Session 7: MBSA
Session chair: Jean-Marc Faure
10:30 - 12:30 Friday 6th September 2013 | |
10:30 | The AltaRica 3.0 Project for Model-Based Safety Assessment |
Authors: Tatiana Prosvirnova, Michel Batteux, Pierre-Antoine Brameret, Leïla Kloul, Abraham Cherfi, Thomas Friedlhuber, Antoine Rauzy | |
Abstract: The aim of this article is to present the AltaRica 3.0 project. "Traditional" risk modeling formalisms (e.g. Fault Trees, Markov Processes, etc.) are well mastered by safety analysts. Efficient assessment algorithms and tools are available. However, models designed with these formalisms are far from the specifications of the systems under study. They are consequently hard to design and to maintain throughout the life cycle of systems. The high-level modeling language AltaRica has been created to tackle this problem. The objective of the AltaRica 3.0 project is to design a new version of AltaRica and to develop a complete set of authoring and assessment tools for this new version of the language. AltaRica 3.0 improves significantly the expressive power of AltaRica Data-Flow without decreasing the efficiency of assessment algorithms. Prototypes of a compiler to Fault Trees, a compiler to Markov chains, a stochastic and a stepwise simulators have been already developed. Other tools are under specification or implementation. | |
11:00 | A methodology for qualitative/quantitative analysis of weighted attack trees |
Authors: A. Bobbio, Lavinia Egidi, Roberta Terruggia | |
Abstract: Attack and Defense Trees (ADT) constitute a formal modeling technique that has become dominant in recent years in the area of qualitative and quantitative cybersecurity analysis of ICT and digital control systems. A Weighted-ADT (WADT) is augmented with cost or impact attributes to evidence the most convenient attack sequence in term of investment budget and provoked damage and provide an indication on how to mitigate the located breaches by means of suitable countermeasures. The original analysis technique proposed in this paper, is based on the representation of a WADT by means of an extension of Binary Decision Diagrams (BDD), called Multi Terminal Binary Decision Diagrams (MTBDD). MTBDDs allow the modeler to evaluate the probability distribution function of the cost and impact related to any possible attack scenario. A running example illustrates the methodology. | |
11:30 | Engineering Conditional Safety Certificates for Open Adaptive Systems |
Authors: Daniel Schneider, Mario Trapp | |
Abstract: In recent years, we have witnessed a strong trend towards more openness and adaptivity in many application domains of computer-based systems. In this context, the assurance of a sufficient level of safety poses serious challenges because traditional engineering and assurance approaches are usually not applicable without further ado. In order to meet these challenges, we recently introduced a framework that enables runtime safety certification based on conditional safety certificates (ConSerts). Since the definition of ConSerts relies on an adequate safety engineering backbone, we now present an engineering approach for defining ConSerts based on established safety engineering processes and techniques. The presented approach has been evaluated in an industry project in form of a feasibility study in the agricultural domain. | |
12:00 | An Interdisciplinary Perspective to the Design and Development of Integral Safety Systems |
Authors: Christian Berger, Panagiotis Katsaros, Mahdi Bohlouli, Lefteris Angelis | |
Abstract: Next generation integral safety systems are expected to provide better protection against traffic accidents by interlinking sensors and actuators of active and passive safety. A series of advanced functions will be used to mitigate collisions and if they cannot be avoided they will at least reduce their severity. We explore the interplay between key technology areas towards a holistic approach in the design of integral safety systems. First, we refer to the main problems in the design of effective systems and the associated software engineering challenges. Recent advances in sensor data analytics are then explored and their integration with decision support for vehicle control is examined. Finally, we envision that rigorous design techniques are essential for achieving adequate performance and robustness of integral safety systems, but appropriate human-machine interaction models will have to be taken into account. |