| 1. |
- Amorim, Joni A., et al.
(författare)
-
Awareness and training : Identification of relevant security skills and competencies
- 2014
-
Ingår i: Engineering Education in a Technology-Dependent World. - Guimarães : INTERTECH. - 9788565992282 - 9788566680287 ; , s. 37-
-
Konferensbidrag (refereegranskat)abstract
- In order to identify needed skills and competencies for privacy and security, we propose a systematic process that maps privacy and security threats to related controls that are required to prevent, detect or remove such threats. This work suggests how to apply the process, while discussing how games and simulations can be used both to develop the desired behavior and to monitor the current competency level.
|
|
| 2. |
|
|
| 3. |
- Amorim, Joni A., et al.
(författare)
-
Cyber Security Training Perspectives
- 2013
-
Konferensbidrag (refereegranskat)abstract
- Building comprehensive cyber security strategies to protect people, infrastructure and assets demands research on methods and practices to reduce risks. Once the methods and practices are identified, there is a need to develop training for the manystakeholders involved, from security experts to the end user. In thispaper, we discuss new approaches for training, which includes the development of serious games for training on cyber security. The identification of the theoretical framework to be used for situation and threat assessment receives special consideration.
|
|
| 4. |
|
|
| 5. |
- Amorim, Joni A., et al.
(författare)
-
Privacy and Security in Cyberspace : Training Perspectives on the Personal Data Ecosystem
- 2013
-
Ingår i: European Intelligence and Security Informatics Conference (EISIC), Proceedings CD. - : IEEE conference proceedings. - 9780769550626 ; , s. 139-142
-
Konferensbidrag (refereegranskat)abstract
- There is a growing understanding that privacy is an essential component of security. In order to decrease the probability of having data breaches, the design of information systems, processes and architectures should incorporate considerations related to both privacy and security. This incorporation may benefit from the offering of appropriate training. In this way, this paper intends to discuss how to better offer training while considering new developments that involve both multimedia production and the “gamification” of training. The paper suggests the use in conjunction of two frameworks: the EduPMO Framework, useful for the management of large scale projects that may involve a consortium of organizations developing multimedia for the offering of training, and the Game Development Framework, useful for the identification of the main components of the serious game for training on privacy by design to be developed as part of the training offering.
|
|
| 6. |
- Andersson, Martin, et al.
(författare)
-
Co-simulation of Mobile Wireless Networked Embedded Systems in Physical Environments
- 2005
-
Ingår i: RTiS 2005 – Proceedings of Real Time in Sweden 2005, the 8th Biennial SNART Conference on Real-Time Systems (Skövde University Studies in Informatics). - 1653-2325. - 9163173492 ; 2005:1
-
Konferensbidrag (refereegranskat)abstract
- Embedded systems are becoming increasingly networked and aredeployed in application areas that require close interaction withtheir physical environment. Examples include distributed mobileagents and wireless sensor/actuator networks. The complexity ofthese applications make co-simulation a necessary tool during systemdevelopment. This paper presents a simulation environment thatfacilitates simulation of computer nodes and communication networksinteracting with the continuous-time dynamics of the real world.Features of the simulator include interrupthandling, task scheduling, wired and wireless communication, localclocks, dynamic voltage scaling, and battery-driven operation.Two simulation case studies are presented: a simple communicationscenario and a mobile robot soccer game.
|
|
| 7. |
- Andler, Sten F., et al.
(författare)
-
DeeDS : Towards a Distributed and Active Real-Time Database Systems
- 1996
-
Ingår i: ACM Sigmod Record. ; 25:1, s. 38-40
-
Tidskriftsartikel (refereegranskat)abstract
- DeeDS combines active database functionality with critical timing constraints and integrated system monitoring. Since the reactive database mechanisms, or rule management system, must meet critical deadlines, we must employ methods that make triggering of rules and execution of actions predictable. We will focus on the scheduling issues associated with dynamic scheduling of workloads where the triggered transactions have hard, firm or soft deadlines, and how transient overloads may be resolved by substituting transactions by computationally cheaper ones. The rationale for a loosely coupled general purpose event monitoring facility, that works in tight connection with the scheduler, is presented. For performance and predictability, the scheduler and event monitor are executing on a separate CPU from the rest of the system. Real-time database accesses in DeeDS are made predictable and efficient by employing methods such as main memory resident data, full replication, eventual consistency, and prevention of global deadlocks.
|
|
| 8. |
|
|
| 9. |
|
|
| 10. |
- Andler, Sten F., et al.
(författare)
-
Information Fusion from Databases, Sensors and Simulations : A Collaborative Research Program
- 2005
-
Ingår i: Proceedings. - : IEEE Computer Society. - 0769523064 ; , s. 234-241
-
Konferensbidrag (refereegranskat)abstract
- This paper provides an overview of a collaborative research program in information fusion from databases, sensors and simulations. Information fusion entails the combination of data from multiple sources, to generate information that cannot be derived from the individual sources. This area is of strategic importance for industry and defense, as well as public administration areas such as health care, and needs to be pursued as an academic subject. A large number of industrial partners are supporting and participating in the development of the area. The paper describes the program’s general approach and main research areas, with a particular focus on the role of information fusion in systems development
|
|
| 11. |
|
|
| 12. |
|
|
| 13. |
|
|
| 14. |
|
|
| 15. |
- Andler, Sten F., et al.
(författare)
-
SMARTracIn : a concept for spoof resistant tracking of vessels and detection of adverse intentions
- 2009
-
Ingår i: Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security and Homeland Defense VIII. - : SPIE - International Society for Optical Engineering. - 9780819475718 ; , s. 73050G-1-73050G-9
-
Konferensbidrag (refereegranskat)abstract
- The aim of maritime surveillance systems is to detect threats earlyenough to take appropriate actions. We present the results ofa study on maritime domain awareness performed during the fallof 2008. We analyze an identified capability gap of worldwidesurveillance in the maritime domain, and report from a userworkshop addressing the identified gap. We describe a SMARTracIn conceptsystem that integrates information from surveillance systems with background knowledgeon normal conditions to help users detect and visualize anomaliesin vessel traffic. Land-based systems that cover the coastal watersas well as airborne, space-borne and ships covering open seaare considered. Sensor data are combined with intelligence information fromship reporting systems and databases. We describe how information fusion,anomaly detection and semantic technology can be used to helpusers achieve more detailed maritime domain awareness. Human operators area vital part of this system and should be activecomponents in the fusion process. We focus on the problemof detecting anomalous behavior in ocean-going traffic, and a roomand door segmentation concept to achieve this. This requires theability to identify vessels that enter into areas covered bysensors as well as the use of information management systemsthat allow us to quickly find all relevant information.
|
|
| 16. |
- Atif, Yacine, 1967-, et al.
(författare)
-
Cyber-threat analysis for Cyber-Physical Systems : Technical report for Package 4, Activity 3 of ELVIRA project
- 2018
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- Smart grid employs ICT infrastructure and network connectivity to optimize efficiency and deliver new functionalities. This evolu- tion is associated with an increased risk for cybersecurity threats that may hamper smart grid operations. Power utility providers need tools for assessing risk of prevailing cyberthreats over ICT infrastructures. The need for frameworks to guide the develop- ment of these tools is essential to define and reveal vulnerability analysis indicators. We propose a data-driven approach for design- ing testbeds to evaluate the vulnerability of cyberphysical systems against cyberthreats. The proposed framework uses data reported from multiple components of cyberphysical system architecture layers, including physical, control, and cyber layers. At the phys- ical layer, we consider component inventory and related physi- cal flows. At the control level, we consider control data, such as SCADA data flows in industrial and critical infrastructure control systems. Finally, at the cyber layer level, we consider existing secu- rity and monitoring data from cyber-incident event management tools, which are increasingly embedded into the control fabrics of cyberphysical systems.
|
|
| 17. |
- Atif, Yacine, 1967-, et al.
(författare)
-
Cyber-Threat Intelligence Architecture for Smart-Grid Critical Infrastructures Protection
- 2017
-
Konferensbidrag (refereegranskat)abstract
- Critical infrastructures (CIs) are becoming increasingly sophisticated with embedded cyber-physical systems (CPSs) that provide managerial automation and autonomic controls. Yet these advances expose CI components to new cyber-threats, leading to a chain of dysfunctionalities with catastrophic socio-economical implications. We propose a comprehensive architectural model to support the development of incident management tools that provide situation-awareness and cyber-threats intelligence for CI protection, with a special focus on smart-grid CI. The goal is to unleash forensic data from CPS-based CIs to perform some predictive analytics. In doing so, we use some AI (Artificial Intelligence) paradigms for both data collection, threat detection, and cascade-effects prediction.
|
|
| 18. |
- Atif, Yacine, 1967-, et al.
(författare)
-
Internet of Things data analytics for parking availability prediction and guidance
- 2020
-
Ingår i: European transactions on telecommunications. - : Wiley-Blackwell Publishing Inc.. - 1124-318X .- 2161-3915 .- 2161-5748. ; 31
-
Tidskriftsartikel (refereegranskat)abstract
- Cutting-edge sensors and devices are increasingly deployed within urban areas to make-up the fabric of transmission control protocol/internet protocol con- nectivity driven by Internet of Things (IoT). This immersion into physical urban environments creates new data streams, which could be exploited to deliver novel cloud-based services. Connected vehicles and road-infrastructure data are leveraged in this article to build applications that alleviate notorious parking and induced traffic-congestion issues. To optimize the utility of parking lots, our proposed SmartPark algorithm employs a discrete Markov-chain model to demystify the future state of a parking lot, by the time a vehicle is expected to reach it. The algorithm features three modular sections. First, a search pro- cess is triggered to identify the expected arrival-time periods to all parking lots in the targeted central business district (CBD) area. This process utilizes smart-pole data streams reporting congestion rates across parking area junc- tions. Then, a predictive analytics phase uses consolidated historical data about past parking dynamics to infer a state-transition matrix, showing the transfor- mation of available spots in a parking lot over short periods of time. Finally, this matrix is projected against similar future seasonal periods to figure out the actual vacancy-expectation of a lot. The performance evaluation over an actual busy CBD area in Stockholm (Sweden) shows increased scalability capa- bilities, when further parking resources are made available, compared to a baseline case algorithm. Using standard urban-mobility simulation packages, the traffic-congestion-aware SmartPark is also shown to minimize the journey duration to the selected parking lot while maximizing the chances to find an available spot at the selected lot.
|
|
| 19. |
- Atif, Yacine, 1967-, et al.
(författare)
-
Multi-agent Systems for Power Grid Monitoring : Technical report for Package 4.1 of ELVIRA project
- 2018
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- This document reports a technical description of ELVIRA project results obtained as part of Work- package 4.1 entitled “Multi-agent systems for power Grid monitoring”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity. This report outlines intelligent approaches that continuously analyze data flows generated by Supervisory Control And Data Acquisition (SCADA) systems, which monitor contemporary power grid infrastructures. However, cybersecurity threats and security mechanisms cannot be analyzed and tested on actual systems, and thus testbed simulators are necessary to assess vulnerabilities and evaluate the infrastructure resilience against cyberattacks. This report suggests an agent-based model to simulate SCADA- like cyber-components behaviour when facing cyber-infection in order to experiment and test intelligent mitigation mechanisms.
|
|
| 20. |
- Birgisson, Ragnar, et al.
(författare)
-
Bounds on Test Effort for Event-Triggered Real-Time Systems
- 1999
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- The test effort required for full test coverage is much higher in an event-triggered than in a time-triggered real-time system. This makes it difficult to attain confidence in the correctness of event-triggered real-time applications by testing, which is a necessary complement to other verification methods. We present a more general upper bound on the test effort of constrained event-triggered real-time systems, assuming multiple resources (a refinement of previous results). The emphasis is on system level testing of application timeliness, assuming that sufficient confidence in its functional correctness has been attained. Covered fault types include incorrect assumptions about temporal attributes of application and execution environment, and synchronization faults. An analysis of the effects that our constraints have on predictability and efficiency shows that the use of designated preemption points is required. A key factor in this approach is the ability to reduce the number of required test cases while maintaining full test coverage.
|
|
| 21. |
- Boström, Henrik, et al.
(författare)
-
On the Definition of Information Fusion as a Field of Research
- 2007
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- A more precise definition of the field of information fusion can be of benefit to researchers within the field, who may use uch a definition when motivating their own work and evaluating the contribution of others. Moreover, it can enable researchers and practitioners outside the field to more easily relate their own work to the field and more easily understand the scope of the techniques and methods developed in the field. Previous definitions of information fusion are reviewed from that perspective, including definitions of data and sensor fusion, and their appropriateness as definitions for the entire research field are discussed. Based on strengths and weaknesses of existing definitions, a novel definition is proposed, which is argued to effectively fulfill the requirements that can be put on a definition of information fusion as a field of research.
|
|
| 22. |
- Brax, Christoffer, et al.
(författare)
-
Evaluating Precise and Imprecise State-Based Anomaly Detectors for Maritime Surveillance
- 2010
-
Ingår i: Proceedings of the 13th International Conference on Information Fusion. - : IEEE. - 9780982443811 ; , s. Article number 5711997-
-
Konferensbidrag (refereegranskat)abstract
- We extend the State-Based Anomaly Detection approach by introducing precise and imprecise anomaly detectors using the Bayesian and credal combination operators, where evidences over time are combined into a joint evidence. We use imprecision in order to represent the sensitivity of the classification regarding an object being normal or anomalous. We evaluate the detectors on a real-world maritime dataset containing recorded AIS data and show that the anomaly detectors outperform previously proposed detectors based on Gaussian mixture models and kernel density estimators. We also show that our introduced anomaly detectors perform slightly better than the State-Based Anomaly Detection approach with a sliding window.
|
|
| 23. |
- Brohede, Marcus, et al.
(författare)
-
A Distributed Whiteboard Infrastructure for Information Fusion Simulations
- 2009
-
Ingår i: Proceedings of the 32nd Annual IEEE Software Engineering Workshop (SEW-32). - : IEEE. - 9780769536170 ; , s. 134-142
-
Konferensbidrag (refereegranskat)abstract
- We argue that architecural ideas from DeeDS, a distributed real-time database, can be used to create a whiteboard infrastructure usable in information fusion applications as well as in fault tolerant simulations. We discuss the need for faulttolerant real-time simulation in information fusion, and how this can be supported by the whiteboard infrastructure. There are many reasons to perform real-time simulations (including environment simulation) - the use of real hardware or systems can be prohibitively expensive or dangerous to people and equipment, or may simply not be available at all. The combination of real and simulated objects, or nodes, is of particular interest when it is prohibitively expensive, dangerous, or impossible to test sufficient numbers of collaborating nodes in a realistic application. The need for fault tolerance of such real-time simulations, with a mixture of real and simulated nodes, occurs because it is difficult/impossible to restart physical nodes or wait for restart of simulated nodes, if one or more simulation instances fail. The key problem when mixing real and simulated nodes is the occurrence of "external actions" that cannot easily be undone and redone when a failure has occurred. We describe a natural approach to support multiple degrees of fault tolerance in realtime simulations, based on optimistic synchronization on top of a whiteboard architecture. The whiteboard architecture is a natural and useful infrastructure metaphor for information fusion, an information-based exchange that allows real and simulated nodes to be freely mixed.
|
|
| 24. |
- Brohede, Marcus, et al.
(författare)
-
Optimistic database-driven distributed real-time simulation (05F-SIW-031)
- 2005
-
Ingår i: Fall 2005 Simulation Interoperability Workshop. - : Curran Associates, Inc.. - 9781622761401 ; , s. 223-228
-
Konferensbidrag (refereegranskat)abstract
- In this paper we present an optimistic synchronization protocol for distributed real-time simulations that uses a database as communication and storage mechanism. Each node in the simulation is also a database node and communication in the simulation is done by storing and reading to the database. The underlying replication protocol in the database then makes sure that all updates are propagated. The progress in the simulation is optimistic, i.e., each node tries to simulate as far ahead as possible without waiting for input from any other node. Since the simulations are said to be real-time we must guarantee that no events can be delivered too early nor too late. Also, recovery of a node must be done within predictable time due to the real-time constraints. Since all updates in the simulation are done through transactions we have a well-defined foundation for recovery and we show how the recovery can be done deterministically. For the simulation to function (and keep deadlines) during network partitions we allow local commits in the database. This requires that all data required on a specific node must be reachable from that node, i.e., no remote accesses should be needed. However, allowing local commits may introduce conflicting updates. These conflicts are detected and solved predictably
|
|
| 25. |
- Brohede, Marcus, et al.
(författare)
-
Using Distributed Active Real-Time Database Functionality in Information-Fusion Infrastructures
- 2005
-
Ingår i: RTiS 2005. - Skövde : Skövde University. - 9163173492 ; , s. 5-10
-
Konferensbidrag (övrigt vetenskapligt/konstnärligt)abstract
- We present a list of requirements that need to beaddressed by an infrastructure for information fusion whereapplications have real-time requirements. The requirements aregrouped into configuration requirements, temporal requirements,and robustness requirements. We show how the functionality ofa distributed active real-time database system (DARTDBS) canmeet many of the given requirements, and therefore, argue thatit is suitable for use in an information-fusion infrastructure withreal-time requirements. The design of a particular DARTDBS,the DeeDS architecture and prototype, is presented as proofof concept. A comparison with some alternative infrastructuresis briefly discussed. We describe a small distributed real-timesimulation experiment using DeeDS as infrastructure, and discussopen questions such as how to deal with uncertainty managementof information sources, recovery of information fusion nodes, andharmonizing data structures from different information sources.
|
|
| 26. |
- Colonese, Emilia, et al.
(författare)
-
Cyber Security for Middleware System Architectures
- 2014
-
Ingår i: Proceedings of the 9th International Conference on Cyber Warfare & Security. - : Academic Conferences Limited. - 9781909507050
-
Konferensbidrag (refereegranskat)
|
|
| 27. |
- Colonese, Emilia, et al.
(författare)
-
Cyber Security for Middleware System Architectures
- 2014
-
Ingår i: Proceedings of the 9Th International Conference on Cyber Warfare and Security (ICCWS-2014). - Reading : Academic Conferences Limited. - 9781909507111 - 9781632660626 - 9781909507050 ; , s. 361-365
-
Konferensbidrag (refereegranskat)abstract
- This work‐in‐progress paper presents a proposal on how to consider cyber security for the middleware system architecture. The text discusses the steps needed to incorporate cyber security aspects to the Interoperability Reference Model Architecture. The Interoperability Reference Model Architecture was chosen since it provides an effective communication process among components of distributed Real‐Time Systems. The process reduces architectural layers and the development effort due to the formalized reference model design. Also, it may be pointed that the decision for the selection of this framework benefits from a previous research in which the Interoperability Reference Model Architecture was applied in a Real‐Time System prototype to test and validate it. In this research, the focus will be the incorporation of cyber security aspects to Interoperability Reference Model Architecture.
|
|
| 28. |
- De Vin, Leo, et al.
(författare)
-
Information Fusion : What can the manufacturing sector learn from the defence industry?
- 2005
-
Ingår i: IMC 22: Challenges Facing Manufacturing. - Dublin : Institute of Technology, Tallaght. - 9780955121807 ; , s. 363-371
-
Konferensbidrag (refereegranskat)abstract
- This paper discusses information fusion including its nature as well as some models for information fusion. Research on information fusion is dominated by defence applications and therefore, most models to a certain extent are defence specific; it is explained how these can be made more generic by adapting them. It is explained how the manufacturing sector can benefit from information fusion research; some analogies between issues in manufacturing and issues in military applications are given. A specific area in which the manufacturing sector can benefit from research on information fusion is the area of virtual manufacturing. Many issues related to decision support through modelling, simulation and synthetic environments are identical for manufacturing and defence applications. A particular area of interest for the future will be verification, validation and accreditation of modelling and simulation components for synthetic environments with various involved parties.
|
|
| 29. |
- De Vin, Leo, et al.
(författare)
-
Information Fusion for Simulation Based Decision Support in Manufacturing
- 2006
-
Ingår i: Robotics and Computer-Integrated Manufacturing. - : Elsevier. - 0736-5845 .- 1879-2537. ; 22:5-6, s. 429-436
-
Tidskriftsartikel (refereegranskat)abstract
- Robust and informed decisions are important for the efficient and effective operation of installed production facilities. The paper discusses Information fusion (IF) including a generic model for IF, and situations for decision-making. The paper also discusses current and future use of manufacturing resource simulation for design/configuration, operational planning and scheduling, and service and maintenance of manufacturing systems. Many of these applications use IF in some way, as is explained in more detail for simulation based service and maintenance. An extension of the generic model for IF is presented which incorporates modeling and simulation, and active databases as used in a simulation based service and maintenance system at the authors’ laboratory
|
|
| 30. |
|
|
| 31. |
- Ding, Jianguo, et al.
(författare)
-
CPS-based Threat Modeling for Critical Infrastructure Protection
- 2017
-
Ingår i: Performance Evaluation Review. - : ACM Publications. - 0163-5999 .- 1557-9484. ; 45:2, s. 129-132
-
Tidskriftsartikel (refereegranskat)abstract
- Cyber-Physical Systems (CPSs) are augmenting traditionalCritical Infrastructures (CIs) with data-rich operations. Thisintegration creates complex interdependencies that exposeCIs and their components to new threats. A systematicapproach to threat modeling is necessary to assess CIs’ vulnerabilityto cyber, physical, or social attacks. We suggest anew threat modeling approach to systematically synthesizeknowledge about the safety management of complex CIs andsituational awareness that helps understanding the nature ofa threat and its potential cascading-effects implications.
|
|
| 32. |
- Ding, Jianguo, et al.
(författare)
-
Towards Threat Modeling for CPS-based Critical Infrastructure Protection
- 2015
-
Ingår i: Proceedings of the International Emergency Management Society (TIEMS), 22nd TIEMS Annual Conference. - Brussels : TIEMS, The International Emergency Management Society. - 9789490297138
-
Konferensbidrag (refereegranskat)abstract
- With the evolution of modern Critical Infrastructures (CI), more Cyber-Physical systems are integrated into the traditional CIs. This makes the CIs a multidimensional complex system, which is characterized by integrating cyber-physical systems into CI sectors (e.g., transportation, energy or food & agriculture). This integration creates complex interdependencies and dynamics among the system and its components. We suggest using a model with a multi-dimensional operational specification to allow detection of operational threats. Embedded (and distributed) information systems are critical parts of the CI where disruption can lead to serious consequences. Embedded information system protection is therefore crucial. As there are many different stakeholders of a CI, comprehensive protection must be viewed as a cross-sector activity to identify and monitor the critical elements, evaluate and determine the threat, and eliminate potential vulnerabilities in the CI. A systematic approach to threat modeling is necessary to support the CI threat and vulnerability assessment. We suggest a Threat Graph Model (TGM) to systematically model the complex CIs. Such modeling is expected to help the understanding of the nature of a threat and its impact on throughout the system. In order to handle threat cascading, the model must capture local vulnerabilities as well as how a threat might propagate to other components. The model can be used for improving the resilience of the CI by encouraging a design that enhances the system's ability to predict threats and mitigate their damages. This paper surveys and investigates the various threats and current approaches to threat modeling of CI. We suggest integrating both a vulnerability model and an attack model, and we incorporate the interdependencies within CI cross CI sectors. Finally, we present a multi-dimensional threat modeling approach for critical infrastructure protection.
|
|
| 33. |
- Ericsson, AnnMarie, 1972-
(författare)
-
Enabling Tool Support for Formal Analysis of ECA Rules
- 2009
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- Rule-based systems implemented as event-condition-action (ECA) rules utilize a powerful and flexible paradigm when it comes to specifying systems that need to react to complex situation in their environment. Rules can be specified to react to combinations of events occurring at any time in any order. However, the behavior of a rule based system is notoriously hard to analyze due to the rules ability to interact with each other.Formal methods are not utilized in their full potential for enhancing software quality in practice. We argue that seamless support in a high-level paradigm specific tool is a viable way to provide industrial system designers with powerful verification techniques. This thesis targets the issue of formally verifying that a set of specified rules behaves as indented.The prototype tool REX (Rule and Event eXplorer) is developed as a proof of concept of the results of this thesis. Rules and events are specified in REX which is acting as a rule-based front-end to the existing timed automata CASE tool UPPAAL. The rules, events and requirements of application design are specified in REX. To support formal verification, REX automatically transforms the specified rules to timed automata, queries the requirement properties in the model-checker provided by UPPAAL and returns results to the user of REX in terms of rules and events.The results of this thesis consist of guidelines for modeling and verifying rules in a timed automata model-checker and experiences from using and building a tool implementing the proposed guidelines. Moreover, the result of an industrial case study is presented, validating the ability to model and verify a system of industrial complexity using the proposed approach.
|
|
| 34. |
- Ericsson, Ann-marie, et al.
(författare)
-
Operator Patterns for Analysis of Composite Events in Timed Automata
- 2003
-
Ingår i: WIP Proceedings. ; , s. 1555-1558
-
Konferensbidrag (refereegranskat)abstract
- Abstract—Event-triggered real-time systems interact with the environment by executing actions in response to monitored events. Such systems may be implemented using event condition action (ECA) rules, which execute an action if the associated event occurs and a specified condition is true. However, the ECA rule paradigm is known to be hard to analyze with respect to correctness and timeliness, which is not conducive to the high predictability requirements typically associated with real-time systems. To still take advantage of the ECA rule paradigm when event-triggered real-time systems are developed, we propose an approach where systems are specified and analyzed in a high-level formal language (timed automata) and later transformed into the ECA rule paradigm. We especially focus on a high-level approach for specifying and analyzing composite event occurrences in timed automata.
|
|
| 35. |
- Eriksson, Anders, et al.
(författare)
-
Model transformation impact on test artifacts : An empirical study
- 2012
-
Ingår i: Proceedings of the Workshop on Model-Driven Engineering, Verification and Validation, MoDeVVa 2012. - New York, NY, USA : Association for Computing Machinery (ACM). - 9781450318013 ; , s. 5-10
-
Konferensbidrag (refereegranskat)abstract
- Development environments that support Model-Driven Development often focus on model-level functional testing, enabling verification of design models against their specifications. However, developers of safety-critical software systems are also required to show that tests cover the structure of the implementation. Unfortunately, the implementation structure can diverge from the model depending on choices such as the model compiler or target language. Therefore, structural coverage at the model level may not guarantee coverage of the implementation. We present results from an industrial experiment that demonstrates the model-compiler effect on test artifacts in xtUML models when these models are transformed into C++. Test artifacts, i.e., predicates and clauses, are used to satisfy the structural code coverage criterion, in this case MCDC, which is required by the US Federal Aviation Administration. The results of the experiment show not only that the implementation contains more test artifacts than the model, but also that the test artifacts can be deterministically enumerated during translation. The analysis identifies two major sources for these additional test artifacts. © 2012 ACM.
|
|
| 36. |
- Ferrari, Fabiano C., et al.
(författare)
-
On transforming model-based tests into code : A systematic literature review
- 2023
-
Ingår i: Software testing, verification & reliability. - : John Wiley & Sons. - 0960-0833 .- 1099-1689. ; 33:8
-
Forskningsöversikt (refereegranskat)abstract
- Model-based test design is increasingly being applied in practice and studied in research. Model-based testing (MBT) exploits abstract models of the software behaviour to generate abstract tests, which are then transformed into concrete tests ready to run on the code. Given that abstract tests are designed to cover models but are run on code (after transformation), the effectiveness of MBT is dependent on whether model coverage also ensures coverage of key functional code. In this article, we investigate how MBT approaches generate tests from model specifications and how the coverage of tests designed strictly based on the model translates to code coverage. We used snowballing to conduct a systematic literature review. We started with three primary studies, which we refer to as the initial seeds. At the end of our search iterations, we analysed 30 studies that helped answer our research questions. More specifically, this article characterizes how test sets generated at the model level are mapped and applied to the source code level, discusses how tests are generated from the model specifications, analyses how the test coverage of models relates to the test coverage of the code when the same test set is executed and identifies the technologies and software development tasks that are on focus in the selected studies. Finally, we identify common characteristics and limitations that impact the research and practice of MBT: (i) some studies did not fully describe how tools transform abstract tests into concrete tests, (ii) some studies overlooked the computational cost of model-based approaches and (iii) some studies found evidence that bears out a robust correlation between decision coverage at the model level and branch coverage at the code level. We also noted that most primary studies omitted essential details about the experiments.
|
|
| 37. |
- González-Hernández, Loreto, et al.
(författare)
-
Using Mutant Stubbornness to Create Minimal and Prioritized Test Sets
- 2018
-
Ingår i: 2018 IEEE International Conference on Software Quality, Reliability and Security (QRS). - : IEEE Computer Society. - 9781538677575 - 9781538677582 ; , s. 446-457
-
Konferensbidrag (refereegranskat)abstract
- In testing, engineers want to run the most useful tests early (prioritization). When tests are run hundreds or thousands of times, minimizing a test set can result in significant savings (minimization). This paper proposes a new analysis technique to address both the minimal test set and the test case prioritization problems. This paper precisely defines the concept of mutant stubbornness, which is the basis for our analysis technique. We empirically compare our technique with other test case minimization and prioritization techniques in terms of the size of the minimized test sets and how quickly mutants are killed. We used seven C language subjects from the Siemens Repository, specifically the test sets and the killing matrices from a previous study. We used 30 different orders for each set and ran every technique 100 times over each set. Results show that our analysis technique performed significantly better than prior techniques for creating minimal test sets and was able to establish new bounds for all cases. Also, our analysis technique killed mutants as fast or faster than prior techniques. These results indicate that our mutant stubbornness technique constructs test sets that are both minimal in size, and prioritized effectively, as well or better than other techniques.
|
|
| 38. |
- Grindal, Mats, et al.
(författare)
-
An Evaluation of Combination Strategies for Test Case Selection
- 2006
-
Ingår i: Empirical Software Engineering. - : Springer. - 1382-3256 .- 1573-7616. ; 11:4, s. 583-611
-
Tidskriftsartikel (refereegranskat)abstract
- This paper presents results from a comparative evaluation of five combination strategies. Combination strategies are test case selection methods that combine “interesting” values of the input parameters of a test subject to form test cases. This research comparatively evaluated five combination strategies; the All Combination strategy (AC), the Each Choice strategy (EC), the Base Choice strategy (BC), Orthogonal Arrays (OA) and the algorithm from the Automatic Efficient Test Generator (AETG). AC satisfies n-wise coverage, EC and BC satisfy 1-wise coverage, and OA and AETG satisfy pair-wise coverage. The All Combinations strategy was used as a “gold standard” strategy; it subsumes the others but is usually too expensive for practical use. The others were used in an experiment that used five programs seeded with 128 faults. The combination strategies were evaluated with respect to the number of test cases, the number of faults found, failure size, and number of decisions covered. The strategy that requires the least number of tests, Each Choice, found the smallest number of faults. Although the Base Choice strategy requires fewer test cases than Orthogonal Arrays and AETG, it found as many faults. Analysis also shows some properties of the combination strategies that appear significant. The two most important results are that the Each Choice strategy is unpredictable in terms of which faults will be revealed, possibly indicating that faults are found by chance, and that the Base Choice and the pair-wise combination strategies to some extent target different types of faults.
|
|
| 39. |
- Grindal, Mats, et al.
(författare)
-
An Evaluation of Combination Strategies for Test Case Selection
- 2003
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- In this report we present the results from a comparative evaluation of five combination strategies. Combination strategies are test case selection methods that combine interesting values of the input parameters of a test object to form test cases. One of the investigated combination strategies, namely the Each Choice strategy, satisfies 1-wise coverage, i.e., each interesting value of each parameter is represented at least once in the test suite. Two of the strategies, the Orthogonal Arrays and Heuristic Pair-Wise strategies both satisfy pair-wise coverage, i.e., every possible pair of interesting values of any two parameters are included in the test suite. The fourth combination strategy, the All Values strategy, generates all possible combinations of the interesting values of the input parameters. The fifth and last combination strategy, the Base Choice combination strategy, satisfies 1-wise coverage but in addition makes use of some semantic information to construct the test cases. Except for the All Values strategy, which is only used as a reference point with respect to the number of test cases, the combination strategies are evaluated and compared with respect to number of test cases, number of faults found, test suite failure density, and achieved decision coverage in an experiment comprising five programs, similar to Unix commands, seeded with 131 faults. As expected, the Each Choice strategy finds the smallest number of faults among the evaluated combination strategies. Surprisingly, the Base Choice strategy performs as well, in terms of detecting faults, as the pair-wise combination strategies, despite fewer test cases. Since the programs and faults in our experiment may not be representative of actual testing problems in an industrial setting, we cannot draw any general conclusions regarding the number of faults detected by the evaluated combination strategies. However, our analysis shows some properties of the combination strategies that appear significant in spite of the programs and faults not being representative. The two most important results are that the Each Choice strategy is unpredictable in terms of which faults will be detected, i.e., most faults found are found by chance, and that the Base Choice and the pair-wise combination strategies to some extent target different types of faults.
|
|
| 40. |
- Grindal, Mats, et al.
(författare)
-
Combination Testing Strategies : A Survey
- 2005
-
Ingår i: Software Testing, Verification, and Reliability. - : Wiley. - 0960-0833 .- 1099-1689. ; 15:3, s. 167-199
-
Tidskriftsartikel (refereegranskat)abstract
- Combination strategies are test case selection methods that identify test cases by combining values of the different test object input parameters based on some combinatorial strategy. This survey presents 16 different combination strategies, covering more than 40 papers that focus on one or several combination strategies. This collection represents most of the existing work performed on combination strategies. This survey describes the basic algorithms used by the combination strategies. Some properties of combination strategies, including coverage criteria and theoretical bounds on the size of test suites, are also included in this description. This survey paper also includes a subsumption hierarchy that attempts to relate the various coverage criteria associated with the identified combination strategies.
|
|
| 41. |
- Grindal, Mats
(författare)
-
Handling Combinatorial Explosion in Software Testing
- 2007
-
Doktorsavhandling (övrigt vetenskapligt/konstnärligt)abstract
- In this thesis, the overall conclusion is that combination strategies, (i.e., test case selection methods that manage the combinatorial explosion of possible things to test), can improve the software testing in most organizations. The research underlying this thesis emphasizes relevance by working in close relationship with industry.Input parameter models of test objects play a crucial role for combination strategies. These models consist of parameters with corresponding parameter values and represent the input space and possibly other properties, such as state, of the test object. Test case selection is then defined as the selection of combinations of parameter values from these models.This research describes a complete test process, adapted to combination strategies. Guidelines and step-by-step descriptions of the activities in process are included in the presentation. In particular, selection of suitable combination strategies, input parameter modeling and handling of conflicts in the input parameter models are addressed. It is also shown that several of the steps in the test process can be automated.The test process is validated through a set of experiments and case studies involving industrial testers as well as actual test problems as they occur in industry. In conjunction with the validation of the test process, aspects of applicability of the combination strategy test process (e.g., usability, scalability and performance) are studied. Identification and discussion of barriers for the introduction of the combination strategy test process in industrial projects are also included.This research also presents a comprehensive survey of existing combination strategies, complete with classifications and descriptions of their different properties. Further, this thesis contains a survey of the testing maturity of twelve software-producing organizations. The data indicate low test maturity in most of the investigated organizations. Test managers are often aware of this but have trouble improving. Combination strategies are suitable improvement enablers, due to their low introduction costs.
|
|
| 42. |
- Gustavsson, Sanny, et al.
(författare)
-
Continuous Consistency Management in Distributed Real-Time Databases with Multiple Writers of Replicated Data
- 2005
-
Ingår i: Proceedings. - : IEEE Computer Society. - 0769523129 - 9780769523125 ; , s. 137b-
-
Konferensbidrag (refereegranskat)abstract
- We introduce a continuous convergence protocol for handling locally committed and possibly conflicting updates to replicated data. The protocol supports local consistency and predictability while allowing replicas to deterministically diverge and converge as updates are committed and replicated. We discuss how applications may exploit the protocol characteristics and describe an implementation where conflicting updates are detected, qualified by a partial update order, and resolved using application-specific forward conflict resolution.
|
|
| 43. |
- Hassan, Mahdi Mohammad, 1977-, et al.
(författare)
-
Testability and Software Performance : A Systematic Mapping Study
- 2016
-
Ingår i: SAC '16. - New York, NY : Association for Computing Machinery (ACM). - 9781450337397 ; , s. 1566-1569
-
Konferensbidrag (refereegranskat)abstract
- In most of the research on software testability, functional correctness of the software has been the focus while the evidence regarding testability and non-functional properties such as performance is sporadic. The objective of this study is to present the current state-of-the-art related to issues of importance, types and domains of software under test, types of research, contribution types and design evaluation methods concerning testability and software performance. We find that observability, controllability and testing effort are the main testability issues while timeliness and response time (i.e., time constraints) are the main performance issues in focus. The primary studies in the area use diverse types of software under test within different domains, with realtime systems as being a dominant domain. The researchers have proposed many different methods in the area, however these methods lack implementation in practice.
|
|
| 44. |
- Hassan, Mahdi Mohammad, 1977-, et al.
(författare)
-
Testability and Software Robustness : A Systematic Literature Review
- 2015
-
Ingår i: 2015 41st Euromicro Conference on Software Engineering and Advanced Applications. - Funchal, Madeira, Portugal : IEEE. - 9781467375856 ; , s. 341-348
-
Konferensbidrag (refereegranskat)abstract
- The concept of software testability has been researched in several different dimensions, however the relation of this important concept with other quality attributes is a grey area where existing evidence is scattered. The objective of this study is to present a state-of-the-art with respect to issues of importance concerning software testability and an important quality attribute: software robustness. The objective is achieved by conducting a systematic literature review (SLR) on the topic. Our results show that a variety of testability issues are in focus with observability and controllability issues being most researched. Fault tolerance, exception handling and handling external influence are prominent robustness issues in focus.
|
|
| 45. |
- Jiang, Yuning, 1993-, et al.
(författare)
-
Complex Dependencies Analysis : Technical Description of Complex Dependencies in Critical Infrastructures, i.e. Smart Grids. Work Package 2.1 of the ELVIRA Project
- 2018
-
Rapport (övrigt vetenskapligt/konstnärligt)abstract
- This document reports a technical description of ELVIRA project results obtained as part of Work-package 2.1 entitled “Complex Dependencies Analysis”. In this technical report, we review attempts in recent researches where connections are regarded as influencing factors to IT systems monitoring critical infrastructure, based on which potential dependencies and resulting disturbances are identified and categorized. Each kind of dependence has been discussed based on our own entity based model. Among those dependencies, logical and functional connections have been analysed with more details on modelling and simulation techniques.
|
|
| 46. |
- Johansson, Ronnie, et al.
(författare)
-
On the Definition and Scope of Information Fusion as a Field of Research
- 2022
-
Ingår i: ISIF Perspectives on Information Fusion. - : International Society of Information Fusion (ISIF). - 2831-4824 .- 2831-4832. ; 5:1, s. 3-12
-
Tidskriftsartikel (refereegranskat)abstract
- A definition of information fusion (IF) as a field of research can benefit researchers within the field, who may use such a definition when motivating their own work and evaluating the contributions of others. Moreover, it can enable researchers and practitioners outside the field to more easily relate their own work to the field and more easily understand the scope of IF techniques and methods. Based on strengths and weaknesses of existing definitions, a definition is proposed that is argued to effectively fulfill the requirements that can be put on a definition of IF as a field of research. Although the proposed definition aims to be precise, it does not fully capture the richness and versatility of the IF field. To address that limitation, we highlight some topics to explore the scope of IF, covering the systems perspective of IF and its relation to ma-chine learning, optimization, robot behavior, opinion aggregation, and databases.
|
|
| 47. |
- Karlsson, Alexander, et al.
(författare)
-
An Empirical Comparison of Bayesian and Credal Combination Operators
- 2010
-
Ingår i: FUSION 2010. - : IEEE conference proceedings. - 9780982443811 ; , s. Article number 5711907-
-
Konferensbidrag (refereegranskat)abstract
- We are interested in whether or not representing and maintaining imprecision is beneficial when combining evidences from multiple sources. We perform two experiments that contain different levels of risk and where we measure the performance of the Bayesian and credal combination operators by using a simple score function that measures the informativeness of a reported decision set. We show that the Bayesian combination operator performed on centroids of operand credal sets outperforms the credal combination operator when no risk is involved in the decision problem. We also show that if a risk component is present in the decision problem, a simple cautious decision policy for the Bayesian combination operator can be constructed that outperforms the corresponding credal decision policy.
|
|
| 48. |
- Karlsson, Alexander, et al.
(författare)
-
An Empirical Comparison of Bayesian and Credal Networks for Dependable High-Level Information Fusion
- 2008
-
Ingår i: Proceedings of the 11th International Conference on Information Fusion. - : IEEE. - 9783000248832 - 9783800730926 ; , s. 1359-1366
-
Konferensbidrag (refereegranskat)abstract
- Bayesian networks are often proposed as a method for high-level information fusion. However, a Bayesian network relies on strong assumptions about the underlying probabilities. In many cases it is not realistic to require such precise probability assessments. We show that there exists a significant set of problems where credal networks outperform Bayesian networks, thus enabling more dependable decision making for this type of problems. A credal network is a graphical probabilistic method that utilizes sets of probability distributions, e.g., interval probabilities, for representation of belief. Such a representation allows one to properly express epistemic uncertainty, i.e., uncertainty that can be reduced if more information becomes available. Since reducing uncertainty has been proposed as one of the main goals of information fusion, the ability to represent epistemic uncertainty becomes an important aspect in all fusion applications.
|
|
| 49. |
- Karlsson, Alexander, et al.
(författare)
-
An Empirical Comparison of Bayesian and Credal Set Theory for Discrete State Estimation
- 2010
-
Ingår i: Information Processing and Management of Uncertainty in Knowledge-Based Systems. Theory and Methods. - Berlin, Heidelberg : Springer Berlin/Heidelberg. - 9783642140549 - 9783642140556 - 3642140548 ; , s. 80-89
-
Konferensbidrag (refereegranskat)abstract
- We are interested in whether or not there exist any advantages of utilizing credal set theory for the discrete state estimation problem. We present an experiment where we compare in total six different methods, three based on Bayesian theory and three on credal set theory. The results show that Bayesian updating performed on centroids of operand credal sets significantly outperforms the other methods. We analyze the result based on degree of imprecision, position of extreme points, and second-order distributions.
|
|
| 50. |
- Karlsson, Alexander, et al.
(författare)
-
Characterization and Empirical Evaluation of Bayesian and Credal Combination Operators
- 2011
-
Ingår i: Journal of Advances in Information Fusion. - : ISIF, International Society of Information Fusion. - 1557-6418. ; 6:2, s. 150-166
-
Tidskriftsartikel (refereegranskat)abstract
- We address the problem of combining independent evidences from multiple sources by utilizing the Bayesian and credal combination operators. We present measures for degree of conflict and imprecision, which we use in order to characterize the behavior of the operators through a number of examples. We introduce discounting operators that can be used whenever information about the reliability of sources is available. The credal discounting operator discounts a credal set with respect to an interval of reliability weights, hence, we allow for expressing reliability of sources imprecisely. We prove that the credal discounting operator can be computed by using the extreme points of its operands. We also perform two experiments containing different levels of risk where we compare the performance of the Bayesian and credal combination operators by using a simple score function that measures the informativeness of a reported decision set. We show that the Bayesian combination operator performed on centroids of operand credal sets outperforms the credal combination operator when no risk is involved in the decision problem. We also show that if a risk component is present in the decision problem, a simple cautious decision policy for the Bayesian combination operator can be constructed that outperforms the corresponding credal decision policy.
|
|
