Papers by Alfio Pappalardo
Best practices in critical embedded systems (ES) development are enough to assure that those syst... more Best practices in critical embedded systems (ES) development are enough to assure that those systems are reliable and safe as requested by reference standards. However, even non-critical both legacy and novel ES applications feature a growing complexity as well as an increasing demand for Security, Privacy and Dependability (SPD). That highlights the need for possibly standardized approaches for ES development and certification which allow for easier composability and SPD assurance, in order to decrease costs and time-to-market. This paper presents the motivation, the working principles of pSHIELD (pilot embedded Systems architecture for multi-Layer Dependable solutions), a pilot European project co-funded by ARTEMIS, focusing on the research of SPD metrics which is the first step toward SPD standard certification for future ES. In fact, SPD metrics are considered the basics for building standardized methods and industry-wide accepted parameters for certification. pSHIELD goes beyond the state-of-the-art in the identification of SPD metrics since it evaluates SPD at 4 different levels (node, network, middleware and overlay). One of the foremost novelties of the pSHIELD approach is that it provides a continuous monitoring and validation of SPD metrics, in order to assure an “embedded intelligence” that drives the composition of the pSHIELD components in order to meet the required level of SPD.
Abstract The security of railway and mass-transit systems is increasingly dependant on the effect... more Abstract The security of railway and mass-transit systems is increasingly dependant on the effectiveness of integrated Security Management Systems (SMS), which are meant to detect threats and to provide operators with information required for alarm verification purposes. In order to lower the false alarm rate and improve the detection reliability of threat scenarios, event correlation capabilities need to be integrated into the SMS. In this paper an existing approach based on a-priori defined event patterns is extended using a heuristic situation ...
Physical Security Information Management (PSIM) systems are a recent introduction in the surveill... more Physical Security Information Management (PSIM) systems are a recent introduction in the surveillance of critical infrastructures, like those used for mass-transit. In those systems, different sensors are integrated as separate event detection devices, each of them generating independent alarms. In order to lower the rate of false alarms and provide greater situation awareness for surveillance operators, we have developed a framework-namely DETECTfor correlating information coming from multiple heterogeneous sensors. DETECT uses detection models based on (extended) Event Trees in order to generate higher level warnings when a known threat scenario is being detected. In this paper we extend DETECT by adopting probabilistic models for the evaluation of threat detection trustworthiness on reference scenarios. The approach also allows for a quantitative evaluation of model sensitivity to sensor faults. The results of a case-study in the transit system domain demonstrate the increase of trust one could expect when using scenarios characterized in a probabilistic way for the threat detection instead of single-sensor alarms. Furthermore, we show how a model analysis can serve at design time to support decisions about the type and redundancy of detectors.
International Journal of System of Systems Engineering, 2010
Effective Surveillance for Homeland Security, 2013
Advances in Intelligent Systems and Computing, 2015
Physical Security Information Management (PSIM) systems are a recent introduction in the surveill... more Physical Security Information Management (PSIM) systems are a recent introduction in the surveillance of critical infrastructures, like those used for mass-transit. In those systems, different sensors are integrated as separate event detection devices, each of them generating independent alarms. In order to lower the rate of false alarms and provide greater situation awareness for surveillance operators, we have developed a framework – namely DETECT – for correlating information coming from multiple heterogeneous sensors. DETECT uses detection models based on (extended) Event Trees in order to generate higher level warnings when a known threat scenario is being detected. In this paper we extend DETECT by adopting probabilistic models for the evaluation of threat detection trustworthiness on reference scenarios. The approach also allows for a quantitative evaluation of model sensitivity to sensor faults. The results of a case-study in the transit system domain demonstrate the increas...
Rail-based mass transit systems are vulnerable to many criminal acts, ranging from vandalism to t... more Rail-based mass transit systems are vulnerable to many criminal acts, ranging from vandalism to terrorism. In this paper, we present the architecture, the main functionalities and the dependability related issues of a security system specifically tailored to metro railways. Heterogeneous intrusion detection, access control, intelligent video-surveillance and sound detection devices are integrated in a cohesive Security Management System (SMS). In case of emergencies, the procedural actions required to the operators involved are orchestrated by the SMS. Redundancy both in sensor dislocation and hardware apparels (e.g. by local or geographical clustering) improve detection reliability, through alarm correlation, and overall system resiliency against both random and malicious threats. Video-analytics is essential, since a small number of operators would be unable to visually control a large number of cameras. Therefore, the visualization of video streams is activated automatically when an alarm is generated by smart-cameras or other sensors, according to an event-driven approach. The system is able to protect stations (accesses, technical rooms, platforms, etc.), tunnels (portals, ventilation shafts, etc.), trains and depots. Presently, the system is being installed in the Metrocampania underground regional railway. To the best of our knowledge, this is the first subway security system featuring artificial intelligence algorithms both for video and audio surveillance. The security system is highly heterogeneous in terms not only of detection technologies but also of embedded computing power and communication facilities. In fact, sensors can differ in their inner hardware-software architecture and thus in the capacity of providing information security and dependability. The focus of this paper is on the development of novel solutions to achieve a measurable level of dependability for the security system in order to fulfill the requirements of the specific application.
Electrical Systems for …
Abstract In recent years, there has been an increasing interest in the adoption of emerging sensi... more Abstract In recent years, there has been an increasing interest in the adoption of emerging sensing technologies for instrumentation within a variety of structural systems. Structural health monitoring systems are widely adopted to monitor the behavior of structures during forced vibration testing or natural excitation (eg earthquakes, winds, live loading). They can be found in a number of civil structures, including bridges and viaducts, and also in applications of vehicle health monitoring. Moreover, since infrastructures can be damaged ...
Advanced Video and …, Jan 1, 2011
Abstract The security of railway and mass-transit systems is increasingly dependant on the effect... more Abstract The security of railway and mass-transit systems is increasingly dependant on the effectiveness of integrated Security Management Systems (SMS), which are meant to detect threats and to provide operators with information required for alarm verification purposes. In order to lower the false alarm rate and improve the detection reliability of threat scenarios, event correlation capabilities need to be integrated into the SMS. In this paper an existing approach based on a-priori defined event patterns is extended using a heuristic situation ...
… Reliability and Security …, Jan 1, 2011
In recent years, several innovative security technologies have been developed. However, many of t... more In recent years, several innovative security technologies have been developed. However, many of the novel sensing technologies (e.g. video analytics) do not always feature a high level of reliability. Very often, they need to be precisely tuned to fit specific installations and provide acceptable results. Furthermore, in large installations the number of surveillance operators is low with respect to the number of sensing devices, and operators' tasks include facing critical events, possibly including strategic terrorist attacks. In such human-in-the-loop systems, ergonomics and usability issues need to be carefully addressed to increase system performance in terms of detection probability and low rate of false/nuisance alarms. This paper describes a multisensor event correlation approach for augmenting the capabilities of distributed surveillance systems. The aim is to provide advanced early warning, situation awareness and decision support features. The effectiveness of the framework is proved considering threat scenarios of public transportation systems.
to appear in: Effective Surveillance for Homeland Security: Balancing Technology and Social Issues, 2013
Best practices in critical embedded systems (ES) development are enough to assure that those syst... more Best practices in critical embedded systems (ES) development are enough to assure that those systems are reliable and safe as requested by reference standards. However, even non-critical both legacy and novel ES applications feature a growing complexity as well as an increasing demand for Security, Privacy and Dependability (SPD). That highlights the need for possibly standardized approaches for ES development and certification which allow for easier composability and SPD assurance, in order to decrease costs and time-to-market. This paper presents the motivation, the working principles of pSHIELD (pilot embedded Systems architecture for multi-Layer Dependable solutions), a pilot European project co-funded by ARTEMIS, focusing on the research of SPD metrics which is the first step toward SPD standard certification for future ES. In fact, SPD metrics are considered the basics for building standardized methods and industry-wide accepted parameters for certification. pSHIELD goes beyond the state-of-the-art in the identification of SPD metrics since it evaluates SPD at 4 different levels (node, network, middleware and overlay). One of the foremost novelties of the pSHIELD approach is that it provides a continuous monitoring and validation of SPD metrics, in order to assure an “embedded intelligence” that drives the composition of the pSHIELD components in order to meet the required level of SPD.
The security of railway and mass-transit systems is increasingly dependant on the effectiveness o... more The security of railway and mass-transit systems is increasingly dependant on the effectiveness of integrated Security Management Systems (SMS), which are meant to detect threats and to provide operators with information required for alarm verification purposes. In order to lower the false alarm rate and improve the detection reliability of threat scenarios, event correlation capabilities need to be integrated into the SMS. In this paper an existing approach based on a-priori defined event patterns is extended using a heuristic situation recognition approach which is more robust to both imperfect scenario modeling (human faults) and missed detections (sensor faults). The approach is based on similarity analysis between the event trees representing scenarios and it is effective both on-line and off-line. Applied on-line, it allows for an earlier and more fault-tolerant threat detection, since scenario matching is not required to be complete nor exact. Applied off-line, its effectiveness is twofold: first, it allows for detecting redundancies when updating the scenario repository; secondly, it enhances the post-event forensic search of suspicious behaviors not previously stored in the scenario repository. The strategy is being experimented in
the context of railway protection.
… Reliability and Security …, Jan 1, 2011
In recent years, several innovative security technologies have been developed. However, many of t... more In recent years, several innovative security technologies have been developed. However, many of the novel sensing technologies (e.g. video analytics) do not always feature a high level of reliability. Very often, they need to be precisely tuned to fit specific installations and provide acceptable results. Furthermore, in large installations the number of surveillance operators is low with respect to the number of sensing devices, and operators' tasks include facing critical events, possibly including strategic terrorist attacks. In such human-in-the-loop systems, ergonomics and usability issues need to be carefully addressed to increase system performance in terms of detection probability and low rate of false/nuisance alarms. This paper describes a multi-sensor event correlation approach for augmenting the capabilities of distributed surveillance systems. The aim is to provide advanced early warning, situation awareness and decision support features. The effectiveness of the framework is proved considering threat scenarios of public transportation systems.
Electrical Systems for …
In recent years, there has been an increasing interest in the adoption of emerging sensing techno... more In recent years, there has been an increasing interest in the adoption of emerging sensing technologies for instrumentation within a variety of structural systems. Structural health monitoring systems are widely adopted to monitor the behavior of structures during forced vibration testing or natural excitation (e.g. earthquakes, winds, live loading). They can be found in a number of civil structures, including bridges and viaducts, and also in applications of vehicle health monitoring. Moreover, since infrastructures can be damaged by human originated threats, the adoption of security measures is also essential. This paper presents a proposal of an early warning system based on Wireless Sensor Networks (WSN) for railway infrastructure monitoring. It exploits already available research results and tools for WSN management, integration and data fusion. The aim is to hedge detection capabilities in a complete framework for structural failures as well as security threats, including both natural hazards and intentional attacks.
This paper proposes an approach to use multiformalism techniques for critical infrastructure mode... more This paper proposes an approach to use multiformalism techniques for critical infrastructure modeling. To this aim, the state of the art of related works on the subject is surveyed and a general scheme for intra and inter infrastructure models is described. Multiformalism approaches allow modelers to adapt the choice of formal languages to the nature, complexity and abstraction layer of the sub-systems to be modeled. Another advantage is the possibility of reusing existing dependability models and solvers. Complexity and heterogeneity are managed through modularity, and composition allows for representing structural or functional dependencies. An example model based on a railway infrastructure is used to illustrate the concepts introduced by the paper.
… Smart Cameras, 2009 …, Jan 1, 2009
Rail-based mass transit systems are vulnerable to many criminal acts, ranging from vandalism to t... more Rail-based mass transit systems are vulnerable to many criminal acts, ranging from vandalism to terrorism. In this paper, we present the architecture, the main functionalities and the dependability related issues of a security system specifically tailored to metro railways. Heterogeneous intrusion detection, access control, intelligent video-surveillance and sound detection devices are integrated in a cohesive Security Management System (SMS). In case of emergencies, the procedural actions required to the operators involved are orchestrated by the SMS. Redundancy both in sensor dislocation and hardware apparels (e.g. by local or geographical clustering) improve detection reliability, through alarm correlation, and overall system resiliency against both random and malicious threats. Video-analytics is essential, since a small number of operators would be unable to visually control a large number of cameras. Therefore, the visualization of video streams is activated automatically when an alarm is generated by smart-cameras or other sensors, according to an event-driven approach. The system is able to protect stations (accesses, technical rooms, platforms, etc.), tunnels (portals, ventilation shafts, etc.), trains and depots. Presently, the system is being installed in the Metrocampania underground regional railway. To the best of our knowledge, this is the first subway security system featuring artificial intelligence algorithms both for video and audio surveillance. The security system is highly heterogeneous in terms not only of detection technologies but also of embedded computing power and communication facilities. In fact, sensors can differ in their inner hardware-software architecture and thus in the capacity of providing information security and dependability. The focus of this paper is on the development of novel solutions to achieve a measurable level of dependability for the security system in order to fulfill the requirements of the specific application.
Uploads
Papers by Alfio Pappalardo
the context of railway protection.
the context of railway protection.