OSATE Analysis Support

Similar documents
ARINC653 AADL Annex. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Julien Delange 07/08/2013

ARINC653 AADL Annex Update

Modeling the Implementation of Stated-Based System Architectures

SEI/CMU Efforts on Assured Systems

Investigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models

Verifying Periodic Programs with Priority Inheritance Locks

AADL Fault Modeling and Analysis Within an ARP4761 Safety Assessment

AADL v2.1 errata AADL meeting Sept 2014

Encounter Complexes For Clustering Network Flow

Roles and Responsibilities on DevOps Adoption

Panel: Future of Cloud Computing

Analyzing 24 Years of CVD

Inference of Memory Bounds

Flow Latency Analysis with the Architecture Analysis and Design Language (AADL)

COTS Multicore Processors in Avionics Systems: Challenges and Solutions

Design Pattern Recovery from Malware Binaries

Causal Modeling of Observational Cost Data: A Ground-Breaking use of Directed Acyclic Graphs

Advancing Cyber Intelligence Practices Through the SEI s Consortium

Flow Analysis for Network Situational Awareness. Tim Shimeall January Carnegie Mellon University

Situational Awareness Metrics from Flow and Other Data Sources

Software, Security, and Resiliency. Paul Nielsen SEI Director and CEO

Denial of Service Attacks

Julia Allen Principal Researcher, CERT Division

Introduction to AADL analysis and modeling with FACE Units of Conformance

Cyber Hygiene: A Baseline Set of Practices

Investigating APT1. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Deana Shick and Angela Horneman

SAE AADL Error Model Annex: Discussion Items

Be Like Water: Applying Analytical Adaptability to Cyber Intelligence

Semantic Importance Sampling for Statistical Model Checking

Automated Provisioning of Cloud and Cloudlet Applications

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

Passive Detection of Misbehaving Name Servers

The CERT Top 10 List for Winning the Battle Against Insider Threats

Model-Driven Verifying Compilation of Synchronous Distributed Applications

Involved subjects in this presentation Security and safety in real-time embedded systems Architectural description, AADL Partitioned architectures

Static Analysis Alert Audits Lexicon And Rules David Svoboda, CERT Lori Flynn, CERT Presenter: Will Snavely, CERT

Providing Information Superiority to Small Tactical Units

Prioritizing Alerts from Static Analysis with Classification Models

2013 US State of Cybercrime Survey

Model-Based Embedded System Engineering & Analysis of Performance-Critical Systems

Foundations for Summarizing and Learning Latent Structure in Video

Fall 2014 SEI Research Review Verifying Evolving Software

Cyber Threat Prioritization

The Priority Ceiling Protocol: A Method for Minimizing the Blocking of High-Priority Ada Tasks

Collaborative Autonomy with Group Autonomy for Mobile Systems (GAMS)

10 Years of FloCon. Prepared for FloCon George Warnagiris - CERT/CC #GeoWarnagiris Carnegie Mellon University

Query Language for AADLv2, Jérôme Hugues, ISAE Serban Gheorghe, Edgewater

Information Security Is a Business

Smart Grid Maturity Model

AADL Webinar. Carnegie Mellon University Notices Architecture Analysis with AADL The Speed Regulation Case-Study... 4

An Implementation of the Behavior Annex in the AADL-toolset Osate2

Defining Computer Security Incident Response Teams

Modeling, Verifying, and Generating Software for Distributed Cyber- Physical Systems using DMPL and AADL

Software Assurance Education Overview

Using DidFail to Analyze Flow of Sensitive Information in Sets of Android Apps

Components and Considerations in Building an Insider Threat Program

Engineering High- Assurance Software for Distributed Adaptive Real- Time Systems

Pharos Static Analysis Framework

Goal-Based Assessment for the Cybersecurity of Critical Infrastructure

NO WARRANTY. Use of any trademarks in this presentation is not intended in any way to infringe on the rights of the trademark holder.

Cloud Computing. Grace A. Lewis Research, Technology and Systems Solutions (RTSS) Program System of Systems Practice (SoSP) Initiative

Current Threat Environment

Pattern-Based Analysis of an Embedded Real-Time System Architecture

Engineering Improvement in Software Assurance: A Landscape Framework

CIS 890: High-Assurance Systems

SAME Standard Package Installation Guide

Report Writer and Security Requirements Finder: User and Admin Manuals

Netflow in Daily Information Security Operations

Using CERT-RMM in a Software and System Assurance Context

An Incident Management Ontology

Secure Coding Initiative

Carnegie Mellon University Notice

Presentation of the AADL: Architecture Analysis and Design Language

Open Systems: What s Old Is New Again

AADL Graphical Editor Design

ARINC653 annex: examples

Dependability Modeling Based on AADL Description (Architecture Analysis and Design Language)

Effecting Large-Scale Adaptive Swarms Through Intelligent Collaboration (ELASTIC)

Model-based Architectural Verification & Validation

Dr. Kenneth E. Nidiffer Director of Strategic Plans for Government Programs

Architectural Implications of Cloud Computing

Presentation of the AADL: Architecture Analysis and Design Language

An Extensible Open Source AADL Tool Environment (OSATE)

Strip Plots: A Simple Automated Time-Series Visualization

Model-Driven Verifying Compilation of Synchronous Distributed Applications

Researching New Ways to Build a Cybersecurity Workforce

Data quality attributes in network-centric systems

An Extensible Open Source AADL Tool Environment (OSATE)

Improving Software Assurance 1

Time-Bounded Analysis of Real- Time Systems

Analytical Architecture Fault Models

The Insider Threat Center: Thwarting the Evil Insider

SAE AADL Error Model Annex: An Overview

Measuring the Software Security Requirements Engineering Process

RAMSES. Refinement of AADL Models for the Synthesis of Embedded Systems. Etienne Borde

The Need for Operational and Cyber Resilience in Transportation Systems

Error Model Annex Revision

Cloud Computing. Grace A. Lewis Research, Technology and Systems Solutions (RTSS) Program System of Systems Practice (SoSP) Initiative

Last Class: Clock Synchronization. Today: More Canonical Problems

Content Mirroring in EPiServer

Transcription:

OSATE Analysis Support Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange/Peter Feiler 07/08/2013

Overview of OSATE2 Eclipse-based AADL editor Support for AADLv2.1, up to date with latest standard revisions Support for behavior and error annexes Support for quantitative analysis SEI-based plug-ins (latency, performance, etc.) Third-party plug-ins (code generation, scheduling analysis) OSS development model Public SCM and bugtrack, open to external contribution Licensed under EPL license 2

Generic OSATE Support Report generation of Problem View Problem contains analysis results organized by Marker types HTML based report can be generated from Problems View Graphical viewer (IMV) Nested component hierarchy Flows, modes, and component/feature filters Bindings Propagations Error tagging Analysis Reports Many analyses produce detailed reports in CSV format Generated reports are maintained in Reports folder 3

Example Detailed Reports 4

Architecture consistency Required connection checking All ports with required connections are connected Binding consistency checking Does HW connection exist to support SW connections Data interchange consistency (port connection consistency) Data_Model::Measurement unit, base type, data size, data rate, (core)input/output rate ARINC429 protocol mapping consistency ARINC429::Word ID, First Bit, number of Bits Safety/security level checking SEI::SecurityLevel, SafetyCriticality in direction of port connection flow Stream miss rate checking SEI::StreamMissRate Confidentiality (Bell LaPadula) original Java-based in OSATE1.5 5

Architecture dependency Dependency Structure Matrix (DSM) import/export, Lattix Fault analyses FHA Fault impact Unhandled faults FTA RBD PRISM 6

Resource Analysis Electrical power distribution Multi-level power distribution (substations) Bus as power distribution unit Power providers and consumers Bus access with PowerSupply and PowerBudget properties SEI::PowerCapacity, PowerSupply, PowerBudget Weight/mass SEI::NetWeight, GrossWeight, WeightLimit Rollup and comparison against GrossWeight and WeightLimit at each level of the hierarchy RAM/ROM memory RAM/ROM actual, budget & capacity Totals and bound totals 7

Resource Analysis Processor MIPS SEI::MIPSCapacity, MIPSBudget For processor and virtual processor Virtual processor budget is its capacity System wide capacity and budget totals Resource specific capacity and budget totals based on bindings Accounts for virtual processor bindings No double counting of virtual processor and bound threads MIPS budget rollup for each level of hierarchy At thread level compares period and WCET against budget Accounts for processor speed Scaling based on MIPSCapacity ratios with respect to a specified ReferenceProcessor 8

Resource Analysis SEI::BandwidthCapacity, BandwidthBudget System wide totals (not very useful) Resource specific capacity and budget totals based on bindings Explicit connection bindings If not present, inferred bindings based on sender/receiver processor bindings Accounts for virtual bus bindings If specified compares period and port data size to bandwidth budgets 9

Resource allocation and scheduling analysis Priority inversion Periodic tasks with explicit priority assignment use of priority property (core) RMA/EDF for periodic tasks without shared logical resources Assumes bound threads Binpacking resource allocation Balanced processor load vs. minimal # of processors Minimized network traffic Accounts for binding and co-location constraints RMA/EDF schedulability Accounts for virtual processors ARINC653 Analyses LUTE based Configuration consistency Partition latency 10

Flow latency analysis Worst-case lower bound Incrementally increasing fidelity Flow spec based & based on actuals Sampling latency and port queue latency Thread-based and partition-based sampling latency Partitions based on properties & on virtual processor Immediate, sampling, and delayed connections Connection latency Based on latency property on connection Based on connection binding Connection binding derived from processor binding Explicit connection binding Bus latency based on transmission properties & data size 11

Fault impact analysis Utilizes error propagations and error flows System internal error source External error sources (incoming propagation of outermost system) Propagation paths for connection instances and bindings From all outgoing propagations up the hierarchy to the lowest level incoming propagation Handling of out only (to external) and in only (from external) connections Handling of processor and memory binding Error flows Paths and sinks Handling of subtypes of propagated type token Type mapping from error path source to target Detection of type token specific propagation cycles If absent, then use core model flows or to all outgoing propagations Handling of inherited propagation within feature group 12

Fault impact analysis Incomplete specifications Missing out propagation to handle incoming propagation Missing incoming propagations at connection destination Missing connections to handle outgoing propagation Type token not in type constraint Missing external out propagation at root system Coming up Handling of connection binding Handling of connection error source Interpretation of component error behavior State transitions triggered by incoming propagations and error events Out propagation conditions 13

Fault Impact Analysis Example Report 14

Copyright 2013 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. DM-0000087 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback