Learn More
We review and compare three notions of conformance testing for cyber-physical systems. We begin with a review of their underlying semantic models and present conformance-preserving translations between them. We identify the differences in the underlying semantic models and the various design decisions that lead to these substantially different notions of(More)
A separation kernel simulates a distributed environment using a single physical machine by executing partitions in isolation and appropriately controlling communication among them. We present a formal verification of information flow security for a simple separation kernel for ARMv7. Previous work on information flow kernel security leaves communication to(More)
In this paper, we present a formal model, named PobSAM (Policy-based Self-Adaptive Model), for developing and modeling self-adaptive evolving systems. In this model, policies are used as a mechanism to direct and adapt the behavior of self-adaptive systems. A PobSAM model is a collection of autonomous managers and managed actors. The managed actors are(More)
PobSAM is a flexible actor-based model with formal foundation for model-based development of self-adaptive systems. In PobSAM policies are used to control and adapt the system behavior, and allow us to decouple the adaptation concerns from the application code. In this paper, we use the actor-based language Rebeca to model check PobSAM models. Since(More)
In this paper, we present a formal model, named PobSAM (Policy-based Self-Adaptive Model), for modeling self-adaptive systems. In this model, policies are used as a mechanism to direct and adapt the behavior of self-adaptive systems. A PobSAM model consists of a set of self-managed modules(SMM). An SMM is a collection of autonomous managers and managed(More)
Nowadays, service oriented architecture has been given strong attention as an important approach to integrate heterogeneous systems, in which complex services are created by composing simpler services offered by various systems. The correctness of composition requires techniques to verify if the composite service behaves properly. To this end, in this paper(More)
In this paper, we formally verify security properties of the ARMv7 Instruction Set Architecture (ISA) for user mode executions. To obtain guarantees that arbitrary (and unknown) user processes are able to run isolated from privileged software and other user processes, instruction level noninterference and integrity properties are provided, along with proofs(More)
Intrusion detection can no longer satisfy security needs of an organization solely. Recently, the attention of security community turned to automatic intrusion response and prevention, as the techniques, to protect network resources as well as to reduce the attack damages. Knowing attack scenarios enables the system administrator to respond to the threats(More)