Jean Arlat

Connecting commercial computers to avionics systems

In this paper, we present two case studies identified for new aircraft generations in which bidirectional communications are carried between onboard and off-board computers. These two case studies deal respectively with flight parameter calculation and enhanced maintenance operations for future aircraft. We emphasize the safety and security challenges in such communications, and propose a safe architecture allowing the connection of commercial computers to avionics systems, without altering any embedded software component behavior.

Enhancing dependability in avionics using virtualization

Software in avionics has always been totally separated from open-world software, in order to avoid any interaction that could corrupt critical on-board systems. However, new aircraft generations need more interaction with off-board systems to offer extended services, which makes these information flows potentially dangerous.n In this paper, we present a case study (identified in the ArSec project) that requires bidirectional communication between critical on-board systems and untrusted off-board systems. We propose the use of virtualization to ensure dependability of critical applications despite such communication.

Communication Integrity in Networks for Critical Control Systems

The paper proposes a solution to the problem posed by the inclusion of complex interstage nodes into communication networks. Thus nodes are prone to exhibit failure modes that may lead to repetitive errors that breach the usual set of assumptions considered for medium-level protection mechanisms. The specific class of application targeted (e.g., servomechanisms controlling flight control surfaces) is characterized by: i) slow dynamics of the controlled processes does not impose a high integrity level for each transmitted message, but rather for a set of successive messages, ii) the reference values assigned during the mission (e.g., cruise phase) are expected to be maintained identical for several cycles, and thus should the protection fail for one message, then it will be the same for subsequent messages. To cope with this, the proposed integrity protection scheme features distinct error coding functions, thus providing complementary detection capabilities to consecutive messages

Fourth workshop on dependable and secure nanocomputing

Nanocomputing technologies hold the promise for higher performance, lower power consumption as well as increased functionality. However, the dependability of these unprecedentedly small scale devices remains uncertain. The main sources of concern are: • Nanometer devices are expected to be highly sensitive to process variations. The guard-bands used today for avoiding the impact of such variations will not represent a feasible solution in the future. Thus, timing errors may occur more frequently. • New failure modes, specific to new materials, are expected to raise serious challenges to the design and test engineers. • Environment induced errors, like single event upsets (SEU), are likely to occur more frequently than in the case of conventional semiconductor devices. • New hardware redundancy techniques are needed to enable development of energy efficient systems. • The increased complexity of the systems based on nanotechnology will require improved computer aided design (CAD) tools, as well as better validation techniques. • Security of nanocomputing systems may be threatened by malicious attacks targeting new vulnerable areas in the hardware.

Introduction to the fifth workshop on dependable and secure nanocomputing

Nanocomputing and related-enabling technologies hold the promise of higher performance and lower power consumption, as well as increased communication capabilities and functionality. In addition to the impact on today computerized systems, nanocomputing is an essential lever to foster the emerging cyberphysical system paradigm. However, the dependability and security of these unprecedentedly small devices, of their deployment, and of their interconnection remain uncertain. The main sources of concern are: • Nanometer devices are expected to be highly sensitive to process variations. The guard-bands used today for avoiding the impact of such variations will not represent a feasible solution in the future. As a consequence, timing errors and their higher frequency of occurrence have to be addressed. • New and intricate failure modes, specific to new materials, are expected to raise serious challenges to the design and test engineers. • Environment induced errors, such as single event upsets (SEU), are likely to occur more frequently than in the case of more conventional semiconductor devices. • Design of hardware architectures encompassing resilience techniques are needed to achieve the development of highly reliable energy efficient systems. • The increased complexity of the systems based on nanotechnology will require improved computer aided design (CAD) tools, as well as better validation techniques. • The security of nanocomputing systems may be threatened by malicious attacks targeting new vulnerable areas in the hardware.

Nanoscale technologies: prospect or hazard to dependable and secure computing?

The continuous advances and progress made in hardware technologies makes it possible to foresee a realm of unprecedented performance levels and of new application-driven architectural designs, e. g., see [1]. One of the main drivers is the reduction of the size of the elementary devices. Nevertheless, the evolution of nanoscale technologies raises serious challenges with respect to both dependability and security viewpoints. Issues at stake encompass three main types of concerns i) unreliability and variability that will characterize the production of emerging nanoscale devices, ii) accidental disturbances that affect the operation of the systems, iii) malicious threats targeting vulnerabilities of hardware circuits. However, on the other hand, thanks to the large scale integration, one may expect the fault tolerance techniques to come to the rescue of the limitations of the currently dominating fault avoidance approaches. After a brief review of each of these issues, we will provide a few hints concerning a proposal for resilient multicore processor chips.

Workshop on Dependable and Secure Nanocomputing

The continuous advances and progress made in hardware technology makes it possible to foresee a realm of unprecedented performance levels and new application-driven architectural designs, as evidenced by the recent announcement of a 80-core chip [1]. Nevertheless, the evolution of nanotechnologies raises serious challenges with respect to both dependability and security viewpoints. Issues at stake go far beyond developing protections with respect to accidental disturbances in operation, they also relate to the unreliability and variability that will characterize emerging nanoscale devices. Accounting for malicious threats targeting hardware circuits will constitute another increasing concern.