BFL:a Logic to Reason about Fault Trees

Safety-critical infrastructures must operate safely and reliably. Fault tree analysis is a widespread method used to assess risks in these systems: fault trees (FTs) are required - among others - by the Federal Aviation Authority, the Nuclear Regulatory Commission, in the ISO26262 standard for autonomous driving and for software development in aerospace systems. Although popular both in industry and academia, FTs lack a systematic way to formulate powerful and understandable analysis queries. In this paper, we aim to fill this gap and introduce Boolean Fault tree Logic (BFL), a logic to reason about FTs. BFL is a simple, yet expressive logic that supports easier formulation of complex scenarios and specification of FT properties. Alongside BFL, we present model checking algorithms based on binary decision diagrams (BDDs) to analyse specified properties in BFL, patterns and an algorithm to construct counterexamples. Finally, we propose a case-study application of BFL by analysing a COVID19-related FT

ATM:a Logic for Quantitative Security Properties on Attack Trees

Critical infrastructure systems - for which high reliability and availability are paramount - must operate securely. Attack trees (ATs) are hierarchical diagrams that offer a flexible modelling language used to assess how systems can be attacked. ATs are widely employed both in industry and academia but - in spite of their popularity - little work has been done to give practitioners instruments to formulate queries on ATs in an understandable yet powerful way. In this paper we fill this gap by presenting ATM, a logic to express quantitative security properties on ATs. ATM allows for the specification of properties involved with security metrics that include "cost", "probability" and "skill" and permits the formulation of insightful what-if scenarios. To showcase its potential, we apply ATM to the case study of a CubeSAT, presenting three different ways in which an attacker can compromise its availability. We showcase property specification on the corresponding attack tree and we present theory and algorithms - based on binary decision diagrams - to check properties and compute metrics of ATM-formulae

PFL:a Probabilistic Logic for Fault Trees

Safety-critical infrastructures must operate in a safe and reliable way. Fault tree analysis is a widespread method used for risk assessment of these systems: fault trees (FTs) are required by, e.g., the Federal Aviation Administration and the Nuclear Regulatory Commission. In spite of their popularity, little work has been done on formulating structural queries about FT and analyzing these, e.g., when evaluating potential scenarios, and to give practitioners instruments to formulate queries on FTs in an understandable yet powerful way. In this paper, we aim to fill this gap by extending BFL [32], a logic that reasons about Boolean FTs. To do so, we introduce a Probabilistic Fault tree Logic (PFL). PFL is a simple, yet expressive logic that supports easier formulation of complex scenarios and specification of FT properties that comprise probabilities. Alongside PFL, we present LangPFL, a domain specific language to further ease property specification. We showcase PFL and LangPFL by applying them to a COVID-19 related FT and to a FT for an oil/gas pipeline. Finally, we present theory and model checking algorithms based on binary decision diagrams (BDDs)

ATM: a Logic for Quantitative Security Properties on Attack Trees

Critical infrastructure systems - for which high reliability and availability are paramount - must operate securely. Attack trees (ATs) are hierarchical diagrams that offer a flexible modelling language used to assess how systems can be attacked. ATs are widely employed both in industry and academia but - in spite of their popularity - little work has been done to give practitioners instruments to formulate queries on ATs in an understandable yet powerful way. In this paper we fill this gap by presenting ATM, a logic to express quantitative security properties on ATs. ATM allows for the specification of properties involved with security metrics that include "cost", "probability" and "skill" and permits the formulation of insightful what-if scenarios. To showcase its potential, we apply ATM to the case study of a CubeSAT, presenting three different ways in which an attacker can compromise its availability. We showcase property specification on the corresponding attack tree and we present theory and algorithms - based on binary decision diagrams - to check properties and compute metrics of ATM-formulae

Querying Fault and Attack Trees:Property Specification on a Water Network

We provide an overview of three different query languages whose objective is to specify properties on the highly popular formalisms of fault trees (FTs) and attack trees (ATs). These are BFL, a Boolean Logic for FTs, PFL, a probabilistic extension of BFL and ATM, a logic for security metrics on ATs. We validate the framework composed by these three logics by applying them to the case study of a water distribution network. We extend the FT for this network - found in the literature - and we propose to model the system under analysis with the Fault Trees/Attack Trees (FT/ATs) formalism, combining both FTs and ATs in a unique model. Furthermore, we propose a novel combination of the showcased logics to account for queries that jointly consider both the FT and the AT of the model, integrating influences of attacks on failure probabilities of different components. Finally, we extend the domain specific language for PFL with novel constructs to capture the interplay between metrics of attacks - e.g., "cost", success probabilities - and failure probabilities in the system

Flood Inundation Mapping in the Logone Floodplain from Multi Temporal Landsat ETM+Imagery

Yearly flooding in the Logone floodplain makes an impact on agricultural, pastoral, and fishery systems in the Lake Chad Basin. Since the flooding extent and depth are highly variable, flood inundation mapping helps us make better use of water resources and prevent flood hazards in the Logone floodplain. The flood maps are generated from 33 multi temporal Landsat Enhanced Thematic Mapper Plus (ETM+) during three years 2006 to 2008. Flooded area is classified using a short-wave infrared band whereas open water is classified by Iterative Self-organizing Data Analysis (ISODATA) clustering. The maximum flooding extent in the study area increases up to approximately 5.8K km2 in late October 2008. The study also provides strong correlation of the flooding extents with water height variations in both the floodplain and the river based on a second polynomial regression model. The water heights are from ENIVSAT altimetry in the floodplain and gauge measurements in the river. Coefficients of determination between flooding extents and water height variations are greater than 0.91 with 4 to 36 days in phase lag. Floodwater drains back to the river and to the northeast during the recession period in December and January. The study supports understanding of the Logone floodplain dynamics in detail of spatial pattern and size of the flooding extent and assists the flood monitoring and prediction systems in the catchment

Hypoadiponectinemia in Extremely Low Gestational Age Newborns with Severe Hyperglycemia – A Matched-Paired Analysis

BACKGROUND: Hyperglycemia is commonly observed in extremely low gestational age newborns (ELGANs) and is associated with both increased morbidity and mortality. The objective of this study was to examine the relationship between neonatal hyperglycemia and adiponectin levels in ELGANs. METHODOLOGY/PRINCIPAL FINDINGS: Ten preterm infants between 22+6/7 and 27+3/7 weeks' gestation with neonatal hyperglycemia (defined as pre-feeding blood glucose levels above 200mg/dl on two consecutive measurements with a maximum parenteral glucose infusion of 4 mg/kg*min(-1)) formed the case cohort of this study. To every single patient of this case cohort a patient with normal fasting ( = pre-feeding) blood glucose levels was matched in terms of gestational age and gender. Adiponectin ELISAs were performed both at onset of hyperglycemia and at term-equivalent age. In the case cohort 9/10 patients had to be treated with insulin for 1-26 days (range 0.01-0.4 IU/kg*h(-1)). Compared to matched-paired controls, significant hypoadiponectinemia was observed at onset of hyperglycemia in these affected patients (6.9 µg/ml versus 15.1 µg/ml, p = 0.009). At term equivalent age, normoglycemia without any insulin treatment was found in both groups. Moreover, adiponectin levels at that time were no longer significantly different (12.3 µg/ml versus 20.0 µg/ml; p = 0.051) possibly indicating a mechanistic relevance of this adipokine in regulating insulin sensitivity in ELGANs. CONCLUSIONS/SIGNIFICANCE: Decreased circulating adiponectin levels are correlated with hyperglycemia in ELGANs and may contribute to the pathogenesis of impaired glucose homeostasis in these infants. These findings suggest that adiponectin might be a potential future drug target for the potentially save treatment of hyperglycemia in pre-term infants

The highly rearranged mitochondrial genomes of the crabs Maja crispata and Maja squinado (Majidae) and gene order evolution in Brachyura

Abstract We sequenced the mitochondrial genomes of the spider crabs Maja crispata and Maja squinado (Majidae, Brachyura). Both genomes contain the whole set of 37 genes characteristic of Bilaterian genomes, encoded on both \u3b1- and \u3b2-strands. Both species exhibit the same gene order, which is unique among known animal genomes. In particular, all the genes located on the \u3b2-strand form a single block. This gene order was analysed together with the other nine gene orders known for the Brachyura. Our study confirms that the most widespread gene order (BraGO) represents the plesiomorphic condition for Brachyura and was established at the onset of this clade. All other gene orders are the result of transformational pathways originating from BraGO. The different gene orders exhibit variable levels of genes rearrangements, which involve only tRNAs or all types of genes. Local homoplastic arrangements were identified, while complete gene orders remain unique and represent signatures that can have a diagnostic value. Brachyura appear to be a hot-spot of gene order diversity within the phylum Arthropoda. Our analysis, allowed to track, for the first time, the fully evolutionary pathways producing the Brachyuran gene orders. This goal was achieved by coupling sophisticated bioinformatic tools with phylogenetic analysis