycling carbon fibre reinforced composites

Solvolysis processes have been used to degrade the resin of two different varieties of epoxy based carbon fibre reinforced composite (CFRC) materials. A degradation of up to 98% has been achieved when processing material at a temperature of 320 °C using a supercritical solvent mixture of acetone and water. Increasing the processing time from 1 to 2 hours shows an increase in the degradation of only 10% and there does not appear to be any benefit in processing the material beyond this time. Due to the batch conditions used, it is necessary to rinse the fibres with acetone after processing to remove remaining organic residue. Washing the fibres at supercritical batch conditions, however, does not efficiently remove the residue compared to a simple hand washing with acetone. Shredding the sample prior to processing also does not have a significant effect. The process investigated requires 19 MJ.kg-1 of fibres recovered and, since the process has not yet been optimised, shows strong potential for future development especially since it allows for the recovery and reuse of organic resinous products

On basis variables for efficient error detection

The development of dependable software invariably entails the design and location of error detection mechanisms. This software artefact type captures predicates over program variables in order to facilitate error detection. To ease the design of detectors, it is important to have (i) knowledge of the set of variables to be included in a predicate and (ii) an understanding of the structure of the predicate. In this paper, we address these problems by relating a previously defined software metric to the variables that feature in efficient error detection predicates. Specifically, based on fault injection analysis of three software systems, we show that error detection predicates based on the 25% most important variables in a software module provide a similar level efficiency to those predicates that are based on all variables and variables with high importance value appear at lower depths in the generated decision tree, thus implying that these variables provide the most information with regard to system failure and, hence, should be protected to provide proper software function. The implication of these results is that, in order to develop efficient error detection predicates, it is sufficient to only have knowledge of a basis set of important variables, simplifying the design of efficient detectors

A dynamic fake source algorithm for source location privacy in wireless sensor networks

Wireless sensor networks (WSNs) are commonly used in asset monitoring applications, where it is often desirable for the location of the asset being monitored to be kept private. The source location privacy (SLP) problem involves protecting the location of a WSN source node from an attacker who is attempting to locate it. Among the most promising approaches to the SLP problem is the use of fake sources, with much existing research demonstrating their efficacy. Despite the effectiveness of the approach, the most effective algorithms providing SLP require network and situational knowledge that makes their deployment impractical in many contexts. In this paper, we develop a novel dynamic fake sources-based algorithm for SLP. We show that the algorithm provides state-of-the-art levels of location privacy under practical operational assumptions

A methodology for the generation of efficient error detection mechanisms

A dependable software system must contain error detection mechanisms and error recovery mechanisms. Software components for the detection of errors are typically designed based on a system specification or the experience of software engineers, with their efficiency typically being measured using fault injection and metrics such as coverage and latency. In this paper, we introduce a methodology for the design of highly efficient error detection mechanisms. The proposed methodology combines fault injection analysis and data mining techniques in order to generate predicates for efficient error detection mechanisms. The results presented demonstrate the viability of the methodology as an approach for the development of efficient error detection mechanisms, as the predicates generated yield a true positive rate of almost 100% and a false positive rate very close to 0% for the detection of failure-inducing states. The main advantage of the proposed methodology over current state-of-the-art approaches is that efficient detectors are obtained by design, rather than by using specification-based detector design or the experience of software engineers

Towards understanding source location privacy in wireless sensor networks through fake sources

Source location privacy is becoming an increasingly important property in wireless sensor network applications, such as asset monitoring. The original source location problem is to protect the location of a source in a wireless sensor network from a single distributed eavesdropper attack. Several techniques have been proposed to address the source location problem, where most of these apply some form of traffic analysis and engineering to provide enhanced privacy. One such technique, namely fake sources, has proved to be promising for providing source location privacy. Recent research has concentrated on investigating the efficiency of fake source approaches under various attacker models. In this paper, we (i) provide a novel formalisation of the source location privacy problem, (ii) prove the source location privacy problem to be NP-complete, and (iii) provide a heuristic that yields an optimal level of privacy under appropriate parameterisation. Crucially, the results presented show that fake sources can provide a high, sometimes optimal, level of privacy

Towards the design of efficient error detection mechanisms

The pervasive nature of modern computer systems has led to an increase in our reliance on such systems to provide correct and timely services. Moreover, as the functionality of computer systems is being increasingly defined in software, it is imperative that software be dependable. It has previously been shown that a fault intolerant software system can be made fault tolerant through the design and deployment of software mechanisms implementing abstract artefacts known as error detection mechanisms (EDMs) and error recovery mechanisms (ERMs), hence the design of these components is central to the design of dependable software systems. The EDM design problem, which relates to the construction of a boolean predicate over a set of program variables, is inherently difficult, with current approaches relying on system specifications and the experience of software engineers. As this process necessarily entails the identification and incorporation of program variables by an error detection predicate, this thesis seeks to address the EDM design problem from a novel variable-centric perspective, with the research presented supporting the thesis that, where it exists under the assumed system model, an efficient EDM consists of a set of critical variables. In particular, this research proposes (i) a metric suite that can be used to generate a relative ranking of the program variables in a software with respect to their criticality, (ii) a systematic approach for the generation of highly-efficient error detection predicates for EDMs, and (iii) an approach for dependability enhancement based on the protection of critical variables using software wrappers that implement error detection and correction predicates that are known to be efficient. This research substantiates the thesis that an efficient EDM contains a set of critical variables on the basis that (i) the proposed metric suite is able, through application of an appropriate threshold, to identify critical variables, (ii) efficient EDMs can be constructed based only on the critical variables identified by the metric suite, and (iii) the criticality of the identified variables can be shown to extend across a software module such that an efficient EDM designed for that software module should seek to determine the correctness of the identified variables

Assessing the performance of phantom routing on source location privacy in wireless sensor networks

As wireless sensor networks (WSNs) have been applied across a spectrum of application domains, the problem of source location privacy (SLP) has emerged as a significant issue, particularly in safety-critical situations. In seminal work on SLP, phantom routing was proposed as an approach to addressing the issue. However, results presented in support of phantom routing have not included considerations for practical network configurations, omitting simulations and analyses with larger network sizes. This paper addresses this shortcoming by conducting an in-depth investigation of phantom routing under various network configurations. The results presented demonstrate that previous work in phantom routing does not generalise well to different network configurations. Specifically, under certain configurations, it is shown that the afforded SLP is reduced by a factor of up to 75