Elektronika 2009-11.pdf - Instytut SystemÃ³w Elektronicznych

More documents

Recommendations

Info

As is it shown in Fig. 7, the decision-aid will analyse the ontology and generate the facts and rules. Actually, the ontology instances will be mapped to facts and the SWRL rules will be mapped to engine’s rules. In that manner, the tool will be facilitated with information that will allow to: • measure dynamically (the value will not be hard coded into ontology) the vulnerability likelihood, • dynamically rank the vulnerabilities, • inform the operator what may cause the fault in SCADA system, • what element of the network needs some attention and safeguards. By defining the additional (tool build-in) rules there will be possibility to realize the customized features of the aid tool: • proposing the action plans with information how to minimize the likelihood of the vulnerability, • apply some appropriate countermeasures to minimize the probability of most likely attack, • evaluate the SCADA system condition based on standards. Conclusions In this paper ontology-based approach for description of SCADA systems vulnerabilities has been presented. Functionalities of ontology applied to knowledge representation for security and protection of critical infrastructures have been shown. Our solution has been developed within research in the INSPIRE Project that aims to increase security and protection through infrastructure resilience. Presented ontology approach will be basis for Decision - aid tool which is a part of INSPIRE security framework. The research leading to these results has received funding from the European Community’s Seventh Framework Programme (FP7/2007- 2013) under grant agreement no. 225553 (INSPIRE Project). References [1] Critical infrastructure: Understanding Its Component Parts, Vulnerabilities, Operating Risks, and Interdependencies, Tyson Macaulay, August 2008. [2] Lewis T. G.: Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation, Wiley-Interscience, 2006. [3] Ustawa z dnia 26 kwietnia 2007 r. o zarządzaniu kryzysowym, Opracowano na podstawie: Dz.U. z 2007 r. nr 89, poz. 590. [4] Homeland Security Presidential Directive/Hspd-7, December 17, 2003. [5] European Parliament legislative resolution of 10 July 2007 on the proposal for a Council directive on the identification and designation of European Critical Infrastructure and the assessment of the need to improve their protection (COM(2006)0787 - C6- 0053/2007 - 2006/0276(CNS)). [6] EU Critical Infrastructure Protection (CIP), Council of the European Union, Brussels, 28 October 2005. [7] McClanahan Robert H. :“The benefits of networked SCADA systems utilizing IP-enabled networks”, Arkansas Electric Cooperative Corporation, IEEE, 2002. [8] ISO/IEC 13335-1:2004, Information Technology - Security Techniques - Management of information and communications technology security - Part 1: Concepts and models for information and communications technology security management. [9] http://nvd.nist.gov/. [10] http://osvdb.org/. [11] Choraś M., Renk R., Flizikowski A., Hołubowicz W.: Ontologybased description of networks vulnerabilities, Polish Journal of Environmental Studies, vol. 5c, 2008. [12] SWRL: A Semantic Web Rule Language Combning OWL and RuleML. W3C Member Submission, http://www.w3.org/Submission/SWRL/. [13] Stamp J., Dillinger J., Young W.: Common vulnerabilities in critical infrastructure control systems. Networked Systems Survivability and Assurance Department, Jennifer DePoy, Information Operations Red Team & Assessments Department, Sandia National Laboratories, 22 May 2003. [14] “D2.2 - Identification of Vulnerabilities” , INSPIRE Project, July 2009. Synthesis and management of system with parallel multiprocessors and fault tolerance (Synteza i zarządzanie komputerowych systemów z równoległymi wieloprocesorami i tolerowaniem uszkodzeń) dr MIECZYSŁAW DRABOWSKI Cracow University of Technology, Faculty of Electrical and Computer Engineering The management of computer systems [1,2] is an issue the basic objective of which is to find an optimum solution, satisfy the requirements and limitations enforced by the given specification of operations (tasks) and resources. The following criteria of optimality are usually considered: the costs of planning in execution of operations, its operating speed and reliability. The problems of operations and resources scheduling are one of the most significant issues occurring at the procedure planning of operating system responsible for controlling the distribution of tasks and resources in computer systems. The problem of control in resources requires the list of available hardware resources - the set describing resources - which can be used to realization of operations. The starting point for constructing our approach to the issues of fault tolerance system is the deterministic theory of task scheduling [3]. Accordingly, decomposition of the general task scheduling model is suggested, adequate to the problems of fault tolerance system [4]. We will discuss the system: ∑={R,T,C}, where: R - resources, T - tasks and C - optimality criteria. We assume that processor set P={P 1 ,P 2 ,…,P m } consists of m elements and additional resources set A = { A 1 ,A 2 ,…,A p } consist of p elements). We consider a set of n tasks to be processed with a set of resources 38 ELEKTRONIKA 11/2009
and the set of tasks is divided into 2 subsets [5]: T 1 = {T 1 1 ,T 2 1 ,…,T n1 1 }, T 2 = {T 1 2 ,T 2 2 ,…,T n2 2 }, n = n1 + n2 and each task T i 1 (i = 1,2,…,n1) requires one arbitrary processor for its processing and its processing time is equal to t i 1 , however each task T i 2 (i = 1,2,…,n2) requires 2 arbitrary processors simultaneously for its processing during a period of time whose length is equal to t i 2 ; thus, tasks T i 2 are called width-2 tasks or T 2 - tasks. We shall assume its minimum cost and maximum operating speed. The proposed model may be used for defining problems for fault tolerance system. The model of a system in this approach, typical for the theory of task scheduling, consists of a set of operations (tasks) and existing relationships between them (related to their order, required resources, time, readiness and completion deadlines, priority etc.). The management procedure contains the following phases: identification of hardware and software resources for task execution, defining the processing time, defining the conflict-free task schedule and defining the level of resource cosharing and the degree of concurrency in task performance. A schedule is called feasible if, besides the usual conditions, each task T i 1 is processed by one processor and each task T i 2 is processed by 2 processors at a time. A feasible schedule is optimal, if its length is a minimum and it is implemented using minimum resource cost. Each task is defined by a set of parameters: resource requirements, execution time, ready time and deadline, attribute - preemptable or nonpreemptable. The tasks set may contain defined precedence constraints represented by a digraph with nodes representing tasks, and directed edges representing precedence constraints. If there is at least one precedence constraint in a task set, we shall refer it to as a set of dependent tasks; otherwise they are a set of independent tasks. Let us assume that fault tolerance system resources include universal parallel processors and other specialized resources. As for tasks, we assume one-processor tasks used for modeling usable preemptable/nonpreemptable and dependent tasks, and two-processor tasks, for which we assume time and resource. Two-processor tasks model the system testing tasks (e.g. one processor checks the other). Testing tasks may be dependent on the defined time moments of readiness to perform and to complete assigned tasks. Twoprocessor tasks may realize a defined strategy of testing a computer system and its fault tolerance characteristics. In fault tolerance systems an appropriate strategy of selftesting during regular exploitation must be provided. In general, architectures of fault tolerance computer systems are multiprocessor ones. The objective of operating systems in multiprocessor systems is scheduling tasks and their allocation to system resources. For fault tolerance systems, this means scheduling usable and testing tasks, that should detect errors of executive modules, in particular processors. As a result of testing, the operating system may receive the information about incorrect operation and may locate, by the proper analysis, a faulty module automatically. Consequently, the operating system can make a decision about repair strategy, for instance system reconfiguration (ignore damaged resources for execution of tasks). The management of networks with multiprocessors and fault tolerance consists of following stages (Fig. 1). So far [6] resources selection, task scheduling and task and resources allocation have been realized independently in sequence: in the first place resource division and tasks scheduling next - Fig. 2. In this paper is presented approach, in which resources selection, task scheduling, allocation of tasks and resources, as well as system optimization are realized coherently - Fig. 3. In concurrent approach once the tasks have been scheduled and allocated, the resources are reselected, changing the ones chosen previously, in search of a satisfactory solution meeting all the established criteria. This concurrent approach - presented in this paper - based on two algorithms behaving variously in different ways lets you not only find the sub-optimal solution, but also verify this solution. Presented algorithms let us find the solution, but at the same time they let us evaluate the algorithms themselves. This way we can tell which of the algorithms is faster in finding better and better solutions, which algorithm is more tolerant to modifications of system parameters, and also which of them enables fast adaptation to new parameters, while the system changes dynamically. Fig. 1. The management of system with multiprocessors and fault tolerance Rys. 1. Zarządzanie wieloprocesorowym systemem komputerowym z tolerancją uszkodzeń Fig. 2. Independent allocation resource and scheduling of task Rys. 2. Niezależne alokacje zasobów i szeregowanie zadań Fig. 3. Concurrent allocation resource and scheduling of task Rys. 3. Współbieżne alokacje zasobów i szeregowanie zadań ELEKTRONIKA 11/2009 39
Page 5 and 6: konstrukcje technologie zastosowani
Page 7 and 8: Streszczenia artykułów • Summar
Page 13 and 14: Medical pattern intelligent recogni
Page 15 and 16: Fig. 2. Start graph Z and the set o
Page 17 and 18: Both models are created of the basi
Page 19 and 20: • in some cases in the methods of
Page 21 and 22: 4. Random operators: three types of
Page 23 and 24: useful. In work [1] is stressed, th
Page 25 and 26: Tabl. 1. Fuzzy sets of the objects,
Page 27 and 28: In addition, one has to remember th
Page 29 and 30: The correction of digital images ob
Page 31 and 32: Tabl. 4. MD error before and after
Page 33 and 34: tionship then determines which indi
Page 35 and 36: this goal. A user’s public key au
Page 37 and 38: a) will be or could be broken, or b
Page 39 and 40: Ontology-based approach to scada sy
Page 41: erarchy of vulnerability classes wi
Page 45 and 46: tasks: T 0 , T 4 , T 5 , T 6 and T
Page 47 and 48: According to presented function CSF
Page 49 and 50: The efficient data authentication i
Page 51 and 52: Fig. 3. Example run of three rounds
Page 53 and 54: Fig. 2. Possible scenarios of data
Page 55 and 56: e necessary, in worst case - also s
Page 57 and 58: dicates the number of tasks at the
Page 59 and 60: • information on their state come
Page 61 and 62: • data regarding their identity (
Page 63 and 64: k = 1, 2, ..., m and m is the numbe
Page 65 and 66: more powerful statistical (algorith
Page 67 and 68: Signal to Noise Ratio (PSNR). We pr
Page 69 and 70: [23] W3C - Web Services Glossary -
Page 71 and 72: Associated with every N-point M-dim
Page 73 and 74: The SMS-B system architecture (Sour
Page 75 and 76: Technika próżni i technologie pr
Page 77 and 78: wniosku i w konsekwencji za rok 200
Page 79 and 80: Poniżej przedstawiono krótki kome
Page 81 and 82: Wspomnienie Edward Leja (1937-2009)
Page 83 and 84: Zastosowanie technik immunoenzymaty
Page 85 and 86: z pasty węglowej, zaś odniesienia
Page 87 and 88: [33] Biani A., Centi S. Tombrlli S.
Page 89 and 90: Problemem bowiem w pracach instytut
Page 91 and 92: 1985 - Zdzisław Dorywalski 1986 -
Page 93 and 94:
Rys. 4. Uroczyste wręczanie świad
Page 95 and 96:
Imię i Nazwisko Patenty Wzory uży
Page 97 and 98:
zadań określonych przez użytkown
Page 99 and 100:
Ocena sugerowanych w ankiecie metod
Page 101:
Zaprenumeruj wiedzę fachową 2010
Page 104 and 105:
Radary pasywne - nowa technika radi
Page 106 and 107:
c) stopniowo przesuwać jeden przeb
Page 108 and 109:
W przypadku wykorzystania nadajnika
Page 110 and 111:
kreślić to, że owale Cassiniego
Page 112 and 113:
Dla każdego kierunku odbieranej fa
Page 114 and 115:
chomych, które w ogólnym przypadk
Page 116 and 117:
Rys. 19. Fragment zobrazowania SS3
Page 118 and 119:
Zbigniew Czekała jest projektantem
Page 120 and 121:
• wytypowaniu statków zobowiąza
Page 122 and 123:
• używanie właściwego osprzęt
Page 124 and 125:
W jednomodowym szklanym włóknie t
Page 126 and 127:
Światłowody scyntylacyjne W środ
Page 128 and 129:
Parametry materiałowe szklanego w
Page 130 and 131:
126 ELEKTRONIKA 11/2009
Page 132 and 133:
Literatura [1] Yamane M., Asahara Y
Page 134 and 135:
Rys.1. Przebiegi testowe na wyprowa
Page 136 and 137:
nież pasmo emisji od około 500 MH
show all

Elektronika 2009-11.pdf - Instytut SystemÃ³w Elektronicznych

Create successful ePaper yourself

Delete template?

Save as template?