Quantitative Risk Assessment in the Design of Resilient Systems ?

Deploying fault detection, isolation and recovery (FDIR) subsystems is an accepted solution to address the occurrence of faults and failures in safety-critical (real-time) systems. Yet, these FDIR subsystems should be devised only for those faults that falsify the system’s requirements. As a consequence, the obtained system is minimal, although complete, and robust both with respect to safety and performance requirements. In this paper we propose a two-fold systematic and mechanized approach based on formal methods combining (1) the evaluation of faults relevance based on quantitative risk assessment, and (2) the validation of system robustness by statistical model checking. We apply this approach on an excerpt of a real-life autonomous robotics case study, and we report on the implementation and results obtained with the SBIP framework.

[1]  Axel Legay,et al.  S BIP 2.0: Statistical Model Checking Stochastic Real-Time Systems , 2018, ATVA.

[2]  H. Kahn,et al.  Methods of Reducing Sample Size in Monte Carlo Computations , 1953, Oper. Res..

[3]  Marco Bozzano,et al.  An Integrated Process for FDIR Design in Aerospace , 2014, IMBSA.

[4]  Håkan L. S. Younes,et al.  Verification and planning for stochastic processes with asynchronous events , 2004 .

[5]  A. Wander,et al.  Innovative Fault Detection, Isolation and Recovery Strategies On-Board Spacecraft: State of the Art and Research Challenges , 2013 .

[6]  Kevin Jones,et al.  A review of cyber security risk assessment methods for SCADA systems , 2016, Comput. Secur..

[7]  Klaus-Dieter Thoben,et al.  Security framework for industrial collaborative robotic cyber-physical systems , 2018, Comput. Ind..

[8]  Marco Bozzano,et al.  The xSAP Safety Analysis Platform , 2016, TACAS.

[9]  Antoine Rauzy,et al.  The AltaRica 3.0 project for model-based safety assessment , 2013, 2013 11th IEEE International Conference on Industrial Informatics (INDIN).

[10]  Axel Legay,et al.  Mitigating Security Risks Through Attack Strategies Exploration , 2018, ISoLA.

[11]  Mark Yim,et al.  Computer-Aided Compositional Design and Verification for Modular Robots , 2015, ISRR.

[12]  Lavindra de Silva,et al.  Rigorous design of robot software: A formal component-based approach , 2012, Robotics Auton. Syst..

[13]  Cyrille Jégourel,et al.  Importance Splitting for Statistical Model Checking Rare Properties , 2013, CAV.

[14]  Enrico Zio,et al.  The future of risk assessment , 2018, Reliab. Eng. Syst. Saf..

[15]  Kim G. Larsen,et al.  Uppaal SMC tutorial , 2015, International Journal on Software Tools for Technology Transfer.

[16]  Axel Legay,et al.  A Formal Approach for Incremental Construction with an Application to Autonomous Robotic Systems , 2011, SC@TOOLS.

[17]  Silvano Dal-Zilio,et al.  Formal Verification of Complex Robotic Systems on Resource-Constrained Platforms , 2018, 2018 IEEE/ACM 6th International FME Workshop on Formal Methods in Software Engineering (FormaliSE).

[18]  Simon Iosti,et al.  Designing Systems with Detection and Reconfiguration Capabilities: A Formal Approach , 2018, ISoLA.

[19]  Vidyadhar G. Kulkarni,et al.  Introduction to modeling and analysis of stochastic systems , 2011 .

[20]  Enrico Zio,et al.  An Introduction to the Basics of Reliability and Risk Analysis , 2007 .

[21]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[22]  André Platzer,et al.  Formal verification of obstacle avoidance and navigation of ground robots , 2016, Int. J. Robotics Res..

[23]  Axel Legay,et al.  Verification of an AFDX Infrastructure Using Simulations and Probabilities , 2010, RV.

[24]  Dong Seong Kim,et al.  Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees , 2012, Secur. Commun. Networks.

[25]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.

[26]  Masoud Soroush,et al.  Dynamic risk analysis using alarm databases to improve process safety and product quality: Part II—Bayesian analysis , 2012 .

[27]  Thomas A. Henzinger,et al.  Real-Time Logics: Complexity and Expressiveness , 1993, Inf. Comput..

[28]  Mark Woods,et al.  The ERGO framework and its use in planetary/orbital scenarios , 2018 .

[29]  Axel Legay,et al.  Stochastic modeling and performance analysis of multimedia SoCs , 2013, 2013 International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation (SAMOS).

[30]  Qusay H. Mahmoud,et al.  Cyber physical systems security: Analysis, challenges and solutions , 2017, Comput. Secur..

[31]  Axel Legay,et al.  Statistical Abstraction and Model-Checking of Large Heterogeneous Systems , 2010 .

[32]  Thomas Hérault,et al.  Approximate Probabilistic Model Checking , 2004, VMCAI.

[33]  Jérôme Hugues,et al.  ESROCOS: A ROBOTIC OPERATING SYSTEM FOR SPACE AND TERRESTRIAL APPLICATIONS , 2017, ICRA 2017.

[34]  Axel Legay,et al.  Performance evaluation of stochastic real-time systems with the SBIP framework , 2018, Int. J. Crit. Comput. Based Syst..

[35]  Christel Baier,et al.  Principles of Model Checking (Representation and Mind Series) , 2008 .

[36]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[37]  Sanjit A. Seshia,et al.  Programming Safe Robotics Systems: Challenges and Advances , 2018, ISoLA.

[38]  Kim G. Larsen,et al.  Statistical model checking for biological systems , 2015, International Journal on Software Tools for Technology Transfer.