Felicita Di Giandomenico

Definition, implementation and application of a model-based framework for analyzing interdependencies in electric power systems

Abstract Electric power systems are prominent representatives of the critical infrastructure. Existing electric power systems are composed by two cooperating infrastructures: the electric infrastructure, which is responsible for electricity generation and electricity transmission to customers; and information technology based control systems that monitor and control the physical parameters of the electric infrastructure and trigger appropriate reconfigurations in emergency situations. The interactions between these two cooperating infrastructures must be carefully analyzed to understand and characterize their (inter)dependencies, i.e., how the state of one infrastructure influences or is correlated to the state of the other. This paper proposes a model-based framework for quantitatively analyzing the propagation and impact of malfunctions in electric power systems. The framework is implemented using the stochastic activity network (SAN) formalism and is applied to concrete case studies that support the understanding and assessment of the impact of interdependencies. The results assist in developing countermeasures that can help reduce electric power system vulnerabilities.

Quantification of dependencies between electrical and information infrastructures

Abstract In this paper we present an approach to model and quantify (inter)dependencies between the Electrical Infrastructure (EI) and the Information Infrastructure (II) that implements the EI control and monitoring system. The quantification is achieved through the integration of two models: one that concentrates more on the structure of the power grid and its physical quantities and one that concentrates on the behavior of the control system supported by the II. The modeling approach is exemplified on a scenario whose goal is to study the effects of an II partial failure (a denial of service attack that compromises the communication network) on the remote control of the EI. The approach has been initially developed as part of the European project CRUTIAL.

Dependability evaluation of web service-based processes

As Web service-based system integration recently became the mainstream approach to create composite services, the dependability of such systems becomes more and more crucial. Therefore, extensions of the common service composition techniques are urgently needed in order to cover dependability aspects and a core concept for the dependability estimation of the target composite service. Since Web services-based workflows fit into the class of systems composed of multiple phases, this paper attempts to apply methodologies and tools for dependability analysis of Multiple Phased Systems (MPS) to this emerging category of dependability critical systems. The paper shows how this dependability analysis constitutes a very useful support to the service provider in choosing the most appropriate service alternatives to build up its own composite service

Evaluation of Critical Infrastructures: Challenges and Viable Approaches

The ferromagnetic core of a transformer in a switching regulator power supply is configured to improve the efficiency of the supply. Since the switching times and their resultant losses occupy a greater percentage of the energy-storage energy-transfer cycle as the operating frequency increases, efficiency is increased by narrowing the operating frequency range. There is provided a transformer core which allows the inductances in the transformer windings to vary during each energy-storage and energy-transfer half cycle. The initial inductance can be chosen such that a predetermined time interval is added to each half cycle regardless of output load to thereby decrease the operating frequency range.

Quantification of dependencies in electrical and information infrastructures: The CRUTIAL approach

In this paper we present the CRUTIAL approach to model and quantify (inter)dependencies between the Electrical Infrastructure (EI) and the Information Infrastructures (II) that implements the EI control and monitoring system. The quantification is achieved through the integration of two models: one that concentrates more on the structure of the power grid and its physical quantities and one that concentrates on the behaviour of the control system supported by the II. The modelling approach is exemplified on a scenario whose goal is to study the effects of a II partial failure (a denial of service attack that compromises the communication network) on the remote control of the EI.

Failure Diagnosis of Complex Systems

Failure diagnosis is the process of identifying the causes of impairment in a system’s function based on observable symptoms, i.e., determining which fault led to an observed failure. Since multiple faults can often lead to very similar symptoms, failure diagnosis is often the first line of defense when things go wrong - a prerequisite before any corrective actions can be undertaken. The results of diagnosis also provide data about a system’s operational fault profile for use in offline resilience evaluation. While diagnosis has historically been a largely manual process requiring significant human input, techniques to automate as much of the process as possible have significantly grown in importance in many industries including telecommunications, Internet services, automotive systems, and aerospace. This chapter presents a survey of automated failure diagnosis techniques including both model-based and model-free approaches. Industrial applications of these techniques in the above domains are presented, and finally, future trends and open challenges in the field are discussed.

Towards Automated Dependability Analysis of Dynamically Connected Systems

Dynamic environments may include autonomous and decentralised components that pose many challenges from the point of view of interoperability, thus triggering research studies in several directions. One recent research direction explores the automatic composition of heterogeneous systems through connectors synthesised at run-time. Besides functional properties, such connectors generally need to satisfy also non-functional (dependability-related) properties. This paper investigates the definition of an automated procedure to support the synthesis of dependable connectors.

Dynamic Adjustment of Dependability and Efficiency in Fault-Tolerant Software

In this paper we discuss the problem of attaining a dynamic compromise between using redundancy to improve software dependability and limiting the amount of redundancy so as to avoid unnecessary inefficiencies. A scheme, called self-configuring optimal programming (SCOP), is developed. SCOP attempts to reduce the resource cost of fault-tolerant software, both in space and time, by providing designers with a flexible redundancy architecture in which dependability and efficiency can be adjusted dynamically at run time. A design methodology is proposed to introduce support techniques for such dynamic adjustment. Our scheme also suggests a general control framework into which design diversity, data diversity and multiple copies can be incorporated selectively. A detailed dependability and efficiency evaluation shows that SCOP can achieve the same dependability level as those of other existing schemes, while making more efficient use of available resources.

A Contribution to the Evaluation of the reliability of Iterative-Execution Software

This paper deals with the reliability of software executed iteratively, as for example in process control applications. The probability of mission survival is evaluated taking account of two characteristics of iterative software: (a) system failure, defined in terms of the behaviour of the software over successive iterations, because the controlled system can usually tolerate short bursts of errors; (b) the probabilistic correlation between successive executions of the software, which is to be expected for various reasons. The paper presents models accounting for these characteristics and evaluates their effects. The interesting case of fault‐tolerant software is considered as well. Using the example of a ‘pair‐and‐spare’ type fault‐tolerant scheme, the relationships between different aspects of failure behaviour that are covered by the models developed here, and those used elsewhere for fault‐tolerant software, are shown. Copyright

Implementations and Extensions of the Conversation Concept

Conversations were proposed as a means of organizing fault tolerance by coordinated backward recovery in a set of communicating processes, avoiding the domino effect and allowing diversity in the retries. The general concept of conversations is susceptible to many different detailed implementations. We review and discuss the problems of implementation and of practical use of conversations, comparing and generalizing the solutions offered in the different existing proposals, and suggesting some useful extensions. We discuss limits to the complexity of implementations that can be exploited in practice, and to the applications that can be programmed using the conversation scheme.