his.sePublikationer
Ändra sökning
Länk till posten
Permanent länk

Direktlänk
BETA
Alternativa namn
Publikationer (10 of 59) Visa alla publikationer
Jiang, Y., Ding, J., Atif, Y., Jeusfeld, M., Andler, S., Lindström, B., . . . Haglund, D. (2018). Complex Dependencies Analysis: Technical Description of Complex Dependencies in Critical Infrastructures, i.e. Smart Grids. Work Package 2.1 of the ELVIRA Project. Skövde: University of Skövde
Öppna denna publikation i ny flik eller fönster >>Complex Dependencies Analysis: Technical Description of Complex Dependencies in Critical Infrastructures, i.e. Smart Grids. Work Package 2.1 of the ELVIRA Project
Visa övriga...
2018 (Engelska)Rapport (Övrigt vetenskapligt)
Abstract [en]

This document reports a technical description of ELVIRA project results obtained as part of Work-package 2.1 entitled “Complex Dependencies Analysis”. In this technical report, we review attempts in recent researches where connections are regarded as influencing factors to  IT systems monitoring critical infrastructure, based on which potential dependencies and resulting disturbances are identified and categorized. Each kind of dependence has been discussed based on our own entity based model. Among those dependencies, logical and functional connections have been analysed with more details on modelling and simulation techniques.

Ort, förlag, år, upplaga, sidor
Skövde: University of Skövde, 2018. s. 22
Serie
IIT Technical Reports ; HS-IIT-TR-18-003
Nyckelord
Dependencies, Interdependencies, Modelling and Simulation, Influence Factors
Nationell ämneskategori
Data- och informationsvetenskap Inbäddad systemteknik
Forskningsämne
Distribuerade realtidssystem (DRTS); Informationssystem (IS)
Identifikatorer
urn:nbn:se:his:diva-15114 (URN)
Projekt
ELVIRA
Anmärkning

HS-IIT-TR-18-003 This is a technical report related to the ELVIRA project www.his.se/elvira

Tillgänglig från: 2018-05-02 Skapad: 2018-05-02 Senast uppdaterad: 2019-03-05Bibliografiskt granskad
Atif, Y., Jiang, Y., Jeusfeld, M. A., Ding, J., Lindström, B., Andler, S. F., . . . Lindström, B. (2018). Cyber-threat analysis for Cyber-Physical Systems: Technical report for Package 4, Activity 3 of ELVIRA project. Skövde: University of Skövde
Öppna denna publikation i ny flik eller fönster >>Cyber-threat analysis for Cyber-Physical Systems: Technical report for Package 4, Activity 3 of ELVIRA project
Visa övriga...
2018 (Engelska)Rapport (Övrigt vetenskapligt)
Abstract [en]

Smart grid employs ICT infrastructure and network connectivity to optimize efficiency and deliver new functionalities. This evolu- tion is associated with an increased risk for cybersecurity threats that may hamper smart grid operations. Power utility providers need tools for assessing risk of prevailing cyberthreats over ICT infrastructures. The need for frameworks to guide the develop- ment of these tools is essential to define and reveal vulnerability analysis indicators. We propose a data-driven approach for design- ing testbeds to evaluate the vulnerability of cyberphysical systems against cyberthreats. The proposed framework uses data reported from multiple components of cyberphysical system architecture layers, including physical, control, and cyber layers. At the phys- ical layer, we consider component inventory and related physi- cal flows. At the control level, we consider control data, such as SCADA data flows in industrial and critical infrastructure control systems. Finally, at the cyber layer level, we consider existing secu- rity and monitoring data from cyber-incident event management tools, which are increasingly embedded into the control fabrics of cyberphysical systems.

Ort, förlag, år, upplaga, sidor
Skövde: University of Skövde, 2018. s. 18
Serie
IIT Technical Reports ; HS-IIT-TR-18-004
Nyckelord
vulnerability analysis, cyber-threats, cyberphysical systems, clustering, multiagent systems
Nationell ämneskategori
Data- och informationsvetenskap
Forskningsämne
Distribuerade realtidssystem (DRTS); Informationssystem (IS)
Identifikatorer
urn:nbn:se:his:diva-16092 (URN)
Projekt
This research has been supported in part by the EU ISF Project A431.678/2016 ELVIRA (Threat modeling and resilience of critical infrastructures), coordinated by Polismyndigheten/Sweden
Anmärkning

I publikationen: HS-IIT-18-004

Tillgänglig från: 2018-08-29 Skapad: 2018-08-29 Senast uppdaterad: 2019-02-18Bibliografiskt granskad
Lindström, B., Offutt, J., González-Hernández, L. & Andler, S. F. (2018). Identifying Useful Mutants to Test Time Properties. In: 2018 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW): . Paper presented at 2018 IEEE 11th International Conference on Software Testing, Verification and Validation Workshops, 9–13 April 2018, Västerås, Sweden (pp. 69-76). IEEE Computer Society
Öppna denna publikation i ny flik eller fönster >>Identifying Useful Mutants to Test Time Properties
2018 (Engelska)Ingår i: 2018 IEEE International Conference on Software Testing, Verification and Validation Workshops (ICSTW), IEEE Computer Society, 2018, s. 69-76Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Real-time systems have to be verified and tested for timely behavior as well as functional behavior. Thus, time is an extra dimension that adds to the complexity of software testing. A timed automata model with a model-checker can be used to generate timed test traces. To properly test the timely behavior, the set of test traces should challenge the different time constraints in the model. This paper describes and adapts mutation operators that target such time constraints in timed automata models. Time mutation operators apply a delta to the time constraints to help testers design tests that exceed the time constraints. We suggest that the size of this delta determines how easy the mutant is to kill and that the optimal delta varies by the program, mutation operator, and the individual mutant. To avoid trivial and equivalent time mutants, the delta should be set individually for each mutant. We discuss mutant subsumption and define the problem of finding dominator mutants in this new domain. In this position paper, we outline an iterative tuning process where a statistical model-checker, UPPAAL SMC, is used to: (i) create a tuned set of dominator time mutants, and (ii) generate test traces that kill the mutants.

Ort, förlag, år, upplaga, sidor
IEEE Computer Society, 2018
Nyckelord
mutation testing, model-based testing, mutant subsumption, real-time systems, embedded systems
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Distribuerade realtidssystem (DRTS)
Identifikatorer
urn:nbn:se:his:diva-16049 (URN)10.1109/ICSTW.2018.00030 (DOI)2-s2.0-85050973857 (Scopus ID)978-1-5386-6352-3 (ISBN)978-1-5386-6353-0 (ISBN)
Konferens
2018 IEEE 11th International Conference on Software Testing, Verification and Validation Workshops, 9–13 April 2018, Västerås, Sweden
Projekt
TOCSYC
Forskningsfinansiär
KK-stiftelsen, 20130085
Tillgänglig från: 2018-08-13 Skapad: 2018-08-13 Senast uppdaterad: 2018-11-21Bibliografiskt granskad
Atif, Y., Jiang, Y., Lindström, B., Ding, J., Jeusfeld, M., Andler, S., . . . Haglund, D. (2018). Multi-agent Systems for Power Grid Monitoring: Technical report for Package 4.1 of ELVIRA project. Skövde: University of Skövde
Öppna denna publikation i ny flik eller fönster >>Multi-agent Systems for Power Grid Monitoring: Technical report for Package 4.1 of ELVIRA project
Visa övriga...
2018 (Engelska)Rapport (Övrigt vetenskapligt)
Abstract [en]

This document reports a technical description of ELVIRA project results obtained as part of Work- package 4.1 entitled “Multi-agent systems for power Grid monitoring”. ELVIRA project is a collaboration between researchers in School of IT at University of Skövde and Combitech Technical Consulting Company in Sweden, with the aim to design, develop and test a testbed simulator for critical infrastructures cybersecurity. This report outlines intelligent approaches that continuously analyze data flows generated by Supervisory Control And Data Acquisition (SCADA) systems, which monitor contemporary power grid infrastructures. However, cybersecurity threats and security mechanisms cannot be analyzed and tested on actual systems, and thus testbed simulators are necessary to assess vulnerabilities and evaluate the infrastructure resilience against cyberattacks. This report suggests an agent-based model to simulate SCADA- like cyber-components behaviour when facing cyber-infection in order to experiment and test intelligent mitigation mechanisms. 

Ort, förlag, år, upplaga, sidor
Skövde: University of Skövde, 2018. s. 16
Serie
IIT Technical Reports ; HS-IIT-TR-18-002
Nyckelord
Smart grid security, Agent model, Multi-agent system
Nationell ämneskategori
Data- och informationsvetenskap
Forskningsämne
Distribuerade realtidssystem (DRTS); Informationssystem (IS)
Identifikatorer
urn:nbn:se:his:diva-15111 (URN)
Projekt
Elvira project funded by EU Internal Security Fund (ISF) A431.678-2016
Anmärkning

HS-IIT-TR-18-002

Tillgänglig från: 2018-05-02 Skapad: 2018-05-02 Senast uppdaterad: 2019-03-05Bibliografiskt granskad
González-Hernández, L., Lindström, B., Offutt, J., Andler, S. F., Potena, P. & Bohlin, M. (2018). Using Mutant Stubbornness to Create Minimal and Prioritized Test Sets. In: 2018 IEEE International Conference on Software Quality, Reliability and Security (QRS): . Paper presented at 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security (QRS 2018), 16–20 July 2018, Lisbon, Portugal (pp. 446-457). IEEE Computer Society
Öppna denna publikation i ny flik eller fönster >>Using Mutant Stubbornness to Create Minimal and Prioritized Test Sets
Visa övriga...
2018 (Engelska)Ingår i: 2018 IEEE International Conference on Software Quality, Reliability and Security (QRS), IEEE Computer Society, 2018, s. 446-457Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

In testing, engineers want to run the most useful tests early (prioritization). When tests are run hundreds or thousands of times, minimizing a test set can result in significant savings (minimization). This paper proposes a new analysis technique to address both the minimal test set and the test case prioritization problems. This paper precisely defines the concept of mutant stubbornness, which is the basis for our analysis technique. We empirically compare our technique with other test case minimization and prioritization techniques in terms of the size of the minimized test sets and how quickly mutants are killed. We used seven C language subjects from the Siemens Repository, specifically the test sets and the killing matrices from a previous study. We used 30 different orders for each set and ran every technique 100 times over each set. Results show that our analysis technique performed significantly better than prior techniques for creating minimal test sets and was able to establish new bounds for all cases. Also, our analysis technique killed mutants as fast or faster than prior techniques. These results indicate that our mutant stubbornness technique constructs test sets that are both minimal in size, and prioritized effectively, as well or better than other techniques.

Ort, förlag, år, upplaga, sidor
IEEE Computer Society, 2018
Nyckelord
Test Case Minimization, Minimal Sets, Test Case Prioritization, Mutant Stubbornness
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Distribuerade realtidssystem (DRTS)
Identifikatorer
urn:nbn:se:his:diva-16050 (URN)10.1109/QRS.2018.00058 (DOI)2-s2.0-85052313827 (Scopus ID)978-1-5386-7757-5 (ISBN)978-1-5386-7758-2 (ISBN)
Konferens
2018 IEEE 18th International Conference on Software Quality, Reliability, and Security (QRS 2018), 16–20 July 2018, Lisbon, Portugal
Projekt
TOCSYC
Forskningsfinansiär
KK-stiftelsen, 20130085
Tillgänglig från: 2018-08-13 Skapad: 2018-08-13 Senast uppdaterad: 2018-11-26Bibliografiskt granskad
Ding, J., Atif, Y., Andler, S. F., Lindström, B. & Jeusfeld, M. (2017). CPS-based Threat Modeling for Critical Infrastructure Protection. Performance Evaluation Review, 45(2), 129-132
Öppna denna publikation i ny flik eller fönster >>CPS-based Threat Modeling for Critical Infrastructure Protection
Visa övriga...
2017 (Engelska)Ingår i: Performance Evaluation Review, ISSN 0163-5999, E-ISSN 1557-9484, Vol. 45, nr 2, s. 129-132Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

Cyber-Physical Systems (CPSs) are augmenting traditionalCritical Infrastructures (CIs) with data-rich operations. Thisintegration creates complex interdependencies that exposeCIs and their components to new threats. A systematicapproach to threat modeling is necessary to assess CIs’ vulnerabilityto cyber, physical, or social attacks. We suggest anew threat modeling approach to systematically synthesizeknowledge about the safety management of complex CIs andsituational awareness that helps understanding the nature ofa threat and its potential cascading-effects implications.

Ort, förlag, år, upplaga, sidor
ACM Publications, 2017
Nyckelord
CPS, threat modeling, Critical Infrastructure Protection
Nationell ämneskategori
Data- och informationsvetenskap
Forskningsämne
Distribuerade realtidssystem (DRTS); Informationssystem (IS); INF303 Informationssäkerhet
Identifikatorer
urn:nbn:se:his:diva-14245 (URN)10.1145/3152042.3152080 (DOI)2-s2.0-85041405430 (Scopus ID)
Projekt
EU ISF project: Elvira
Forskningsfinansiär
EU, Europeiska forskningsrådet
Tillgänglig från: 2017-10-23 Skapad: 2017-10-23 Senast uppdaterad: 2018-06-01Bibliografiskt granskad
Atif, Y., Ding, J., Lindström, B., Jeusfeld, M., Andler, S. F., Yuning, J., . . . Gustavsson, P. M. (2017). Cyber-Threat Intelligence Architecture for Smart-Grid Critical Infrastructures Protection. In: : . Paper presented at The International Conference on Critical Information Infrastructures Security, CRITIS 2017, Lucca, Italy, October 8-13, 2017.
Öppna denna publikation i ny flik eller fönster >>Cyber-Threat Intelligence Architecture for Smart-Grid Critical Infrastructures Protection
Visa övriga...
2017 (Engelska)Konferensbidrag, Poster (med eller utan abstract) (Refereegranskat)
Abstract [en]

Critical infrastructures (CIs) are becoming increasingly sophisticated with embedded cyber-physical systems (CPSs) that provide managerial automation and autonomic controls. Yet these advances expose CI components to new cyber-threats, leading to a chain of dysfunctionalities with catastrophic socio-economical implications. We propose a comprehensive architectural model to support the development of incident management tools that provide situation-awareness and cyber-threats intelligence for CI protection, with a special focus on smart-grid CI. The goal is to unleash forensic data from CPS-based CIs to perform some predictive analytics. In doing so, we use some AI (Artificial Intelligence) paradigms for both data collection, threat detection, and cascade-effects prediction. 

Nyckelord
critical infrastructures, cyber-threat, situation awareness, smart-grid, machine-learning, artificial intelligence, multi-agent systems
Nationell ämneskategori
Datavetenskap (datalogi) Inbäddad systemteknik Energisystem Fjärranalysteknik Infrastrukturteknik
Forskningsämne
Distribuerade realtidssystem (DRTS); Informationssystem (IS)
Identifikatorer
urn:nbn:se:his:diva-14516 (URN)
Konferens
The International Conference on Critical Information Infrastructures Security, CRITIS 2017, Lucca, Italy, October 8-13, 2017
Projekt
ELVIRA
Tillgänglig från: 2017-11-28 Skapad: 2017-11-28 Senast uppdaterad: 2018-02-01Bibliografiskt granskad
Lindström, B., Offutt, J., Sundmark, D., Andler, S. F. & Pettersson, P. (2017). Using mutation to design tests for aspect-oriented models. Information and Software Technology, 81, 112-130
Öppna denna publikation i ny flik eller fönster >>Using mutation to design tests for aspect-oriented models
Visa övriga...
2017 (Engelska)Ingår i: Information and Software Technology, ISSN 0950-5849, E-ISSN 1873-6025, Vol. 81, s. 112-130Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

Abstract Context: Testing for properties such as robustness or security is complicated because their concerns are often repeated in many locations and muddled with the normal code. Such “cross-cutting concerns” include things like interrupt events, exception handling, and security protocols. Aspect-oriented (AO) modeling allows developers to model the cross-cutting behavior independently of the normal behavior, thus supporting model-based testing of cross-cutting concerns. However, mutation operators defined for AO programs (source code) are usually not applicable to AO models (AOMs) and operators defined for models do not target the AO features. Objective: We present a method to design abstract tests at the aspect-oriented model level. We define mutation operators for aspect-oriented models and evaluate the generated mutants for an example system. Method: AOMs are mutated with novel operators that specifically target the AO modeling features. Test traces killing these mutant models are then generated. The generated and selected traces are abstract tests that can be transformed to concrete black-box tests and run on the implementation level, to evaluate the behavior of the woven cross-cutting concerns (combined aspect and base models). Results: This paper is a significant extension of our paper at Mutation 2015. We present a complete fault model, additional mutation operators, and a thorough analysis of the mutants generated for an example system. Conclusions: The analysis shows that some mutants are stillborn (syntactically illegal) but none is equivalent (exhibiting the same behavior as the original model). Additionally, our AOM-specific mutation operators can be combined with pre-existing operators to mutate code or models without any overlap.

Ort, förlag, år, upplaga, sidor
Elsevier, 2017
Nyckelord
Model-based testing, Aspect-oriented model, Mutation testing
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Distribuerade realtidssystem (DRTS)
Identifikatorer
urn:nbn:se:his:diva-12767 (URN)10.1016/j.infsof.2016.04.007 (DOI)000387634200009 ()2-s2.0-84963813590 (Scopus ID)
Tillgänglig från: 2016-08-09 Skapad: 2016-08-09 Senast uppdaterad: 2019-01-22Bibliografiskt granskad
Shah, S. M., Sundmark, D., Lindström, B. & Andler, S. F. (2016). Robustness Testing of Embedded Software Systems: An Industrial Interview Study. IEEE Access, 4, 1859-1871, Article ID 7438745.
Öppna denna publikation i ny flik eller fönster >>Robustness Testing of Embedded Software Systems: An Industrial Interview Study
2016 (Engelska)Ingår i: IEEE Access, E-ISSN 2169-3536, Vol. 4, s. 1859-1871, artikel-id 7438745Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

Embedded software is at the core of current and future telecommunication, automotive, multimedia, and industrial automation systems. The success of practically any industrial application depends on the embedded software system’s dependability, and one method to verify the dependability of a system is testing its robustness. The motivation behind this study is to provide a knowledge base of the state of the practice in robustness testing of embedded software systems and to compare this to the state of the art. We have gathered information on the state of the practice in robustness testing from seven different industrial domains (telecommunication, automotive, multimedia, critical infrastructure, aerospace, consumer products, and banking) by conducting thirteen semi-structured interviews. We investigate different aspects of robustness testing, such as the general view of robustness, relation to requirements engineering and design, test execution, failures, and tools. We highlight knowledge from the state of the practice of robustness testing of embedded software systems. We found different robustness testing practices that have not been previously described. Our study shows that the state of the practice, when it comes to robustness testing, differs between organizations and is quite different from the state of the art described in the scientific literature. For example, methods commonly described in the literature (e.g., the fuzzy approach) are not used in the organizations we studied. Instead, the interviewees described several ad-hoc approaches that take specific scenarios into account (e.g., power failure or overload). Other differences we found concern classification of robustness failures, the hypothesized root causes of robustness failures, and the types of tools used for robustness testing. The study is a first step in capturing the state of the practice of robustness testing of embedded software systems. The results can be used by both researchers and- practitioners. Researchers can use our findings to understand the gap between the state of the art and the state of the practice and develop their studies to fill this gap. Practitioners can also learn from this knowledge base regarding how they can improve their practice and acquire other practices.

Ort, förlag, år, upplaga, sidor
Institute of Electrical and Electronics Engineers (IEEE), 2016
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Distribuerade realtidssystem (DRTS)
Identifikatorer
urn:nbn:se:his:diva-12154 (URN)10.1109/ACCESS.2016.2544951 (DOI)000401699000001 ()2-s2.0-84979823446 (Scopus ID)
Tillgänglig från: 2016-04-18 Skapad: 2016-04-18 Senast uppdaterad: 2018-01-10Bibliografiskt granskad
Hassan, M. M., Afzal, W., Lindström, B., Shah, S. M. A., Andler, S. F. & Blom, M. (2016). Testability and Software Performance: A Systematic Mapping Study. In: : . Paper presented at the 31st ACM/SIGAPP Symposium on Applied Computing (SAC’16) (pp. 1566-1569).
Öppna denna publikation i ny flik eller fönster >>Testability and Software Performance: A Systematic Mapping Study
Visa övriga...
2016 (Engelska)Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

In most of the research on software testability, functional correctness of the software has been the focus while the evidence regarding testability and non-functional properties such as performance is sporadic. The objective of this study is to present the current state-of-the-art related to issues of importance, types and domains of software under test, types of research, contribution types and design evaluation methods concerning testability and software performance. We find that observability, controllability and testing effort are the main testability issues while timeliness and response time (i.e., time constraints) are the main performance issues in focus. The primary studies in the area use diverse types of software under test within different domains, with realtime systems as being a dominant domain. The researchers have proposed many different methods in the area, however these methods lack implementation in practice.

Nyckelord
Testability, Software performance, Systematic mapping study
Nationell ämneskategori
Datavetenskap (datalogi)
Forskningsämne
Distribuerade realtidssystem (DRTS)
Identifikatorer
urn:nbn:se:his:diva-12768 (URN)10.1145/2851613.2851978 (DOI)978-1-4503-3739-7 (ISBN)
Konferens
the 31st ACM/SIGAPP Symposium on Applied Computing (SAC’16)
Projekt
TOCSYC
Forskningsfinansiär
KK-stiftelsen, 20130085
Tillgänglig från: 2016-08-09 Skapad: 2016-08-09 Senast uppdaterad: 2019-01-22Bibliografiskt granskad
Organisationer
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0002-6662-9034

Sök vidare i DiVA

Visa alla publikationer