TY - GEN
T1 - Practical causal models for cyber-physical systems
AU - Ibrahim, Amjad
AU - Kacianka, Severin
AU - Pretschner, Alexander
AU - Hartsell, Charles
AU - Karsai, Gabor
N1 - Publisher Copyright:
© Springer Nature Switzerland AG 2019.
PY - 2019
Y1 - 2019
N2 - Unlike faults in classical systems, faults in Cyber-Physical Systems will often be caused by the system’s interaction with its physical environment and social context, rendering these faults harder to diagnose. To complicate matters further, knowledge about the behavior and failure modes of a system are often collected in different models. We show how three of those models, namely attack trees, fault trees, and timed failure propagation graphs can be converted into Halpern-Pearl causal models, combined into a single holistic causal model, and analyzed with actual causality reasoning to detect and explain unwanted events. Halpern-Pearl models have several advantages over their source models, particularly that they allow for modeling preemption, consider the non-occurrence of events, and can incorporate additional domain knowledge. Furthermore, such holistic models allow for analysis across model boundaries, enabling detection and explanation of events that are beyond a single model. Our contribution here delineates a semi-automatic process to (1) convert different models into Halpern-Pearl causal models, (2) combine these models into a single holistic model, and (3) reason about system failures. We illustrate our approach with the help of an Unmanned Aerial Vehicle case study.
AB - Unlike faults in classical systems, faults in Cyber-Physical Systems will often be caused by the system’s interaction with its physical environment and social context, rendering these faults harder to diagnose. To complicate matters further, knowledge about the behavior and failure modes of a system are often collected in different models. We show how three of those models, namely attack trees, fault trees, and timed failure propagation graphs can be converted into Halpern-Pearl causal models, combined into a single holistic causal model, and analyzed with actual causality reasoning to detect and explain unwanted events. Halpern-Pearl models have several advantages over their source models, particularly that they allow for modeling preemption, consider the non-occurrence of events, and can incorporate additional domain knowledge. Furthermore, such holistic models allow for analysis across model boundaries, enabling detection and explanation of events that are beyond a single model. Our contribution here delineates a semi-automatic process to (1) convert different models into Halpern-Pearl causal models, (2) combine these models into a single holistic model, and (3) reason about system failures. We illustrate our approach with the help of an Unmanned Aerial Vehicle case study.
KW - Causal reasoning
KW - Cyber-Physical Systems
KW - Halpern-Pearl Causality
KW - Timed Failure Propagation Graphs
UR - http://www.scopus.com/inward/record.url?scp=85066861304&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-20652-9_14
DO - 10.1007/978-3-030-20652-9_14
M3 - Conference contribution
AN - SCOPUS:85066861304
SN - 9783030206512
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 211
EP - 227
BT - NASA Formal Methods - 11th International Symposium, NFM 2019, Proceedings
A2 - Rozier, Kristin Yvonne
A2 - Badger, Julia M.
PB - Springer Verlag
T2 - 11th International Symposium on NASA Formal Methods, NFM 2019
Y2 - 7 May 2019 through 9 May 2019
ER -