Specification Mining of Time-sensitive Systems for Safety and Security Applications

用于安全和安保应用的时间敏感系统的规范挖掘

• 批准号: RGPIN-2018-04454
• 负责人: Fischmeister, Sebastian
• 金额: $ 8.01万
• 依托单位: University of Waterloo
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2022
• 资助国家: 加拿大
• 起止时间: 2022-01-01 至 2023-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=751585
• 关键词: Specification; Mining; Time; sensitive; Systems; Specification; Mining; Time; sensitive; Systems

Embedded safety-critical systems are essential for Canada and Canadians. Should safety-critical systems fail to provide their required functionality, they have the potential to cause harm to people, loss of capital infrastructure, or significant damage to the environment. Canadians rely on safety-critical systems every day as they commute to work, travel in airplanes, and undergo medical treatment in hospitals. The lives of many Canadians are dependent on these systems; people rely on pacemakers, implanted insulin pumps, and neonate incubators. Businesses rely on these systems to steer supply chains, control factories, and manage finances. Finally, Canada's safety and independence relies on these systems for modern surveillance and defense technology; all of these systems are controlled by computers and software in embedded safety-critical applications.Safety-critical systems are becoming increasingly complex; the more complex, the greater the risk of safety hazards for the public. Today's control software in vehicles and aircraft counts millions of lines of code. Increase in software complexity strongly correlates with an increase in system defects. Over the last 20 years, for instance, automotive software has become the prime reason for vehicle recalls --- accounting now for over 30% of all recalls. Defects in safety-critical systems heighten the risk of failure, which can lead to accidents severely impacting human life, property, and the environment.This proposal outlines a research programme that will research and develop technology to (1) assist in understanding complex systems and (2) build a monitoring system to detect failures before they become hazards. The programme concentrates on specification mining and runtime monitoring as the core building blocks. Specification mining uses algorithms to analyze artifacts such as system traces with the goal to extract system behaviour. Extracted system behaviour can provide dynamic views on specific aspects that a developer might be interested in, and can be used as an effective tool to comprehend complex systems. Runtime monitoring provides mechanisms to observe a system and prevent it from entering undesirable, or even erroneous states. Runtime monitoring typically uses checker code synthesized from high-level specifications to check current system behaviour, and alert or steer the system in case of violations of high-level specifications. For example, an automotive transmission shall shall remain for a minimum time on a gear before switching to avoid rapid (malicious) engine wear.By automating tools for safety and security monitoring, the programme will fundamentally advance the state-of-the-art of system development for complex embedded systems. The programme will also train HQP necessary for industry to translate the results into products to build safe and secure next-generation embedded systems.

嵌入式安全 - 关键系统对于加拿大和加拿大人至关重要。如果关键 - 关键系统无法提供其所需的功能，则可能会对人们造成伤害，资本基础设施损失或对环境的重大损害。加拿大人每天上下班，在飞机上旅行以及在医院接受医疗治疗时，每天都依靠关键安全系统。许多加拿大人的生活取决于这些系统。人们依靠起搏器，植入的胰岛素泵和新生儿孵化器。企业依靠这些系统来指导供应链，控制工厂并管理财务。最后，加拿大的安全和独立性依赖于这些系统来实现现代监视和国防技术。所有这些系统都由嵌入式安全至关重要应用中的计算机和软件控制。安全 - 安全系统变得越来越复杂。公众越复杂，对安全危害的风险越大。当今的车辆和飞机控制软件可计数数百万行代码。 软件复杂性的增加与系统缺陷的增加密切相关。例如，在过去的20年中，汽车软件已成为车辆召回的主要原因 - 现在，超过30％的召回召回了汽车软件。安全 - 关键系统的缺陷加剧了失败的风险，这可能导致事故严重影响人类的生活，财产和环境。该提案概述了一项研究计划，该计划将研究和开发技术以（1）帮助理解复杂的系统以及（2）建立监视系统，以在成为危害之前检测失败。该计划集中于规范挖掘和运行时监视作为核心构建块。规范挖掘使用算法来分析具有提取系统行为的目标的伪影，例如系统迹线。提取的系统行为可以在开发人员可能感兴趣的特定方面提供动态视图，并且可以用作理解复杂系统的有效工具。运行时监视提供了观察系统并防止其进入不良状态甚至错误状态的机制。运行时监视通常使用从高级规格合成的检查器代码检查当前系统行为，并在违反高级规格的情况下提醒或引导系统。例如，在切换之前，应在齿轮上保持最短的时间，以避免快速（恶意）发动机磨损。通过自动化安全和安全监控的工具，该程序将从根本上推动复杂嵌入式系统的系统开发的最新技术。该计划还将培训行业所需的HQP，以将结果转化为产品，以建立安全可靠的下一代嵌入式系统。