A Topological-Based Method for Allocating Sensors by Using CSP Techniques

Model-based diagnosis enables isolation of faults of a system. The diagnosis process uses a set of sensors (observations) and a model of the system in order to explain a wrong behaviour. In this work, a new approach is proposed with the aim of improving the computational complexity for isolating faults in a system. The key idea is the addition of a set of new sensors which allows the improvement of the diagnosability of the system. The methodology is based on constraint programming and a greedy method for improving the computational complexity of the CSP resolution. Our approach maintains the requirements of the user (detectability, diagnosability,. . .).Ministerio de Ciencia y Tecnología DPI2003-07146-C02-0

An Integration of FDI and DX Techniques for Determining the Minimal Diagnosis in an Automatic Way

Two communities work in parallel in model-based diagnosis: FDI and DX. In this work an integration of the FDI and the DX communities is proposed. Only relevant information for the identification of the minimal diagnosis is used. In the first step, the system is divided into clusters of components, and each cluster is separated into nodes. The minimal and necessary set of contexts is then obtained for each cluster. These two steps automatically reduce the computational complexity since only the essential contexts are generated. In the last step, a signature matrix and a set of rules are used in order to obtain the minimal diagnosis. The evaluation of the signature matrix is on-line, the rest of the process is totally off-line.Ministerio de Ciencia y Tecnología DPI2003-07146-C02-0

Diagnosing Errors in DbC Programs Using Constraint Programming

Model-Based Diagnosis allows to determine why a correctly designed system does not work as it was expected. In this paper, we propose a methodology for software diagnosis which is based on the combination of Design by Contract, Model-Based Diagnosis and Constraint Programming. The contracts are specified by assertions embedded in the source code. These assertions and an abstraction of the source code are transformed into constraints, in order to obtain the model of the system. Afterwards, a goal function is created for detecting which assertions or source code statements are incorrect. The application of this methodology is automatic and is based on Constraint Programming techniques. The originality of this work stems from the transformation of contracts and source code into constraints, in order to determine which assertions and source code statements are not consistent with the specification.Ministerio de Ciencia y Tecnología DPI2003-07146-C02-0

Developing a labelled object-relational constraint database architecture for the projection operator

Current relational databases have been developed in order to improve the handling of stored data, however, there are some types of information that have to be analysed for which no suitable tools are available. These new types of data can be represented and treated as constraints, allowing a set of data to be represented through equations, inequations and Boolean combinations of both. To this end, constraint databases were defined and some prototypes were developed. Since there are aspects that can be improved, we propose a new architecture called labelled object-relational constraint database (LORCDB). This provides more expressiveness, since the database is adapted in order to support more types of data, instead of the data having to be adapted to the database. In this paper, the projection operator of SQL is extended so that it works with linear and polynomial constraints and variables of constraints. In order to optimize query evaluation efficiency, some strategies and algorithms have been used to obtain an efficient query plan. Most work on constraint databases uses spatiotemporal data as case studies. However, this paper proposes model-based diagnosis since it is a highly potential research area, and model-based diagnosis permits more complicated queries than spatiotemporal examples. Our architecture permits the queries over constraints to be defined over different sets of variables by using symbolic substitution and elimination of variables.Ministerio de Ciencia y Tecnología DPI2006-15476-C02-0

Applying Constraint Databases in the Determination of Potential Minimal Conflicts to Polynomial Model-Based Diagnosis

Model-based Diagnosis allows the identification of the parts which fail in a system. The models are based on the knowledge of the system to diagnose, and may be represented by constraints associated to the components. The variables of these constraints can be observable or non-observable, depending on the situation of the sensors. In order to obtain the potential minimal diagnosis in a system, an important issue is related to finding out the potential minimal conflicts in an efficient way. We consider that Constraint Databases represent an excellent option in order to solve this problem in complex systems. In this work we have used a novel logical architecture of Constraint Databases which has allowed obtaining these potential conflicts by means of the corresponding queries. Moreover, we have considered Gröbner Bases as a projection operator to obtain the potential minimal conflicts of a system. The first results obtained on this work, which are shown in a heat exchangers example, have been very promising.Ministerio de Ciencia y Tecnología DPI2003-07146-C02-0

NMUS: Structural Analysis for Improving the Derivation of All MUSes in Overconstrained Numeric CSPs

Models are used in science and engineering for experimentation, analysis, model-based diagnosis, design and planning/sheduling applications. Many of these models are overconstrained Numeric Constraint Satisfaction Problems (NCSP), where the numeric constraints could have linear or polynomial relations. In practical scenarios, it is very useful to know which parts of the overconstrained NCSP instances cause the unsolvability. Although there are algorithms to find all optimal solutions for this problem, they are computationally expensive, and hence may not be applicable to large and real-world problems. Our objective is to improve the performance of these algorithms for numeric domains using structural analysis. We provide experimental results showing that the use of the different strategies proposed leads to a substantially improved performance and it facilitates the application of solving larger and more realistic problems.Ministerio de Educación y Ciencia DIP2006-15476-C02-0

Constraint satisfaction techniques for diagnosing errors in Design by Contract software

Design by Contract enables the development of more reliable and robust software applications. In this paper, a methodology that diagnoses errors in software is proposed. This is based on the combination of Design by Contract, Modelbased Diagnosis and Constraint Programming. Contracts are specified by using assertions. These assertions together with an abstraction of the source code are transformed into constraints. The methodology detects if the contracts are consistent, and if there are incompatibilities between contracts and source code. The process is automatic and is based on constraint programming.Ministerio de Ciencia y Tecnología DPI2003-07146-C02-0

A heuristic polynomial algorithm for local inconsistency diagnosis in firewall rule sets

Firewall ACLs can contain inconsistencies. There is an inconsistency if different actions can be taken on the same flow of traffic, depending on the ordering of the rules. Inconsistent rules should be notified to the system administrator in order to remove them. Minimal diagnosis and characterization of inconsistencies is a combinatorial problem. Although many algorithms have been proposed to solve this problem, all reviewed ones work with the full ACL with no approximate heuristics, giving minimal and complete results, but making the problem intractable for large, real-life ACLs. In this paper we take a different approach. First, we deeply analyze the inconsistency diagnosis in firewall ACLs problem, and propose to split the process in several parts that can be solved sequentially: inconsistency detection, inconsistent rules identification, and inconsistency characterization. We present polynomial heuristic algorithms for the first two parts of the problem: detection and identification (diagnosis) of inconsistent rules. The algorithms return several independent clusters of inconsistent rules that can be characterized against a fault taxonomy. These clusters contains all inconsistent rules of the ACL (algorithms are complete), but the algorithms not necessarily give the minimum number of clusters. The main advantage of the proposed heuristic diagnosis process is that optimal characterization can be now applied to several smaller problems (the result of the diagnosis process) rather than to the whole ACL, resulting in an effective computational complexity reduction at the cost of not having the minimal diagnosis. Experimental results with real ACLs are given.Ministerio de Educación y Ciencia DPI2006-15476-C02-0

Model-Based Development of firewall rule sets: Diagnosing model inconsistencies

The design and management of firewall rule sets is a very difficult and error-prone task because of the difficulty of translating access control requirements into complex low-level firewall languages. Although high-level languages have been proposed to model firewall access control lists, none has been widely adopted by the industry. We think that the main reason is that their complexity is close to that of many existing low-level languages. In addition, none of the high-level languages that automatically generate firewall rule sets verifies the model prior to the code-generation phase. Error correction in the early stages of the development process is cheaper compared to the cost associated with correcting errors in the production phase. In addition, errors generated in the production phase usually have a huge impact on the reliability and robustness of the generated code and final system. In this paper, we propose the application of the ideas of Model-Based Development to firewall access control list modelling and automatic rule set generation. First, an analysis of the most widely used firewall languages in the industry is conducted. Next, a Platform-Independent Model for firewall ACLs is proposed. This model is the result of exhaustive analysis and of a discussion of different alternatives for models in a bottom-up methodology. Then, it is proposed that a verification stage be added in the early stages of the Model-Based Development methodology, and a polynomial time complexity process and algorithms are proposed to detect and diagnose inconsistencies in the Platform-Independent Model. Finally, a theoretical complexity analysis and empirical tests with real models were conducted, in order to prove the feasibility of our proposal in real environments

Behavioral pattern analysis of secure migration and communications in eCommerce using cryptographic protocols on a mobile MAS platform

Mobile Multi-Agent Systems (MAS) systems can be used with real success in a growing number of eCommerce applications nowadays. Security has been identified as numerous times by different researchers as a top criterion for the acceptance of mobile agent adoption. In this paper we present an in-depth analysis of behavior patterns of a mobile MAS platform when using different cryptographic protocols to assure communication and migration integrity and confidentiality. Different use case sceneries of eCommerce applications as well as many other aspects have been studied, such as overhead, different communication patterns, different loads and bandwidth issues. This work is also extensible to other mobile and non-mobile MAS platforms. The results obtained can be used and should be taken into account by designers and implementers of secure mobile and also non-mobile agent platforms and agents.European Union TeleCARE IST-2000-2760