By Topic

Dependable Computing (LADC), 2011 5th Latin-American Symposium on

Date 25-29 April 2011

Filter Results

Displaying Results 1 - 25 of 30
  • [Front cover]

    Publication Year: 2011 , Page(s): C1
    Save to Project icon | Request Permissions | PDF file iconPDF (354 KB)  
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2011 , Page(s): i
    Save to Project icon | Request Permissions | PDF file iconPDF (39 KB)  
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2011 , Page(s): iii
    Save to Project icon | Request Permissions | PDF file iconPDF (85 KB)  
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2011 , Page(s): iv
    Save to Project icon | Request Permissions | PDF file iconPDF (122 KB)  
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2011 , Page(s): v - vi
    Save to Project icon | Request Permissions | PDF file iconPDF (146 KB)  
    Freely Available from IEEE
  • Message from the General Chair

    Publication Year: 2011 , Page(s): vii - viii
    Save to Project icon | Request Permissions | PDF file iconPDF (139 KB) |  | HTML iconHTML  
    Freely Available from IEEE
  • Message from the Technical Program Co-chairs

    Publication Year: 2011 , Page(s): ix
    Save to Project icon | Request Permissions | PDF file iconPDF (123 KB) |  | HTML iconHTML  
    Freely Available from IEEE
  • Organizing Committees

    Publication Year: 2011 , Page(s): x - xii
    Save to Project icon | Request Permissions | PDF file iconPDF (79 KB)  
    Freely Available from IEEE
  • Reviewers

    Publication Year: 2011 , Page(s): xiii - xiv
    Save to Project icon | Request Permissions | PDF file iconPDF (80 KB)  
    Freely Available from IEEE
  • GENESYS - A Cross-Domain Architecture for Dependable Embedded Systems

    Publication Year: 2011 , Page(s): 1 - 6
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (311 KB) |  | HTML iconHTML  

    Recognizing the strategic importance of embedded computing for industry and society, the European Commission formed, together with industry, academia, and national governments, the European technology platform ARTEMIS (Advanced Research and Technology for Embedded Intelligence and Systems) in 2004. It is one goal of ARTEMIS to develop a cross-domain embedded system architecture, supported by design methods and tools, to significantly improve the functionality, dependability, and cost-effectiveness of embedded systems. The GENESYS (Generic Embedded Systems) project, carried out by a consortium of twenty industrial and academic partners coming from different embedded system domains, developed a blueprint for such an architecture that should be applicable in the industrial domain as well as in the multimedia domain. This blueprint (GENESYS) has been strongly influenced by the concepts of and the experience with the time-triggered architecture. It is the objective of this contribution to give an overview of the cross-domain architecture GENESYS. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Byzantine Fault-Tolerant Deferred Update Replication

    Publication Year: 2011 , Page(s): 7 - 16
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (393 KB) |  | HTML iconHTML  

    Replication is a well-established approach to increasing database availability. Many database replication protocols have been proposed for the crash-stop failure model, in which servers fail silently. Fewer database replication protocols have been proposed for the byzantine failure model, in which servers may fail arbitrarily. This paper considers deferred update replication, a popular database replication technique, under byzantine failures. The paper makes two main contributions. First, it shows that making deferred update replication tolerate byzantine failures is quite simple. Second, the paper presents a byzantine-tolerant mechanism to execute read-only transactions at a single server. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Simple Snapshot Algorithm for Multicore Systems

    Publication Year: 2011 , Page(s): 17 - 24
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (295 KB) |  | HTML iconHTML  

    An atomic snapshot object is an object that can be concurrently accessed by n asynchronous processes prone to crash. It is made of m components (base atomic registers) and is defined by two operations: an update operation that allows a process to atomically assign a new value to a component and a snapshot operation that atomically reads and returns the values of all the components. To cope with the net effect of concurrency, asynchrony and failures, the algorithm implementing the update operation has to help concurrent snapshot operations in order they can always terminate. This paper presents a new and particularly simple construction of a snapshot object. This construction relies on a new principle, that we call "write first, help later" strategy. This strategy directs an update operation first to write its value and only then computes an helping snapshot value that can be used by a snapshot operation in order to terminate. Interestingly, not only the algorithms implementing the snapshot and update operations are simple and have easy proofs, but they are also efficient in terms of the number of accesses to the underlying atomic registers shared by the processes. An operation costs O(m) in the best case and O(n × m) in the worst case. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Enhancing Fault Tolerance of Distributed R-Tree

    Publication Year: 2011 , Page(s): 25 - 34
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (489 KB) |  | HTML iconHTML  

    Distributed R-trees (DR-trees) are appealing infrastructures for implementing range queries, content based filtering or k-NN structures since they inherit the features of R-trees such as logarithmic height, bounded number of neighbors and balanced shape. However, they are crash-sensitivite since each single crash can potentially break the tree structure connectivity. In this article, we present a fault tolerant approach which exploits replication of non leaf nodes ensuring the tree connectivity in presence of crashes. Our contribution is twofold. First, we enhance the connectivity without modifying the R-tree structure. Second, via extensive simulations we prove that our approach drastically reduces the cost of both message traffic and stabilization time when compared to the original approach proposed in where all nodes of a disconnected subtree are reinserted. Finally, our approach can be easily extended to other crash-sensitive structures. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On the Reliability and Availability of Systems Tolerant to Stealth Intrusion

    Publication Year: 2011 , Page(s): 35 - 44
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (895 KB) |  | HTML iconHTML  

    This paper considers the estimation of reliability and availability of intrusion-tolerant systems subject to non-detectable intrusions. Our motivation comes from the observation that typical techniques of intrusion tolerance may in certain circumstances worsen the non-functional properties they were meant to improve (e.g., dependability). We start by modeling attacks as adversarial efforts capable of affecting the intrusion rate probability of components of the system. Then, we analyze several configurations of intrusion-tolerant replication and pro-active rejuvenation, to find which ones lead to security enhancements. We analyze several parameterizations, considering different attack and rejuvenation models and taking into account the mission time of the overall system and the expected time to intrusion of its components. In doing so, we identify thresholds that distinguish between improvement and degradation. We compare the effects of replication and rejuvenation and highlight their complementarity, showing improvements of resilience not attainable with any of the techniques alone, but possible only as a synergy of their combination. We advocate the need for thorougher system models, by showing fundamental vulnerabilities arising from incomplete specifications. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Detection of Attacks in Wireless Mesh Networks

    Publication Year: 2011 , Page(s): 45 - 54
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (489 KB) |  | HTML iconHTML  

    Wireless Mesh Network (WMN) is a new technology that is gaining importance among traditional wireless communication systems. Wireless Mesh Networks are becoming a reasonable choice to offer Internet access in an inexpensive, convenient, and quick way. However, WMNs are vulnerable to several kinds of attacks because of their inherent attributes such as the open communication medium. Malicious mesh devices can launch attacks to disrupt the network routing operations, then putting the entire mesh network at risk. This paper analyzes routing manipulation attacks against the proactive routing protocol Better Approach To Mobile Ad hoc Network (BATMAN). We demonstrate the feasibility of the attack in an emulated mesh network that consists of virtual nodes executing BATMAN protocol. Then, we show how to detect the attack by making use of traces produced by the mesh nodes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Benchmarking the Security of Web Serving Systems Based on Known Vulnerabilities

    Publication Year: 2011 , Page(s): 55 - 64
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (596 KB) |  | HTML iconHTML  

    This paper proposes a methodology and a tool to evaluate the security risk presented when using software components or systems. The risk is estimated based on known vulnerabilities existing on the software components. An automated tool is used to extract and aggregate information on vulnerabilities reported by users and available on public databases (e.g., OSVDB and NVD). This tool generates comprehensive reports including the vulnerability type frequency, severity, exploitability, impact, and so on, and extracts correlations between aspects such as impact and representativeness, making possible the identification of aspects such as typical and worst impact for a given vulnerability. The proposed methodology, when applied to systems within the same class, enables buyers and system integrators to identify which system or component presents the lower security risk, helping them to select which system to use. The paper includes a case study to demonstrate the usefulness of the methodology and the tool. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Energy-Aware Test Connection Assignment for the Diagnosis of a Wireless Sensor Network

    Publication Year: 2011 , Page(s): 65 - 73
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (512 KB) |  | HTML iconHTML  

    In a Wireless Sensor Network (WSN) where the sensors raise alarms in response to anomalous events, we consider the problem of detecting false alarms (i.e. false positives) by using a system-level diagnosis approach. In particular, we assume that a set of t sensors in a geographic neighborhood generate the alarm, and the sink issues to the WSN a self test task that involves a number of reciprocal tests among the sensors in the WSN. Based on the test outcomes, the sink executes the diagnosis in order to identify the faulty sensors. This work presents an algorithm for the assignment of the tests (i.e. a strategy for the assignment of reciprocal tests among sensors) that assures the desired system diagnosability and that is aware of the energy consumption of the sensors. Simulation experiments show that, as compared to the existing approaches, our approach enables consistent energy savings on the sensors. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Resource Optimization and Energy Saving in Clusters Using Virtualization

    Publication Year: 2011 , Page(s): 74 - 83
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (474 KB) |  | HTML iconHTML  

    This work proposes a reusable architecture that enables the management of a supporting infrastructure for Web server clusters using virtual machines. The goal of the architecture is to ensure service quality, evaluating how broadly it complies with the operating restrictions (maximum response time) and proportionally acting on physical servers (hosts) or manipulating the virtual machines. In addition, through the rational use of resources, the proposal aims at saving energy. A prototype of the architecture was developed and a performance evaluation carried out. This evaluation shows that the proposal is fully functional and how advantageous it can be in terms of using resources, avoiding waste, yet maintaining the application's service within acceptable quality failure levels. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Exception Handling for Service Component Architectures

    Publication Year: 2011 , Page(s): 84 - 93
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (530 KB) |  | HTML iconHTML  

    The Service Component Architecture (SCA) makes it possible to combine existing and new services based on a variety of technologies with components built using a component-based development approach. However, when asynchronous services compositions are executed, one or more errors can occur, possibly at the same time, affecting the composition's dependability. In many cases, parts of the composition are off-the-shelf components or Web services whose individual dependability cannot be reliably ascertained. In this paper, we propose a novel exception handling model that targets the needs of dependable SCA applications. The model is applicable to service-oriented systems and allows the creation of fault-tolerant asynchronous service compositions. We also present the EH-SCA framework, an instantiation of the proposed model implemented as an extension of the Apache Tuscany SCA infrastructure. Developers can apply this instantiation of the model to both new and existing applications by using a simple and flexible aspect-oriented programming model. Finally, a case study of the EH-SCA framework shows how it can be used to build dependable distributed applications. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On Selecting Representative Faultloads to Guide the Evaluation of Ad Hoc Networks

    Publication Year: 2011 , Page(s): 94 - 99
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (314 KB) |  | HTML iconHTML  

    Ad hoc networks are threatened by a wide variety of accidental and malicious faults. This fact limits the practical exploitation of ad hoc networks. In consequence, apart from enforcing the dependability and security aspects of these networks, the provision of approaches to evaluate their behaviour in the presence of faults and attacks is of paramount importance. Accordingly, analysing and determining which threats should be considered for the evaluation of each particular ad hoc network is an essential task for the definition of representative faultloads. Our previous work focused on evaluating the impact of black and grey hole attacks in real networks using attack injection. This paper enriches the faultload of our experimental platform with five new types of accidental and malicious faults. The goal is to provide the basis for guiding the selection of suitable faultloads when assessing the impact of different threats in different types of ad hoc networks, like wireless sensor networks (WSN) and mobile ad hoc networks (MANET), considering the importance of the applicative context in the interpretation of results. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Collecting, Analyzing and Archiving Results from Fault Injection Experiments

    Publication Year: 2011 , Page(s): 100 - 105
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (385 KB) |  | HTML iconHTML  

    This paper addresses the issue of the identification of the suitable level of observation (readouts and measurements) to characterize fault injection experiments. In practice, several outcomes can be observed in an experiment, but it is not rare for experimenters to consider only one viewpoint or to rely on the first event observed, in order to diagnose the experiment. In addition, there is not always a single way to assert the faulty behaviors as distinct viewpoints might be considered. Accordingly, an elaborate reflection on the types of readouts and measurements to be collected and recorded is an essential dimension for analyzing the faulty behavior of a target system. Another key aspect concerns the need for archiving the experimental data in a suitable way (featuring sufficient details, still in an exploitable format), so that they can be also useful for extended or alternative analyses. With that in mind, the paper sketches some simple guidelines towards the sharing of experimental results via an open data repository. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • J-SWFIT: A Java Software Fault Injection Tool

    Publication Year: 2011 , Page(s): 106 - 115
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1099 KB) |  | HTML iconHTML  

    Software faults are known as a major cause of computational systems' defects. Even when these systems are tested exhaustively they can present some failures due to the activation of residual software faults in the source code. Software fault injection tools are useful to emulate the presence of software faults and to monitor the system allowing one to observe if the system continues to operate as expected. A tool helps to evaluate the possible failures in order to define countermeasures to avoid them or to reduce their severity, increasing the levels of dependability of the application under test. This work presents the J-SWFIT tool, which emulates Java software faults directly in compiled code. The architecture of the tool was proposed in an abstract level that can be easily understood and extended. J-SWFIT works based on a set of predefined Java operators and consists of analyzing the byte codes of compiled Java files, finding locations where specific faults can exist and can be injected each one independently. J-SWFIT allows comparing the systems' behavior in the presence and absence of each fault. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • RACME: A Framework to Support V&V and Certification

    Publication Year: 2011 , Page(s): 116 - 125
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1038 KB) |  | HTML iconHTML  

    Verification and Validation (V&V) processes are largely applied to critical systems, and often imposed by certification needs. Many V&V processes are defined in the state of the art, for different kind of systems and different kinds of dependability requirements. A very large set of techniques and tools have been developed to execute specific tasks within these V&V processes. However, few instruments that guide and support the overall V&V process can be identified in the literature. The RACME (Resiltech Assessment and Certification MEthodology) framework aims at filling this gap. RACME guides the entire V&V process to support the V&V experts, interconnecting the results of the various activities, organizing the relevant inputs and outputs, detecting inconsistencies, and finally offering support to the construction of the documents required (for certification purposes). We present the RACME motivation, specification and the current prototype, finally, we apply our prototype as support to the V&V expert during a long-term project. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Architecture-Based Criticality Assessment of Software Systems

    Publication Year: 2011 , Page(s): 126 - 135
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (460 KB) |  | HTML iconHTML  

    The development of dependable software systems with acceptable costs and time often requires architectural analyses and criticality assessment strategies to achieve a detailed understanding of the system failing behavior. This information is valuable to evaluate architectural alternatives, to allocate resources, such as, testing efforts and fault tolerance means, efficiently, and to support the selection and the integration of software components. This paper proposes an architecture-based method, which allows characterizing the criticality of individual components and their impact on the overall system. The method includes the preliminary system characterization through a software fault injection campaign and exploits a formal description of the system, in terms of components and interactions among them, which enables the final criticality assessment. The method is applied in the context of two real-world case studies, i.e., the Apache Web Server, and TAO Open Data Distribution System (DDS). View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Validation of Exception Handling in the Development of Dependable Component-Based Software Systems

    Publication Year: 2011 , Page(s): 136 - 145
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1699 KB) |  | HTML iconHTML  

    The use of exception handling mechanisms to develop robust software in a non-systematic manner can be a source of many design faults. This paper presents an approach that allows to systematize the validation of the system's exceptional behavior at both the software architecture and detailed design levels. At the software architecture, our solution is based on the specification and verification of architectural scenarios. At the detailed design level, the proposed solution consists on a static analysis tool that collects information regarding exceptional flows in a given behavioral model, to assist the task of validating the exceptional flow. This analysis anticipates the detection and therefore the correction of failures during the specification phase. The feasibility of our approach was evaluated by a case study of a mining control system. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.