https://www.mdu.se/

mdu.sePublikationer
Ändra sökning
Länk till posten
Permanent länk

Direktlänk
Abbaspour Asadollah, SaraORCID iD iconorcid.org/0000-0002-5058-7351
Publikationer (10 of 26) Visa alla publikationer
Moradi, F., Abbaspour Asadollah, S., Pourvatan, B., Moezkarimi, Z. & Sirjani, M. (2024). CRYSTAL framework: Cybersecurity assurance for cyber-physical systems. The Journal of logical and algebraic methods in programming, 139
Öppna denna publikation i ny flik eller fönster >>CRYSTAL framework: Cybersecurity assurance for cyber-physical systems
Visa övriga...
2024 (Engelska)Ingår i: The Journal of logical and algebraic methods in programming, ISSN 2352-2208, E-ISSN 2352-2216, ISSN 2352-2208, Vol. 139Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

We propose CRYSTAL framework for automated cybersecurity assurance of cyber-physical systems (CPS) at design-time and runtime. We build attack models and apply formal verification to recognize potential attacks that may lead to security violations. We focus on both communication and computation in designing the attack models. We build a monitor to check and manage security at runtime and use a reference model, called Tiny Digital Twin, in detecting attacks. The Tiny Digital Twin is an abstract behavioral model that is automatically derived from the state space generated by model checking during design-time. Using CRYSTAL, we are able to systematically model and check complex coordinated attacks. In this paper we discuss the applicability of CRYSTAL in security analysis and attack detection for different case studies, Temperature Control System (TCS), Pneumatic Control System (PCS), and Secure Water Treatment System (SWaT). We provide a detailed description of the framework and explain how it works in different cases.

Ort, förlag, år, upplaga, sidor
Elsevier, 2024
Nyckelord
Cyber-Physical Systems (CPS), Formal verification, Model abstraction, Attack detection system, Runtime monitoring, Tiny Digital Twin
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:mdh:diva-66419 (URN)10.1016/j.jlamp.2024.100965 (DOI)001224282500001 ()2-s2.0-85189706631 (Scopus ID)
Tillgänglig från: 2024-04-14 Skapad: 2024-04-14 Senast uppdaterad: 2024-05-29Bibliografiskt granskad
Moradi, F., Pourvatan, B., Abbaspour Asadollah, S. & Sirjani, M. (2024). Tiny Twins for detecting cyber-attacks at runtime using concise Rebeca time transition system. Journal of Parallel and Distributed Computing, 184, Article ID 104780.
Öppna denna publikation i ny flik eller fönster >>Tiny Twins for detecting cyber-attacks at runtime using concise Rebeca time transition system
2024 (Engelska)Ingår i: Journal of Parallel and Distributed Computing, ISSN 0743-7315, E-ISSN 1096-0848, Vol. 184, artikel-id 104780Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

This paper presents a method for detecting cyber-attacks in cyber-physical systems using a monitor. The method employs an abstract model called Tiny Twin, which is built at design time and is used at runtime to detect inconsistencies. Tiny Twin is a state transition system that represents the observable behavior of the system from the monitor point of view. We model the behavior of the system in the Rebeca modeling language and use Afra model checker to generate the state space. The Tiny Twin is built automatically, by abstracting the state space while keeping the observable actions and preserving the trace equivalence. For doing that we had to solve the complexities in the state space introduced by time-shifts, nondeterministic assignments and abstraction of internal actions. We formally define the state space as Concise Rebeca Timed Transition System (CRTTS), and then map CRTTS to an LTS. The LTS is then fed to a tool to abstract away the non-observable actions.

Ort, förlag, år, upplaga, sidor
Academic Press Inc., 2024
Nyckelord
Cyber-security, Intrusion detection systems, Model abstraction, Model checking, Runtime monitoring, Abstracting, Computer crime, Crime, Cyber attacks, Cyber Physical System, Embedded systems, Intrusion detection, Modeling languages, Network security, Cyber security, Cyber-attacks, Models checking, Runtimes, State-space, Time transition, Timed transition systems
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:mdh:diva-64590 (URN)10.1016/j.jpdc.2023.104780 (DOI)001099111600001 ()2-s2.0-85173631477 (Scopus ID)
Tillgänglig från: 2023-10-30 Skapad: 2023-10-30 Senast uppdaterad: 2024-04-14Bibliografiskt granskad
Ciccozzi, F., Addazi, L., Abbaspour Asadollah, S., Lisper, B., Masud, A. N. & Mubeen, S. (2023). A Comprehensive Exploration of Languages for Parallel Computing. ACM Computing Surveys, 55(2), Article ID 21.
Öppna denna publikation i ny flik eller fönster >>A Comprehensive Exploration of Languages for Parallel Computing
Visa övriga...
2023 (Engelska)Ingår i: ACM Computing Surveys, ISSN 0360-0300, E-ISSN 1557-7341, Vol. 55, nr 2, artikel-id 21Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

Software-intensive systems in most domains, from autonomous vehicles to health, are becoming predominantly parallel to efficiently manage large amount of data in short (even real-) time. There is an incredibly rich literature on languages for parallel computing, thus it is difficult for researchers and practitioners, even experienced in this very field, to get a grasp on them. With this work we provide a comprehensive, structured, and detailed snapshot of documented research on those languages to identify trends, technical characteristics, open challenges, and research directions. In this article, we report on planning, execution, and results of our systematic peer-reviewed as well as grey literature review, which aimed at providing such a snapshot by analysing 225 studies.

Ort, förlag, år, upplaga, sidor
ASSOC COMPUTING MACHINERY, 2023
Nyckelord
Parallel computing, programming, modelling, languages, frameworks, systematic literature review
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
urn:nbn:se:mdh:diva-58152 (URN)10.1145/3485008 (DOI)000778458900001 ()2-s2.0-85128233360 (Scopus ID)
Tillgänglig från: 2022-06-23 Skapad: 2022-06-23 Senast uppdaterad: 2022-08-29Bibliografiskt granskad
Salimi, M., Loni, M., Sirjani, M., Cicchetti, A. & Abbaspour Asadollah, S. (2023). SARAF: Searching for Adversarial Robust Activation Functions. In: ACM International Conference Proceeding Series: . Paper presented at 6th International Conference on Machine Vision and Applications, ICMVA 2023, Singapore, Singapore, 10 March 2023 through 12 March 2023 (pp. 174-182). Association for Computing Machinery
Öppna denna publikation i ny flik eller fönster >>SARAF: Searching for Adversarial Robust Activation Functions
Visa övriga...
2023 (Engelska)Ingår i: ACM International Conference Proceeding Series, Association for Computing Machinery , 2023, s. 174-182Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Convolutional Neural Networks (CNNs) have received great attention in the computer vision domain. However, CNNs are vulnerable to adversarial attacks, which are manipulations of input data that are imperceptible to humans but can fool the network. Several studies tried to address this issue, which can be divided into two categories: (i) training the network with adversarial examples, and (ii) optimizing the network architecture and/or hyperparameters. Although adversarial training is a sufficient defense mechanism, they suffer from requiring a large volume of training samples to cover a wide perturbation bound. Tweaking network activation functions (AFs) has been shown to provide promising results where CNNs suffer from performance loss. However, optimizing network AFs for compensating the negative impacts of adversarial attacks has not been addressed in the literature. This paper proposes the idea of searching for AFs that are robust against adversarial attacks. To this aim, we leverage the Simulated Annealing (SA) algorithm with a fast convergence time. This proposed method is called SARAF. We demonstrate the consistent effectiveness of SARAF by achieving up to 16.92%, 18.3%, and 15.57% accuracy improvement against BIM, FGSM, and PGD adversarial attacks, respectively, over ResNet-18 with ReLU AFs (baseline) trained on CIFAR-10. Meanwhile, SARAF provides a significant search efficiency compared to random search as the optimization baseline.

Ort, förlag, år, upplaga, sidor
Association for Computing Machinery, 2023
Nyckelord
Activation Function, Adversarial Attack, Convolutional Neural Network, Optimization, Robustness, Chemical activation, Convolution, Convolutional neural networks, Network architecture, Activation functions, Defence mechanisms, Hyper-parameter, Input datas, Large volumes, Network activations, Optimisations, Simulated annealing
Nationell ämneskategori
Datavetenskap (datalogi)
Identifikatorer
urn:nbn:se:mdh:diva-63891 (URN)10.1145/3589572.3589598 (DOI)2-s2.0-85163400963 (Scopus ID)9781450399531 (ISBN)
Konferens
6th International Conference on Machine Vision and Applications, ICMVA 2023, Singapore, Singapore, 10 March 2023 through 12 March 2023
Tillgänglig från: 2023-07-19 Skapad: 2023-07-19 Senast uppdaterad: 2023-07-19Bibliografiskt granskad
Abbaspour Asadollah, S. (2022). Cyberattacks: Modeling, Analysis, and Mitigation. In: Proceedings - 2022 6th International Conference on Computer, Software and Modeling: ICCSM 2022. Paper presented at 6th International Conference on Computer, Software and Modeling, ICCSM 2022, Rome, Italy, 21-23 July, 2022 (pp. 80-84). Institute of Electrical and Electronics Engineers Inc.
Öppna denna publikation i ny flik eller fönster >>Cyberattacks: Modeling, Analysis, and Mitigation
2022 (Engelska)Ingår i: Proceedings - 2022 6th International Conference on Computer, Software and Modeling: ICCSM 2022, Institute of Electrical and Electronics Engineers Inc. , 2022, s. 80-84Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Industrial cybersecurity has risen as an important topic of research nowadays. The heavy connectivity by the Internet of Things (IoT) and the growth of cyberattacks against industrial assets cause this risen and attract attention to the cybersecurity field. While fostering current software applications and use-cases, the ubiquitous access to the Internet has also exposed operational technologies to new and challenging security threats that need to be addressed. As the number of attacks increases, their visibility decreases. An attack can modify the Cyber-Physical Systems (CPSs) quality to avoid proper quality assessment. They can disrupt the system design process and adversely affect a product’s design purpose. This working progress paper presents our approach to modeling, analyzing, and mitigating cyberattacks in CPS. We model the normal behavior of the application as well as cyberattacks with the help of Microsoft Security Development Lifecycle (SDL) and threat modeling approach (STRIDE). Then verify the application and attacks model using a model checking tool and propose mitigation strategies to decrease the risk of vulnerabilities. The results can be used to improve the system design to overcome the vulnerabilities.

Ort, förlag, år, upplaga, sidor
Institute of Electrical and Electronics Engineers Inc., 2022
Nyckelord
Application programs; Cyber Physical System; Cybersecurity; Embedded systems; Formal verification; Industrial research; Internet of things; Life cycle; Product design; Systems analysis, Cybe-physical system; Cybe-physical systems; Cyber attack modeling; Cyber security; Cyber-attacks; Cyber-physical systems; Modeling analyzes; Models checking; Security development lifecycle; STRIDE, Model checking
Nationell ämneskategori
Data- och informationsvetenskap
Identifikatorer
urn:nbn:se:mdh:diva-61646 (URN)10.1109/ICCSM57214.2022.00021 (DOI)2-s2.0-85146295697 (Scopus ID)9781665454865 (ISBN)
Konferens
6th International Conference on Computer, Software and Modeling, ICCSM 2022, Rome, Italy, 21-23 July, 2022
Tillgänglig från: 2023-01-25 Skapad: 2023-01-25 Senast uppdaterad: 2023-02-01Bibliografiskt granskad
Moradi, F., Bagheri, M., Rahmati, H., Yazdi, H., Abbaspour Asadollah, S. & Sirjani, M. (2022). Monitoring Cyber-Physical Systems Using a Tiny Twin to Prevent Cyber-Attacks. In: Lecture Notes in Computer Science, vol. 13255: . Paper presented at 28th International Symposium on Model Checking Software, SPIN 2022, Virtual, Online, 21 May, 2022 (pp. 24-43). Springer Science and Business Media Deutschland GmbH
Öppna denna publikation i ny flik eller fönster >>Monitoring Cyber-Physical Systems Using a Tiny Twin to Prevent Cyber-Attacks
Visa övriga...
2022 (Engelska)Ingår i: Lecture Notes in Computer Science, vol. 13255, Springer Science and Business Media Deutschland GmbH , 2022, s. 24-43Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

We propose a method to detect attacks on sensors and controllers in cyber-physical systems. We develop a monitor that uses an abstract digital twin, Tiny Twin, to detect false sensor data and faulty control commands. The Tiny Twin is a state transition system that represents the observable behavior of the system from the monitor point of view. At runtime, the monitor observes the sensor data and the control commands, and checks whether the observed data and commands are consistent with the state transitions in the Tiny Twin. The monitor produces an alarm when an inconsistency is detected. We model the components of the system and the physical processes in the Rebeca modeling language and use its model checker to generate the state space. The Tiny Twin is built automatically by reducing the state space, keeping the observable behavior of the system, and preserving the trace equivalence. We demonstrate the method and evaluate it in detecting attacks using a temperature control system. 

Ort, förlag, år, upplaga, sidor
Springer Science and Business Media Deutschland GmbH, 2022
Serie
Lecture Notes in Computer Science, ISSN 0302-9743 ; 13255 LNCS
Nyckelord
Abstraction, Attack detection and prevention, Cyber-physical systems, Cyber-security, Model checking, Monitoring, Cyber Physical System, Cybersecurity, Embedded systems, Modeling languages, Network security, Attack detection, Attack prevention, Control command, Cybe-physical systems, Cyber security, Models checking, Observable behavior, Sensors data
Nationell ämneskategori
Robotteknik och automation
Identifikatorer
urn:nbn:se:mdh:diva-59941 (URN)10.1007/978-3-031-15077-7_2 (DOI)000874749700002 ()2-s2.0-85137039734 (Scopus ID)9783031150760 (ISBN)
Konferens
28th International Symposium on Model Checking Software, SPIN 2022, Virtual, Online, 21 May, 2022
Tillgänglig från: 2022-09-14 Skapad: 2022-09-14 Senast uppdaterad: 2024-04-14Bibliografiskt granskad
Sirjani, M., Provenzano, L., Abbaspour Asadollah, S. & Moghadam, M. H. (2021). From Requirements to Verifiable Executable Models Using Rebeca. In: Cleophas, L Massink, M (Ed.), SOFTWARE ENGINEERING AND FORMAL METHODS, SEFM 2020: . Paper presented at 18th International Conference on Software Engineering and Formal Methods (SEFM), SEP 14-18, 2020, Ctr Math & Informat, ELECTR NETWORK (pp. 67-86). SPRINGER INTERNATIONAL PUBLISHING AG, 12524
Öppna denna publikation i ny flik eller fönster >>From Requirements to Verifiable Executable Models Using Rebeca
2021 (Engelska)Ingår i: SOFTWARE ENGINEERING AND FORMAL METHODS, SEFM 2020 / [ed] Cleophas, L Massink, M, SPRINGER INTERNATIONAL PUBLISHING AG , 2021, Vol. 12524, s. 67-86Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Software systems are complicated, and the scientific and engineering methodologies for software development are relatively young. We need robust methods for handling the ever-increasing complexity of software systems that are now in every corner of our lives. In this paper we focus on asynchronous event-based reactive systems and show how we start from the requirements, move to actor-based Rebeca models, and formally verify the models for correctness. The Rebeca models include the details of the signals and messages that are passed at the network level including the timing, and can be mapped to the executable code. We show how we can use the architecture design and structured requirements to build the behavioral models, including Rebeca models, and use the state diagrams to write the properties of interest, and then use model checking to check the properties. The formally verified models can then be used to develop the executable code. The natural mappings among the models for requirements, the formal models, and the executable code improve the effectiveness and efficiency of the approach. It also helps in runtime monitoring and adaptation.

Ort, förlag, år, upplaga, sidor
SPRINGER INTERNATIONAL PUBLISHING AG, 2021
Serie
Lecture Notes in Computer Science, ISSN 0302-9743 ; 12524
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:mdh:diva-56728 (URN)10.1007/978-3-030-67220-1_6 (DOI)000723671300006 ()2-s2.0-85101555107 (Scopus ID)978-3-030-67220-1 (ISBN)
Konferens
18th International Conference on Software Engineering and Formal Methods (SEFM), SEP 14-18, 2020, Ctr Math & Informat, ELECTR NETWORK
Tillgänglig från: 2021-12-14 Skapad: 2021-12-14 Senast uppdaterad: 2022-11-08Bibliografiskt granskad
Sirjani, M., Provenzano, L., Abbaspour Asadollah, S., Helali Moghadam, M. & Saadatmand, M. (2021). Towards a Verification-Driven Iterative Development of Software for Safety-Critical Cyber-Physical Systems. Journal of Internet Services and Applications, 12(1), Article ID 2.
Öppna denna publikation i ny flik eller fönster >>Towards a Verification-Driven Iterative Development of Software for Safety-Critical Cyber-Physical Systems
Visa övriga...
2021 (Engelska)Ingår i: Journal of Internet Services and Applications, ISSN 1867-4828, E-ISSN 1869-0238, Vol. 12, nr 1, artikel-id 2Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

Software systems are complicated, and the scientific and engineering methodologies for software development are relatively young. Cyber-physical systems are now in every corner of our lives, and we need robust methods for handling the ever-increasing complexity of their software systems. Model-Driven Development is a promising approach to tackle the complexity of systems through the concept of abstraction, enabling analysis at earlier phases of development. In this paper, we propose a model-driven approach with a focus on guaranteeing safety using formal verification. Cyber-physical systems are distributed, concurrent, asynchronous and event-based reactive systems with timing constraints. The actor-based textual modeling language, Rebeca, with model checking support is used for formal verification. Starting from structured requirements and system architecture design the behavioral models, including Rebeca models, are built. Properties of interest are also derived from the structured requirements, and then model checking is used to formally verify the properties. This process can be performed in iterations until satisfaction of desired properties are ensured, and possible ambiguities and inconsistencies in requirements are resolved. The formally verified models can then be used to develop the executable code. The Rebeca models include the details of the signals and messages that are passed at the network level including the timing, and this facilitates the generation of executable code. The natural mappings among the models for requirements, the formal models, and the executable code improve the effectiveness and efficiency of the approach. 

Ort, förlag, år, upplaga, sidor
Springer Science and Business Media Deutschland GmbH, 2021
Nyckelord
Cyber-physical systems, Model checking, Model driven development, Requirements, Safety-critical systems, Verification & validation
Nationell ämneskategori
Data- och informationsvetenskap
Identifikatorer
urn:nbn:se:mdh:diva-54633 (URN)10.1186/s13174-021-00132-z (DOI)000653764800001 ()2-s2.0-85106702056 (Scopus ID)
Tillgänglig från: 2021-06-10 Skapad: 2021-06-10 Senast uppdaterad: 2024-01-22Bibliografiskt granskad
Girs, S., Sentilles, S., Abbaspour Asadollah, S., Ashjaei, S. M. & Mubeen, S. (2020). A Systematic Literature Study on Definition and Modeling of Service-Level Agreements for Cloud Services in IoT. IEEE Access, 8, 134498-134513, Article ID 9146632.
Öppna denna publikation i ny flik eller fönster >>A Systematic Literature Study on Definition and Modeling of Service-Level Agreements for Cloud Services in IoT
Visa övriga...
2020 (Engelska)Ingår i: IEEE Access, E-ISSN 2169-3536, Vol. 8, s. 134498-134513, artikel-id 9146632Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

The cloud computing paradigm provides remote computing resources to the cloud service consumers and businesses. When combined with Internet of Things (IoT), both technologies open up a wide range of new possibilities for more agile and flexible applications. However, guaranteed quality of service is essential in provisioning of cloud services, which makes Service Level Agreements (SLAs) a focal point in the cloud computing and IoT ecosystem. The SLA definition and modeling phase is crucial in establishing SLAs between service providers and consumers. This paper identifies that the research on definition and modeling of SLAs for cloud services in IoT is widely dispersed and there is a lack of a systematic and comprehensive literature review. Thus, in this paper we build on top of a previously conducted systematic mapping study on management of SLAs for cloud computing and IoT to perform a comprehensive systematic review and discuss sub-categorization of the definition and modeling aspects of SLAs for cloud services in IoT. Furthermore we analyze the extracted relevant literature, present commonalities in the studies, identify gaps and discuss opportunities for further research in the area. 

Ort, förlag, år, upplaga, sidor
Institute of Electrical and Electronics Engineers Inc., 2020
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:mdh:diva-49547 (URN)10.1109/ACCESS.2020.3011483 (DOI)000554366100001 ()2-s2.0-85089307053 (Scopus ID)
Tillgänglig från: 2020-08-20 Skapad: 2020-08-20 Senast uppdaterad: 2020-09-18Bibliografiskt granskad
Moradi, F., Abbaspour Asadollah, S., Sedaghatbaf, A., Causevic, A., Sirjani, M. & Talcott, C. (2020). An Actor-based Approach for Security Analysis of Cyber-Physical Systems. In: Formal Methods for Industrial Critical Systems, FMICS 2020, Lecture Notes in Computer Science, vol 12327: . Paper presented at 25th International Conference on Formal Methods for Industrial Critical Systems FMICS20, 02 Sep 2020, Vienna, Austria (pp. 130-147). Springer, Article ID 12327.
Öppna denna publikation i ny flik eller fönster >>An Actor-based Approach for Security Analysis of Cyber-Physical Systems
Visa övriga...
2020 (Engelska)Ingår i: Formal Methods for Industrial Critical Systems, FMICS 2020, Lecture Notes in Computer Science, vol 12327, Springer, 2020, s. 130-147, artikel-id 12327Konferensbidrag, Publicerat paper (Refereegranskat)
Ort, förlag, år, upplaga, sidor
Springer, 2020
Serie
Lecture Notes in Computer Science, ISSN 0302-9743 ; 12327
Nationell ämneskategori
Teknik och teknologier Datorsystem
Identifikatorer
urn:nbn:se:mdh:diva-49979 (URN)10.1007/978-3-030-58298-2_5 (DOI)000884747200005 ()2-s2.0-85091308994 (Scopus ID)978-3-030-58297-5 (ISBN)978-3-030-58298-2 (ISBN)
Konferens
25th International Conference on Formal Methods for Industrial Critical Systems FMICS20, 02 Sep 2020, Vienna, Austria
Projekt
Serendipity - Secure and dependable platforms for autonomy
Tillgänglig från: 2020-09-29 Skapad: 2020-09-29 Senast uppdaterad: 2024-04-14Bibliografiskt granskad
Organisationer
Identifikatorer
ORCID-id: ORCID iD iconorcid.org/0000-0002-5058-7351

Sök vidare i DiVA

Visa alla publikationer