2008 Second International Conference on Emerging Security Information, Systems and Technologies, 2008
Distributed Denial-of-Service attacks pose unpredictable threats to the internet infrastructure a... more Distributed Denial-of-Service attacks pose unpredictable threats to the internet infrastructure and internetbased business. Thus, many attack detection systems and anomaly detection methods were developed in the past. A realistic evaluation of these mechanisms and comparable results, however, are impossible up to now. Furthermore, an adaptation to new situations or an extension of existing systems in most cases is complex and time-consuming. Therefore, we developed a framework for attack detection which allows for an integration of various detection methods as lightweight modules. These modules can be combined easily and arbitrarily and thus, adapted to varying situations. Additionally, our framework can be applied in different runtime environments transparently. This enables an easy evaluation with meaningful and comparable results based on realistic large-scale scenarios, e. g. by using a network simulator.
Proceedings of the 4th international ACM Sigsoft symposium on Architecting critical systems - ISARCS '13, 2013
ABSTRACT To guarantee high availability, automation systems must be fault-tolerant. To this end, ... more ABSTRACT To guarantee high availability, automation systems must be fault-tolerant. To this end, they must provide redundant solutions for the critical parts of the system. Classical fault tolerance patterns such as standby or N-modular redundancy provide system stability in the case of a fault. Fault tolerance is subsequently degraded or, depending on the number of deployed replicas, often even unavailable until the system has been repaired. We introduce a combination of a component-based framework, redundancy patterns, and a runtime manager, which is able to provide fault tolerance, to detect host failures, and to trigger a reconfiguration of the system at runtime. This combined solution maintains system operation in case a fault occurs and automatically restores fault tolerance. The proposed solution is validated using a case study of an industrial distributed automation system. The validation shows how our solution quickly restores fault tolerance without the need for operator intervention or immediate hardware replacement while limiting the impact on other applications.
ABSTRACT Corporate organizations sometimes offer similar software products in certain domains due... more ABSTRACT Corporate organizations sometimes offer similar software products in certain domains due to former company mergers or due to the complexity of the organization. The functional overlap of such products is an opportunity for future systematic reuse to reduce software development and maintenance costs. Therefore, we have tailored existing domain analysis methods to our organization to identify commonalities and variabilities among such products and to assess the potential for software product line (SPL) approaches. As an exploratory case study, we report on our experiences and lessons learned from conducting the domain analysis in four application cases with large-scale software products. We learned that the outcome of a domain analysis was often a smaller integration scenario instead of an SPL and that business case calculations were less relevant for the stakeholders and managers from the business units during this phase. We also learned that architecture reconstruction using a simple block diagram notation aids domain analysis and that large parts of our approach were reusable across application cases.
atp edition - Automatisierungstechnische Praxis, 2012
Multicore-Prozessoren werden vermehrt in der Automatisierungstechnik eingesetzt. Dies erzeugt neu... more Multicore-Prozessoren werden vermehrt in der Automatisierungstechnik eingesetzt. Dies erzeugt neue Herausforderungen für die Softwareentwicklung: Einerseits soll die vorhandene Hardware optimal ausgenutzt, andererseits müssen strenge Echtzeitanforderungen auch von paralleler Software erfüllt werden, und die Systeme sollen flexibel bleiben, um zeitnah auf Änderungen der Systemanforderungen reagieren zu können. Der Beitrag befasst sich mit Fasa (Future Automation System Architecture), einer komponentenbasierten Architektur und Ausführungsumgebung für modulare, verteilte und dynamische Automatisierungssysteme mit Multicore-Prozessoren. Die Architektur vereinfacht die deterministische verteilte Ausführung von Applikationen. Fasa bietet Features wie softwarebasierte Fehlertoleranz und Softwareupdates zur Laufzeit als einfach zu nutzende Dienste für den Anwendungsentwickler. SCHLAGWÖRTER Verteilte Systeme / Multicore / Modularität / Fehlertoleranz Flexible distributed automation systems with FASA-A software architecture for parallel real-time systems The advent of multicore CPUs in automation raises some challenges for software engineering. On the one hand, existing hardware should be optimally used. On the other hand, strict real-time requirements must be satisfied by parallel software. At the same time, systems should remain flexible to be able to react quickly to changing system requirements. Fasa is a component-based architecture and execution environment for modular, dynamic automation systems with multicore CPUs and distributed execution. Fasa simplifies the deterministic distributed execution of applications and offers novel features such as software-based fault tolerance and software updates during runtime as transparent and easy-to-use services for application developers.
ABSTRACT Modern automation systems have to cope with large amounts of sensor data to be processed... more ABSTRACT Modern automation systems have to cope with large amounts of sensor data to be processed, stricter security requirements, heterogeneous hardware, and an increasing need for flexibility. The challenges for tomorrow's automation systems need software architectures of today's real-time controllers to evolve. This article presents FASA, a modern software architecture for next-generation automation systems. FASA provides concepts for scalable, flexible, and platform-independent real-time execution frameworks, which also provide advanced features such as software-based fault tolerance and high degrees of isolation and security. We show that FASA caters for robust execution of time-critical applications even in parallel execution environments such as multi-core processors. We present a reference implementation of FASA that controls a magnetic levitation device. This device is sensitive to any disturbance in its real-time control and thus, provides a suitable validation scenario. Our results show that FASA can sustain its advanced features even in high-speed control scenarios at 1 kHz.
The discrete event simulator OMNeT++ is nowadays used for network simulations in the majority of ... more The discrete event simulator OMNeT++ is nowadays used for network simulations in the majority of cases. Unfortu- nately, it is not possible to easily integrate real world net- working applications into simulation models. This, however, would enable less complex and more efficient development and evaluation of real applications, especially of those that work in a distributed manner, in comparison to
... 2007. [2] G. Carl, G. Kesidis, R. Brooks, and S. Rai. Denial-of-Service Attack-Detection Tech... more ... 2007. [2] G. Carl, G. Kesidis, R. Brooks, and S. Rai. Denial-of-Service Attack-Detection Techniques. ... 2004. [5] D. Frincke and E. Wilhite. Distributed Network Defense. In Proc. of the IEEE Workshop on Information Assurance and Security, pages 236–238, June 2001. ...
2008 Second International Conference on Emerging Security Information, Systems and Technologies, 2008
Distributed Denial-of-Service attacks pose unpredictable threats to the internet infrastructure a... more Distributed Denial-of-Service attacks pose unpredictable threats to the internet infrastructure and internetbased business. Thus, many attack detection systems and anomaly detection methods were developed in the past. A realistic evaluation of these mechanisms and comparable results, however, are impossible up to now. Furthermore, an adaptation to new situations or an extension of existing systems in most cases is complex and time-consuming. Therefore, we developed a framework for attack detection which allows for an integration of various detection methods as lightweight modules. These modules can be combined easily and arbitrarily and thus, adapted to varying situations. Additionally, our framework can be applied in different runtime environments transparently. This enables an easy evaluation with meaningful and comparable results based on realistic large-scale scenarios, e. g. by using a network simulator.
Proceedings of the 4th international ACM Sigsoft symposium on Architecting critical systems - ISARCS '13, 2013
ABSTRACT To guarantee high availability, automation systems must be fault-tolerant. To this end, ... more ABSTRACT To guarantee high availability, automation systems must be fault-tolerant. To this end, they must provide redundant solutions for the critical parts of the system. Classical fault tolerance patterns such as standby or N-modular redundancy provide system stability in the case of a fault. Fault tolerance is subsequently degraded or, depending on the number of deployed replicas, often even unavailable until the system has been repaired. We introduce a combination of a component-based framework, redundancy patterns, and a runtime manager, which is able to provide fault tolerance, to detect host failures, and to trigger a reconfiguration of the system at runtime. This combined solution maintains system operation in case a fault occurs and automatically restores fault tolerance. The proposed solution is validated using a case study of an industrial distributed automation system. The validation shows how our solution quickly restores fault tolerance without the need for operator intervention or immediate hardware replacement while limiting the impact on other applications.
ABSTRACT Corporate organizations sometimes offer similar software products in certain domains due... more ABSTRACT Corporate organizations sometimes offer similar software products in certain domains due to former company mergers or due to the complexity of the organization. The functional overlap of such products is an opportunity for future systematic reuse to reduce software development and maintenance costs. Therefore, we have tailored existing domain analysis methods to our organization to identify commonalities and variabilities among such products and to assess the potential for software product line (SPL) approaches. As an exploratory case study, we report on our experiences and lessons learned from conducting the domain analysis in four application cases with large-scale software products. We learned that the outcome of a domain analysis was often a smaller integration scenario instead of an SPL and that business case calculations were less relevant for the stakeholders and managers from the business units during this phase. We also learned that architecture reconstruction using a simple block diagram notation aids domain analysis and that large parts of our approach were reusable across application cases.
atp edition - Automatisierungstechnische Praxis, 2012
Multicore-Prozessoren werden vermehrt in der Automatisierungstechnik eingesetzt. Dies erzeugt neu... more Multicore-Prozessoren werden vermehrt in der Automatisierungstechnik eingesetzt. Dies erzeugt neue Herausforderungen für die Softwareentwicklung: Einerseits soll die vorhandene Hardware optimal ausgenutzt, andererseits müssen strenge Echtzeitanforderungen auch von paralleler Software erfüllt werden, und die Systeme sollen flexibel bleiben, um zeitnah auf Änderungen der Systemanforderungen reagieren zu können. Der Beitrag befasst sich mit Fasa (Future Automation System Architecture), einer komponentenbasierten Architektur und Ausführungsumgebung für modulare, verteilte und dynamische Automatisierungssysteme mit Multicore-Prozessoren. Die Architektur vereinfacht die deterministische verteilte Ausführung von Applikationen. Fasa bietet Features wie softwarebasierte Fehlertoleranz und Softwareupdates zur Laufzeit als einfach zu nutzende Dienste für den Anwendungsentwickler. SCHLAGWÖRTER Verteilte Systeme / Multicore / Modularität / Fehlertoleranz Flexible distributed automation systems with FASA-A software architecture for parallel real-time systems The advent of multicore CPUs in automation raises some challenges for software engineering. On the one hand, existing hardware should be optimally used. On the other hand, strict real-time requirements must be satisfied by parallel software. At the same time, systems should remain flexible to be able to react quickly to changing system requirements. Fasa is a component-based architecture and execution environment for modular, dynamic automation systems with multicore CPUs and distributed execution. Fasa simplifies the deterministic distributed execution of applications and offers novel features such as software-based fault tolerance and software updates during runtime as transparent and easy-to-use services for application developers.
ABSTRACT Modern automation systems have to cope with large amounts of sensor data to be processed... more ABSTRACT Modern automation systems have to cope with large amounts of sensor data to be processed, stricter security requirements, heterogeneous hardware, and an increasing need for flexibility. The challenges for tomorrow's automation systems need software architectures of today's real-time controllers to evolve. This article presents FASA, a modern software architecture for next-generation automation systems. FASA provides concepts for scalable, flexible, and platform-independent real-time execution frameworks, which also provide advanced features such as software-based fault tolerance and high degrees of isolation and security. We show that FASA caters for robust execution of time-critical applications even in parallel execution environments such as multi-core processors. We present a reference implementation of FASA that controls a magnetic levitation device. This device is sensitive to any disturbance in its real-time control and thus, provides a suitable validation scenario. Our results show that FASA can sustain its advanced features even in high-speed control scenarios at 1 kHz.
The discrete event simulator OMNeT++ is nowadays used for network simulations in the majority of ... more The discrete event simulator OMNeT++ is nowadays used for network simulations in the majority of cases. Unfortu- nately, it is not possible to easily integrate real world net- working applications into simulation models. This, however, would enable less complex and more efficient development and evaluation of real applications, especially of those that work in a distributed manner, in comparison to
... 2007. [2] G. Carl, G. Kesidis, R. Brooks, and S. Rai. Denial-of-Service Attack-Detection Tech... more ... 2007. [2] G. Carl, G. Kesidis, R. Brooks, and S. Rai. Denial-of-Service Attack-Detection Techniques. ... 2004. [5] D. Frincke and E. Wilhite. Distributed Network Defense. In Proc. of the IEEE Workshop on Information Assurance and Security, pages 236–238, June 2001. ...
Uploads
Papers by T69 Gamer