Generalized Fault Trees: from reliability to security

Fault Trees (FT) are widespread models in the reliability \ufb01eld, but they lack of modelling power. So, in the literature, several extensions have been proposed and introduced speci\ufb01c new modelling primitives. Attack Trees (AT) have gained acceptance in the \ufb01eld of security. They follow the same notation of standard FT,but they represent the combinations of actions necessary for the success of an attack to a computing system. In this paper, we extend the AT formalism by exploiting the new primitives introduced in speci\ufb01c FT extensions. This leads to more accurate models. The approach is applied to a case study: the AT is exploited to represent the attack mode and compute speci\ufb01c quantitative measures about the system security

UML class diagrams supporting formalism definition in the Draw-Net Modeling System

The Draw-Net Modeling System (DMS) is a customizable framework supporting the design and the solution of models expressed in any graph-based formalism, thanks to an open architecture. During the years, many formalisms (Petri Nets, Bayesian Networks, Fault Trees, etc.) have been included in DMS. A formalism defines all the primitives that can be used in a model (nodes, arcs, properties, etc.) and is stored into XML files. The paper describes a new way to manage formalisms: the user can create a new formalism by drawing a UML Class Diagrams (CD); then the corresponding XML files are automatically generated. If instead the user intends to edit an existing formalism, a "reverse engineering" function generates the CD from the XML files. The CD can be handled inside DMS, and acts an intuitive and graphical "meta-model" to represent the formalism. An application example is presented

SAN models of a benchmark on dynamic reliability

This report provides the detailed description of the Stochastic Activity Network (SAN) models appearing in [1] and concerning a benchmark on dynamic reliability taken from the literature

Extended Fault Trees Analysis supported by Stochastic Petri Nets

This work presents several extensions to the Fault Tree [90] formalism used to build models oriented to the Dependability [103] analysis of systems. In this way, we increment the modelling capacity of Fault Trees which turn from simple combinatorial models to an high level language to represent more complicated aspects of the behaviour and of the failure mode of systems. Together with the extensions to the Fault Tree formalism, this work proposes solution methods for extended Fault Trees in order to cope with the new modelling facilities. These methods are mainly based on the use of Stochastic Petri Nets. Some of the formalisms described in this work are already present in the literature; for them we propose alternative solution methods with respect to the existing ones. Other formalisms are instead part of the original contribution of this work

Evaluation of a benchmark on dynamic reliability via Fluid Stochastic Petri Nets

The paper presents the evaluation of a benchmark on dynamic reliability. Such system consists of a tank containing some liquid, two pumps and one valve to renew the liquid in the tank, a heat source warming the liquid, and a controller acting on the state of the components. Three failure conditions are possible: the dry out, the over\ufb02ow or the high temperature of the liquid. Due to the presence of continuous variables, such as the liquid level and temperature, the system is modelled as a Fluid Stochastic Petri Net which is the object of simulation obtaining the unreliability evaluation of the system

Mean field analysis for Continuous Time Bayesian Networks

In this paper we investigate the use of the mean field technique to analyze Continuous Time Bayesian Networks (CTBN). They model continuous time evolving variables with exponentially distributed transition rates depending on the parent variables in the graph. CTBN inference consists of computing the probability distribution of a subset of variables, conditioned by the observation of other variables' values (evidence). The computation of exact results is often unfeasible due to the complexity of the model. For such reason, the possibility to perform the CTBN inference through the equivalent Generalized Stochastic Petri Net (GSPN) was investigated in the past. In this paper instead, we explore the use of mean field approximation and apply it to a well-known epidemic case study. The CTBN model is converted in both a GSPN and in a mean field based model. The example is then analyzed with both solutions, in order to evaluate the accuracy of the mean field approximation for the computation of the posterior probability of the CTBN given an evidence. A summary of the lessons learned during this preliminary attempt concludes the paper

Modelling dynamic reliability via Fluid Petri Nets

Combinatorial models for reliability analysis (like fault-trees or block diagram) are static models that cannot include any type of component dependence. In the CTMC (Continuous Time Markov Chain) framework, the transition rates can depend on the state of the system thus allowing the analyst to include some dependencies among components. However, in more general terms, the system reliability may depend on parameters or quantities that vary continuously in time (like temperature, pressure, distance, etc.). Systems whose behavior in time can be described by discrete as well as continuous variables, are called hybrid systems. In the dependability literature, the case in which the reliability characteristics vary continuously versus a process parameter, is sometimes referred to as dynamic reliability [1]. The modelling and analysis of hybrid dynamic systems is an open research area. The present paper discusses the evaluation of a benchmark on dynamic reliability proposed in [1] via a modelling framework called Fluid Stochastic Petri Net (FSPN)

Representing domains and scenarios by means of model replication and composition

We consider a domain as a particular system or a portion of the system, while a scenario is a sequence of effects on the domain, originated by a particular event or condition. We show how it is possible to build first the model of the domain by replication and composition of atomic models, each representing a particular aspect of the domain. Then, the models of the scenarios are obtained from the domain\u2019s model, by composing further atomic models representing the events originating the scenarios. In particular, we take into account the domain consisting of one control centre and a set of substations inside an electrical distribution grid, communicating by means of a network. We consider scenarios originated by threats such as the denial of service attack to the communication network, and the temporary unavailability of substations due to the failure and the repair of the internal components. Stochastic Activity Networks (SAN) are the modelling formalism. The simulation of the models representing the scenarios, estimates the impact of the threats on the communication reliability