Showing papers by "Roberto Nardone published in 2015"
TL;DR: A joint application of two model-driven techniques for physical and cyber-security evaluation, namely SecAM and CIP_VAM, are applied in combination to demonstrate synergy between both profiles and the need for their tighter integration in the context of a case study from the railway domain.
35 citations
06 Nov 2015
TL;DR: This paper presents an approach to systematically build Promela models with the aim of generating test cases within the system level testing process of railway control systems.
Abstract: This paper presents an approach to systematically build Promela models with the aim of generating test cases within the system level testing process of railway control systems. The paper focuses on the encoding of the system model, of the aspects related to the representation of possible execution environments and their interaction with the system. The input for building a Promela model of the system under test is a state machine based specification. Indeed, state machines are one of the most common notations used in industrial settings to model critical systems and allow for easily obtaining the Promela model of the system by applying a well structured transformational approach; furthermore, state-based formalism are also highly recommended by CENELEC norms to model railway control systems.
20 citations
01 Jan 2015
TL;DR: The approach is based on model-driven principles and uses both UML and Bayesian Networks to capture, analyse and optimise cloud deployment configurations and is extensible to the operational phases of the life-cycle.
Abstract: This paper proposes an approach to support cloud brokers finding optimal configurations in the deployment of dependability and security sensitive cloud applications. The approach is based on model-driven principles and uses both UML and Bayesian Networks to capture, analyse and optimise cloud deployment configurations. While the paper is most focused on the initial allocation phase, the approach is extensible to the operational phases of the life-cycle. In such a way, a continuous improvement of cloud applications may be realised by monitoring, enforcing and re-negotiating cloud resources following detected anomalies and failures.
18 citations
TL;DR: The results of a quantitative comparison of three different voting schemes based on Bayesian Networks are presented, showing that these models present a growing complexity and they are able to provide a trustworthiness estimation based on single nodes detection reliability in terms of false alarm probabilities.
7 citations
01 Jan 2015
TL;DR: The Model-Driven process developed within the METRIP project is presented, which supports the automatic generation of vulnerability analysis models and the instantiation of optimization model templates for the localization of the protection devices.
Abstract: Vulnerability of railway physical assets against adversary’s attacks is affected by a number of factors, hence the effectiveness of the physical security system in charge of protecting the potential targets is a crucial aspect in homeland security applications. This chapter addresses vulnerability modeling and analysis with a special focus on designing physical protection system for railways security. The Model-Driven process developed within the METRIP project is presented, which supports the automatic generation of vulnerability analysis models and the instantiation of optimization model templates for the localization of the protection devices. The steps and the aspects covered by the proposed process are described: the UML profile which has been developed to extend UML with protection and physical vulnerability concepts, the model transformations implementing the interface towards the optimization models and the automated generation of vulnerability models, as well as the mechanism to return the results to the designer. Finally, the overall process has been applied to a railway station from the METRIP case study.
5 citations
04 Nov 2015
TL;DR: This paper defines an automatic approach to evaluate the vulnerability of a provisioning network with respect the detection of a threat by means of the creation of a high level model of a network and the automatic generation of proper formal models.
Abstract: The optimal management of water resources is a key problem for the sustainable exploitation of ground and surface water sources. One of the key issues is the assurance of quality of the provided water with respect to the presence of pollutant substances or micro biotic. This paper defines an automatic approach to evaluate the vulnerability of a provisioning network with respect the detection of a threat. By means of the creation of a high level model of a network and the automatic generation of proper formal models, it is possible to detect: (1) the effect of such threat on all the network nodes and (2) the most probable location of the contamination source.
3 citations
01 Jan 2015
TL;DR: An approach for modelling clinical workflows based on Model-Driven principles is defined, which is supported by the Dynamic State Machine (DSTM) formalism, that is a well-formed graphical language able to represent state based systems.
Abstract: E-Health organisations have seen in these years a rapid growth in the complexity and criticality of the processes they manage. This paper defines an approach for modelling clinical workflows based on Model-Driven principles; in particular the modelling activity is supported by the Dynamic State Machine (DSTM) formalism, that is a well-formed graphical language able to represent state based systems. The main advantage of using such a language resides in obtaining formal models of clinical workflows (whose semantics is strong and precise), with an high level of usability. While the focus of the paper is clearly on modelling, the application of Model-Driven principles allows a tight integration between the control flow of the clinical processes and the information that can be extracted from informal documentation. The approach is shown by applying it to the case study of a real world treatment process of bipolar and mood disorders.