Your search keyword '"Mohamad Gharib"' showing total 11 results

1. Meta-Learning to Improve Unsupervised Intrusion Detection in Cyber-Physical Systems

Author

Muhammad Atif, Mohamad Gharib, Tommaso Zoppi, and Andrea Bondavalli

Subjects

Control and Optimization, Meta learning (computer science), Computer Networks and Communications, Computer science, business.industry, Reliability (computer networking), Supervised learning, Cyber-physical system, Intrusion detection system, Machine learning, computer.software_genre, Human-Computer Interaction, System requirements, Artificial Intelligence, Hardware and Architecture, Critical systems, intrusion detection, machine learning, meta-learning, reliability, security, Metric (mathematics), Anomaly detection, Artificial intelligence, business, computer

Abstract

Artificial Intelligence (AI)- based classifiers rely on Machine Learning (ML) algorithms to provide functionalities that system architects are often willing to integrate into critical Cyber-Physical Systems (CPSs) . However, such algorithms may misclassify observations, with potential detrimental effects on the system itself or on the health of people and of the environment. In addition, CPSs may be subject to threats that were not previously known, motivating the need for building Intrusion Detectors (IDs) that can effectively deal with zero-day attacks. Different studies were directed to compare misclassifications of various algorithms to identify the most suitable one for a given system. Unfortunately, even the most suitable algorithm may still show an unsatisfactory number of misclassifications when system requirements are strict. A possible solution may rely on the adoption of meta-learners, which build ensembles of base-learners to reduce misclassifications and that are widely used for supervised learning. Meta-learners have the potential to reduce misclassifications with respect to non-meta learners: however, misleading base-learners may let the meta-learner leaning towards misclassifications and therefore their behavior needs to be carefully assessed through empirical evaluation. To such extent, in this paper we investigate, expand, empirically evaluate, and discuss meta-learning approaches that rely on ensembles of unsupervised algorithms to detect (zero-day) intrusions in CPSs. Our experimental comparison is conducted by means of public datasets belonging to network intrusion detection and biometric authentication systems, which are common IDSs for CPSs. Overall, we selected 21 datasets, 15 unsupervised algorithms and 9 different meta-learning approaches. Results allow discussing the applicability and suitability of meta-learning for unsupervised anomaly detection, comparing metric scores achieved by base algorithms and meta-learners. Analyses and discussion end up showing how the adoption of meta-learners significantly reduces misclassifications when detecting (zero-day) intrusions in CPSs.

Published

2021

2. IQCPSoS: A Model-Based Approach for Modeling and Analyzing Information Quality Requirements for Cyber-Physical System-of-Systems

Author

Paolo Lollini, Andrea Bondavalli, and Mohamad Gharib

Subjects

Computer Networks and Communications, business.industry, Computer science, media_common.quotation_subject, Cyber-physical system, Information quality, Usability, 02 engineering and technology, Reliability engineering, Artificial Intelligence, 020204 information systems, Component (UML), 0202 electrical engineering, electronic engineering, information engineering, Dependability, 020201 artificial intelligence & image processing, Quality (business), business, Function (engineering), computer, Information Systems, media_common, Object Constraint Language, computer.programming_language

Abstract

A Cyber-Physical System-of-Systems (CPSoS) can be defined as a System-of-Systems (SoS), where its component systems are Cyber-Physical Systems (CPSs) that have been networked together for achieving a certain higher goal. Therefore, a key viability of any CPSoS is the integration of its CPSs to function as a single integrated system to support a common mission. Although such integration can be achieved relying on the exchange of information among CPSs, only few works have highlighted the importance of considering the quality of such information. Without considering Information Quality (IQ) requirements during the design of CPSoS, CPSs will be vulnerable to faults arising from depending on inaccurate, incomplete, inconsistent, and/or outdated information, which may influence the overall dependability, reliability, and performance of the CPSoS. This paper proposes a model-based approach that offers a novel UML profile, named IQCPSoS (Information Quality for Cyber-Physical System-of-Systems), which contains various stereotypes and tagged values for modeling and analyzing IQ requirements for CPSoS. The profile also proposes a set of constraints expressed in the Object Constraint Language (OCL) to be used for the verification of such models. We evaluate our approach by developing a prototype implementation and test its applicability, usability, and validity for modeling and analyzing IQ requirements for a realistic scenario concerning a Tram system.

Published

2021

3. Understanding the properness of incorporating machine learning algorithms in safety-critical systems

Author

Tommaso Zoppi, Andrea Bondavalli, and Mohamad Gharib

Subjects

Computer science, business.industry, 020207 software engineering, 02 engineering and technology, Machine learning, computer.software_genre, Intrusion, Life-critical system, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Artificial intelligence, Element (category theory), Focus (optics), business, computer, Complex problems, Algorithm

Abstract

Nowadays, Machine Learning (ML) algorithms are being incorporated into many systems since they can learn and solve complex problems. Some of these systems can be considered as Safety-Critical Systems (SCS), therefore, the performance of ML algorithms should be sufficiently safe concerning the safety requirements of the incorporating SCS. However, the performance analysis of ML algorithms, usually, relies on metrics that were not developed with safety in mind. Accordingly, they may not be appropriate for assessing the performance of ML algorithms concerning safety. This paper debates on accounting for the distribution - not just the amount - of False Negatives as an additional element to be used when assessing ML algorithms to be integrated into SCS. We empirically try to assess the properness of incorporating ML-based components (anomaly-based intrusion detectors) into SCS using both traditional and novel SSPr and NPr metrics that focus on the numbers as well as the distribution of False Negatives. Results obtained by our experiment allow discussing the potential of ML-based components to be incorporated into SCS.

Published

2021

4. A Model-Based Approach for Analyzing the Autonomy Levels for Cyber-Physical Systems-of-Systems

Author

Mohamad Gharib, Leandro Dias da Silva, Hanna Kavalionak, and Andrea Ceccarelli

Subjects

Computer science, Reliability (computer networking), media_common.quotation_subject, Cyber-physical system, 020207 software engineering, Cascading Style Sheets, Context (language use), 02 engineering and technology, Unified Modeling Language, Risk analysis (engineering), 0202 electrical engineering, electronic engineering, information engineering, Dependability, 020201 artificial intelligence & image processing, Function (engineering), computer, Autonomy, computer.programming_language, media_common

Abstract

A Cyber-Physical System-of-Systems (CPSoS) can be defined as a System-of-Systems (SoS), where its Constituent Systems (CSs) are Cyber-Physical Systems (CPSs). A main challenge in integrating CPSoS to function as a single integrated system is the autonomy of its components, which may result in conflicts due to the lack of coordination among its CPSs. In this paper, we advocate that in order to facilitate the integration of CPSs within the overall context of their CPSoS, we may need to adjust their level of autonomy in a way that enables them to coordinate their activities to avoid any conflict among one another. Reducing such conflicts surely contributes to the dependability of the CPSoS. In particular, we propose a novel model-based approach for modeling and analyzing the autonomy levels of CPSs based on their awareness concerning their operational environment as well as their capability to safely perform their activity. We illustrate the utility of the approach with an example concerning a cooperative driver overtaking assistance system.

Published

2018

5. On the Safety of Automotive Systems Incorporating Machine Learning Based Components: A Position Paper

Author

Andrea Bondavalli, Paolo Lollini, Elvio Gilberto Amparore, Susanna Donatelli, Marco Botta, and Mohamad Gharib

Subjects

Functional safety, business.industry, Computer science, Reliability (computer networking), 020207 software engineering, 02 engineering and technology, Safety standards, Machine learning, computer.software_genre, Sketch, Software, 0202 electrical engineering, electronic engineering, information engineering, Position paper, Dependability, 020201 artificial intelligence & image processing, Artificial intelligence, business, computer, Verification and validation

Abstract

Machine learning (ML) components are increasingly adopted in many automated systems. Their ability to learn and work with novel input/incomplete knowledge and their generalization capabilities make them highly desirable solutions for complex problems. This has motivated the inclusion of ML techniques/components in products for many industrial domains including automotive systems. Such systems are safety-critical systems since their failure may cause death or injury to humans. Therefore, their safety must be ensured before they are used in their operational environment. However, existing safety standards and Verification and Validation (V&V) techniques do not properly address the special characteristics of ML-based components such as non-determinism, non-transparency, instability. This position paper presents the authors' view on the safety of automotive systems incorporating ML-based components, and it is intended to motivate and sketch a research agenda for extending a safety standard, namely ISO 26262, to address challenges posed by incorporating ML-based components in automotive systems.

Published

2018

6. Dealing with Functional Safety Requirements for Automotive Systems: A Cyber-Physical-Social Approach

Author

Andrea Bondavalli, Paolo Lollini, Andrea Ceccarelli, and Mohamad Gharib

Subjects

Functional safety, 050210 logistics & transportation, education.field_of_study, Computer science, business.industry, 05 social sciences, Population, Cyber-physical system, Automotive industry, 020207 software engineering, 02 engineering and technology, Root cause, Domain (software engineering), Unified Modeling Language, Risk analysis (engineering), 0502 economics and business, 0202 electrical engineering, electronic engineering, information engineering, Dependability, education, business, computer, computer.programming_language

Abstract

Road transport system is one of the essential infrastructures in the world, where the majority of the population use its facilities on a daily basis. That is why ensuring their safety has been always a growing concern for most authorities. The automotive industry is already aware of that, and the ISO 26262, a standard for developing functional safety systems for vehicles, has been developed. Although current studies have shown that the root cause for most of the accidents has shifted from vehicle-centric to driver-centric, the main objective of ISO 26262 is covering electronic and electric (E/E) systems of vehicles with almost no emphasis on the driver itself. To this end, we propose a holistic approach based on the ISO 26262 standard that not only considers the E/E systems of the vehicle but also the driver’s behaviour. We illustrate the utility of the approach with an example from the automotive domain.

Published

2018

7. A conceptual model for analyzing information quality in System-of-Systems

Author

Paolo Lollini, Andrea Bondavalli, and Mohamad Gharib

Subjects

System of systems, Engineering, Conceptual Modeling, Information, Information Quality, SoS, System-of-Systems, Artificial Intelligence, Hardware and Architecture, Control and Systems Engineering, Computer Networks and Communications, business.industry, media_common.quotation_subject, Information quality, 020207 software engineering, Cascading Style Sheets, 02 engineering and technology, Reliability engineering, Systems analysis, 0202 electrical engineering, electronic engineering, information engineering, Conceptual model, Dependability, 020201 artificial intelligence & image processing, Quality (business), business, Intelligent transportation system, computer, media_common, computer.programming_language

Abstract

A System-of-Systems (SoS) is an integration of a finite number of Constituent Systems (CSs), which are networked together for achieving a certain higher goal. Therefore, integration is the key viability of any SoS. Although the integration of CSs can be achieved by the exchange of information, no existing work has considered the quality of such information. Without considering Information Quality (IQ), a CS may depend on inaccurate, incomplete, inconsistent, invalid, and/or untrustworthy information, which might lead to its failure, and in turn to catastrophic incidents in the case of critical SoS. The main objective of the paper is proposing a novel conceptual model that provides the required concepts for analyzing for SoS. We illustrate the utility of the model with an example concerning the Intelligent Transportation System (ITS) domain.

Published

2017

8. Towards an approach for analyzing trust in Cyber-Physical-Social Systems

Author

Paolo Lollini, Mohamad Gharib, and Andrea Bondavalli

Subjects

Telemedicine, Computer science, Reliability (computer networking), Cyber-physical system, 020207 software engineering, 02 engineering and technology, Computer security, computer.software_genre, Domain (software engineering), Medical services, Social system, 0202 electrical engineering, electronic engineering, information engineering, Dependability, 020201 artificial intelligence & image processing, computer, Social trust

Abstract

During the last decade the integration of smart devices into humans' lives has witnessed an exponential increase. This has led to a new paradigm namely Cyber-Physical-Social Systems (CPSS) which consists of cyber components (computer systems) physical components (controlled objects) and social components (humans and their interactions). Although social components are playing a main role in CPSS their analysis did not receive much attentions. Especially the social trust among humans that allows for analyzing their expectations in one another concerning their social interactions and dependencies. In this paper we propose an approach for analyzing trust in CPSS using structured assurance cases. We illustrate the utility of the approach with an example from telemedicine domain.

Published

2017

9. Modeling and Analyzing Information Integrity in Safety Critical Systems

Author

Mohamad Gharib and Paolo Giorgini

Subjects

Life-critical system, Risk analysis (engineering), Modeling language, Business process, Computer science, Air traffic management, Context (language use), Information integrity, computer, Reliability engineering, Datalog, computer.programming_language

Abstract

Preserving information integrity represent an urgent need for safety critical systems, where depending on incorrect or inconsistent information may leads to disasters. Typically, information integrity is a problem handled at technical level (e.g., checksumming). However, information integrity has to be analyzed in the social-technical context of the system, since information integrity related problems might manifest themselves in the business processes and actors interactions. In this paper, we propose an extended version of i*/ secure Tropos modeling languages to capture information integrity requirements. We illustrate the Datalog formalization of the proposed concepts and analysis techniques to support the analyst in the verification of integrity related properties. Air Traffic Management (ATM) case study is used throughout the paper.

Published

2013

10. Privacy Requirements: Findings and Lessons Learned in Developing a Privacy Platform

Author

Mattia Salnitri, Jose Fran. Ruiz, Sandra Fernandez, Mohamad Gharib, Paolo Giorgini, Elda Paja, Andrea Della Siria, Haralambos Mouratidis, and Michalis Pavlidis

Subjects

Requirements management, Engineering, Information privacy, Requirements engineering, Privacy by Design, business.industry, Privacy software, Privacy policy, ComputingMilieux_LEGALASPECTSOFCOMPUTING, 020207 software engineering, Information privacy law, 02 engineering and technology, Requirements elicitation, Computer security, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer

Abstract

Information practices and systems that make use of personal and health-related information are governed by European laws and regulations to prevent unauthorized use and disclosure. Failure to comply with these laws and regulations results in huge monetary sanctions, which both private companies and public administrations want to avoid. How to comply with these laws, requires understanding the privacy requirements imposed on information systems. A holistic approach to privacy requirements specification calls for understanding not only the requirements derived from law, but also citizens' needs with respect to privacy. In this paper, we report on our experience in conducting privacy requirements engineering as part of a H2020 European Project, namely VisiOn (Visual Privacy Management in User Centric Open Requirements) for the development of a privacy platform to improve the interaction between Public Administrations (PA) and citizens, while guarding the privacy of the latter. Specifically, we present the process for eliciting, classifying, prioritizing, and validating privacy requirements for the two types of users, namely PA and citizen. The process is applied to different cases spanning from healthcare to other e-governmental initiatives, with the active involvement of the corresponding PAs. We report on findings and lessons learned from this experience.

11. On the Evaluation Measures for Machine Learning Algorithms for Safety-Critical Systems

Author

Mohamad Gharib and Andrea Bondavalli

Subjects

Computer science, business.industry, Cause injury, 020206 networking & telecommunications, 02 engineering and technology, Machine learning, computer.software_genre, Domain (software engineering), Algorithms, Performance Metrics, Safety Measures, Safety-critical Systems, Incomplete knowledge, Life-critical system, 0202 electrical engineering, electronic engineering, information engineering, Position paper, 020201 artificial intelligence & image processing, Artificial intelligence, Set (psychology), business, Focus (optics), Algorithm, computer

Abstract

The ability of Machine Learning (ML) algorithms to learn and work with incomplete knowledge has motivated many system manufacturers to include such algorithms in their products. However, some of these systems can be described as Safety-Critical Systems (SCS) since their failure may cause injury or even death to humans. Therefore, the performance of ML algorithms with respect to the safety requirements of such systems must be evaluated before they are used in their operational environment. Although there exist several measures that can be used for evaluating the performance of ML algorithms, most of these measures focus mainly on some properties of interest in the domains where they were developed. For example, Recall, Precision and F-Factor are, usually, used in Information Retrieval (IR) domain, and they mainly focus on correct predictions with less emphasis on incorrect predictions, which are very important in SCS. Accordingly, such measures need to be tuned to fit the needs for evaluating the safe performance of ML algorithms. This position paper presents the authors’ view on the inadequacy of existing measures, and it proposes a new set of measures to be used for the evaluation of the safe performance of ML algorithms.