1,721,604 research outputs found
Scaling up statistical model checking of cyber-physical systems via algorithm ensemble and parallel simulations over HPC infrastructures
No full textModel-based formal verification of industry-relevant Cyber-Physical Systems (CPSs) is often a computationally prohibitive task. In most cases, the complexity of the models precludes any prospect of symbolic analysis, leaving numerical simulation as the only viable option. Unfortunately, exhaustive simulation of a CPS model over the entire set of plausible operational scenarios is rarely possible in practice, and alternative strategies such as Statistical Model Checking (SMC) must be used instead.
In this article, we show that the number of model simulations (samples) required by SMC techniques to converge can be significantly reduced by considering multiple (an ensemble of) Adaptive Stopping Algorithms (SAs) at once, and that the simulations themselves (by far the most expensive step of the entire workload) can be efficiently sped up by exploiting massively parallel platforms.
With three industry-scale CPS models, we experimentally show that the use of an ensemble of two state-of-the-art SAs (
and EBGStop) may require dozens of millions fewer samples when compared to running a single algorithm, with reductions in sample size of up to 78%. Furthermore, we show that our implementation, by massively parallelizing system model simulations on a HPC infrastructure, yields speed-ups for the completion time of the verification tasks which are practically linear with respect to the number of computational nodes, thus achieving an efficiency of virtually 100%, even on very large platforms. This makes it possible to complete tasks of model-based SMC verification for complex CPSs in a matter of hours or days, whereas a naïve sequential execution would require from months to many years
Model driven design of secure properties for vision-based applications: A case study
No full textIn this paper we discuss an approach to overcome difficulties and gaps which are typically encountered when dealing with security-oriented model-driven approaches. In particular, we state that state-of-the-art MDS approaches are not suitable for modern companies and industry in general, and address security only at a late stage of development, often causing big delays and reengineering costs due to extensive reworks. Instead, we propose to adopt in the SEcube platform an OTA-based XMDD approach to integrate security ab-initio. In addition, since our approach is based on a set of reusable SIBs organized within dedicated palettes in DIME, we decouple the issue of guaranteeing that the SIBs are correct and secure from the issue of analyzing the applications, which can be greatly simplified by knowing the characterization of each SIB in advance. We apply our approach to the concrete realm of computer vision steering robotics, present the safety and security properties elicited on the specific case study, and discuss the ways they can be enforce
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Quantitative Security Risk Modeling and Analysis with RisQFLan
Full text linkDomain-specific quantitative modeling and analysis approaches are fundamental in scenarios in which qualitative approaches are inappropriate or unfeasible. In this paper, we present a tool-supported approach to quantitative graph-based security risk modeling and analysis based on attack-defense trees. Our approach is based on QFLan, a successful domain-specific approach to support quantitative modeling and analysis of highly configurable systems, whose domain-specific components have been decoupled to facilitate the instantiation of the QFLan approach in the domain of graph-based security risk modeling and analysis. Our approach incorporates distinctive features from three popular kinds of attack trees, namely enhanced attack trees, capabilities-based attack trees and attack countermeasure trees, into the domain-specific modeling language. The result is a new framework, called RisQFLan, to support quantitative security risk modeling and analysis based on attack-defense diagrams. By offering either exact or statistical verification of probabilistic attack scenarios, RisQFLan constitutes a significant novel contribution to the existing toolsets in that domain. We validate our approach by highlighting the additional features offered by RisQFLan in three illustrative case studies from seminal approaches to graph-based security risk modeling analysis based on attack trees
Contracts for Abstract Processes in Service Composition
Full text linkContracts are a well-established approach for describing and analyzing behavioral aspects of web service
compositions. The theory of contracts comes equipped with a notion of compatibility between
clients and servers that ensures that every possible interaction between compatible clients and servers
will complete successfully. It is generally agreed that real applications often require the ability of exposing
just partial descriptions of their behaviors, which are usually known as abstract processes. We
propose a formal characterization of abstraction as an extension of the usual symbolic bisimulation
and we recover the notion of abstraction in the context of contracts
Efficient Certified Resolution Proof Checking
Full text linkWe present a novel propositional proof tracing format that eliminates complex processing, thus enabling efficient (formal) proof checking. The benefits of this format are demonstrated by implementing a proof checker in C, which outperforms a state-of-the-art checker by two orders of magnitude. We then formalize the theory underlying propositional proof checking in Coq, and extract a correct-by-construction proof checker for our format from the formalization. An empirical evaluation using 280 unsatisfiable instances from the 2015 and 2016 SAT competitions shows that this certified checker usually performs comparably to a state-of-the-art non-certified proof checker. Using this format, we formally verify the recent 200 TB proof of the Boolean Pythagorean Triples conjecture
- …
