Paulo Sérgio Muniz Silva

Bio: Paulo Sérgio Muniz Silva is an academic researcher from University of São Paulo. The author has contributed to research in topics: Enterprise modelling & Model transformation. The author has an hindex of 5, co-authored 15 publications receiving 70 citations.

An Essential Textual Use Case Meta-model Based on an Analysis of Existing Proposals.

Abstract: Several studies have proposed meta-models for textual representations of use cases. Each of these meta-models has different goals and viewpoints, with either varying concepts and relationships or different semantics for the same concept. In Model-Driven Engineering approaches where there is no compatible proposal or a more appropriate viewpoint, or where there is no intention to limit the approach to a specific use case format, it might be difficult to choose between these proposals. Aiming at a generic textual representation, this paper presents a meta-model based on an analysis of 20 studies, chosen through a survey, that propose templates or meta-models. The more common elements of these studies are represented in a meta-model, together with their more frequent attributes. The goal is to create an essential and easily extendable meta-model that can be used directly in Model-Driven Engineering activities.

Transforming an enterprise model into a use case model using existing heuristics

Abstract: One of the key responsibilities of Requirements Engineering is to refine requirements into specifications. Although there are some approaches for requirements refinement, this task is usually executed manually. Based on Model-Driven Engineering concepts, this study proposes a semi-automatic transformation using an enterprise model as source and a use case model as target. The underlying hypothesis is that using an enterprise model as a source it is possible to represent both the requirements and the domain knowledge that are necessary to obtain specifications. Considering this hypothesis, this study discusses the proposed transformation and a set of heuristics - found in the analysis of existing studies - using an example, executed with support of a tool.

An Adaptive Framework for the Design of Software Specification Languages

Abstract: Software has been specified as domain theories. A useful strategy for building specifications is the incremental extension of an initial theory, in which increments add new terms and notions not considered in previous extensions. Given an increment, the corresponding theory is stated in a corresponding specification language. The next increment — or extension of the theory — typically requires a related language extension, which has been specified in a variety of ways, e.g. meta-computations, rewriting systems, etc. Adaptive devices naturally support such scheme, whose instances should reflect the impact of extension variations on the specification language. This paper describes an adaptive framework for the design of a class of software specification languages supporting the incremental process of elaborating software specifications.

SABOT: specification-based payload generation for programmable logic controllers

Abstract: Programmable Logic Controllers (PLCs) drive the behavior of industrial control systems according to uploaded programs. It is now known that PLCs are vulnerable to the uploading of malicious code that can have severe physical consequences. What is not understood is whether an adversary with no knowledge of the PLC's interface to the control system can execute a damaging, targeted, or stealthy attack against a control system using the PLC. In this paper, we present SABOT, a tool that automatically maps the control instructions in a PLC to an adversary-provided specification of the target control system's behavior. This mapping recovers sufficient semantics of the PLC's internal layout to instantiate arbitrary malicious controller code. This lowers the prerequisite knowledge needed to tailor an attack to a control system. SABOT uses an incremental model checking algorithm to map a few plant devices at a time, until a mapping is found for all adversary-specified devices. At this point, a malicious payload can be compiled and uploaded to the PLC. Our evaluation shows that SABOT correctly compiles payloads for all tested control systems when the adversary correctly specifies full system behavior, and for 4 out of 5 systems in most cases where there where unspecified features. Furthermore, SABOT completed all analyses in under 2 minutes.

On dynamic malware payloads aimed at programmable logic controllers

Abstract: With the discovery of the Stuxnet attack, increasing attention is being paid to the potential for malware to target Programmable Logic Controllers (PLCs) Despite much speculation about threats from PLC malware, the popular opinion is that automated attacks against PLCs are not practical without having a priori knowledge of the target physical process In this paper, we explore the problem of designing PLC malware that can generate a dynamic payload based on observations of the process taken from inside the control system This significantly lowers the bar for attacks against PLCs We evaluate how PLC malware may infer the structure of the physical plant and how it can use this information to construct a dynamic payload to achieve an adversary's end goal We find that at the very least, a dynamic payload can be constructed that causes unsafe behavior for an arbitrary process definition

Eight Maximal Tractable Subclasses of Allen's Algebra with Metric Time

Abstract: This paper combines two important directions of research in temporal resoning: that of finding maximal tractable subclasses of Allen's interval algebra, and that of reasoning with metric temporal information. Eight new maximal tractable subclasses of Allen's interval algebra are presented, some of them subsuming previously reported tractable algebras. The algebras allow for metric temporal constraints on interval starting or ending points, using the recent framework of Horn DLRs. Two of the algebras can express the notion of sequentiality between intervals, being the first such algebras admitting both qualitative and metric time.

Early Fault Detection Tools.

Abstract: The traditional software development cycle relies mostly on informal methods to capture design errors in its initial phases, and on more rigorous testing methods during the later phases. It is well understood, though, that those bugs that slip through the early design phases tend to cause the most damage to a design. The anomaly of traditional design is therefore that it excels at catching bugs at the worst possible point in a design cycle: at the end.