| 1. |
- Leander, Björn, 1978-
(författare)
-
Dynamic Access Control for Industrial Systems
- 2023
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Industrial automation and control systems (IACS) are taking care of our most important infrastructures, providing electricity and clean water, producing medicine and food, along with many other services and products we take for granted. The continuous, safe, and secure operation of such systems are obviously of great importance. Future iterations of IACS will look quite different from the ones we use today. Modular and flexible systems are emerging, powered by technical advances in areas such as artificial intelligence, cloud computing, and motivated by fluctuating market demands and faster innovation cycles. Design strategies for dynamic manufacturing are increasingly being adopted. These advances have a fundamental impact on industrial systems at component as well as architectural level. As a consequence of the changing operational requirements, the methods used for protection of industrial systems must be revisited and strengthened. This for example includes access control, which is one of the fundamental cybersecurity mechanisms that is hugely affected by current developments within IACS. The methods currently used are static and coarse-grained and therefore not well suited for dynamic and flexible industrial systems. A transition in security model is required, from implicit trust towards zero-trust, supporting dynamic and fine-grained access control. This PhD thesis discusses access control for IACS in the age of Industry 4.0, focusing on dynamic and flexible manufacturing systems. The solutions presented are applicable at machine-to-machine as well as human-to-machine interactions, using a zero-trust strategy. An investigation of the current state of practice for industrial access control is provided as a starting point for the work. Dynamic systems require equally dynamic access control policies, why several approaches on how dynamic access control can be achieved in industrial systems are developed and evaluated, covering strategies for policy formulations as well as mechanisms for authorization enforcement.
|
|
| 2. |
- Jaradat, Omar, 1981-, et al.
(författare)
-
Using Sensitivity Analysis to Facilitate The Maintenance of Safety Cases
- 2015
-
Ingår i: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). - Cham : Springer International Publishing. - 9783319195834 ; , s. 162-176
-
Konferensbidrag (refereegranskat)abstract
- A safety case contains safety arguments together with supporting evidence that together should demonstrate that a system is acceptably safe. System changes pose a challenge to the soundness and cogency of the safety case argument. Maintaining safety arguments is a painstaking process because it requires performing a change impact analysis through interdependent elements. Changes are often performed years after the deployment of a system making it harder for safety case developers to know which parts of the argument are affected. Contracts have been proposed as a means for helping to manage changes. There has been significant work that discusses how to represent and to use them but there has been little on how to derive them. In this paper, we propose a sensitivity analysis approach to derive contracts from Fault Tree Analyses and use them to trace changes in the safety argument, thus facilitating easier maintenance of the safety argument.
|
|
| 3. |
- Ali, Nazakat, et al.
(författare)
-
Composite Hazard Analysis of System of Systems for Mixed-traffic Automation in Underground Mine
- 2023
-
Ingår i: International Conference on Ubiquitous and Future Networks, ICUFN. - : IEEE Computer Society. - 9798350335385 ; , s. 445-450
-
Konferensbidrag (refereegranskat)abstract
- Hazard analysis for a single system focuses on identifying and evaluating potential hazards associated with the individual system, its components, and their interactions. There are well-established hazard analysis techniques that are widely used to identify hazards for single systems. However, unlike single systems, hazard analysis in a System of Systems (SoS) must focus on analyzing the potential hazards (including emergent ones) that can arise from the interactions between multiple individual systems. This type of analysis considers the complex interactions between systems and the interdependence between their components and the environment in which they operate. Therefore, it is necessary to understand the application scenarios of SoS and to employ a systematic approach to identify all potential hazards. This paper applies the Composite Hazard Analysis Technique (CompHAT) to an industrial case study from a mining and equipment domain. The results show that the CompHAT is useful in identifying the interaction faults and their propagation routes between components of a constituent system and between constituent systems in an SoS. We also report that, due to the tool support, CompHAT can be beneficial for safety engineers to trace the faults in the network of an SoS in a more efficient and effective manner.
|
|
| 4. |
- Ali, Nazakat, et al.
(författare)
-
Modeling and safety analysis for collaborative safety-critical systems using hierarchical colored Petri nets
- 2024
-
Ingår i: Journal of Systems and Software. - : Elsevier Inc.. - 0164-1212 .- 1873-1228. ; 210
-
Tidskriftsartikel (refereegranskat)abstract
- Context: Collaborative systems enable multiple independent systems to work together towards a common goal. These systems can include both human-system and system-system interactions and can be found in a variety of settings, including smart manufacturing, smart transportation, and healthcare. Safety is an important consideration for collaborative systems because one system's failure can significantly impact the overall system performance and adversely affect other systems, humans or the environment. Goal: Fail-safe mechanisms for safety-critical systems are designed to bring the system to a safe state in case of a failure in the sensors or actuators. However, a collaborative safety-critical system must do better and be safe-operational, for e.g., a failure of one of the members in a platoon of vehicles in the middle of a highway is not acceptable. Thus, failures must be compensated, and compliance with safety constraints must be ensured even under faults or failures of constituent systems. Method: In this paper, we model and analyze safety for collaborative safety-critical systems using hierarchical Coloured Petri nets (CPN). We used an automated Human Rescue Robot System (HRRS) as a case study, modeled it using hierarchical CPN, and injected some specified failures to check and confirm the safe behavior in case of unexpected scenarios. Results: The system behavior was observed after injecting three types of failures in constituent systems, and then safety mechanisms were applied to mitigate the effect of these failures. After applying safety mechanisms, the HRRS system's overall behavior was again observed both in terms of verification and validation, and the simulated results show that all the identified failures were mitigated and HRRS completed its mission. Conclusion: It was found that the approach based on formal methods (CPN modeling) can be used for the safety analysis, modeling, validation, and verification of collaborative safety-critical systems like HRRS. The hierarchical CPN provides a rigorous way of modeling to implement complex collaborative systems.
|
|
| 5. |
- Aysan, Hüseyin, et al.
(författare)
-
A Generalised Error Model and Schedulability Guarantees for Dependable Real-Time Systems
- 2011
-
Ingår i: Proceedings of the 1st International Workshop on Dependable and Secure Industrial and Embedded Systems (WORDS).
-
Konferensbidrag (refereegranskat)abstract
- The fundamental requirement for the design of effective and efficient fault-tolerance mechanisms in dependable real-time systems is a realistic and applicable model of potential faults, their manifestations and consequences. Fault and error models also need to be evolved based on the changes in the environments of usage or even based on technological advances. In this paper we propose a novel probabilistic burst error model in lieu of the commonly used simplistic fault assumptions. We introduce an approach to reason about real-time systems schedulability under the proposed error model in a probabilistic manner. We first present a sufficient analysis that accounts for the worst case interference caused by error bursts on the response times of tasks scheduled under the fixed priority scheduling (FPS) policy. Further, we identify potential sources of pessimism in the calculations and propose an algorithm that refines the results.
|
|
| 6. |
- Aysan, Hüseyin, et al.
(författare)
-
A Generalized Task Allocation Framework for Dependable Real-Time Systems
- 2007
-
Ingår i: Proceedings of the Work-In-Progress (WIP) session of the 19th Euromicro Conference on Real-Time Systems (ECRTS 07).
-
Konferensbidrag (refereegranskat)abstract
- In this paper, we present a general framework which allows the designer to specify a wide range of criteria for allocation. Major factors considered as part of our framework are mixed criticalities of tasks, schedulability, power consumption, fault-tolerance, and dependability requirements in addition to typical functional aspects such as memory constraints. This being a global optimization problem, we are forced to use meta-heuristic algorithms, and we were able to represent these requirements in a very intuitive manner by the usage of energy functions in simulated annealing. We envision the proposed methodology as a quite simple, scalable, as well as computationally effective solution covering a wide range of system architectures and solution spaces.
|
|
| 7. |
- Aysan, Hüseyin, 1982-
(författare)
-
Fault-Tolerance Strategies and Probabilistic Guarantees for Real-Time Systems
- 2012
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Ubiquitous deployment of embedded systems is having a substantial impact on our society, since they interact with our lives in many critical real-time applications. Typically, embedded systems used in safety or mission critical applications (e.g., aerospace, avionics, automotive or nuclear domains) work in harsh environments where they are exposed to frequent transient faults such as power supply jitter, network noise and radiation. They are also susceptible to errors originating from design and production faults. Hence, they have the design objective to maintain the properties of timeliness and functional correctness even under error occurrences. Fault-tolerance plays a crucial role towards achieving dependability, and the fundamental requirement for the design of effective and efficient fault-tolerance mechanisms is a realistic and applicable model of potential faults and their manifestations. An important factor to be considered in this context is the random nature of faults and errors, which, if addressed in the timing analysis by assuming a rigid worst-case occurrence scenario, may lead to inaccurate results. It is also important that the power, weight, space and cost constraints of embedded systems are addressed by efficiently using the available resources for fault-tolerance. This thesis presents a framework for designing predictably dependable embedded real-time systems by jointly addressing the timeliness and the reliability properties. It proposes a spectrum of fault-tolerance strategies particularly targeting embedded real-time systems. Efficient resource usage is attained by considering the diverse criticality levels of the systems' building blocks. The fault-tolerance strategies are complemented with the proposed probabilistic schedulability analysis techniques, which are based on a comprehensive stochastic fault and error model.
|
|
| 8. |
- Aysan, Hüseyin, et al.
(författare)
-
FT-Feasibility in Fixed Priority Real-Time Scheduling
- 2007
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Real-time systems typically have to satisfy complex requirements mapped to the timing attributes of the tasks that are eventually guaranteed by the underlying scheduler. These systems consist of a mix of hard and soft tasks with varying criticalities as well as associated fault tolerance (FT) requirements. Often time redundancy techniques are preferred in many embedded applications and hence it is extremely important to devise appropriate methodologies for scheduling real-time tasks under fault assumptions. Additionally, the relative criticality of tasks could undergo changes during the evolution of the system. Hence scheduling decisions under fault assumptions have to reflect all these important factors in addition to the resource constraints.In this paper we propose a framework for 'FTfeasibility', i.e., to provide a priori guarantees that all critical tasks in the system will meet their deadlines even in case of faults. Our main objective here is to ensure FTfeasibility of all critical tasks in the system and do so with minimal costs and without any fundamental changes in the scheduling paradigm. We demonstrate its applicability in scenarios where the FT strategy employed is re-execution of the affected tasks or an alternate action upon occurrence of transient faults or software design faults. We analyse a feasible set of tasks and propose methods to adapt it to varying FT requirements without modifications to the underlying scheduler. We do so by reassigning task attributes to achieve FT-feasibility while keeping the costs minimised.
|
|
| 9. |
- Baumgart, Stephan, et al.
(författare)
-
A Model-Based Approach to Document a System-of-Systems
- 2021
-
Ingår i: 2021 IEEE International Systems Conference (SysCon). - 9781665444392 ; , s. 1-8
-
Konferensbidrag (refereegranskat)abstract
- The technical evolution enables the development and application of autonomous systems in various domains. In the on-road and off-road vehicle domains, autonomous vehicles are applied in different contexts. Autonomous cars are designed as single system solutions, while in other scenarios, multiple autonomous or semi-autonomous vehicles are integrated into a system-of-systems. We utilize a case from the earth-moving machinery domain, where a fleet of autonomous vehicles is used for transporting material in off-road environments. The traditional industrial development processes in the earth-moving machinery domain focus on single human-operated systems and lack clear support for autonomous system-of-systems. From our studies of industrial development of system-of-systems, we recognize the demand for guidance on how to document a system-of-systems. The goal of this work is to provide a framework using different model-based formalisms. As a structural background, we utilize the SafeSoS process, where each step specifies details about the targeted system-of-systems. Specifically, we apply model-based systems engineering to describe the structure and behavior of each SoS level. We utilize an industrial case to exemplify how model-based concepts can be applied to capture relevant information needed for designing the system-of-systems. This work provides guidelines for practitioners in developing safe system-of-systems.
|
|
| 10. |
- Baumgart, Stephan, et al.
(författare)
-
A Model-Based Approach to Document Software Toolchains for Supporting a Safety Analysis
- 2021
-
Ingår i: 2021 15TH ANNUAL IEEE INTERNATIONAL SYSTEMS CONFERENCE (SYSCON 2021). - : IEEE. - 9781665444392
-
Konferensbidrag (refereegranskat)abstract
- The increasing use of embedded systems to provide new functionality and customer experience requires developing the embedded systems carefully. As a new challenge, autonomous systems are developed to be working in a fleet to provide production workflows. Developing such a system-of-systems requires utilizing various software tools to manage the complexity. One task in developing safety-critical products, in general, is to analyze if the applied tools can introduce failures into the final product. Today's functional safety standards consider only single software tools for analysis. In our industrial work, we can observe a trend towards supporting product lines. A common configurable platform is developed to support a range of different products. Developing such a platform and supporting variability, a toolchain is created where software tools are glued together using scripts to support product lines and automatically generate compiled code. The current functional safety standards do not straight forward support this. This paper discusses how software tools need to support functional safety and show limitations by providing an industrial case. We provide a model-based approach to describe a toolchain and show its application to an industrial case. To analyze potential failures in the toolchain, we utilize the HAZOP method and show its application.
|
|
