DEPENDABILITY ANALYSIS (towards Networked Information Systems) Ester Ciancamerla, Michele Minichino ENEA {ciancamerlae, In.

Slides:

Advertisements

Similar presentations

Synthesis of Protocol Converter Using Timed Petri-Nets Anh Dang Balaji Krishnamoorthy Manoj Iyer Presented by:

Advertisements

Information Society Technologies programme 1 IST Programme - 8th Call Area IV.2 : Computing Communications and Networks Area.

Modeling and Simulation By Lecturer: Nada Ahmed. Introduction to simulation and Modeling.

2009 – E. Félix Security DSL Toward model-based security engineering: developing a security analysis DSML Véronique Normand, Edith Félix, Thales Research.

Timed Automata.

Modeling Malware Spreading Dynamics Michele Garetto (Politecnico di Torino – Italy) Weibo Gong (University of Massachusetts – Amherst – MA) Don Towsley.

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

1 A class of Generalized Stochastic Petri Nets for the performance Evaluation of Mulitprocessor Systems By M. Almone, G. Conte Presented by Yinglei Song.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

CS 795 – Spring  “Software Systems are increasingly Situated in dynamic, mission critical settings ◦ Operational profile is dynamic, and depends.

Overview This project applies the tagged-signal model to explain the semantics of piecewise continuous signals. Then it illustrates an operational way.

Fault-Tolerant Real-Time Networks Tom Henzinger UC Berkeley MURI Kick-off Workshop Berkeley, May 2000.

Petri net modeling of biological networks Claudine Chaouiya.

Systems Engineering for Automating V&V of Dependable Systems John S. Baras Institute for Systems Research University of Maryland College Park

Discrete Abstractions of Hybrid Systems Rajeev Alur, Thomas A. Henzinger, Gerardo Lafferriere and George J. Pappas.

Hidden Markov Models Pairwise Alignments. Hidden Markov Models Finite state automata with multiple states as a convenient description of complex dynamic.

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

1 Formal Models for Distributed Negotiations Description Roberto Bruni Dipartimento di Informatica Università di Pisa XVII Escuela de Ciencias Informaticas.

Bridging the gap between Interaction- and Process-Oriented Choreographies Talk by Ivan Lanese Joint work with Claudio Guidi, Fabrizio Montesi and Gianluigi.

1 SWE Introduction to Software Engineering Lecture 5.

Probabilistic Verification of Discrete Event Systems Håkan L. S. Younes.

Modelling with Coloured Petri Nets Søren Christensen Department of Computer Science University of Aarhus.

1 Ivan Lanese Computer Science Department University of Bologna Italy Concurrent and located synchronizations in π-calculus.

1 Modeling and Simulating Networking Systems with Markov Processes Tools and Methods of Wide Applicability ? Jean-Yves Le Boudec

Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR ESM'2009, October 26-28, 2009, Holiday Inn Leicester, Leicester, United Kingdom.

Unyfing Methods for DEPENDABILITY ANALYSIS of Networked Information Systems for Critical Infrastructures Ester Ciancamerla, Michele Minichino ENEA {ciancamerlae,

IE 594 : Research Methodology – Discrete Event Simulation David S. Kim Spring 2009.

02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.

Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR.

Cheng/Dillon-Software Engineering: Formal Methods Model Checking.

Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.

UML - Development Process 1 Software Development Process Using UML (2)

VTT-STUK assessment method for safety evaluation of safety-critical computer based systems - application in BE-SECBS project.

ACPN2010, Rostock, September 22nd Advanced solution methods for Stochastic Petri Nets Prof.ssa Susanna Donatelli Universita’ di Torino, Italy

Pisa, 11/25/2002Susanna Donatelli1 Modelling process and heterogeneous model construction Susanna Donatelli Modelling and evaluation groups.

Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.

RESEARCH METHODOLOGY. WHAT IS RESEARCH METHODOLOGY?  In this section, the researcher must state the type of research, its meaning, and how it is applicable.

POLITECNICO DI MILANO Reconfiguration 4 Reliability design methodology for reliability assessment and enhancement of FPGA-based systems Dynamic Reconfigurability.

Communication Networks (Kommunikationsnetværk) Specialisations: Distributed Application Engineering Network Planning & Management Ole Brun Madsen Professor.

Framework for the Development and Testing of Dependable and Safety-Critical Systems IKTA 065/ Supported by the Information and Communication.

ENM 503 Lesson 1 – Methods and Models The why’s, how’s, and what’s of mathematical modeling A model is a representation in mathematical terms of some real.

1 Hybrid-Formal Coverage Convergence Dan Benua Synopsys Verification Group January 18, 2010.

Pisa, 11/25/2002Susanna Donatelli1 Heterogeneous model construction Susanna Donatelli Modelling and evaluation groups of the Dipartimento.

Lyra – A service-oriented and component-based method for the development of communicating systems (by Sari Leppänen, Nokia/NRC) Traditionally, the design,

ECE 466/658: Performance Evaluation and Simulation Introduction Instructor: Christos Panayiotou.

Generalized stochastic Petri nets (GSPN)

Software Safety Case Why, what and how… Jon Arvid Børretzen.

Requirements Engineering-Based Conceptual Modelling From: Requirements Engineering E. Insfran, O. Pastor and R. Wieringa Presented by Chin-Yi Tsai.

Improving Dependability in Service Oriented Architectures using Ontologies and Fault Injection Binka Gwynne Jie Xu School of Computing University of Leeds.

Toulouse, September 2003 Page 1 JOURNEE ALTARICA Airbus ESACS  ISAAC.

CSCI 4310 Lecture 2: Search. Search Techniques Search is Fundamental to Many AI Techniques.

Monte-Carlo based Expertise A powerful Tool for System Evaluation & Optimization  Introduction  Features  System Performance.

Analysis Yaodong Bi. Introduction to Analysis Purposes of Analysis – Resolve issues related to interference, concurrency, and conflicts among use cases.

Properties as Processes : FORTE slide Properties as Processes: their Specification and Verification Joel Kelso and George Milne School of Computer.

A Structured Solution Approach for Markov Regenerative Processes Elvio G. Amparore 1, Peter Buchholz 2, Susanna Donatelli 1 1 Dipartimento di Informatica,

WP5: Dynamic Analysis Presented by Pierpaolo Degano Dipartimento di Informatica Università di Pisa at the Final review of DEGAS, 6 April 2005.

Decisive Themes, July, JL-1 ARTEMIS Decisive Theme for Integrasys Pedro A. Ruiz Integrasys July, 2011.

10.Deterministic Randomness 1.Random Sequences Random Sequences A sequence of numbers r 1, r 2,... is random if there are no discernible patterns.

PRA: Validation versus Participation in Risk Analysis PRA as a Risk Informed Decision Making Tool Richard T. Banke– SAIC

WP3: D3.1 status, pending comments and next steps

Graph Coverage for Specifications CS 4501 / 6501 Software Testing

What contribution can automated reasoning make to e-Science?

Gabor Madl Ph.D. Candidate, UC Irvine Advisor: Nikil Dutt

The Extensible Tool-chain for Evaluation of Architectural Models

Towards Next Generation Panel at SAINT 2002

Internet of Things A Process Calculus Approach

Discrete-Event System Simulation

Graph Coverage for Specifications CS 4501 / 6501 Software Testing

Discrete Controller Synthesis

Intelligent Systems (AI-2) Computer Science cpsc422, Lecture 7

Presentation transcript:

DEPENDABILITY ANALYSIS (towards Networked Information Systems) Ester Ciancamerla, Michele Minichino ENEA {ciancamerlae, In cooperation with Università del Piemonte Orientale, Università di Roma - La Sapienza NoE DeFINE – November 26, – Pisa - Italy

Understanding and characterising NIS On technological pushing real time and safety functions are moving from embedded isolated systems to systems based on telecommunication networks (even public, wireless and mobile) – impact of intrusion on safety and timeliness denial of service –logical faults and cascading failures –links with internet world –reconfiguration on external/internal events –…..

Modelling methods for dependability analysis Current modelling methods are not adeguate for NIS dependability analysis

Dependability analysis of NIS –a General Procedure to derive a Conceptual Model to capture into a single framework all dependability facets of NIS (by using an appropriate case study) (from top to down) –trying to unify the stochastic and functional analysis so that a same model could feed a stochastic analyser for performance evaluation a functional analyser for model checking (from bottom to up) –with the aim to reduce the gap between: The modelling power required for NIS and the actual modelling power of current tools for dependability analysis design and evaluation tools

Conceptual model Conceptual model refine existing design models in order to enable effective dependability analysis. help in deriving the NIS scope and operational concept, and explain how NIS functions are allocated to systems/subsystems/components, who is at the risk from the NIS, and how the environment might be affected by NIS internal events. which are the chains of cause and effect of failures/intrusions of the NIS and its recovery behaviour.

From bottom to up unifying stochastic and functional analysis Dependability modeling and analysis, even at layer of digital embedded systems, is actually dominated by two main lines:  functional analysis based on the description of the system in terms of discrete/continuous state automata (whose goal is to ascertain for conformity and reachability properties);  stochastic analysis (whose aim is to provide performance and dependability measures).

Modelling dilemmas There are two main dilemmas: 1. stochastic versus timed ; In stochastic models the timing of events is represented by means of random variables. The obtainable measures are: mean values and distributions In timed models the timing of events is represented by constant values or (non-deterministic) intervals. The obtainable measures are reachability properties and computer aided verification via model checking

Stochastic models explore the possibility of defining a chain of models of increasing semantical complexity: –from combinatorial models (e.g Fault Tree) –to models with localized dependencies (e.g. dynamic FT or Bayesian Networks) –to models based on the state space (Markov models and Petri nets). provide automatic translation algorithms for converting one model into a model of higher semantical complexity

 In discrete models the state space is discrete. The dynamic evolution of the system in time is represented as a sequence of transitions among discrete states.  Hybrid models contain discrete as well as continuous variables in the same model. Typical examples are discrete controllers that control continuous variables 2. discrete versus continuous (or hybrid). Modelling dilemmas

The unified heterogeneous model An unified view between formal methods and stochastic methods able to combine, in the same framework: - stochastic and deterministic timing; - discrete and continuous (hybrid) variables and used to feed: - a functional analyser for model checking - a stochastic analyzer for performance evaluation.

Final goal  A complete modelling coverage, moving from top to down abstraction layers of NIS, made of a Conceptual Model which feed a set of Heterogenous Models  The aim is  to partially overcame the inadeguacy of the modelling power of current tools to afford the modelling power required for NIS dependability analysis  and to reduce the gap between current design and evaluation tools

Moreover To implement a pilot version of computerised tools to partially support the proposed methodology for the unified heterogenous modelling To set up appropriate experiments on the Case Study, so that experimental data could be gathered and used as evidence for partially validating the models.