Author: admin

12th of March at 16h00, Anamta Khan and Jessica Castro  will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like.
Location: G4.1

Anamta Khan – “A Machine Learning driven Fault Tolerance Mechanism for UAVs’ Flight Controller” 

Bio
Anamta Khan is a PhD student in the SSE group at DEI. She obtained her Master’s and Bachelor’s degrees in Computer Science from the Institute of Business Administration (IBA) in Karachi. Her research focus since 2021 has been on creating a safer airspace with maximum and efficient utilization of drones. She utilizes fault injection in a simulation-based environment to identify vulnerabilities and their impact, and then uses machine learning-based techniques to address them.

Abstract
Unmanned Aerial Vehicles (UAVs), similar to other robotic systems, are susceptible to various hazards (e.g., software or hardware failures or security attacks) that may hinder mission completion and compromise safety by violating the separation minima (i.e., the minimum distance that must be maintained between UAVs in order to ensure safe and efficient operations). To address this issue, this paper proposes a new machine learning-based fault-tolerant mechanism for UAV flight controllers that tolerates GPS-related hazards and improves safety. Machine learning models were built using 884,410 data records from 1,985 flight logs collected from the PX4 public repository. The trained models are used to predict the expected position of the UAV during a mission, and separation minima are used as a threshold to detect the GPS hazards by comparing it with the distance between two consecutive position values. When a hazard is detected (i.e., the distance is higher than separation minima), the predicted values by machine learning models are fed into the position estimator (i.e., EKF) of the flight controller. To evaluate the effectiveness of this approach, validation experiments were conducted on several realistically defined missions while being exposed to different types of failure conditions (e.g., Noise and GPS failure), both with and without using the proposed fault-tolerant mechanism. The results show a remarkable reduction in the safety violations from 94 to 1 (violation of the separation minima counts), indicating a significant improvement in safety. Additionally, the proposed mechanism demonstrated a notable improvement in the distance covered and duration of the flight mission in failure conditions, demonstrating its ability to mitigate faults effectively. These findings support the effectiveness of the proposed fault tolerance mechanism in enhancing UAV mission performance by improving safety and tolerating issues caused by GPS.

Jessica Castro – “Attack Detection in Microservice Applications” 

Bio
Jessica Castro is a PhD candidate in Informatics Engineering at the University of Coimbra, Portugal. She received a BSc. in Computer Science and an MSc in Informatics from Universidade Federal da Paraíba, Brazil. Her research interests include attack detection, microservices/containerised applications, and self-adaptive systems.

Abstract
A microservices-based architecture decreases the complexity of developing new systems, making them highly scalable and manageable. However, its distributed nature, the high granularity of services, and the large attack surface increase the challenge of securing those systems. We will present the challenges of monitoring and identifying attacks in microservice applications at runtime and how we aim to use logic scoring of preference to calculate scores that allow identifying possible attacks.

29th of March, at 16h00, Gabriel Campos will give a presentation entitled“Towards safe autonomous driving” 
Location: G4.1  (speaker will be remote)

Bio
Gabriel R. Campos is a Technical Expert on Precautionary Safety and Research Manager at Zenseact, where he works on safe planning and decision making for ADAS and AD systems. With a background on control theory, his research interests include safety assurance, behavioural prediction and threat-assessment and decision-making techniques. He has driven and participated to several production and research projects on robotic and autonomous vehicles topics, with a particular emphasis on safety critical systems and collision avoidance techniques. He received his Ph.D. in Automatic Control in 2012 from Grenoble University/Grenoble INP, France. Prior to joining the Zenseact, he was a visiting researcher at KTH, Sweden, as well as a postdoctoral fellow with the Department of Signals and Systems, Chalmers University of Technology, Sweden and the DEIB, Politecnico di Milano, Italy.

Abstract
This talk will focus on Zenseact’s journey towards safe automation solutions. We will provide an overview of our technology and  development platform, and describe some of our concepts and visions regarding the development of autonomous vehicles. We will also provide an overview of our research activities and bring forward some challenges and future research avenues.

8th of March at 16h00, Gonçalo Carvalho and José Pereira will give two short presentations, to promote discussion on two relevant ongoing or disruptive topics. Afterwards, there will be a social gathering where everyone can talk freely on whatever subjects they like.
Location: G4.1

Gonçalo Carvalho – “From the ER+ conceptual model to its logical model” 
Bio
Gonçalo Carvalho has a background in Geography and after a change of field is currently doing his Ph.D. research in Data models for multi-layer systems. His major research interests are in the areas of databases, distributed systems, edge computing, cyber-physical systems, and green computing.

Abstract
Distributed databases and data transformation mechanisms are remarkably relevant for Business Intelligence and Data Analytics. The Entity-Relational (ER) model is fundamental for modeling complex enterprise systems, but has shortcomings. ER+ tackled the representation of multiple database locations and conceptually expressed data transportation and data transformation operations, such as aggregate and line functions, which are standard for data analytics. The new ER+ concepts need a logical representation, which we will introduce in this talk. 

José Pereira – “On the Use of Deep Graph CNN to Detect Vulnerable C Functions and Function Prioritization Techniques” 
Bio
José D’Abruzzo Pereira is a Ph.D. student in Informatics Engineering at the University of Coimbra (UC) and a member of the Software and System Engineering (SSE) group at CISUC. His research interests include security and vulnerability detection, static code analysis, software project management, software quality, and self-adaptive systems. He received a MSc in Information Technology and Software Engineering from the University of Coimbra and Carnegie Mellon University and a BSc. in Computer Science from the State University of Campinas – Brazil (Unicamp). He is also acting as a professor in the Specialization in Software Engineering at the State University of Campinas – Brazil (Unicamp) and as an Invited Assistant Professor at the University of Coimbra.

Abstract
Software vulnerabilities are a problem in most software systems. If left unchecked, they can be exploited by malicious third parties to compromise the system, which can result in hazardous consequences. Over the years, several techniques have been proposed to tackle the problem of automatically detecting vulnerabilities. However, despite the efforts, they usually issue many false alarms, which create a large overhead for the development team to analyze them. In this work, we study the viability of using a static technique (developed initially to classify classes of malware) to detect vulnerable C functions. This technique uses the Control Flow Graph (CFG) of the functions, features related to the structure of the graph, and the code sequence. Different from the malware classification problem, we also extract memory management-related features. A Deep Graph Convolutional Neural Network (DGCNN) processes all of the features. To do that, we use vulnerable and non-vulnerable functions of the open-source Linux Kernel project. Results show that a high recall can be obtained using this approach at the cost of low precision. At this point, a new prioritization mechanism is under development, and it uses Quality Models (QMs) to rank the functions. In addition, a security expert classification will help validate the prioritization mechanism.