lnu.sePublications
Change search
Refine search result
12 1 - 50 of 64
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Abbaneo, Chiara
    et al.
    Ansaldo STS, Italy.
    Flammini, Francesco
    Ansaldo STS, Italy ; University of Naples ”Federico II”, Italy.
    Lazzaro, Armando
    Ansaldo STS, Italy.
    Marmo, Pietro
    Ansaldo STS, Italy.
    Mazzocca, Nicola
    Université “Federico II” di Napoli, Italy.
    Sanseviero, Angela
    Ansaldo STS, Italy.
    UML based reverse engineering for the verification of railway control logics2007In: Proceedings of International Conference on Dependability of Computer Systems, DepCoS-RELCOMEX 2006, IEEE, 2007, p. 3-10Conference paper (Refereed)
    Abstract [en]

    The Unified Modeling Language (UML) is widely used as a high level object oriented specification language. In this paper we present a novel approach in which reverse engineering is performed using UML as the modelling language used to achieve a representation of the implemented system. The target is the core logic of a complex critical railway control system, which was written in an application specific legacy language. UML perfectly suited to represent the nature of the core logic, made up by concurrent and interacting processes, using a bottom-up approach and proper modeling rules. Each process, in fact, was strictly related to the management of a physically (resp. logically) well distinguished railway device (resp. functionality). The obtained model deeply facilitated the static analysis of the logic code, allowing for at a glance verification of correctness and compliance with higher-level specifications, and opened the way to refactoring and other formal analyses. © 2006 IEEE.

  • 2.
    Aissani, D.
    et al.
    University of Bejaia, Algeria.
    Flammini, Francesco
    University of Maryland University College (UMUC) Europe, Germany.
    Editorial2017In: International Journal of Critical Computer-Based Systems, ISSN 1757-8779, E-ISSN 1757-8787, Vol. 7, no 1, p. 1-3Article in journal (Refereed)
  • 3.
    Bergman, Johannes
    et al.
    Linnaeus University, Faculty of Technology, Department of Computer Science.
    Torsson, Markus
    Linnaeus University, Faculty of Technology, Department of Computer Science.
    Migrering till Linux för inbyggda system: En förstudie gjord på företag Low VisionInternational2017Independent thesis Basic level (university diploma), 10 credits / 15 HE creditsStudent thesis
    Abstract [sv]

    Användningen av Linux i inbyggda system fortsätter att öka för varje år.

    Öppen källkod och nya verktyg för utvecklandet av Linux för inbyggda

    system har inte bara gjort Linux till ett kostnadseffektivt val, utan även ett

    tidseffektivt val. Målet med den här undersökningen har varit att åt LVI

    undersöka en möjlig migration av operativsystem i deras inbäddade system

    från Windows XP Embedded till ett inbyggt Linuxbaserat operativsystem för

    ARM-processorer med stöd för OCR-behandling. Linux och öppen källkod

    till inbyggda system för med sig en hel del fördelar. Några av dessa

    inkluderar låg kostnad, full kontroll över ditt inbyggda system samt

    möjligheten att testa och utvärdera mjukvara helt gratis. För att komma fram

    till ett resultat har vi undersökt vilka alternativ som finns och om det finns

    stöd för de funktioner som LVI använder sig av. Resultatet av den här

    undersökningen är en redovisning av de val man står inför och vad som kan

    lämpa sig bäst för LVI. Vi har främst undersökt Yocto Project och Buildroot i

    denna undersökning och anser att Yocto Project är ett bra val för LVI. Två

    enklare applikationer har även skrivits där bildhantering och maskinläsning

    uppvisas. Applikationerna har utvecklats i C++ med hjälp av OpenCV och

    Tesseract-ocr.

  • 4.
    Bernardi, S.
    et al.
    Centro Universitario de la Defensa Academia General Militar, Spain.
    Flammini, Francesco
    AnsaldoSTS, Business Innovation Unit, Italy.
    Marrone, S.
    Seconda Università di Napoli, Italy.
    Mazzocca, N.
    Università di Napoli “Federico II”, Italy.
    Merseguer, J.
    Universidad de Zaragoza, Spain.
    Nardone, R.
    Università di Napoli “Federico II”, Italy.
    Vittorini, V.
    Università di Napoli “Federico II”, Italy.
    Enabling the usage of UML in the verification of railway systems: The DAM-rail approach2013In: Reliability Engineering & System Safety, ISSN 0951-8320, E-ISSN 1879-0836, Vol. 120, p. 112-126Article in journal (Refereed)
    Abstract [en]

    The need for integration of model-based verification into industrial processes has produced several attempts to define Model-Driven solutions implementing a unifying approach to system development. A recent trend is to implement tool chains supporting the developer both in the design phase and V&V activities. In this Model-Driven context, specific domains require proper modelling approaches, especially for what concerns RAM (Reliability, Availability, Maintainability) analysis and fulfillment of international standards. This paper specifically addresses the definition of a Model-Driven approach for the evaluation of RAM attributes in railway applications to automatically generate formal models. For this aim we extend the MARTE-DAM UML profile with concepts related to maintenance aspects and service degradation, and show that the MARTE-DAM framework can be successfully specialized for the railway domain. Model transformations are then defined to generate Repairable Fault Tree and Bayesian Network models from MARTE-DAM specifications. The whole process is applied to the railway domain in two different availability studies. © 2013 Elsevier Ltd.

  • 5.
    Bernardi, Simona
    et al.
    Academia General Militar, Spain.
    Flammini, Francesco
    AnsaldoSTS, Italy.
    Marrone, Stefano
    Seconda Università di Napoli, Italy.
    Merseguer, José
    Universidad de Zaragoza, Spain.
    Papa, Camilla
    Università di Napoli “Federico II”, Italy.
    Vittorini, Valeria
    Università di Napoli “Federico II”, Italy.
    Model-driven availability evaluation of railway control systems2011In: Computer Safety, Reliability, and Security. SAFECOMP 2011, Springer, 2011, p. 15-28Conference paper (Refereed)
    Abstract [en]

    Maintenance of real-world systems is a complex task involving several actors, procedures and technologies. Proper approaches are needed in order to evaluate the impact of different maintenance policies considering cost/benefit factors. To that aim, maintenance models may be used within availability, performability or safety models, the latter developed using formal languages according to the requirements of international standards. In this paper, a model-driven approach is described for the development of formal maintenance and reliability models for the availability evaluation of repairable systems. The approach facilitates the use of formal models which would be otherwise difficult to manage, and provides the basis for automated models construction. Starting from an extension to maintenance aspects of the MARTE-DAM profile for dependability analysis, an automated process based on model-to-model transformations is described. The process is applied to generate a Repairable Fault Trees model from the MARTE-DAM specification of the Radio Block Centre - a modern railway controller. © 2011 Springer-Verlag.

  • 6.
    Blixt, Daniel
    et al.
    Linnaeus University, Faculty of Technology, Department of Computer Science.
    Nilsson, Daniel
    Linnaeus University, Faculty of Technology, Department of Computer Science.
    Control systems on inexpensive hardware: Supporting Raspberry Pi in an existingdevelopment environment2016Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
    Abstract [en]

    This report aims to describe our bachelor degree projectin computer engineeringat Linnaeus university in Växjö. The project has been carried out on behalf of Danfoss whoapproached us with an interest in making it possible to use Raspberry Pi as an internal and external research platform, compatiblewith their development environment PLUS+1 GUIDE.We were therefore given the task to develop support for Raspberry Pi in PLUS+1 GUIDE. This would enable use of PLUS+1 GUIDE software without the use of Danfoss hardware. This report describes theimplementation of a Raspberry Pi support librarywhich had to be designed to be compatible with the PLUS+1 GUIDE software. It also describes the creation of acustomLinux distributionusing the YoctoProject, a comparison between existing solutionsand a usability test on thePLUS+1 GUIDEsoftware using the developedRaspberry Pi support library.The resultof this workis fully functioning support forRaspberry Pi packaged as a plugin that when installed in PLUS+1 GUIDE allows creation of applications for this platform in the same manner as fortheirother control systems.

  • 7.
    Bocchetti, Giovanni
    et al.
    Ansaldo STS, Italy.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Pragliola, Concetta
    Ansaldo STS, Italy.
    Pappalardo, Alfio
    CeRICT - Centro Regionale Information Communication Technology, Italy.
    Dependable integrated surveillance systems for the physical security of metro railways2009In: 3rd ACM/IEEE International Conference on Distributed Smart Cameras, ICDSC 2009, IEEE, 2009Conference paper (Refereed)
    Abstract [en]

    Rail-based mass transit systems are vulnerable to many criminal acts, ranging from vandalism to terrorism. In this paper, we present the architecture, the main functionalities and the dependability related issues of a security system specifically tailored to metro railways. Heterogeneous intrusion detection, access control, intelligent video-surveillance and sound detection devices are integrated in a cohesive Security Management System (SMS). In case of emergencies, the procedural actions required to the operators involved are orchestrated by the SMS. Redundancy both in sensor dislocation and hardware apparels (e.g. by local or geographical clustering) improve detection reliability, through alarm correlation, and overall system resiliency against both random and malicious threats. Video-analytics is essential, since a small number of operators would be unable to visually control a large number of cameras. Therefore, the visualization of video streams is activated automatically when an alarm is generated by smart-cameras or other sensors, according to an event-driven approach. The system is able to protect stations (accesses, technical rooms, platforms, etc.), tunnels (portals, ventilation shafts, etc.), trains and depots. Presently, the system is being installed in the Metrocampania underground regional railway. To the best of our knowledge, this is the first subway security system featuring artificial intelligence algorithms both for video and audio surveillance. The security system is highly heterogeneous in terms not only of detection technologies but also of embedded computing power and communication facilities. In fact, sensors can differ in their inner hardware-software architecture and thus in the capacity of providing information security and dependability. The focus of this paper is on the development of novel solutions to achieve a measurable level of dependability for the security system in order to fulfill the requirements of the specific application. © 2009 IEEE.

  • 8.
    Carnevali, Laura
    et al.
    University of Florence, Italy.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Paolieri, Marco
    University of Florence, Italy.
    Vicario, Enrico
    University of Florence, Italy.
    Non-Markovian performability evaluation of ERTMS/ETCS level 32015In: Computer Performance Engineering. EPEW 2015, Springer, 2015, p. 47-62Conference paper (Refereed)
    Abstract [en]

    The European Rail Traffic Management System/European Train Control System (ERTMS/ETCS) is an innovative standard introduced to enhance reliability, safety, performance, and interoperability of trans-European railways. In Level 3, the standard replaces fixed-block safety mechanisms, in which only one train at a time is allowed to be in each railway block, with moving blocks: a train proceeds as long as it receives radio messages ensuring that the track ahead is clear of other trains. This mechanism increases line capacity, but relies crucially on the communication link: if messages are lost, the train must stop within a safe deadline even if the track ahead is clear. We develop upon results of the literature to propose an approach for the evaluation of transient availability of the communication channel and probability of train stops due to lost messages. We formulate a non-Markovian model of communication availability and system operation, and leverage solution techniques of the ORIS Tool to provide experimental results in the presence of multiple concurrent activities with non-exponential durations. © Springer International Publishing Switzerland 2015.

  • 9.
    Casola, V.
    et al.
    Università di Napoli Federico II, Italy.
    De Benedictis, A.
    Università di Napoli Federico II, Italy.
    Drago, A.
    Università di Napoli Federico II, Italy ; Ansaldo STS, Italy.
    Esposito, M.
    Università di Napoli Federico II, Italy ; Ansaldo STS, Italy.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Mazzocca, N.
    Università di Napoli Federico II, Italy .
    Securing freight trains for hazardous material transportation: A WSN-based monitoring system2012In: International Defense and Homeland Security Simulation Workshop, DHSS 2012, Held at the International Multidisciplinary Modeling and Simulation Multiconference, I3M 2012, Caltek s.r.l. , 2012, p. 52-59Conference paper (Refereed)
    Abstract [en]

    In recent years the interest in monitoring infrastructures has spread in many application domains, even because of the number of natural disasters and terrorist attacks. This important activity can be seen in the general context of critical infrastructure protection such as the freight train meant for hazardous materials transportation. The design of these systems must answer to several issues: low-cost, easiness of installation, interoperability of information sources, security mechanisms. The use of wireless sensor networks emerged in this field as a compliant solution to these issues. In this paper we will present a monitoring system that uses heterogeneous WSN to monitor a freight train transporting hazardous materials. The sensors interact through a security platform in order to share different information. We illustrate some details on the architecture and the software application to prove the feasibility of such system on a real scenario by discussing most significant results about measurement parameters and networks performance. Copyright© (2012) by CAL-TEK S.r.l.

  • 10.
    Casola, Valentina
    et al.
    University of Naples Federico II, Italy.
    Esposito, Mariana
    University of Naples “Federico II”, Italy.
    Mazzocca, Nicola
    University of Naples Federico II, Italy.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Freight train monitoring: A case-study for the pSHIELD project2012In: Proceedings - 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, IMIS 2012, IEEE, 2012, p. 597-602Conference paper (Refereed)
    Abstract [en]

    Embedded Systems (ES) are increasingly being used in critical applications, where Security, Privacy and Dependability (SPD) attributes are essential. The pSHIELD research project, funded in the framework of the European ARTEMIS program, introduces some innovative approaches to address SPD issues for ES. In this paper, after an introduction to the scope of the pSHIELD project, we describe a case study application to the monitoring of freight trains transporting hazardous materials. The application uses heterogeneous Wireless Sensor Networks (WSN) to measure environmental parameters like temperature, vibrations and transmit them to the security control center. The sensors are integrated by means of an appropriate middleware and data is elaborated by a specfically developed application. We report the architecture and the results achieved by testing the application and some of its relevant SPD functionalities, including data criptography, in a real railway environment. © 2012 IEEE.

  • 11.
    de Giuseppe, Nicola
    et al.
    ANSALDO SIGNAL, Italy.
    di Pasquale, Tommaso
    ANSALDO SIGNAL, Italy.
    Esposito, Rosaria
    ANSALDO SIGNAL, Italy.
    Flammini, Francesco
    ANSALDO SIGNAL, Italy.
    Marmo, Pietro
    ANSALDO SIGNAL, Italy.
    Orazzo, Antonio
    ANSALDO SIGNAL, Italy.
    A grey-box approach to the functional testing of complex automatic train protection systems2005In: Dependable Computing - EDCC 5: 5th European Dependable Computing Conference, Budapest, Hungary, April 20-22, 2005. Proceedings, Berlin, Heidelberg: Springer, 2005, p. 305-317Conference paper (Refereed)
    Abstract [en]

    Systematic functional testing is a fundamental step of embedded control systems development cycle, as it allows to verify and validate their final implementation. Various approaches to black-box testing have been proposed, however they either involve test-case explosion or do not ensure the correctness of system behaviour in scenarios not covered by system specifications. To cope with such issues, a methodology which better suits both complexity and safety-criticality of the target system is needed. This paper describes the ASF functional testing methodology, based on a grey-box approach aimed at generating and reducing an extensive set of influence variables and test-cases. The methodology, embracing different aspects of system test process (code coverage verification, regression testing, etc.), was successfully applied to validate ASF implementation of SCMT (an Italian project for an Automatic Train Protection System). The results obtained in our testing experience proved the time effectiveness and extensive coverage of the proposed approach.

  • 12. De Nicola, G.
    et al.
    Di Tommaso, P.
    Ansaldo Signal, Italy.
    Esposito, R.
    Flammini, Francesco
    Ansaldo Signal, Italy.
    Marmo, P.
    Orazzo, A.
    An experience in validating train control systems by a grey-box testing approach2005In: Advances in Safety and Reliability - ESREL 2005: Proceedings of the European Safety and Reliability Conference, ESREL 2005, Tri City (Gdynia-Sopot-Gdansk), Poland, 27-30 June 2005 / [ed] Kryzstof Kolowrocki, Boca Raton: CRC Press, 2005, p. 1435-1442Conference paper (Refereed)
    Abstract [en]

    Systematic functional testing is a fundamental step of embedded control systems development cycle, as it allows to verify and validate their final implementation. Various approaches to black-box testing have been proposed, however they either involve test-case explosion or do not ensure the correctness of system behavior in scenarios not covered by system specifications. To cope with such issues, a methodology which better suits both complexity and safety-criticality of the target system is needed. This paper describes the ASF functional testing methodology, based on a grey-box approach aimed at generating and reducing an extensive set of influence variables and test-cases. The methodology, embracing different aspects of system test process (code coverage verification, regression testing, etc.), was successfully applied to validate the ASF implementation of SCMT (an Italian project for an Automatic Train Protection System). The results obtained in our testing experience proved the time effectiveness and extensive coverage of the proposed approach.

  • 13. De Nicola, G
    et al.
    di Tommaso, P
    Esposito, R
    Flammini, Francesco
    Marmo, P
    Orazzo, A
    An experience in validating train control systems by a grey-box testing approach2008In: The Second International Conference on Complex, Intelligent and Software Intensive System, Technical University of Catalonia Barcelona, Spain, 2008Conference paper (Refereed)
  • 14. De Nicola, G
    et al.
    di Tommaso, P
    Esposito, R
    Flammini, Francesco
    Marmo, P
    Orazzo, A
    ERTMS/ETCS: working principles and validation2005In: Proceedings of the International Conference on Ship Propulsion and Railway Traction Systems, SPRTS, 2005, p. 59-68Conference paper (Refereed)
  • 15.
    Delli Priscoli, Francesco
    et al.
    University of Rome la Sapienza, Italy.
    Di Giorgio, Alessandro
    University of Rome la Sapienza, Italy.
    Esposito, Mariana
    Ansaldo STS, Italy.
    Fiaschetti, Andrea
    University of Rome la Sapienza, Italy.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Mignanti, Silvano
    University of Rome la Sapienza, Italy.
    Pragliola, Concetta
    Ansaldo STS, Italy.
    Ensuring cyber-security in smart railway surveillance with SHIELD2017In: International Journal of Critical Computer-Based Systems, ISSN 1757-8779, E-ISSN 1757-8787, Vol. 7, no 2, p. 138-170Article in journal (Refereed)
    Abstract [en]

    Modern railways feature increasingly complex embedded computing systems for surveillance that are moving towards fully wireless smart-sensors. Those systems are aimed at monitoring system status from a physical-security viewpoint, in order to detect intrusions and other environmental anomalies. However, the same systems used for physical-security surveillance are vulnerable to cyber-security threats, since they feature distributed hardware and software architectures often interconnected by 'open networks', like wireless channels and the internet. In this paper, we show how the integrated approach to security, privacy and dependability (SPD) in embedded systems provided by the SHIELD framework (developed within the EU funded pSHIELD and nSHIELD research projects) can be applied to railway surveillance systems in order to measure and improve their SPD level. SHIELD implements a layered architecture (node, network, middleware and overlay) and orchestrates SPD mechanisms based on ontology models, appropriate metrics and composability. The results of prototypical application to a real-world demonstrator show the effectiveness of SHIELD and justify its practical applicability in industrial settings.

  • 16.
    di Tommaso, P.
    et al.
    Ansaldo Signal, Italy.
    Flammini, Francesco
    Ansaldo Signal, Italy.
    Lazzaro, A.
    Ansaldo Signal, Italy.
    Pellecchia, R.
    Ansaldo Signal, Italy.
    Sanseviero, A.
    Ansaldo Signal, Italy.
    The simulation of anomalies in the functional testing of the ERTMS/ETCS trackside system2005In: HASE 2005 : Ninth IEEE International Symposium on High Assurance Systems Engineering: 12-14 October 2005, Heidelberg, Germany, Heidelberg: Springer, 2005, p. 131-139Conference paper (Refereed)
    Abstract [en]

    ERTMS/ETCS is going to become the reference standard for modern railway signalling. To develop a safe and reliable Automatic Train Protection System (ATPS) based on ERTMS/ETCS, a detailed functional testing phase is needed, meeting the requirements of international railway safety standards. In this paper we deal with the functional validation of the trackside part of an ERTMS/ETCS compliant system. An extensive set of functional tests have been specified in order to thoroughly verify the system, using an innovative approach based on influence variables and state diagrams. However, such a detailed test specification requires a great amount of time and resources to be entirely executed in the real environment. Moreover, several tests need to generate abnormal safety-critical conditions that are unfeasible on the field. In this paper we describe how we overcame such problems using a specific simulation environment capable to quickly and automatically execute anomaly tests in normal as well as in degraded operating conditions.

  • 17.
    Evegren, Adam
    Linnaeus University, Faculty of Technology, Department of Physics and Electrical Engineering.
    Utveckling av återkopplad motormodul för styrning av mätantenn: En fallstudie hos företaget Combitech AB2018Independent thesis Basic level (university diploma), 10 credits / 15 HE creditsStudent thesis
    Abstract [sv]

    Syftet med föreliggande studie är att undersöka vilket motoralternativ som lämpar sig bäst för precis positionsstyrning av särskilda mätantenner, samt hur denna motor skall kunna drivas på ett funktionellt vis. Huvudresultatet som vill uppnås genom detta projekt är en generell motormodul kapabel att styra antennernas olika dimensioner utifrån användarens kommando genom seriell kommunikation från en PC. Studien har genomförts i samarbete med företaget Combitech AB.

  • 18.
    Fantechi, Alessandro
    et al.
    Universit degli Studi di Firenze, Italy.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Gnesi, Stefania
    Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo”, Italy.
    Formal methods for intelligent transportation systems2012In: Leveraging Applications of Formal Methods, Verification and Validation. Applications and Case Studies. ISoLA 2012, Springer, 2012, no PART 2, p. 187-189Conference paper (Refereed)
    Abstract [en]

    The term Intelligent Transportation Systems (ITS), [4,5], refers to information and communication technology (applied to transport infrastructure and vehicles) that improve transport outcomes such as transport safety, transport productivity, travel reliability, informed travel choices, social equity, environmental performance and network operation resilience [2,3]. Safety-critical ITS include the so called X-by-wire (where 'X' can stand for 'fly', 'brake', 'accelerate, 'steer', etc.) systems used in domains like aerospace, automotive and railways. The importance of ITS is increasing as novel driverless/pilotless applications are emerging. © 2012 Springer-Verlag.

  • 19.
    Fantechi, Alessandro
    et al.
    Università degli Studi di Firenze-DINFO, Italy.
    Flammini, Francesco
    Ansaldo STS-Innovation, Italy.
    Gnesi, Stefania
    Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo”, Italy.
    Formal methods for railway control systems2014In: International Journal on Software Tools for Technology Transfer (STTT), ISSN 1433-2779, E-ISSN 1433-2787, Vol. 16, no 6, p. 643-646Article in journal (Refereed)
    Abstract [en]

    The term intelligent transportation systems (ITS) refers to information and communication technology (applied to transport infrastructure and vehicles) that improve transport outcomes such as transport safety, transport productivity, travel reliability, informed travel choices, social equity, environmental performance and network operation resilience. The importance of ITS is increasing as novel driverless/pilotless applications are emerging. This special issue addresses the application of formal methods to model and analyze complex systems in the context of ITS and in particular in the field of railway control systems. In fact, modelling and analysis activities are very important to optimize system life-cycle in the design, development, verification and operational stages, and they are essential whenever assessment and certification is required by international standards. © 2014, Springer-Verlag Berlin Heidelberg.

  • 20.
    Fiaschetti, Andrea
    et al.
    University of Rome La Sapienza, Italy.
    Lavorato, Francesco
    University of Rome La Sapienza, Italy.
    Suraci, Vincenzo
    University of Rome La Sapienza, Italy.
    Palo, Andi
    University of Rome La Sapienza, Italy.
    Taglialatela, Andrea
    TRS SpA, Italy.
    Morgagni, Andrea
    Elsag Datamat S.p.a., Italy.
    Baldelli, Renato
    Elsag Datamat S.p.a., Italy.
    Flammini, Francesco
    Ansaldo STS S.p.a., Italy.
    On the use of semantic technologies to model and control security, privacy and dependability in complex systems2011In: Computer Safety, Reliability, and Security: 30th International Conference, SAFECOMP 2011, Naples, Italy, September 19-22, 2011, Proceedings / [ed] Francesco Flammini, Sandro Bologna, Valeria Vittorini, Berlin, Heidelberg: Springer, 2011, p. 467-479Conference paper (Refereed)
    Abstract [en]

    In this paper a semantic approach is presented to model and control Security, Privacy and Dependability (SPD) in complex interconnected environment composed by heterogeneous Embedded Systems. Usually, only the individual properties are locally considered to obtain desired functionalities and this could result in sub-optimal solutions. With the use of modern semantic technologies (like OWL or reasoning engines) it is possible to model not only the individual parameters but also the relations between the different (and dynamically changing) parts of the systems, thus providing enriched knowledge and more useful information that could feed control algorithms. The model presented in this paper is based on the results obtained during the first phase of the pSHIELD project (conceived and lead by Finmeccanica) and it is focused on a concrete application coming from a critical scenario in railway environment: the monitoring of freight trains transporting hazardous material.

  • 21.
    Filieri, Antonio
    et al.
    Imperial College London, UK.
    Maggio, Martina
    Lund University.
    Angelopoulos, Konstantinos
    University of Brighton , UK.
    D'Ippolito, Nicolás Roque
    Universidad de Buenos Aires, Argentina Author.
    Gerostathopoulos, Ilias Th
    Technical University of Munich, Faculty of Informatics, Germany .
    Hempel, Andreas Berndt
    Hoffmann, Henry C.
    University of Chicago, United States.
    Jamshidi, Pooyan
    Carnegie Mellon University, United States .
    Kalyvianaki, Evangelia
    University of London, UK.
    Klein, Cristian
    Umeå University.
    Křikava, Filip
    Ceske vysoke uceni technicke v Praze, Czech .
    Misailović, Saša
    Papadopoulos, Alessandro Vittorio
    Mälardalens Högskola.
    Ray, Suprio
    University of New Brunswick, Canada .
    Molzam Sharifloo, Amir
    Universitat Duisburg-Essen, Germany .
    Shevtsov, Stepan
    Linnaeus University, Faculty of Technology, Department of computer science and media technology (CM), Department of Computer Science.
    Ujma, Mateusz
    University of Oxford, UK.
    Vogel, Thomas
    Hasso-Plattner-Institut fur Softwaresystemtechnik, Germany.
    Control strategies for self-adaptive software systems2017In: ACM Transactions on Autonomous and Adaptive Systems, ISSN 1556-4665, E-ISSN 1556-4703, Vol. 11, no 4, article id 24Article, review/survey (Refereed)
    Abstract [en]

    The pervasiveness and growing complexity of software systems are challenging software engineering to design systems that can adapt their behavior to withstand unpredictable, uncertain, and continuously changing execution environments. Control theoretical adaptation mechanisms have received growing interest from the software engineering community in the last few years for their mathematical grounding, allowing formal guarantees on the behavior of the controlled systems. However, most of these mechanisms are tailored to specific applications and can hardly be generalized into broadly applicable software design and development processes. This article discusses a reference control design process, from goal identification to the verification and validation of the controlled system. A taxonomy of the main control strategies is introduced, analyzing their applicability to software adaptation for both functional and nonfunctional goals. A brief extract on how to deal with uncertainty complements the discussion. Finally, the article highlights a set of open challenges, both for the software engineering and the control theory research communities.

  • 22.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Automatic train protection systems2013In: Industrial Engineering & Management, ISSN 2169-0316, Vol. 2, no 5, p. 1-3Article in journal (Refereed)
    Abstract [en]

    Vehicles used in railway applications are requested to be more and more performable, reliable and safe. The use of computer based railway control systems is nowadays widespread, as it has been proven to be the most effective, if not the only practicable way to pursue such hard requirements.

  • 23.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Model-based analysis of 'k out of m' correlation techniques for diverse redundant detectors2013In: International Journal of Performability Engineering, ISSN 0973-1318, Vol. 9, no 5, p. 551-560Article in journal (Refereed)
    Abstract [en]

    Sensors are widespread in applications ranging from environmental monitoring to distributed surveillance for physical security. Novel protocols and appropriate topologies enable large networks of cheap smart-sensors with the main objective of providing pervasiveness and resilience. In this paper we provide a model-based analysis of a 'k-out-of-m' ('KooM') voting approach which can be used to correlate data coming from heterogeneous event detecting devices. The approach is based on the assumption of diverse redundancy on sensor technologies. The Bayesian Network formalism is employed to perform the analysis. The results show that by choosing appropriate correlation logics an optimal trade-off can be achieved among probability of detection, false alarm rate, availability and robustness against spoofing attempts, depending on the specific application. Furthermore, it will be shown that majority voting on detector outputs allows for a high cost effectiveness in obtaining performance improvements. © RAMS Consultants.

  • 24.
    Flammini, Francesco
    University of Naples Federico II, Italy.
    Model-based dependability evaluation of complex critical control systems2007Doctoral thesis, monograph (Other academic)
  • 25.
    Flammini, Francesco
    Ansaldo STS, Italy.
    On the use of models for the dependability and security of transit systems and infrastructures: A multi-year industrial experience report2012In: International Journal of Critical Computer-Based Systems, ISSN 1757-8779, E-ISSN 1757-8787, Vol. 3, no 3, p. 229-244Article in journal (Refereed)
    Abstract [en]

    Computer-based transit systems are increasingly large, distributed and heterogeneous; in one word: complex. Being 'complex' and 'open' systems, their protection against both natural faults and deliberate attacks is far from being trivial. In this paper, we report a survey of a ten years industrial experience in infrastructure and threat modelling for the assurance of reliability, safety and security in different phases of the life-cycle of rail transit systems. Described by a set of case-study applications, the experience highlights the importance of mastering advanced modelling paradigms through a strict and constant cooperation with universities and research institutes. Copyright © 2012 Inderscience Enterprises Ltd.

  • 26.
    Flammini, Francesco
    Ansaldo STS, Italy.
    Railway safety, reliability, and security: Technologies and systems engineering2012Collection (editor) (Other academic)
    Abstract [en]

    Human errors, as well as deliberate sabotage, pose a considerable danger to passengers riding on the modern railways and have created disastrous consequences. To protect civilians against both intentional and unintentional threats, rail transportation has become increasingly automated. Railway Safety, Reliability, and Security: Technologies and Systems Engineering provides engineering students and professionals with a collection of state-of-the-art methodological and technological notions to support the development and certification of â€r̃eal-time safety-critical’ railway control systems, as well as the protection of rail transportation infrastructures. © 2012 by IGI Global. All rights reserved.

  • 27.
    Flammini, Francesco
    L'Università di Napoli Federico II, Italy.
    Sistemi di controllo per l'Alta Velocità ferroviaria2010In: Mondo Digitale, ISSN 1720-898X, Vol. 9, no 4, p. 18-32Article in journal (Refereed)
  • 28.
    Flammini, Francesco
    University of Naples Federico II, Italy.
    Technical Committee Reports: The Future of Homeland Security2016In: IEEE Systems, Man, and Cybernetics Magazine, ISSN 2333-942X, Vol. 2, no 3, p. 11-13Article in journal (Other academic)
  • 29.
    Flammini, Francesco
    et al.
    Linnaeus University, Faculty of Technology, Department of computer science and media technology (CM).
    Gaglione, A
    Mazzino, N
    Mazzocca, N
    Pragliola, C
    La security nei sistemi di trasporto a guida vincolata: analisi del rischio e strategie di protezione2007Conference paper (Refereed)
  • 30.
    Flammini, Francesco
    et al.
    ANSALDO STS, Italy ; Università di Napoli “Federico II”, Italy.
    Gaglione, Andrea
    Università di Napoli “Federico II”, Italy.
    Mazzocca, Nicola
    Università di Napoli “Federico II”, Italy.
    Moscato, Vincenzo
    Università di Napoli “Federico II”, Italy.
    Pragliola, Concetta
    ANSALDO STS , Italy.
    Wireless sensor data fusion for critical infrastructure security2009In: Proceedings of the International Workshop on Computational Intelligence in Security for Information Systems CISIS’08. / [ed] Corchado E., Zunino R., Gastaldo P., Herrero Á., Springer, 2009, p. 92-99Conference paper (Refereed)
    Abstract [en]

    Wireless Sensor Networks (WSN) are being investigated by the research community for resilient distributed monitoring. Multiple sensor data fusion has proven as a valid technique to improve detection effectiveness and reliability. In this paper we propose a theoretical framework for correlating events detected by WSN in the context of critical infrastructure protection. The aim is to develop a decision support and early warning system used to effectively face security threats by exploiting the advantages of WSN. The research addresses two relevant issues: the development of a middleware for the integration of heterogeneous WSN (SeNsIM, Sensor Networks Integration and Management) and the design of a model-based event correlation engine for the early detection of security threats (DETECT, DEcision Triggering Event Composer & Tracker). The paper proposes an overall system architecture for the integration of the SeNsIM and DETECT frameworks and provides example scenarios in which the system features can be exploited. © 2009 Springer-Verlag Berlin Heidelberg.

  • 31.
    Flammini, Francesco
    et al.
    ANSALDO STS, Italy.
    Gaglione, Andrea
    University of Naples Federico II, Italy.
    Mazzocca, Nicola
    University of Naples Federico II, Italy.
    Pragliola, Concetta
    ANSALDO STS, Italy.
    Optimisation of security system design by quantitative risk assessment and genetic algorithms2011In: International Journal of Risk Assessment and Management, ISSN 1466-8297, E-ISSN 1741-5241, Vol. 15, no 2-3, p. 204-220Article in journal (Refereed)
    Abstract [en]

    The design of physical security systems for critical infrastructures is a delicate task that requires a balance between the cost of protection mechanisms and their expected effect on risk mitigation. This paper presents an approach usable to support the design of security systems by automatically optimising some parameters, basing on external constraints (e.g., limited available budget) and using quantitative risk assessment. Risk assessment is performed using a software tool that implements a quantitative methodology. The methodology accounts for the attributes of threats (frequency, system vulnerability, expected consequences) and protection mechanisms (cost, effectiveness, coverage, etc.). The optimisation is performed by means of genetic algorithms with the objective of achieving the set of parameters that minimises the risk while fitting external budget constraints, hence maximising the return on investment. The paper also describes an example application of the approach to the design of physical security systems for metro railways.

  • 32.
    Flammini, Francesco
    et al.
    ANSALDO STS, Italy.
    Gaglione, Andrea
    Università di Napoli Federico II, Italy.
    Ottello, Francesco
    ANSALDO STS, Italy.
    Pappalardo, Alfio
    ANSALDO STS, Italy.
    Pragliola, Concerta
    ANSALDO STS, Italy.
    Tedesco, Annarita
    ANSALDO STS, Italy.
    Towards wireless sensor networks for railway infrastructure monitoring2010In: Electrical Systems for Aircraft, Railway and Ship Propulsion, Piscataway: IEEE, 2010, p. 1-6Conference paper (Refereed)
    Abstract [en]

    In recent years, there has been an increasing interest in the adoption of emerging sensing technologies for instrumentation within a variety of structural systems. Structural health monitoring systems are widely adopted to monitor the behavior of structures during forced vibration testing or natural excitation (e.g. earthquakes, winds, live loading). They can be found in a number of civil structures, including bridges and viaducts, and also in applications of vehicle health monitoring. Moreover, since infrastructures can be damaged by human originated threats, the adoption of security measures is also essential. This paper presents a proposal of an early warning system based on Wireless Sensor Networks (WSN) for railway infrastructure monitoring. It exploits already available research results and tools for WSN management, integration and data fusion. The aim is to hedge detection capabilities in a complete framework for structural failures as well as security threats, including both natural hazards and intentional attacks.

  • 33.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Gaglione, Andrea
    Università di Napoli Federico II, Italy.
    Ottello, Francesco
    Ansaldo STS, Italy.
    Pappalardo, Alfio
    Ansaldo STS, Italy.
    Pragliola, Concerta
    Ansaldo STS, Italy.
    Tedesco, Annarita
    Ansaldo STS, Italy.
    Towards wireless sensor networks for railway infrastructure monitoring2010In: Electrical Systems for Aircraft, Railway and Ship Propulsion (ESARS), 2010, IEEE, 2010, p. 1-6Conference paper (Refereed)
    Abstract [en]

     In recent years, there has been an increasing interest in the adoption of emerging sensing technologies for instrumentation within a variety of structural systems. Structural health monitoring systems are widely adopted to monitor the behavior of structures during forced vibration testing or natural excitation (e.g. earthquakes, winds, live loading). They can be found in a number of civil structures, including bridges and viaducts, and also in applications of vehicle health monitoring. Moreover, since infrastructures can be damaged by human originated threats, the adoption of security measures is also essential. This paper presents a proposal of an early warning system based on Wireless Sensor Networks (WSN) for railway infrastructure monitoring. It exploits already available research results and tools for WSN management, integration and data fusion. The aim is to hedge detection capabilities in a complete framework for structural failures as well as security threats, including both natural hazards and intentional attacks.

  • 34.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Gentile, Ugo
    Università di Napoli “Federico II”, Italy.
    Marrone, Stefano
    Seconda Università di Napoli, Italy.
    Nardone, Roberto
    Università di Napoli “Federico II”, Italy.
    Vittorini, Valeria
    Università di Napoli “Federico II”, Italy.
    A Petri Net pattern-oriented approach for the design of physical protection systems2014In: Computer Safety, Reliability, and Security. SAFECOMP 2014 / [ed] Bondavalli A., Di Giandomenico F., Springer, 2014, p. 230-245Conference paper (Refereed)
    Abstract [en]

    The design of complex Physical Protection Systems (PPSs) still raises some challenges despite the high number of technologies for smart surveillance. One reason is the lack of effective methodologies able to support the PPS designer in evaluating the effectiveness of the system on varying design choices. Indeed, an estimation of the system vulnerability should be performed in the early phases of the PPS design. This paper introduces a model-based methodology for the quantitative estimation of the vulnerability of a PPS. The proposed methodology clearly defines a compositional approach which takes advantage from the usage of predefined patterns for the creation of vulnerability models. In particular, the paper proposes some Petri Net patterns able to capture the behavioural aspects of several assets and actors involved in attacking/defending scenarios. © 2014 Springer International Publishing.

  • 35.
    Flammini, Francesco
    et al.
    Ansaldo, Italy.
    Impagliazzo, L.
    Ansaldo, Italy.
    Marmo, P.
    Ansaldo, Italy.
    Pragliola, C.
    Ansaldo, Italy.
    Reliability, safety and security of innovative command/control systems: Model-based approaches and related industrial applications2010In: Ingegneria Ferroviaria, ISSN 0020-0956, Vol. 65, no 6, p. 543-558Article in journal (Refereed)
    Abstract [en]

    Model-based approaches and related industrial applications were used in industrial case-studies in the railway and metropolitan transport sectors. Each of the presented an application of advanced modeling techniques to problems related to safety, reliability, and security. These experiences highlighted an efficient transfer to the industry of tools and methods developed in the academy. A method was described for the availability evaluation of a railway system considering all the failure modes and fault origins and exploiting a modeling technique known as 'multi-formalism'. A safety evaluation technique was demonstrated for majority voting systems in presence of imperfect maintenance, using abstraction and modeling techniques based on different languages. The concept of model-based-testing was also introduced to improve effectiveness and efficiency of the certification process.

  • 36.
    Flammini, Francesco
    et al.
    Ansaldo, Italy ; University of Naples 'Federico II', Italy.
    Lazzaro, A.
    Ansaldo, Italy.
    Mazzocca, N.
    University of Naples 'Federico II', Italy.
    Modeling of railway logics for reverse enginering, verification and refactoring2011In: International Journal of Safety and Security Engineering, ISSN 2041-9031, E-ISSN 2041-904X, Vol. 1, no 1, p. 77-94Article in journal (Refereed)
    Abstract [en]

    Model-based approaches are widespread both in functional and non-functional verification activities of critical computer-based systems. Reverse engineering can also be used to support checks for correctness of system implementation against its requirements. In this paper, we show how a model-based technique, using the Unified Modeling Language (UML), suits the reverse engineering of complex control logics. UML is usually exploited to drive the development of software systems, using an object-oriented and bottom-up approach; however, it can be also used to model legacy non-object-oriented logic processes featuring a clear distinction between data structures and related operations. Our case-study consists in the most important component of the European Railway Traffic Management System/European Train Control System: the Radio Block Center (RBC). The model we obtained from the logic code of the RBC significantly facilitated both structural and behavioral analyses, giving a valuable contribution to the static verification and refactoring of the software under test. © 2011 WIT Press.

  • 37.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy ; Università di Napoli Federico II, Italy.
    Marrone, S.
    Ansaldo STS, Italy ; Seconda Università di Napoli, Italy.
    Mazzocca, N.
    Università di Napoli Federico II, Italy.
    Vittorini, V.
    Università di Napoli Federico II, Italy.
    Evaluating the Hazardous Failure Rate of majority voting computer architectures by means of Bayesian Network models2007In: Proceedings of the European Safety and Reliability Conference 2007, ESREL 2007 - Risk, Reliability and Societal Safety, 2007, Vol. 2, p. 1715-1721Conference paper (Refereed)
    Abstract [en]

    Safety-critical control systems are usually based on majority voters. In order to assess the compliance of these architectures with international safety standards, the probability of the occurrence of unsafe events should be evaluated by developing and analyzing proper formal models. In this paper we demonstrate that a Bayesian Network (BN) model can be used to evaluate the Mean Time Between Hazardous Events (MTBHE) of voting architectures. The proposed modeling approach is applied to a "2 out of 2" ("2002") voter consisting of independent computing units. The results obtained from the analysis of the BN model of the "2002" voter can be easily extended to evaluate the hazardous failure rate of more complex voting architectures (e.g. Triple Modular Redundant architectures, based on a 2003 voting). Within this context, BNs have several advantages over other traditional approaches (e.g. Petri Nets or Markov Chains): the model can be directly derived from the analysis of the flow-chart describing the dynamic of hazardous failures and its evaluation is much more efficient, as BN solving algorithms are non state-based; moreover, sensitivity analyses can be automatically performed by using the available user friendly BN tools . Finally, the proposed BN model is quite general and can be easily adapted and/or extended to suit specific computing architectures and fault models. © 2007 Taylor & Francis Group.

  • 38.
    Flammini, Francesco
    et al.
    ANSALDO SIGNAL, Italy ; Università di Napoli Federico II, Italy.
    Marrone, S.
    ANSALDO SIGNAL, Italy ; Seconda Università di Napoli, Italy.
    Mazzocca, N.
    Università di Napoli Federico II, Italy.
    Vittorini, V.
    Università di Napoli Federico II, Italy.
    Modeling system reliability aspects of ERTMS/ETCS by fault trees and Bayesian networks2006In: Safety and Reliability for Managing Risk: Proceedings of the European Safety and Reliability Conference 2006, ESREL 2006 / [ed] Guedes Soares, Zio, London: Taylor & Francis, 2006, p. 2675-2683Conference paper (Refereed)
    Abstract [en]

    Critical control systems require proper techniques to predict their failure rate since early design stages, in order to fulfil dependability requirements and minimize development costs. Bayesian Networks have been shown to be suitable to model system reliability aspects, extending the modeling power of Fault Trees and featuring a better solving efficiency with respect to Petri Nets. In this paper we exploit the Fault Tree and Bayesian Network formalisms in order to perform a hardware reliability analysis of a complex real world case study: the European Railway Traffic Management System/European Train Control System (ERTMS/ETCS). ERTMS/ETCS is a recent standard specification aimed at improving interoperability, performances and dependability of modern railways. An implementation of ERTMS/ETCS is a distributed heterogeneous system with strict reliability requirements. Starting from such requirements and from a reference hardware architecture, we studied system reliability by instantiating models with realistic parameters and performing a series of sensitivity analyses in order to highlight design trade-offs. By evaluating and integrating sub-models using a compositional approach we both obtained several interesting results and showed the effectiveness of a combined use of Fault Trees and Bayesian Networks in dealing with system reliability analyses of train control systems.

  • 39. Flammini, Francesco
    et al.
    Marrone, S
    Mazzocca, N
    Vittorini, V
    Modelling system reliability aspects of ERTMS/ETCS by fault trees and Bayesian networks2006In: Safety and Reliability for Managing Risk: proceedings of the 15th European Safety and Reliability Conference (ESREL 2006) / [ed] Carlos Guedes Soares, Enrico Zio, 2006, p. 2675-2683Conference paper (Refereed)
    Abstract [en]

    ERTMS/ETCS is a recent standard specification aimed at improving interoperability, performances and dependability of modern railways. An implementation of ERTMS/ETCS is a distributed heterogeneous system with strict availability requirements. On the basis of such requirements and of the hypothesised system reference architecture, we studied structural availability by instantiating models with realistic reliability parameters and performing a series of sensitivity analyses in order to highlight design trade-offs. By evaluating and integrating sub-models using a compositional approach we both obtained several interesting results and showed the effectiveness of a combined use of Fault Trees and Bayesian Networks in dealing with structural reliability analyses of train control systems.

  • 40.
    Flammini, Francesco
    et al.
    AnsaldoSTS, Italy.
    Marrone, Stefano
    Seconda Universitá di Napoli, Italy.
    Iacono, Mauro
    Seconda Universitá di Napoli, Italy.
    Mazzocca, Nicola
    Universitá di Napoli "Federico II", Italy.
    Vittorini, Valeria
    Universitá di Napoli "Federico II", Italy.
    A multiformalism modular approach to ertms/etcs failure modeling2014In: International Journal of Reliability, Quality and Safety Engineering (IJRQSE), ISSN 0218-5393, Vol. 21, no 1, article id 1450003Article in journal (Refereed)
    Abstract [en]

    European Railway Traffic Management System/European Train Control System (ERTMS/ETCS) is a recent standard aimed at improving performance, safety and inter-operability of modern railways. In order to be compliant to ERTMS/ETCS, a railway signalling system must meet strict nonfunctional requirements on system level failure modes. In this paper, a multiformalism model is employed to perform an availability analysis of an ERTMS/ETCS reference architecture at early phases of its development cycle. At this aim, a bottom-up analysis is performed from subsystem failure models (expressed by means of Generalized Stochastic Petri Nets, Fault Trees and Repairable Fault Trees) up to the overall system model. The modular approach, here used, allows to evaluate the influence of basic design parameters on the probability of system-level failure modes and demonstrates that system availability is within the bound required by the ERTMS/ETCS specification. The results show that the multiformalism modeling approach helps to cope with complexity, eases the verification of availability requirements and can be successfully applied to the analysis of complex critical systems. © 2014 World Scientific Publishing Company.

  • 41.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Marrone, Stefano
    Seconda Université di Napoli, Italy.
    Mazzocca, Nicola
    Università di Napoli “Federico II”, Italy.
    Nardone, Roberto
    University of Naples Federico II, Italy.
    Vittorini, Valeria
    Université “Federico II” di Napoli, Italy.
    Model-driven V&V processes for computer based control systems: A unifying perspective2012In: Leveraging Applications of Formal Methods, Verification and Validation. Applications and Case Studies. ISoLA 2012, Springer, 2012, no PART 2, p. 190-204Conference paper (Refereed)
    Abstract [en]

    A recent trend in software engineering is to support the development process by providing flexible tool chains allowing for effective Model-Driven approaches. These solutions are very appealing in industrial settings since they enable the creation of development and verification processes, enhancing abstraction and reuse, and hence improving productivity. This paper addresses advantages and challenges in extending Model-Driven approaches to system engineering and specifically to verification and validation (V&V) of critical computer-based systems. Specifically, the paper highlights the needs for real-world industrial contexts and proposes the definition of a unifying Model-Driven process for V&V of functional and non-functional system properties. Some enabling techniques which aim at improving the reuse of Model-Driven artifacts are addressed to deal with process scalability and effectiveness. Two sample applications are described for ERTMS/ETCS signalling system in order to show the advantages of the approach: formal modeling for performance evaluation of message delivery between train and track controllers and test case generation for the verification of functional requirements of trains outdistancing. © 2012 Springer-Verlag.

  • 42.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Marrone, Stefano
    Seconda Université di Napoli, Italy.
    Mazzocca, Nicola
    Université “Federico II” di Napoli, Italy.
    Nardone, Roberto
    Université “Federico II” di Napoli, Italy.
    Vittorini, Valeria
    Université “Federico II” di Napoli, Italy.
    Using Bayesian Networks to evaluate the trustworthiness of '2 out of 3' decision fusion mechanisms in multi-sensor applications2015In: IFAC-PapersOnLine, 2015, Vol. 48, no 21, p. 682-687Conference paper (Refereed)
    Abstract [en]

    The use of smart-sensors to recognize automatically complex situations (anomalous behaviors, physical security threats, etc.) requires 'intelligent' methods to improve the trustworthiness of automatic decisions. Voting and consensus mechanisms can be employed whether supported by probabilistic formalisms to correlate event occurrence, to merge local events and to estimate the likelihood of overall decisions. This paper presents the results of a quantitative comparison of three different voting schemes based on Bayesian Networks. These models present a growing complexity and they are able to provide a trustworthiness estimation based on single nodes detection reliability in terms of false alarm probabilities. © 2015, IFAC (International Federation of Automatic Control) Hosting by Elsevier Ltd. All rights reserved.

  • 43.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Marrone, Stefano
    Seconda Università di Napoli, Italy.
    Mazzocca, Nicola
    Università “Federico II” di Napoli, Italy.
    Pappalardo, Alfio
    Ansaldo STS, Italy.
    Pragliola, Concetta
    Ansaldo STS, Italy.
    Vittorini, Valeria
    Università “Federico II” di Napoli, Italy.
    Trustworthiness evaluation of multi-sensor situation recognition in transit surveillance scenarios2013In: Security Engineering and Intelligence Informatics. CD-ARES 2013 / [ed] Cuzzocrea A., Kittl C., Simos D.E., Weippl E., Xu L., Springer, 2013, p. 442-456Conference paper (Refereed)
    Abstract [en]

    Physical Security Information Management (PSIM) systems are a recent introduction in the surveillance of critical infrastructures, like those used for mass-transit. In those systems, different sensors are integrated as separate event detection devices, each of them generating independent alarms. In order to lower the rate of false alarms and provide greater situation awareness for surveillance operators, we have developed a framework-namely DETECT-for correlating information coming from multiple heterogeneous sensors. DETECT uses detection models based on (extended) Event Trees in order to generate higher level warnings when a known threat scenario is being detected. In this paper we extend DETECT by adopting probabilistic models for the evaluation of threat detection trustworthiness on reference scenarios. The approach also allows for a quantitative evaluation of model sensitivity to sensor faults. The results of a case-study in the transit system domain demonstrate the increase of trust one could expect when using scenarios characterized in a probabilistic way for the threat detection instead of single-sensor alarms. Furthermore, we show how a model analysis can serve at design time to support decisions about the type and redundancy of detectors. © IFIP International Federation for Information Processing 2013.

  • 44.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Marrone, Stefano
    Seconda Universita di Napoli, Italy.
    Mazzocca, Nicola
    Universita di Napoli Federico II, Italy.
    Vittorini, Valeria
    Universita di Napoli Federico II, Italy.
    A new modeling approach to the safety evaluation of N-modular redundant computer systems in presence of imperfect maintenance2009In: Reliability Engineering & System Safety, ISSN 0951-8320, E-ISSN 1879-0836, Vol. 94, no 9, p. 1422-1432Article in journal (Refereed)
    Abstract [en]

    A large number of safety-critical control systems are based on N-modular redundant architectures, using majority voters on the outputs of independent computation units. In order to assess the compliance of these architectures with international safety standards, the frequency of hazardous failures must be analyzed by developing and solving proper formal models. Furthermore, the impact of maintenance faults has to be considered, since imperfect maintenance may degrade the safety integrity level of the system. In this paper, we present both a failure model for voting architectures based on Bayesian networks and a maintenance model based on continuous time Markov chains, and we propose to combine them according to a compositional multiformalism modeling approach in order to analyze the impact of imperfect maintenance on the system safety. We also show how the proposed approach promotes the reuse and the interchange of models as well the interchange of solving tools. © 2009 Elsevier Ltd. All rights reserved.

  • 45.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Marrone, Stefano
    Second University of Naples, Italy.
    Mazzocca, Nicola
    University of Naples Federico II, Italy.
    Vittorini, Valeria
    University of Naples Federico II, Italy.
    Fuzzy decision fusion and multiformalism modelling in physical security monitoring2016In: Recent Advances in Computational Intelligence in Defense and Security / [ed] Rami AbielmonaRafael FalconNur Zincir-HeywoodHussein A. Abbass, Springer, 2016, p. 71-100Chapter in book (Refereed)
    Abstract [en]

    Modern smart-surveillance applications are based on an increasingly large number of heterogeneous sensors that greatly differ in size, cost and reliability. System complexity poses issues in its design, operation and maintenance since a large number of events needs to be managed by a limited number of operators. However, it is rather intuitive that redundancy and diversity of sensors may be advantageously leveraged to improve threat recognition and situation awareness. That can be achieved by adopting appropriate model-based decision-fusion approaches on sensor-generated events. In such a context, the challenges to be addressed are the optimal correlation of sensor events, taking into account all the sources of uncertainty, and how to measure situation recognition trustworthiness. The aim of this chapter is twofold: it deals with uncertainty by enriching existing model-based event recognition approaches with imperfect threat modelling and with the use of different formalisms improving detection performance. To that aim, fuzzy operators are defined using the probabilistic formalisms of Bayesian Networks and Generalized Stochastic Petri Nets. The main original contributions span from support physical security system design choices to the demonstration of a multiformalism approach for event correlation. The applicability of the approach is demonstrated on the case-study of a railway physical protection system.

  • 46.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Marrone, Stefano
    Seconda Università di Napoli, Italy.
    Mazzocca, Nicola
    Università di Napoli “Federico II”, italy.
    Vittorini, Valeria
    Università di Napoli “Federico II”, Italy.
    Petri net modelling of physical vulnerability2013In: Critical Information Infrastructure Security. CRITIS 2011 / [ed] Bologna S., Hämmerli B., Gritzalis D., Wolthusen S., Springer, 2013, p. 128-139Conference paper (Refereed)
    Abstract [en]

    Several multi-disciplinary aspects need to be addressed in security risk evaluation, including the estimation of risk attributes. One of the most widespread definitions of security risk relates it to the attributes of: probability of occurrence (or rather "frequency") of threats, system vulnerability with respect to the threat (or rather "probability of success of the threat"), and expected consequences (or rather "damage"). In this paper we provide a straightforward generic model based on Stochastic Petri Nets which can be adopted for the quantitative evaluation of physical vulnerability. The model allows to evaluate besides effectiveness parameters (e.g. probability of sensing, assessment, neutralization, etc.) also efficiency related ones (e.g. time to sense, assess, neutralize, etc.). Some examples will be provided in order to show how the model can be used in real-world protection systems applications. © 2013 Springer-Verlag.

  • 47.
    Flammini, Francesco
    et al.
    Ansaldo, Italy.
    Mazzocca, N.
    University of Naples Federico II, Italy.
    Moscato, F.
    Second University of Naples, Italy.
    Pappalardo, A.
    Ansaldo, Italy ; Second University of Naples, Italy.
    Pragliola, C.
    Ansaldo, Italy.
    Vittorini, V.
    Second University of Naples, Italy.
    Multiformalism techniques for critical infrastructure modeling2010In: International Journal of System of Systems Engineering, ISSN 1748-0671, E-ISSN 1748-068X, Vol. 2, no 1, p. 19-37Article in journal (Refereed)
    Abstract [en]

    This paper proposes an approach to use multiformalism techniques for critical infrastructure modelling. To this aim, the state of the art of related works on the subject is surveyed and a general scheme for intra and inter infrastructure models is described. Multiformalism approaches allow modellers to adapt the choice of formal languages to the nature, complexity and abstraction layer of the subsystems to be modelled. Another advantage is the possibility of reusing existing dependability models and solvers. Complexity and heterogeneity are managed through modularity, and composition allows for representing structural or functional dependencies. An example model based on a railway infrastructure is used to illustrate the concepts introduced by the paper. Copyright © 2010 Inderscience Enterprises Ltd.

  • 48.
    Flammini, Francesco
    et al.
    Università di Napoli Federico II, Italy.
    Mazzocca, N.
    Università di Napoli Federico II, Italy.
    Vittorini, V.
    Università di Napoli Federico II, Italy.
    Models for the analysis of critical systems2009In: Mondo Digitale, ISSN 1720-898X, Vol. 8, no 3, p. 11-21Article in journal (Refereed)
  • 49.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy ; Universit`a di Napoli ‘Federico II’, Italy.
    Mazzocca, Nicola
    Universit`a di Napoli ‘Federico II’, Italy.
    Orazzo, Antonio
    Ansaldo STS, Italy.
    Automatic instantiation of abstract tests on specific configurations for large critical control systems2009In: Software testing, verification & reliability, ISSN 0960-0833, E-ISSN 1099-1689, Vol. 19, no 2, p. 91-110Article in journal (Refereed)
    Abstract [en]

    Computer-based control systems have grown in size, complexity, distribution and criticality. In this paper a methodology is presented to perform an 'abstract testing' of such large control systems in an efficient way: an abstract test is specified directly from system functional requirements and has to be instantiated in more test runs to cover a specific configuration, comprising any number of control entities (sensors, actuators and logic processes). Such a process is usually performed by hand for each installation of the control system, requiring a considerable time effort and being an error-prone verification activity. To automate a safe passage from abstract tests, related to the so-called generic software application, to any specific installation, an algorithm is provided, starting from a reference architecture and a statebased behavioural model of the control software. The presented approach has been applied to a railway interlocking system, demonstrating its feasibility and effectiveness in several years of testing experience. Copyright © 2008 John Wiley & Sons, Ltd.

  • 50.
    Flammini, Francesco
    et al.
    Ansaldo STS, Italy.
    Mazzocca, Nicola
    University of Naples “Federico II”, Italy.
    Pappalardo, Alfio
    Ansaldo STS, Italy ; University of Naples “Federico II”, Italy.
    Pragliola, Concetta
    Ansaldo STS, Italy.
    Vittorini, Valeria
    University of Naples “Federico II”, Italy.
    Augmenting surveillance system capabilities by exploiting event correlation and distributed attack detection2011In: Availability, Reliability and Security for Business, Enterprise and Health Information Systems. CD-ARES 2011, International Federation for Information Processing, 2011, p. 191-204Conference paper (Refereed)
    Abstract [en]

    In recent years, several innovative security technologies have been developed. However, many of the novel sensing technologies (e.g. video analytics) do not always feature a high level of reliability. Very often, they need to be precisely tuned to fit specific installations and provide acceptable results. Furthermore, in large installations the number of surveillance operators is low with respect to the number of sensing devices, and operators' tasks include facing critical events, possibly including strategic terrorist attacks. In such human-in-the-loop systems, ergonomics and usability issues need to be carefully addressed to increase system performance in terms of detection probability and low rate of false/nuisance alarms. This paper describes a multi-sensor event correlation approach for augmenting the capabilities of distributed surveillance systems. The aim is to provide advanced early warning, situation awareness and decision support features. The effectiveness of the framework is proved considering threat scenarios of public transportation systems.

12 1 - 50 of 64
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf