出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

Understanding and ensuring the resilience of the System of Systems (SoS) is a critical concern in SoS construction. This paper presents a framework to assure SoS resilience from a multi-stakeholder perspective. It begins by using System Theoretic Process Analysis (STPA) to identify properties within the SoS control structure that is related to resilience, starting from stakeholders’ potential losses. Subsequently, a consensus process model based on cooperative game is employed to facilitate stakeholder consensus on the requirements of these properties. The analysis process and consensus outcomes are organized and visualized using Goal Structuring Notation (GSN). To illustrate the proposed approach, Mobility as a Service (MaaS) is employed as a case study in this paper.

DOI： 10.1007/978-3-031-68738-9_15

Web of Science

Scopus

出版者・発行元：IEEE Access  

The prevalence and impact of code clones in software systems have been widely studied in the past few decades. However, the focus has primarily been on intra-project clones. Our work comprehensively investigates cross-project code clones in open-source software for Internet of Things (IoT) systems across multiple programming languages. This work addresses the prevalence of cross-project code clones in IoT systems and their impact on software maintainability. We collected 122 IoT system repositories in nine languages from GitHub and grouped them according to their primary functionality in IoT systems. We used MSCCD, a multilingual code clone detector to detect Type-3 code clones for each group. The results show that cross-project clones exist in more than 30% of the projects, particularly in communication-related functionalities. We tracked the historical evolution of these clones and classified them according to the revision history and changing trend of similarity. The results show that 95% cross-project clones are untouched. Moreover, clones with decreasing similarities were over 72%. Therefore, the same clone detector may no longer detect these clones. We also investigated whether these cross-project code clones lead to defect propagation by analyzing the commit message to determine the commits that fixed a defect. We identified nine defect propagation instances, of which seven remain unfixed. Our work contributes to understanding cross-project code clones, highlighting the importance of automated clone management tools for improving the quality and security of IoT system software to mitigate the risks associated with unresolved defects and inconsistencies in IoT software development.

DOI： 10.1109/ACCESS.2024.3506013

Open Access

Web of Science

Scopus

記述言語：日本語   出版者・発行元：一般社団法人 システム制御情報学会  

DOI： 10.11509/isciesci.67.12_482

CiNii Research

記述言語：日本語   出版者・発行元：Reliability Engineering and System Safety  

The development of a service that integrates multiple systems, platforms, and businesses, such as Mobility as a Service (MaaS), has attracted the attention of engineers and scholars. However, because of the complexity of the interactions of its subsystems, it is difficult to ensure the reliability of an integrated service, and the analysis approach of the individual subsystems that influence each other is insufficient. Even though many studies on functional safety for road vehicles have been conducted, there are currently no theoretical or experimental reports on MaaS reliability issues at the service level. To fill the void, we propose in this paper a resilience analysis method to facilitate the development of reliable mobility services. As a result, we proposed a novel MaaS resilience analysis and design method. We contend that a connection with enterprise architecture modeling helps to address resilience concerns for MaaS reliability. The claim is based on the close connection between resilience and reliability. Furthermore, we conduct a controlled experiment to demonstrate the efficacy of the proposed method and compare it quantitatively to a referenced method.

DOI： 10.1016/j.ress.2022.108812

Web of Science

Scopus

出版者・発行元：International Conference on Evaluation of Novel Approaches to Software Engineering, ENASE - Proceedings  

It is challenging to detect concurrency bugs with fuzzing. There are two main reasons for this. First, manifesting them by exploring input space is inefficient because they only occur under specific interleavings. Second, re-giving an input detected a bug in a fuzzing campaign does not necessarily reproduce the bug because typical runtimes do not schedule threads deterministically. This research proposes Schfuzz, a novel approach for detecting concurrency bugs with feedback-guided fuzzing. This approach executes programs under test deterministically based on test cases generated by fuzzers. In addition, it feeds back dynamic memory-access orders to aid fuzzers in detecting concurrency bugs more efficiently and effectively. We evaluate Schfuzz with a hand-made motivating example and four benchmark programs from SCTBench (Thomson et al., 2016). The result shows that it can detect concurrency bugs more efficiently and effectively than traditional feedback-guided fuzzing.

DOI： 10.5220/0011722100003464

Open Access

Web of Science

Scopus

記述言語：日本語   出版者・発行元：Computer Systems Science and Engineering  

Since entering the era of Industry 4.0, the concept of Healthcare 4.0 has also been put forward and explored by researchers. How to use Information Technology (IT) to better serve people’s healthcare is one of the most featured emerging directions in the academic circle. An important field of Healthcare 4.0 research is the reliability engineering of healthcare service. Because healthcare systems often affect the health and even life of their users, developers must be very cautious in the design, development, and operation of these healthcare systems and services. The problems to be solved include the reliability of business process, system functions, and personal healthcare data. The Functional Resonance Analysis Method (FRAM) has been applied in reliability engineering for safety-critical systems in available studies, using both qualitative and quantitative approaches. However, the method has not been applied in the field of digital healthcare services development. Therefore, to narrow the gap, we present in this paper a semi-quantitative functional resonance analysis method to develop reliable healthcare services for diabetics. Moreover, this paper has tried to improve the reliability design of the service-oriented architecture (SOA) of traditional insulin pump therapy by system thinking.

DOI： 10.32604/csse.2023.030848

Open Access

Web of Science

Scopus

出版者・発行元：Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)  

With the development of IT technology and the increasing demand for service integration, the widespread application of System of Systems (SoS) is inevitable in the era to come. Among numerous key issues related to SoS, analyzing the resilience of SoS is a challenging problem. Although many studies and discussions for system engineering have provided solutions for this problem, two significant characteristics of SoS, which are the independence of Constituent systems (CSs) and the involvement of multiple stakeholders, are ignored. Based on these two characteristics, this paper proposed a quantitative method for analyzing the resilience of SoS. The method includes visual modeling of the SoS using the EA tool ArchiMate, quantitatively simulating the model based on defining the value of service capacities of the CSs and evaluating and designing resilience from multiple stakeholders’ perspectives. Finally, a case study based on Mobility as a Service (MaaS) is presented. By analyzing resilience of MaaS, the critical node is identified, and by resilience redesign, the resilience of the SoS is improved after enhancement.

DOI： 10.1007/978-3-031-40953-0_5

Web of Science

Scopus

記述言語：日本語   出版者・発行元：日本ソフトウェア科学会  

<p>CFI (Control-Flow Integrity) is a class of defensive techniques against control-flow attacks such as Return-Oriented Programming. We propose a lightweight CFI scheme for RTOS-based applications, <I>TZmCFI</I>, which utilizes TrustZone for Armv8-M, a hardware-assisted security feature for embedded systems with tight resource constraints. TZmCFI embodies several existing CFI techniques to provide a self-contained toolset for building an instrumented application. The toolset is comprised of a modified LLVM-based compiler and a runtime library called <I>Monitor</I>. The modified LLVM code generator implements the traditional shadow stack technique by inserting calls to Monitor. To protect exception handlers, Monitor replaces an application's exception vector table and wrap interrupt handlers with <I>exception trampolines</I>, which implement variations of the <I>shadow exception stack</I> technique we proposed in our previous work. The performance evaluation on NXP Semiconductors LPC55S69 indicated a <I>-</I>7–35% increase in the execution times of FreeRTOS+MPU system calls and a 9.36% runtime overhead on CoreMark.</p>

DOI： 10.11309/jssst.39.2_39

Scopus

CiNii Research

記述言語：日本語   出版者・発行元：Proceedings - 2021 IEEE International Conference on Dependable, Autonomic and Secure Computing, International Conference on Pervasive Intelligence and Computing, International Conference on Cloud and Big Data Computing and International Conference on Cyber Science and Technology Congress, DASC/PiCom/CBDCom/CyberSciTech 2021  

Technological advances are transforming the automotive industry by increasing the number of computer-controlled auto components that provide information to remote systems through various means of communication. The changes have created new opportunities for cyber-attacks. To enable the engineering of in-vehicle embedded systems within road vehicles to keep up with changing technology and attack methods, in this year, ISO and SAE will jointly release the international standard ISO/SAE 21434. However, to date there are few studies about how to apply the standard to academia and industry. To fill this gap, the paper proposes an approach to develop assurance cases for cybersecurity argument of road vehicle in compliance with ISO/SAE 21434. We analyze the standard, and then propose a model-based approach to automotive cybersecurity assurance. After that, case studies are carried out to verify the effectiveness of the proposed method. Finally, the paper is concluded by discussing the limitations and future directions of the study.

DOI： 10.1109/DASC-PICom-CBDCom-CyberSciTech52372.2021.00022

Web of Science

Scopus

記述言語：英語   掲載種別：研究論文（学術雑誌）   出版者・発行元：一般社団法人 情報処理学会  

The use of Linux in the domain of embedded systems is growing very fast. Due to the complexity of hardware and software on Linux-based platforms, it is challenging to meet the performance requirements, especially for the mixed-criticality system with both real-time and best-effort tasks. We propose a reference design of Linux-based mixed-criticality system using PREEMPT RT patch to improve real-time performance and QEMU/KVM virtual machine to reduce interferences. An evaluation environment of the proposed design is built with recent software and hardware to investigate the performance characteristics via experimental measurements. We measure and analyze the baseline kernel latency, the system throughput and the real-time performance under multiple conditions. In detailed analysis, we reveal novel insights on the real-time capabilities and limitations of Linux-based embedded systems. The results show that our design can meet the 100 µs deadline goal of 1 kHz real-time task with high probability under various extreme interferences, and can deliver high throughput for best-effort workload.

DOI： 10.2197/ipsjjip.31.78

Open Access

Scopus

CiNii Research

記述言語：日本語   掲載種別：研究論文（研究会，シンポジウム資料等）  

記述言語：日本語   掲載種別：研究論文（研究会，シンポジウム資料等）  

記述言語：日本語   掲載種別：研究論文（研究会，シンポジウム資料等）  

記述言語：日本語   掲載種別：研究論文（研究会，シンポジウム資料等）  

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：International Journal of Parallel Programming  

Control-Flow Integrity (CFI) is a class of defensive techniques against control-flow attacks such as Return-Oriented Programming. We propose a light-weight CFI scheme for RTOS-based applications, TZmCFI, which utilizes TrustZone for Armv8-M, a hardware-assisted security feature for embedded systems with tight resource constraints. TZmCFI embodies several existing CFI techniques to provide a comprehensive protection. The traditional shadow stack technique is used to ensure stack integrity and validate function returns. To protect exception handlers, TZmCFI extends shadow exception stacks, which are a variant of the traditional shadow stack technique we proposed in our previous work, for RTOS integration and performance improvement. We conducted an experiment on Arm Versatile Express Cortex-M Prototyping System (V2M-MPS2+) to evaluate the run-time overhead of the proposed system.

DOI： 10.1007/s10766-020-00673-z

Open Access

Web of Science

Scopus

その他リンク： http://link.springer.com/article/10.1007/s10766-020-00673-z/fulltext.html

記述言語：日本語   掲載種別：研究論文（研究会，シンポジウム資料等）  

記述言語：日本語   掲載種別：研究論文（研究会，シンポジウム資料等）  

記述言語：日本語   掲載種別：研究論文（学術雑誌）  

記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

担当区分：最終著者   記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

In recent years, curial incidents and accidents have been reported due to
un-intended control caused by misjudgment of statistical machine learning
(SML), which include deep learning. The international functional safety
standards for Electric/Electronic/Programmable (E/E/P) systems have been widely
spread to improve safety. However, most of them do not recom-mended to use SML
in safety critical systems so far. In practical the new concepts and methods
are urgently required to enable SML to be safely used in safety critical
systems. In this paper, we organize five kinds of technical safety concepts
(TSCs) for SML components toward accordance with functional safety standards.
We discuss not only quantitative evaluation criteria, but also development
process based on XAI (eXplainable Artificial Intelligence) and Automotive SPICE
to improve explainability and reliability in development phase. Fi-nally, we
briefly compare the TSCs in cost and difficulty, and expect to en-courage
further discussion in many communities and domain.

arXiv

その他リンク： http://arxiv.org/pdf/2008.01263v1

担当区分：最終著者   記述言語：英語   掲載種別：研究論文（国際会議プロシーディングス）  

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

This report provides an introduction and overview of the Technical Topic
Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance
of autonomous Road vehicleS (Tigars) project. These notes aim to support the
development and evaluation of autonomous vehicles. Part 1 addresses:
Assurance-overview and issues, Resilience and Safety Requirements, Open Systems
Perspective and Formal Verification and Static Analysis of ML Systems. Part 2:
Simulation and Dynamic Testing, Defence in Depth and Diversity,
Security-Informed Safety Analysis, Standards and Guidelines.

arXiv

その他リンク： http://arxiv.org/pdf/2003.00789v1

記述言語：英語   掲載種別：研究論文（その他学術会議資料等）  

This report provides an introduction and overview of the Technical Topic
Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance
of autonomous Road vehicleS (Tigars) project. These notes aim to support the
development and evaluation of autonomous vehicles. Part 1 addresses:
Assurance-overview and issues, Resilience and Safety Requirements, Open Systems
Perspective and Formal Verification and Static Analysis of ML Systems. This
report is Part 2 and discusses: Simulation and Dynamic Testing, Defence in
Depth and Diversity, Security-Informed Safety Analysis, Standards and
Guidelines.

arXiv

その他リンク： http://arxiv.org/pdf/2003.00790v1

記述言語：日本語   掲載種別：研究論文（学術雑誌）   出版者・発行元：日本ソフトウェア科学会  

<p>Embedded systems are moving to multi-core and many-core platforms to satisfy the ever-growing demand for computing power. Complex task like autonomous driving will include both real-time applications and high-performance applications. Research has shown that traditional RTOS can be optimized to provide good scalability for parallel computing. The lack of performance analysis tools, however, is one of the major obstacles for identifying bottlenecks.<br/>In this paper, we first discuss the characteristics and challenges of existing tools used in high-performance computing. To meet the requirements of embedded systems, a generic infrastructure for creating customized profilers flexibly and effortlessly is then presented. As an example, a scalable and optimized call graph profiler has been developed. At last, we evaluate our profiler and existing profiler by measuring benchmark application on a 36-core platform. The results show that our profiler can provide much higher accuracy with very low overhead.</p>

DOI： 10.11309/jssst.37.1_54

Scopus

CiNii Research

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： https://doi.org/10.2197/ipsjjip.27.136

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： 10.1109/ACCESS.2018.2870695

記述言語：英語   掲載種別：研究論文（学術雑誌）  

DOI： https://doi.org/doi:10.1016/j.suscom.2018.10.001

記述言語：日本語  

記述言語：英語  

記述言語：日本語  

記述言語：日本語  

記述言語：日本語  

担当区分：筆頭著者   記述言語：日本語  

記述言語：英語  

開催年月日： 2021年6月

記述言語：日本語   会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催年月日： 2021年2月

記述言語：日本語   会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催地：オンライン  

開催年月日： 2021年1月

記述言語：日本語   会議種別：口頭発表（招待・特別）  

開催地：オンライン  

開催年月日： 2020年10月

会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催地：京都  

開催年月日： 2020年10月 - 2020年12月

記述言語：日本語   会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催地：オンライン  

開催年月日： 2020年7月

会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催地：オンライン  

開催年月日： 2019年12月

記述言語：日本語   会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催地：名古屋   国名：日本国  

開催年月日： 2019年12月

記述言語：日本語   会議種別：口頭発表（招待・特別）  

開催地：東京   国名：日本国  

開催年月日： 2019年11月

記述言語：日本語   会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催地：横浜   国名：日本国  

開催年月日： 2019年11月

記述言語：日本語   会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催地：札幌   国名：日本国  

開催年月日： 2019年9月

記述言語：日本語   会議種別：口頭発表（招待・特別）  

開催地：東京   国名：日本国  

開催年月日： 2019年8月

記述言語：日本語   会議種別：公開講演，セミナー，チュートリアル，講習，講義等  

開催地：東京   国名：日本国  

開催年月日： 2019年7月

記述言語：日本語   会議種別：口頭発表（招待・特別）  

開催地：東京   国名：日本国  

開催年月日： 2019年6月

記述言語：日本語   会議種別：口頭発表（招待・特別）  

開催地：東京   国名：日本国