Visible to the public Biblio

Found 249 results

Filters: Keyword is Cyber-physical systems  [Clear All Filters]
Hasan, Kamrul, Shetty, Sachin, Hassanzadeh, Amin, Ullah, Sharif.  2019.  Towards Optimal Cyber Defense Remediation in Cyber Physical Systems by Balancing Operational Resilience and Strategic Risk. MILCOM 2019 - 2019 IEEE Military Communications Conference (MILCOM). :1–8.
A prioritized cyber defense remediation plan is critical for effective risk management in cyber-physical systems (CPS). The increased integration of Information Technology (IT)/Operational Technology (OT) in CPS has to lead to the need to identify the critical assets which, when affected, will impact resilience and safety. In this work, we propose a methodology for prioritized cyber risk remediation plan that balances operational resilience and economic loss (safety impacts) in CPS. We present a platform for modeling and analysis of the effect of cyber threats and random system faults on the safety of CPS that could lead to catastrophic damages. We propose to develop a data-driven attack graph and fault graph-based model to characterize the exploitability and impact of threats in CPS. We develop an operational impact assessment to quantify the damages. Finally, we propose the development of a strategic response decision capability that proposes optimal mitigation actions and policies that balances the trade-off between operational resilience (Tactical Risk) and Strategic Risk.
Xiong, Leilei, Grijalva, Santiago.  2019.  N-1 RTU Cyber-Physical Security Assessment Using State Estimation. 2019 IEEE Power Energy Society General Meeting (PESGM). :1–5.
Real-time supervisory control and data acquisition (SCADA) systems use remote terminal units (RTUs) to monitor and manage the flow of power at electrical substations. As their connectivity to different utility and private networks increases, RTUs are becoming more vulnerable to cyber-attacks. Some attacks seek to access RTUs to directly control power system devices with the intent to shed load or cause equipment damage. Other attacks (such as denial-of-service) target network availability and seek to block, delay, or corrupt communications between the RTU and the control center. In the most severe case, when communications are entirely blocked, the loss of an RTU can cause the power system to become unobservable. It is important to understand how losing an RTU impacts the system state (bus voltage magnitudes and angles). The system state is determined by the state estimator and serves as the input to other critical EMS applications. There is currently no systematic approach for assessing the cyber-physical impact of losing RTUs. This paper proposes a methodology for N-1 RTU cyber-physical security assessment that could benefit power system control and operation. We demonstrate our approach on the IEEE 14-bus system as well as on a synthetic 200-bus system.
Frias, Alex Davila, Yodo, Nita, Yadav, Om Prakash.  2019.  Mixed-Degradation Profiles Assessment of Critical Components in Cyber-Physical Systems. 2019 Annual Reliability and Maintainability Symposium (RAMS). :1–6.
This paper presents a general model to assess the mixed-degradation profiles of critical components in a Cyber-Physical System (CPS) based on the reliability of its critical physical and software components. In the proposed assessment, the cyber aspect of a CPS was approached from a software reliability perspective. Although extensive research has been done on physical components degradation and software reliability separately, research for the combined physical-software systems is still scarce. The non-homogeneous Poisson Processes (NHPP) software reliability models are deemed to fit well with the real data and have descriptive and predictive abilities, which could make them appropriate to estimate software components reliability. To show the feasibility of the proposed approach, a case study for mixed-degradation profiles assessment is presented with n physical components and one major software component forming a critical subsystem in CPS. Two physical components were assumed to have different degradation paths with the dependency between them. Series and parallel structures were investigated for physical components. The software component failure data was taken from a wireless network switching center and fitted into a Weibull software reliability model. The case study results revealed that mix-degradation profiles of physical components, combined with software component profile, produced a different CPS reliability profile.
Xu, Zhiheng, Ng, Daniel Jun Xian, Easwaran, Arvind.  2019.  Automatic Generation of Hierarchical Contracts for Resilience in Cyber-Physical Systems. 2019 IEEE 25th International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA). :1–11.
With the growing scale of Cyber-Physical Systems (CPSs), it is challenging to maintain their stability under all operating conditions. How to reduce the downtime and locate the failures becomes a core issue in system design. In this paper, we employ a hierarchical contract-based resilience framework to guarantee the stability of CPS. In this framework, we use Assume Guarantee (A-G) contracts to monitor the non-functional properties of individual components (e.g., power and latency), and hierarchically compose such contracts to deduce information about faults at the system level. The hierarchical contracts enable rapid fault detection in large-scale CPS. However, due to the vast number of components in CPS, manually designing numerous contracts and the hierarchy becomes challenging. To address this issue, we propose a technique to automatically decompose a root contract into multiple lower-level contracts depending on I/O dependencies between components. We then formulate a multi-objective optimization problem to search the optimal parameters of each lower-level contract. This enables automatic contract refinement taking into consideration the communication overhead between components. Finally, we use a case study from the manufacturing domain to experimentally demonstrate the benefits of the proposed framework.
Evgeny, Pavlenko, Dmitry, Zegzhda, Anna, Shtyrkina.  2019.  Estimating the sustainability of cyber-physical systems based on spectral graph theory. 2019 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom). :1–5.
Paper proposed an approach to estimating the sustainability of cyber-physical systems based on system state analysis. Authors suggested that sustainability is the system ability to reconfigure for recovering from attacking influences. Proposed a new criterion for cyber-physical systems sustainability assessment based on spectral graph theory. Numerical calculation of the criterion is based on distribution properties of the graph spectrum - the set of eigenvalues of the adjacency matrix corresponding to the graph. Experimental results have shown dependency of change in Δσ, difference between initial value of σstart and final σstop, on working route length, and on graph connectivity was revealed. This parameter is proposed to use as a criterion for CPS sustainability.
Castillo, Anya, Arguello, Bryan, Cruz, Gerardo, Swiler, Laura.  2019.  Cyber-Physical Emulation and Optimization of Worst-Case Cyber Attacks on the Power Grid. 2019 Resilience Week (RWS). 1:14–18.
In this paper we report preliminary results from the novel coupling of cyber-physical emulation and interdiction optimization to better understand the impact of a CrashOverride malware attack on a notional electric system. We conduct cyber experiments where CrashOverride issues commands to remote terminal units (RTUs) that are controlling substations within a power control area. We identify worst-case loss of load outcomes with cyber interdiction optimization; the proposed approach is a bilevel formulation that incorporates RTU mappings to controllable loads, transmission lines, and generators in the upper-level (attacker model), and a DC optimal power flow (DCOPF) in the lower-level (defender model). Overall, our preliminary results indicate that the interdiction optimization can guide the design of experiments instead of performing a “full factorial” approach. Likewise, for systems where there are important dependencies between SCADA/ICS controls and power grid operations, the cyber-physical emulations should drive improved parameterization and surrogate models that are applied in scalable optimization techniques.
Gries, Stefan, Ollesch, Julius, Gruhn, Volker.  2019.  Modeling Semantic Dependencies to Allow Flow Monitoring in Networks with Black-Box Nodes. 2019 IEEE/ACM 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS). :14–17.
Cyber-Physical Systems are distributed, heterogeneous systems that communicate and exchange data over networks. This creates semantic dependencies between the individual components. In the event of an error, it is difficult to identify the source of an occurring error that is spread due to those underlying dependencies. Tools such as the Information Flow Monitor solve this problem, but require compliance with a protocol. Nodes that do not adhere to this protocol prevent errors from being tracked. In this paper, we present a way to bridge these black-box nodes with a dependency model and to still be able to use them in monitoring tools.
Pan, Jonathan.  2019.  Physical Integrity Attack Detection of Surveillance Camera with Deep Learning based Video Frame Interpolation. 2019 IEEE International Conference on Internet of Things and Intelligence System (IoTaIS). :79—85.
Surveillance cameras, which is a form of Cyber Physical System, are deployed extensively to provide visual surveillance monitoring of activities of interest or anomalies. However, these cameras are at risks of physical security attacks against their physical attributes or configuration like tampering of their recording coverage, camera positions or recording configurations like focus and zoom factors. Such adversarial alteration of physical configuration could also be invoked through cyber security attacks against the camera's software vulnerabilities to administratively change the camera's physical configuration settings. When such Cyber Physical attacks occur, they affect the integrity of the targeted cameras that would in turn render these cameras ineffective in fulfilling the intended security functions. There is a significant measure of research work in detection mechanisms of cyber-attacks against these Cyber Physical devices, however it is understudied area with such mechanisms against integrity attacks on physical configuration. This research proposes the use of the novel use of deep learning algorithms to detect such physical attacks originating from cyber or physical spaces. Additionally, we proposed the novel use of deep learning-based video frame interpolation for such detection that has comparatively better performance to other anomaly detectors in spatiotemporal environments.
Nath, Anubhav, Biswas, Reetam Sen, Pal, Anamitra.  2019.  Application of Machine Learning for Online Dynamic Security Assessment in Presence of System Variability and Additive Instrumentation Errors. 2019 North American Power Symposium (NAPS). :1—6.
Large-scale blackouts that have occurred in the past few decades have necessitated the need to do extensive research in the field of grid security assessment. With the aid of synchrophasor technology, which uses phasor measurement unit (PMU) data, dynamic security assessment (DSA) can be performed online. However, existing applications of DSA are challenged by variability in system conditions and unaccounted for measurement errors. To overcome these challenges, this research develops a DSA scheme to provide security prediction in real-time for load profiles of different seasons in presence of realistic errors in the PMU measurements. The major contributions of this paper are: (1) develop a DSA scheme based on PMU data, (2) consider seasonal load profiles, (3) account for varying penetrations of renewable generation, and (4) compare the accuracy of different machine learning (ML) algorithms for DSA with and without erroneous measurements. The performance of this approach is tested on the IEEE-118 bus system. Comparative analysis of the accuracies of the ML algorithms under different operating scenarios highlights the importance of considering realistic errors and variability in system conditions while creating a DSA scheme.
Wang, Manxi, Liu, Bingjie, Xu, Haitao.  2019.  Resource Allocation for Threat Defense in Cyber-security IoT system. 2019 28th Wireless and Optical Communications Conference (WOCC). :1—3.
In this paper, we design a model for resource allocation in IoT system considering the cyber security, to achieve optimal resource allocation when defend the attack and threat. The resource allocation problem is constructed as a dynamic game, where the threat level is the state and the defend cost is the objective function. Open loop solution and feedback solutions are both given to the defender as the optimal control variables under different solutions situations. The optimal allocated resource and the optimal threat level for the defender is simulated through the numerical simulations.
Polyakov, Dmitry, Eliseev, Aleksey, Moiseeva, Maria, Alekseev, Vladimir, Kolegov, Konstantin.  2019.  The Model and Algorithm for Ensuring the Survivability of Control Systems of Dynamic Objects in Conditions of Uncertainty. 2019 1st International Conference on Control Systems, Mathematical Modelling, Automation and Energy Efficiency (SUMMA). :41—44.
In the article the problem of survivability evaluation of control systems is considered. Control system is presented as a graph with edges that formalize minimal control systems consist of receiver, transmitter and a communication line connecting them. Based on the assumption that the survivability of minimal control systems is known, the mathematical model of survivability evaluation of not minimal control systems based on fuzzy logic is offered.
Yan, Liang.  2019.  Dynamic Mulitiple Agent Based IoT Security Management System. 2019 IEEE 2nd International Conference on Information Communication and Signal Processing (ICICSP). :48—51.
It is important to provide strong security for IoT devices with limited security related resources. We introduce a new dynamic security agent management framework, which dynamically chooses the best security agent to support security functions depending on the applications' security requirements of IoT devices in the system. This framework is designed to overcome the challenges including high computation costs, multiple security protocol compatibility, and efficient energy management in IoT system.
Puccetti, Armand.  2019.  The European H2020 project VESSEDIA (Verification Engineering of Safety and SEcurity critical Dynamic Industrial Applications). 2019 22nd Euromicro Conference on Digital System Design (DSD). :588—591.
This paper presents an overview of the H2020 project VESSEDIA [9] aimed at verifying the security and safety of modern connected systems also called IoT. The originality relies in using Formal Methods inherited from high-criticality applications domains to analyze the source code at different levels of intensity, to gather possible faults and weaknesses. The analysis methods are mostly exhaustive an guarantee that, after analysis, the source code of the application is error-free. This paper is structured as follows: after an introductory section 1 giving some factual data, section 2 presents the aims and the problems addressed; section 3 describes the project's use-cases and section 4 describes the proposed approach for solving these problems and the results achieved until now; finally, section 5 discusses some remaining future work.
Samir, Nagham, Gamal, Yousef, El-Zeiny, Ahmed N., Mahmoud, Omar, Shawky, Ahmed, Saeed, AbdelRahman, Mostafa, Hassan.  2019.  Energy-Adaptive Lightweight Hardware Security Module using Partial Dynamic Reconfiguration for Energy Limited Internet of Things Applications. 2019 IEEE International Symposium on Circuits and Systems (ISCAS). :1—4.
Data security is the main challenge in Internet of Things (IoT) applications. Security strength and the immunity to security attacks depend mainly on the available power budget. The power-security level trade-off is the main challenge for low power IoT applications, especially, energy limited IoT applications. In this paper, multiple encryption modes that provide different power consumption and security level values are hardware implemented. In other words, some modes provide high security levels at the expense of high power consumption and other modes provide low power consumption with low security level. Dynamic Partial Reconfiguration (DPR) is utilized to adaptively configure the hardware security module based on the available power budget. For example, for a given power constraint, the DPR controller configures the security module with the security mode that meets the available power constraint. ZC702 evaluation board is utilized to implement the proposed encryption modes using DPR. A Lightweight Authenticated Cipher (ACORN) is the most suitable encryption mode for low power IoT applications as it consumes the minimum power and area among the selected candidates at the expense of low throughput. The whole DPR system is tested with a maximum dynamic power dissipation of 10.08 mW. The suggested DPR system saves about 59.9% of the utilized LUTs compared to the individual implementation of the selected encryption modes.
Bento, Murilo E. C., Ramos, Rodrigo A..  2019.  Computing the Worst Case Scenario for Electric Power System Dynamic Security Assessment. 2019 IEEE Power Energy Society General Meeting (PESGM). :1—5.
In operation centers, it is important to know the power transfer limit to guarantee the safety operation of the power system. The Voltage Stability Margin (VSM) is a widely used measure and needs to definition of a load growth direction (LGD) to be computed. However, different definitions of LGD can provide different VSMs and then the VSM may not be reliable. Besides, the measure of this power transfer limit usually is related to the Saddle-Node Bifurcation. In dynamic security assessment (DSA) is highly desirable to identify limit regions where the power system can operate safely due to Hopf (HB) and Saddle-Node (SNB) Bifurcations. This paper presents a modeling of the power system incorporating the LGD variation based on participation factors to evaluate the effects on the stability margin estimation due to HB and SNB. A direct method is used to calculate the stability margin of the power system for a given load direction. The analysis was performed in the IEEE 39 bus system.
Jaiswal, Prajwal Kumar, Das, Sayari, Panigrahi, Bijaya Ketan.  2019.  PMU Based Data Driven Approach For Online Dynamic Security Assessment in Power Systems. 2019 20th International Conference on Intelligent System Application to Power Systems (ISAP). :1—7.
This paper presents a methodology for utilizing Phasor Measurement units (PMUs) for procuring real time synchronized measurements for assessing the security of the power system dynamically. The concept of wide-area dynamic security assessment considers transient instability in the proposed methodology. Intelligent framework based approach for online dynamic security assessment has been suggested wherein the database consisting of critical features associated with the system is generated for a wide range of contingencies, which is utilized to build the data mining model. This data mining model along with the synchronized phasor measurements is expected to assist the system operator in assessing the security of the system pertaining to a particular contingency, thereby also creating possibility of incorporating control and preventive measures in order to avoid any unforeseen instability in the system. The proposed technique has been implemented on IEEE 39 bus system for accurately indicating the security of the system and is found to be quite robust in the case of noise in the measurement data obtained from the PMUs.
Savitri, Nadia, Johan, Ahmad Wali Satria Bahari, Al Islama A, Firnanda, Utaminingrum, Fitri.  2019.  Efficient Technique Image Encryption with Cipher Block Chaining and Gingerbreadman Map. 2019 International Conference on Sustainable Information Engineering and Technology (SIET). :116—119.

Digital image security is now a severe issue, especially when sending images to telecommunications networks. There are many ways where digital images can be encrypted and decrypted from secure communication. Digital images contain data that is important when captured or disseminated to preserve and preserve data. The technique of encryption is one way of providing data on digital images. A key cipher block chaining and Gingerbreadman Map are used in our search to encrypt images. This new system uses simplicity, high quality, enhanced by the vehicle's natural efficiency and the number of the chain. The proposed method is performed for experimental purposes and the experiments are performed in- depth, highly reliable analysis. The results confirm that by referring to several known attacks, the plan cannot be completed. Comparative studies with other algorithms show a slight rise in the security of passwords with the advantages of security of the chain. The results of this experiment are a comparison of button sensitivity and a comparison after encryption and decryption of the initial image using the amount of pixel change rate and unified average change intensity.

Abir, Md. Towsif, Rahman, Lamiya, Miftah, Samit Shahnawaz, Sarker, Sudipta, Al Imran, Md. Ibrahim, Shafiqul Islam, Md..  2019.  Image Encryption and Decryption using Enigma Algorithm. 2019 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT). :1—5.

The main objective of this paper is to present a more secured and computationally efficient procedure of encrypting and decrypting images using the enigma algorithm in comparison to the existing methods. Available literature on image encryptions and descriptions are not highly secured in every case.To achieve more secured image processing for highly advanced technologies, a proposed algorithm can be the process used in enigma machine for image encryption and decryption. Enigma machine is piece of spook hardware that was used frequently during the World War II by the Germans. This paper describes the detailed algorithm along with proper demonstration of several essential components present in an enigma machine that is required for image security. Each pixel in a colorful picture can be represented by RGB (Red, Green, Blue) value. The range of RGB values is 0 to 255 that states the red, green and blue intensity of a particular picture.These RGB values are accessed one by one and changed into another by various steps and hence it is not possible to track the original RGB value. In order to retrieve the original image, the receiver needs to know the setting of the enigma. To compare the decrypted image with the original one,these two images are subtracted and their results are also discussed in this paper.

Bouchaala, Mariem, Ghazel, Cherif, Saidane, Leila Azouz.  2019.  Revocable Sliced CipherText Policy Attribute Based Encryption Scheme in Cloud Computing. 2019 15th International Wireless Communications Mobile Computing Conference (IWCMC). :1860—1865.

Cloud Computing is the most promising paradigm in recent times. It offers a cost-efficient service to individual and industries. However, outsourcing sensitive data to entrusted Cloud servers presents a brake to Cloud migration. Consequently, improving the security of data access is the most critical task. As an efficient cryptographic technique, Ciphertext Policy Attribute Based Encryption(CP-ABE) develops and implements fine-grained, flexible and scalable access control model. However, existing CP-ABE based approaches suffer from some limitations namely revocation, data owner overhead and computational cost. In this paper, we propose a sliced revocable solution resolving the aforementioned issues abbreviated RS-CPABE. We applied splitting algorithm. We execute symmetric encryption with Advanced Encryption Standard (AES)in large data size and asymmetric encryption with CP-ABE in constant key length. We re-encrypt in case of revocation one single slice. To prove the proposed model, we expose security and performance evaluation.

Betha, Durga Janardhana Anudeep, Bhanuj, Tatineni Sai, Umamaheshwari, B, Iyer, R. Abirami, Devi, R. Santhiya, Amirtharajan, Rengarajan, Praveenkumar, Padmapriya.  2019.  Chaotic based Image Encryption - A Neutral Perspective. 2019 International Conference on Computer Communication and Informatics (ICCCI). :1—5.

Today, there are several applications which allow us to share images over the internet. All these images must be stored in a secure manner and should be accessible only to the intended recipients. Hence it is of utmost importance to develop efficient and fast algorithms for encryption of images. This paper uses chaotic generators to generate random sequences which can be used as keys for image encryption. These sequences are seemingly random and have statistical properties. This makes them resistant to analysis and correlation attacks. However, these sequences have fixed cycle lengths. This restricts the number of sequences that can be used as keys. This paper utilises neural networks as a source of perturbation in a chaotic generator and uses its output to encrypt an image. The robustness of the encryption algorithm can be verified using NPCR, UACI, correlation coefficient analysis and information entropy analysis.

Chandra, K. Ramesh, Prudhvi Raj, B., Prasannakumar, G..  2019.  An Efficient Image Encryption Using Chaos Theory. 2019 International Conference on Intelligent Computing and Control Systems (ICCS). :1506—1510.

This paper presents the encryption of advanced pictures dependent on turmoil hypothesis. Two principal forms are incorporated into this method those are pixel rearranging and pixel substitution. Disorder hypothesis is a part of science concentrating on the conduct of dynamical frameworks that are profoundly touchy to beginning conditions. A little change influences the framework to carry on totally unique, little changes in the beginning position of a disorganized framework have a major effect inevitably. A key of 128-piece length is created utilizing mayhem hypothesis, and decoding should be possible by utilizing a similar key. The bit-XOR activity is executed between the unique picture and disorder succession x is known as pixel substitution. Pixel rearranging contains push savvy rearranging and section astute rearranging gives extra security to pictures. The proposed strategy for encryption gives greater security to pictures.

M, Raviraja Holla, D, Suma.  2019.  Memory Efficient High-Performance Rotational Image Encryption. 2019 International Conference on Communication and Electronics Systems (ICCES). :60—64.

Image encryption is an essential part of a Visual Cryptography. Existing traditional sequential encryption techniques are infeasible to real-time applications. High-performance reformulations of such methods are increasingly growing over the last decade. These reformulations proved better performances over their sequential counterparts. A rotational encryption scheme encrypts the images in such a way that the decryption is possible with the rotated encrypted images. A parallel rotational encryption technique makes use of a high-performance device. But it less-leverages the optimizations offered by them. We propose a rotational image encryption technique which makes use of memory coalescing provided by the Compute Unified Device Architecture (CUDA). The proposed scheme achieves improved global memory utilization and increased efficiency.

Ahmad, Jawad, Tahir, Ahsen, Khan, Jan Sher, Khan, Muazzam A, Khan, Fadia Ali, Arshad, Habib, Zeeshan.  2019.  A Partial Ligt-weight Image Encryption Scheme. 2019 UK/ China Emerging Technologies (UCET). :1—3.

Due to greater network capacity and faster data speed, fifth generation (5G) technology is expected to provide a huge improvement in Internet of Things (IoTs) applications, Augmented & Virtual Reality (AR/VR) technologies, and Machine Type Communications (MTC). Consumer will be able to send/receive high quality multimedia data. For the protection of sensitive multimedia data, a large number of encryption algorithms are available, however, these encryption schemes does not provide light-weight encryption solution for real-time application requirements. This paper proposes a new multi-chaos computational efficient encryption for digital images. In the proposed scheme, plaintext image is transformed using Lifting Wavelet Transform (LWT) and only one-fourth part of the transformed image is encrypted using light-weight Chebyshev and Intertwining maps. Both chaotic maps were chaotically coupled for the confusion and diffusion processes which further enhances the image security. Encryption/decryption speed and other security measures such as correlation coefficient, entropy, Number of Pixels Change Rate (NPCR), contrast, energy, homogeneity confirm the superiority of the proposed light-weight encryption scheme.

B M, Chandrakala, Linga Reddy, S C.  2019.  Proxy Re-Encryption using MLBC (Modified Lattice Based Cryptography). 2019 International Conference on Recent Advances in Energy-efficient Computing and Communication (ICRAECC). :1—5.
In last few years, Proxy Re-Encryption has been used for forwarding the encrypted message to the user, these users are the one who has not been a part of encryption. In the past several scheme were developed in order to provide the efficient and secure proxy re-encryption. However, these methodology mainly focused on features like maximum key privacy, minimal trust proxy and others. In such cases the efficiency and security was mainly ignored. Hence, in order to provide the efficient and secure proxy re-encryption, we proposed an algorithm named as MLBC (Modified Lattice Based Cryptography) is proposed. Our method is based on the PKE (Public Key Encryption) and it provides more efficiency when compared to the other cryptography technique. Later in order to evaluate the algorithm simulation is done based on several parameter such as encryption time, proxy key generation time, Re-encryption time and Total computation time. Later, it is compared with the existing algorithm and the plotted graph clearly shows that our algorithm outperforms the existing algorithm.
Cha, Suhyun, Ulbrich, Mattias, Weigl, Alexander, Beckert, Bernhard, Land, Kathrin, Vogel-Heuser, Birgit.  2019.  On the Preservation of the Trust by Regression Verification of PLC software for Cyber-Physical Systems of Systems. 2019 IEEE 17th International Conference on Industrial Informatics (INDIN). 1:413—418.

Modern large scale technical systems often face iterative changes on their behaviours with the requirement of validated quality which is not easy to achieve completely with traditional testing. Regression verification is a powerful tool for the formal correctness analysis of software-driven systems. By proving that a new revision of the software behaves similarly as the original version of the software, some of the trust that the old software and system had earned during the validation processes or operation histories can be inherited to the new revision. This trust inheritance by the formal analysis relies on a number of implicit assumptions which are not self-evident but easy to miss, and may lead to a false sense of safety induced by a misunderstood regression verification processes. This paper aims at pointing out hidden, implicit assumptions of regression verification in the context of cyber-physical systems by making them explicit using practical examples. The explicit trust inheritance analysis would clarify for the engineers to understand the extent of the trust that regression verification provides and consequently facilitate them to utilize this formal technique for the system validation.