doc. Ing. Hana Kubátová, CSc.

Vedoucí Katedry číslicového návrhu

Publikace

Evaluating Bad Hosts Using Adaptive Blacklist Filter

Autoři
Rok
2020
Publikováno
Proceedings of the 9th Mediterranean Conference on Embedded Computing - MECO'2020. Institute of Electrical and Electronics Engineers, Inc., 2020. ISSN 2637-9511. ISBN 978-1-7281-6949-1.
Typ
Stať ve sborníku
Anotace
Publicly available blacklists are popular tools to capture and spread information about misbehaving entities on the Internet. In some cases, their straight-forward utilization leads to many false positives. In this work, we propose a system that combines blacklists with network flow data while introducing automated evaluation techniques to avoid reporting unreliable alerts. The core of the system is formed by an Adaptive Filter together with an Evaluator module. The assessment of the system was performed on data obtained from a national backbone network. The results show the contribution of such a system to the reduction of unreliable alerts.

Non-Homogeneous Continuous Time Markov Chains Calculations

Autoři
Kohlík, M.; Kubátová, H.; Řezníček, J.
Rok
2020
Publikováno
Proceedings of the 23rd Euromicro Conference on Digital Systems Design. Los Alamitos, CA: IEEE Computer Soc., 2020. p. 664-671. ISBN 978-1-7281-9535-3.
Typ
Stať ve sborníku
Anotace
Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system is violated, thus the system may cause material loss, serious injuries or casualties. This paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different sets of homogeneous differential equations for several hundreds small time intervals (using default parameters settings - the number of the intervals can be adjusted to balance accuracy/time-consumption ratio). The method is compared to a previous version based on probability matrices and used to calculate the hazard rate of the hierarchical Markov chain. The hierarchical Markov chain allows us to calculate the hazard rates of the blocks independently and the non-homogeneous approach allows us to use them to calculate the hazard rate of the whole system. This method will allow us to calculate the hazard rate of the non-homogeneous Markov chain very accurately compared to methods based on homogeneous Markov chains.

Non-homogeneous hierarchical Continuous Time Markov Chains

Autoři
Kohlík, M.; Kubátová, H.; Řezníček, J.
Rok
2020
Publikováno
Microprocessors and Microsystems. 2020, 2020(78), ISSN 0141-9331.
Typ
Článek
Anotace
This paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different homogeneous probability matrices for several hundreds small time intervals (using default parameters settings — the number of the intervals can be adjusted to balance accuracy/time-consumption ratio). The method is compared to a pessimistic method based on homogeneous Markov chains and used to calculate the hazard rate of the hierarchical Markov chain. The hazard rates of the blocks are calculated independently and the non-homogeneous approach allows us to use them to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks.

Refined detection of SSH brute-force attackers using machine learning

Autoři
Rok
2020
Publikováno
ICT Systems Security and Privacy Protection. Cham: Springer, 2020. p. 49-63. IFIP Advances in Information and Communication Technology. vol. 580. ISSN 1868-4238. ISBN 978-3-030-58200-5.
Typ
Stať ve sborníku
Anotace
This paper presents a novel approach to detect SSH brute-force (BF) attacks in high-speed networks. Contrary to host-based approaches, we focus on network traffic analysis to identify attackers. Recent papers describe how to detect BF attacks using pure NetFlow data. However, our evaluation shows significant false-positive (FP) results of the current solution. To overcome the issue of high FP rate, we propose a machine learning (ML) approach to detection using specially extended IP Flows. The contributions of this paper are a new dataset from real environment, experimentally selected ML method, which performs with high accuracy and low FP rate, and an architecture of the detection system. The dataset for training was created using extensive evaluation of captured real traffic, manually prepared legitimate SSH traffic with characteristics similar to BF attacks, and, finally, using a packet trace with SSH logs from real production servers.

The next step of P4 FPGA architectures: External Memories

Autoři
Čejka, T.; Kubátová, H.; Beneš, T.
Rok
2020
Publikováno
Proceedings of the 8th Prague Embedded Systems Workshop. Praha: Czech Technical University in Prague, 2020. p. 5-7. ISBN 978-80-01-06772-7.
Typ
Stať ve sborníku
Anotace
P4 is a recent feasible technology that helps to make a modern infrastructure flexible and readyfor changes. Software solutions are available, but not efficient enough for high throughput and lowlatency applications. Therefore, hardware acceleration is used commonly. This paper discusses caveatsof currently existing approaches, mainly focused on FPGAs, which are flexible but resource-limited.Our aim is to propose an extension of standard P4 architecture to support external memory and explain apossible approach to overcome the issues.

Accurate Inexact Calculations of Non-Homogeneous Markov Chains

Autoři
Kohlík, M.; Kubátová, H.; Řezníček, J.
Rok
2019
Publikováno
Proceedings of the 22nd Euromicro Conference on Digital Systems Design. Los Alamitos, CA: IEEE Computer Soc., 2019. p. 470-477. ISBN 978-1-7281-2861-0.
Typ
Stať ve sborníku
Anotace
Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system is violated, thus the system may cause material loss, serious injuries or casualties. Hierarchical dependability models allow expressing multiple redundancies made at multiple levels of a system consisting of multiple cooperating blocks. The hazard rates of the blocks are calculated independently and, when combined, they are used to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks. The paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different homogeneous probability matrices for several hundreds small time intervals. This method will allow us to calculate the hazard rate of the non-homogeneous Markov chain very accurately compared to methods based on homogeneous Markov chains.

Dependability Problems in Interconnected World

Autoři
Rok
2019
Publikováno
Proceedings of the 8th Mediterranean Conference on Embedded Computing - MECO'2019. Institute of Electrical and Electronics Engineers, Inc., 2019. p. 9. ISSN 2377-5475. ISBN 978-1-7281-1739-3.
Typ
Stať ve sborníku vyzvaná či oceněná
Anotace
Development of new technologies and especially the basic principles of Industry 4.0 (interconnection, IoT, information transparency, technical assistance, cyber physical systems and decentralization) means not only standard improvements, e.g. increasing of performance, but also some negative issues. Everybody must be on-line 24 hours, there are more and more small things with their own intelligence. The proper trade-off between the price and reliability must be solved always with respect to the application. The application-specific systems are used due to possible programmability both hardware and software blocks. It can lead to totally different principles in digital design. Here global overview of problems that must be taken into account in today interconnected world, especially with emphasizing the dependability issues will be presented. There are several basic questions: what does it mean dependability, how to predict proper parameters and how to guarantee them before the final (mostly expensive) production, what model to use and how to validate it and how to verify the final realization, what are and how to overcome the most probable faults, how to combine and express safety and security limits, and finally how to ensure these requirements concurrently both in development and production processes.

Efficient algorithmic evaluation of correlation power analysis: Key distinguisher based on the correlation trace derivative

Rok
2019
Publikováno
Microprocessors and Microsystems. 2019, 2019(71), 1-8. ISSN 0141-9331.
Typ
Článek
Anotace
Correlation power analysis (CPA) is one of the most common side-channel attacks today, posing a threat to many modern ciphers, including AES. In the final step of this attack, the cipher key is usually extracted by the attacker by visually examining the correlation traces for each key guess. The naïve way to extract the correct key algorithmically is selecting the key guess with the maximum Pearson correlation coefficient. We propose another key distinguisher based on a significant change in the correlation trace rather than on the absolute value of the coefficient. Our approach performs better than the standard maximization, especially in the noisy environment, and it allows to significantly reduce the number of acquired power traces necessary to successfully mount an attack in noisy environment, and in some cases make the attack even feasible.

Future approaches to monitoring in high-speed backbone networks

Autoři
Rok
2019
Publikováno
Proceedings of the 7th Prague Embedded Systems Workshop. Praha: ČVUT FIT, Katedra číslicového návrhu, 2019. p. 27-28. ISBN 978-80-01-06607-2.
Typ
Stať ve sborníku
Anotace
Network monitoring features has been always a challenge in high-speed networks. Some of themlike detailed traffic analysis and packet inspection are not suited or simply not feasible even on modernhardware. The challenges are becoming even greater with an uprise of encrypted traffic. This leaves largeopportunity for threat actors to take advantage of. Therefore, it is necessary to develop a new generationof monitoring tools that can deal with the current issues for security purposes. This research aims toimprove traffic analysis techniques to handle encrypted traffic, and also to adapt hardware acceleratedmonitoring components for processing.

Hierarchical Dependability Models based on Non-Homogeneous Continuous Time Markov Chains

Autoři
Kohlík, M.; Kubátová, H.; Řezníček, J.
Rok
2019
Publikováno
2019 14th International Conference on Design & Technology of Integrated Systems In Nanoscale Era (DTIS). IEEE, 2019. ISBN 978-1-7281-3424-6.
Typ
Stať ve sborníku
Anotace
This paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different homogeneous probability matrices for several hundreds small time intervals. The proposed method is applied on hierarchical dependability models allowing independent calculations of the hazard rates of multiple cooperating blocks of the system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks and the proposed method is very accurate compared to methods based on homogeneous Markov chains.

Correlation Power Analysis Distinguisher Based on the Correlation Trace Derivative

Rok
2018
Publikováno
Proceedings of the 21st Euromicro Conference on Digital System Design. Piscataway: IEEE, 2018. p. 565-568. ISBN 978-1-5386-7376-8.
Typ
Stať ve sborníku
Anotace
Correlation power analysis (CPA) is one of the most common side channel attacks today, posing a threat to many modern ciphers, including AES. The simplest method to extract the correct key guess is selecting the guess with the maximum Pearson correlation coefficient. We propose another distinguisher based on a significant change in the correlation trace rather than on the absolute value of the coefficient. Our approach performs better than the standard CPA, especially in the noisy environment.

P4-To-VHDL: Automatic generation of high-speed input and output network blocks

Autoři
Kubátová, H.; Čejka, T.; Benáček, P.; Puš, V.P.
Rok
2018
Publikováno
Microprocessors and Microsystems. 2018, 56 22-33. ISSN 0141-9331.
Typ
Článek
Anotace
High-performance embedded architectures typically contain many stand-alone blocks which communicate and exchange data; additionally a high-speed network interface is usually needed at the boundary of the system. The software-based data processing is typically slow which leads to a need for hardware accelerated approaches. The problem is getting harder if the supported protocol stack is rapidly changing. Such problem can be effectively solved by the Field Programmable Gate Arrays and high-level synthesis which together provide a high degree of generality. This approach has several advantages like fast development or possibility to enable the area of packet-oriented communication to domain oriented experts. However, the typical disadvantage of this approach is the insufficient performance of generated system from a high-level description. This can be a serious problem in the case of a system which is required to process data at high packet rates. This work presents a generator of high-speed input (Parser) and output (Deparser) network blocks from the P4 language which is designed for the description of modern packet processing devices. The tool converts a P4 description to a synthesizable VHDL code suitable for the FPGA implementation. We present design, analysis and experimental results of our generator. Our results show that the generated circuits are able to process 100 Gbps traffic with fairly complex protocol structure at line rate on Xilinx Virtex-7 XCVH580T FPGA. The approach can be used not only in networking devices but also in other applications like packet processing engines in embedded cores because the P4 language is device and protocol independent.

Speeding up differential power analysis using integrated power traces

Rok
2018
Publikováno
2018 7th Mediterranean Conference on Embedded Computing (MECO). Piscataway: IEEE, 2018. p. 19-23. ISBN 978-1-5386-5683-9.
Typ
Stať ve sborníku
Anotace
Side-channel attacks, including differential power analysis (DPA), are still an emerging topic. To make a deep research about DPA, one needs to be able to perform it as fast as possible. There are many possible ways to decrease the time of the attack. In this paper, we propose a way to decrease the duration of the correlation computations of this kind of attack by decreasing the number of samples per a power trace using an integration based aggregation method. We comprehensively describe this idea and present the results of an experimental evaluation focusing on the time efficiency of this approach.

Číslicový návrh spojující odolnost proti poruchám a odolnost proti útokům

Rok
2017
Publikováno
Počítačové architektúry & diagnostika PAD 2017 - Zborník príspevkov. Bratislava: STU Scientific, 2017. pp. 43-46. ISBN 978-80-972784-0-3.
Typ
Stať ve sborníku vyzvaná či oceněná
Anotace
Odolnost proti poruchám a odolnost proti útokům jsou návrhové vlastnosti, které mohou být u některých zařízení vyžadovány současně. Pro obě tyto vlastnosti existují návrhové metody, které ovšem vyžadují poměrně velkou režii plochy či spotřeby. Vzhledem k této režii by se mohlo stát, že návrh odolný proti poruchám sníží odolnost proti útokům nebo naopak návrh odolný proti útokům sníží odolnost proti poruchám. Cílem našeho výzkumu je prozkoumat tyto vzájemné vlivy a navrhnout nové metody spojující odolnost proti poruchám a odolnost proti útokům.

Dependability or reliability in the real world history, terminology, prediction

Rok
2017
Publikováno
Proceedings of the 6th Mediterranean Conference on Embedded Computing (MECO 2017). IEEE (Institute of Electrical and Electronics Engineers), 2017. p. 17-20. ISBN 978-1-5090-6741-1.
Typ
Stať ve sborníku
Anotace
This paper describes evaluation and consequent improvements in the field of dependability prediction from the beginning to nowadays. The necessity to determine the reliability characteristics of the electronic equipments is shown. The basic terms, definitions, and current problems are described. The demonstration of the prediction of reliability parameters according to the MIL-HDBK-217 standard based studies is presented by case studies - real examples from Czech railways track circuits projects and the discussion of the results of student tasks.

Influence of Fault-Tolerance Techniques on Power-Analysis Resistance of Cryptographic Design

Rok
2017
Publikováno
Proc. of the 20th Euromicro Conference on Digital System Design. Piscataway, NJ: IEEE, 2017. p. 260-267. ISBN 978-1-5386-2146-2.
Typ
Stať ve sborníku
Anotace
As the security is becoming more and more important these days, we still should not forget about reliability. When designing a cryptographic device for some mission-critical or another reliability demanding system, we need to make the device not only attack-resistant, but also fault-tolerant. There are many common fault-tolerant digital design techniques, however, it is questionable, how these techniques affect the attack-resistance. Do they make the device more vulnerable e.g. to side-channel attacks? In our work we focused on finding the answer to this question. We experimentally evaluated the influence of information redundancy, space redundancy and time redundancy techniques on resistance against power analysis attack. In this paper we present our observations.

Influence of passive hardware redundancy on differential power analysis resistance of AES cipher implemented in FPGA

Rok
2017
Publikováno
Microprocessors and Microsystems. 2017, 2017(51), 220-226. ISSN 0141-9331.
Typ
Článek
Anotace
Many electronic systems have to fulfill strict dependability properties, especially both fault tolerance and attack resistance. Intuitively, these requirements may seem to contradict each other. A study and an experiment description of the possible methods how to measure these impacts as well as result of first experiments are presented in this paper. Specifically, how basic passive hardware redundancy design methods affects resistance against differential power analysis attack and how the whole design can be modified to increase attack resistance will be discussed.

Optimization of Pearson correlation coefficient calculation for DPA and comparison of different approaches

Rok
2017
Publikováno
Proceedings of the 2017 IEEE 20th International Symposium on Design and Diagnotics of Electronic Circuit & Systems. Piscataway, NJ: IEEE, 2017. p. 184-189. ISSN 2473-2117. ISBN 978-1-5386-0472-4.
Typ
Stať ve sborníku
Anotace
Differential power analysis (DPA) is one of the most common side channel attacks. To perform this attack we need to calculate a large amount of correlation coefficients. This amount is even higher when attacking FPGAs or ASICs, for higher order attacks and especially for attacking DPA protected devices. This article explains different approaches to the calculation of correlations, describes our implementation of these approaches and presents a detailed comparison considering their performance and their properties for a practical usage.

Parity driven reconfigurable duplex system

Rok
2017
Publikováno
Microprocessors and Microsystems. 2017, 52 251-260. ISSN 0141-9331.
Typ
Článek
Anotace
This paper proposes a method improving the fault-coverage capabilities of Field Programmable Gate Array (FPGA) designs. Faults are mostly Single Event Upsets (SEUs) in the configuration memory of SRAM-based FPGAs and they can change the functionality of an implemented design. These changes may lead to crucial mistakes and cause damage to people and environment. The proposed method utilizes Concurrent Error Detection techniques and the basic architectures of actual modern FPGAs - the Look-Up Table (LUT) with two outputs. The main part of the paper is the description of the proposed method (Parity Waterfall) based on a cascade - waterfall - of several waves of inner parity generating the final parity of outputs of the whole circuit. The proposed Parity Waterfall (PWtf) method utilizes the (mostly) unused output of a two-output LUT to cover any single possible routing or LUT fault with a small area overhead. The encapsulation of the proposed PWtf method into a Duplication with Comparison scheme is presented in the second part of the paper. This encapsulation allows us to create a system containing two independent copies of all parts able to detect and localize any single fault (like common Triple Modular Redundancy method). Experiments are performed on the standard set of IWLS2005 benchmarks in our simulator. The results demonstrate differences between our proposed method and a similar existing technique - Duplication with Comparison (DwC), and between the encapsulated PWtf method and TMR. The proposed method has a lower relative overhead and requires a lower number of inputs and outputs.

Predicting the Life Expectancy of Railway Fail-safe Signaling Systems Using Dynamic Models with Censoring

Rok
2017
Publikováno
2017 IEEE International Conference on Software Quality, Reliability and Security (QRS). Los Alamitos, CA: IEEE Computer Soc., 2017. p. 329-339. ISBN 978-1-5386-0592-9.
Typ
Stať ve sborníku
Anotace
In the presented work we predict the life expectancy of multi-part railway fail-safe signaling systems. The monitored electronic track circuits detect train locations and movement in real time, and issue alerts and warnings to prevent collisions. Based on 10 years of failure reports from the manufacturer of systems used by Czech railroads, we establish estimates of time-to-failure distributions of their components. We modify and apply survival models for censored data with various parameters for which we propose and compare new estimators. Both left and right time-based censoring of the data is considered. This approach allows us to include in the analysis components that were in operation before the study started, as well as components that were functional after the end of the study. Special attention is paid to the correct treatment of missing and incomplete data in the analyzed reports. We compare models with constant and variable failure rates. Hypotheses testing methodology is used to select a model with the best fit for the analyzed data.

The effect of the transient faults in dependability prediction

Autoři
Daňhel, M.; Kubátová, H.; Štěpánek, F.
Rok
2017
Publikováno
Microprocessors and Microsystems. 2017, 52(C), 498-504. ISSN 0141-9331.
Typ
Článek
Anotace
Markov chain models are used to evaluate the dependability properties (reliability, safety, availability, maintainability etc.) of the mission-critical systems. Dependability models are often focused only on the basic stuck-at faults. On the other hand the transient faults are present in the operational environment but not included in the dependability prediction. The aim of this paper is to show how the transient faults influence the dependability prediction using the Markov chain model. In this paper basic TMR Markov chain model using stuck-at faults is compared to our extended TMR model considering both the stuck-at and transient faults. The main focus is given on the calculation of the dependability parameter lambda (i.e. the failure rate of the system).

Číslicový návrh spojující odolnost proti útokům a odolnost proti poruchám

Rok
2016
Publikováno
Počítačové Architektury & Diagnostika PAD 2016 - Sborník příspěvků. Brno: Vysoké učení technické v Brně, 2016. p. 53-56. ISBN 978-80-214-5376-0.
Typ
Stať ve sborníku
Anotace
Tento výzkum se zabývá možnostmi, jak zkombinovat metody číslicového návrhu pro odolnost proti poruchám a odolnost proti útokům. Tyto vlastnosti se mohou často navzájem potlačovat, jejich dosažení je navíc často doprovázeno výrazným zvýšením plochy a spotřeby. V současné době se výzkum zaměřuje na vzájemný vliv obou vlastností, v budoucnu bude cílem vytvořit návrhovou metodu zlepšující obě vlastnosti současně.

Comparing Proton and Neutron Induced SEU Cross Section in FPGA

Autoři
Kubátová, H.; Vaňát, T.; Křížek, F.; Ferencei, J.
Rok
2016
Publikováno
Proceedings of the 2016 IEEE 19th International Symposium on Design and Diagnostics of Electronic Circuits & Systems (DDECS). Piscataway: IEEE, 2016. pp. 214-217. ISSN 2334-3133. ISBN 978-1-5090-2467-4.
Typ
Stať ve sborníku
Anotace
Single event upsets (SEU) are induced by an electric charge deposited in the material of the chip. The origin of the charge can be either from outside of the chip or it can be generated inside as a result of a nuclear reaction. We have measured the cross section of SEUs in FPGA using protons (directly ionizing particles) and neutrons (indirectly ionizing particles). Used energies up to 34 MeV are in the range, where the differences in the proton’s ionizing power are most significant thanks to the Bragg peak. Measurements have shown, that the direct ionization is not the dominant effect causing SEU.

Education of Computer Engineering at CTU in Prague

Rok
2016
Publikováno
Proceedings of the 5th Mediterranean Conference on Embedded Computing (MECO 2016). Piscataway: Institute of Electrical and Electronics Engineers, 2016. pp. 22-25. ISSN 2377-5475. ISBN 978-1-5090-2221-2.
Typ
Stať ve sborníku
Anotace
This paper presents the experience from 7 years existence of Faculty of Information Technology at Czech Technical University in Prague with respect to today Computer Engineering specialization trends. Our education process and study methods are based on programmable hardware, embedded systems and design style intended for such devices. All our courses have both parts; theoretical lectures and practical labs. Here the structure and methods how to prepare our bachelor students for both practice and for the further master study is presented.

Enhanced duplication method with TMR-like masking abilities

Rok
2016
Publikováno
Proceedings of 19th Euromicro Conference on Digital System Design DSD 2016. Los Alamitos, CA: IEEE Computer Soc., 2016. pp. 690-693. ISBN 978-1-5090-2816-0.
Typ
Stať ve sborníku
Anotace
This paper proposes a method improving the faultcoverage capabilities of Field Programmable Gate Array (FPGA) designs. Faults are mostly single event upsets (SEUs) in the configuration memory of SRAM-based FPGAs and they can change the functionality of an implemented design. These changes may lead to crucial mistakes and cause damage to people and environment. The proposed method utilizes Concurrent Error Detection (CED) techniques and the basic architectures of actual modern FPGAs – the Look-Up Table (LUT) with two outputs. The Parity Waterfall method (based on a cascade – waterfall – of several waves of inner parity generating the final parity of outputs of the whole circuit) presented in our previous paper has been encapsulated into a Duplication scheme in this paper. This encapsulation allows us to create a system containing two independent copies of all parts able to detect and localize any single fault (like common Triple Modular Redundancy (TMR) method). Experiments are performed on the standard set of IWLS2005 benchmarks in our simulator. The results demonstrate differences between our proposed method in comparison with TMR – the proposed method has a lower relative overhead and requires a lower number of inputs and outputs.

Hardware-software co-design: A practical course for future embedded engineers

Autoři
Kubátová, H.; Bartík, M.; Pichlová, D.
Rok
2016
Publikováno
Proceedings of the 5th Mediterranean Conference on Embedded Computing (MECO 2016). Piscataway: Institute of Electrical and Electronics Engineers, 2016. p. 347-350. ISSN 2377-5475. ISBN 978-1-5090-2221-2.
Typ
Stať ve sborníku
Anotace
This paper describes the way how to teach the hardware-software co-design technique and basics of System-on- Chip (SoC) design and architecture on a practical example using state of the art AP SoC (All Programmable System on Chip) which combines FPGA logic and dual-core ARM Cortex-A9 CPU. Students are required to propose a new peripheral circuit in the FPGA logic and its interconnection with ARM CPU by an AXI4-Lite bus. This paper also presents the structure and results of these student's projects and the influence of previous courses oriented towards the general digital design in Informatics specialization intended for future embedded engineers.

Influence of fault-tolerant design methods on differential power analysis resistance of AES cipher: Methodics and challenges

Rok
2016
Publikováno
Proceedings of the 5th Mediterranean Conference on Embedded Computing (MECO 2016). Piscataway: Institute of Electrical and Electronics Engineers, 2016. p. 14-17. ISSN 2377-5475. ISBN 978-1-5090-2221-2.
Typ
Stať ve sborníku
Anotace
Many electronic systems has to fulfill strict dependability properties, especially both fault tolerance and attack resistance. These requirements usually contradict each other. The study and experiment descriptions of the possible methods how to measure these impacts are presented in this paper. Specifically, how fault-tolerant design methods affects resistance against differential power analysis attack and how the whole design can be modified to increase attack resistance will be discussed.

NEMEA: A Framework for Network Traffic Analysis

Autoři
Čejka, T.; Kubátová, H.; Bartoš, V.; Švepeš, M.; Rosa, Z.
Rok
2016
Publikováno
12th International Conference on Network and Service Management. Montreal: IEEE, 2016. p. 195-201. ISSN 2165-963X. ISBN 978-3-901882-85-2.
Typ
Stať ve sborníku
Anotace
Since network attacks become more sophisticated, it is difficult to discover them using traditional analysis tools. For some kinds of attacks, it is necessary to analyze Application Layer (L7) information in order to detect them. However, there is a lack of existing tools capable of L7 processing and manipulation. Therefore, we propose a flow-based modular Network Measurements Analysis (NEMEA) system to overcome the situation. NEMEA is designed with respect to a stream-wise concept, i. e. data are analyzed continuously in memory with minimal data storage. NEMEA is developed as an open-source project and is publicly available for world-wide community. It is designed for both experimental and operational use. It is able to process off-line traffic traces as well as live network flows. The system is very flexible and can be easily extended by new modules. The modules are developed within a NEMEA framework that is a key component of the project. NEMEA thus represents a unified platform for research and development of new traffic analysis methods. It covers several important topics not limited to analysis and detection. Some of them are described in this paper. Originally, NEMEA has been developed for the purposes of Czech National Research and Education Network operator. Therefore, it is focused on handling high speed network traffic with links working at 100 Gbps.

P4-to-VHDL: Automatic Generation of 100 Gbps Packet Parsers

Autoři
Kubátová, H.; Benáček, P.; Puš, VP
Rok
2016
Publikováno
2016 IEEE 24th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM 2016). Piscataway: Institute of Electrical and Electronics Engineers, 2016. p. 148-155. ISBN 978-1-5090-2356-1.
Typ
Stať ve sborníku
Anotace
Software Defined Networking and OpenFlow offer an elegant way to decouple network control plane from data plane. This decoupling has led to great innovation in the control plane, yet the data plane changes come at much slower pace, mainly due to the hard-wired implementation of network switches. The P4 language aims to overcome this obstacle by providing a description of a customized packet processing functionality for configurable switches. That enables a new generation of possibly heterogeneous networking hardware that can be runtime tailored for the needs of particular applications from various domains. In this paper we contribute to the idea of P4 by presenting design, analysis and experimental results of our packet parser generator. The generator converts a parse graph description of P4 to a synthetizable VHDL code suitable for FPGA implementation. Our results show that the generated circuit is able to parse 100 Gbps traffic with fairly complex protocol structure at line rate on a Xilinx Virtex-7 FPGA. The approach can be used not only in switches, but also in other appliances, such as application accelerators and smart NICs. We compare the generated output to a hand-written parser to show that the price for configurability is only a slightly larger and slower circuit.

Parity Waterfall Method

Rok
2016
Publikováno
Proceedings of the 2016 IEEE 19th International Symposium on Design and Diagnostics of Electronic Circuits & Systems (DDECS). Piscataway: IEEE, 2016. pp. 21-26. ISSN 2334-3133. ISBN 978-1-5090-2467-4.
Typ
Stať ve sborníku
Anotace
This paper proposes a method for improvement of the fault-coverage capabilities of Field Programmable Gate Array (FPGA) designs. It utilizes Concurrent Error Detection (CED) techniques and the basic architectures of actual modern FPGAs the Look-Up Table (LUT) with two outputs. Proposed Parity Waterfall method is based on a cascade (waterfall) of several waves of inner parity generating the final parity of outputs of the whole circuit. The utilization of the (mostly) unused output of a two-output LUT allows the proposed method to cover any single possible routing or LUT fault with a small area overhead. The method is experimentally evaluated using the standard set of IWLS2005 benchmarks and using our simulator/emulator. The experimental results of the proposed parity waterfall method are compared with a similar existing technique (duplication with comparison). These results show that the area overhead is smaller than the overhead of the duplication with comparison method for all of the tested circuits and 100% fault coverage is achieved.

Reliability Model of TMR System Considering Transient Faults

Autoři
Daňhel, M.; Kubátová, H.; Štěpánek, F.
Rok
2016
Publikováno
TRUDEVICE 2016: Workshop on Trustworthy Manufacturing and Utilization of Secure Devices. Dresden: Technische Universität, 2016.
Typ
Stať ve sborníku
Anotace
Markov chain models are used to evaluate the dependability properties (reliability, safety, availability, maintainability etc.) of the systems especially those used in mission-critical applications. Based on these models the fault intensity and operational time length of such systems can be predicted. But in most cases these models are derived only by basic stuck-at fault models. The main aim of this paper is to compare the basic TMR (Triple-Modular-Redundancy) Markov chain model using the stuck-at faults only with TMR considering both per manent and transient faults. The main focus is given on the calculation of the dependability parameters. Obtained results are compared and discussed.

The Effect of the Transient Faults in Dependability Prediction

Autoři
Daňhel, M.; Kubátová, H.; Štěpánek, F.
Rok
2016
Publikováno
Proceedings of 19th Euromicro Conference on Digital System Design DSD 2016. Los Alamitos, CA: IEEE Computer Soc., 2016. p. 9-13. ISBN 978-1-5090-2816-0.
Typ
Stať ve sborníku
Anotace
Markov chain models are used to evaluate the dependability properties (reliability, safety, availability, maintainability etc.) of the mission-critical systems. Dependability models are often focused only on the basic stuck-at faults. On the other hand the transient faults are present in the operational environment but not included in the dependability prediction. The aim of this paper is to show how the transient faults influence the dependability prediction using the Markov chain model. In this paper basic TMR Markov chain model using stuck-at faults is compared to our extended TMR model considering both the stuck-at and transient faults. The main focus is given on the calculation of the dependability parameter lambda (i.e. the failure rate of the system).

A System for Radiation Testing and Physical Fault Injection into the FPGAs and Other Electronics

Autoři
Kubátová, H.; Vaňát, T.; Pospíšil, J.; Křížek, F.; Ferencei, J.
Rok
2015
Publikováno
Proceedings of the Euromicro Conference on Digital System Design - DSD 2015. Los Alamitos: IEEE Computer Society, 2015. ISBN 978-1-4673-8035-5.
Typ
Stať ve sborníku
Anotace
The description of equipment and methods used for conducting ionizing radiation Accelerated Life Testing (ALT) of programmable hardware, especially Field Programmable Gate Arrays (FPGA) at the cyclotron is introduced. Methodology of testing and Single Event Effects (SEE) detection and online monitoring is described together with some results of testing several SRAM and Flash based FPGAs. In the course of this work, various tool for beam monitoring and manipulating were developed.

Automatic Generation of 100 Gbps Packet Parsers from P4 Description

Autoři
Kubátová, H.; Benáček, P.; Puš, VP
Rok
2015
Publikováno
First International Workshop on Heterogeneous High-performance Reconfigurable Computing. 2015.
Typ
Stať ve sborníku
Anotace
Software Defined Networking and OpenFlow offer an elegant way to decouple network control plane from data plane. This decoupling has led to great innovation in the control plane, yet the data plane changes come at much slower pace, mainly due to the hard-wired implementation of network switches. The P4 language aims to overcome this obstacle by providing a description of a customized packet processing functionality for configurable switches. That enables a new generation of possibly heterogeneous networking hardware that can be run-time tailored for the needs of particular applications from various domains, such as HPC. In this paper we contribute to the idea of P4 by presenting design, analysis and experimental results of our packet parser generator. The generator converts a parse graph description of P4 to a synthetizable VHDL code suitable for FPGA implementation. Our results show that the generated circuit is able to parse 100 Gbps traffic with fairly complex protocol structure at line rate on a Xilinx Virtex-7 FPGA. The approach can be used not only in switches, but also in other appliances, such as application accelerators and smart NICs. We compare the generated output to a handwritten parser to show that the price for configurability is only slightly larger and slower circuit.

Nemea: Searching for Botnet Footprints

Autoři
Rok
2015
Publikováno
Proceedings of the 3rd Prague Embedded Systems Workshop. Praha: ČVUT FIT, Katedra číslicového návrhu, 2015. pp. 11-16. ISBN 978-80-01-05776-6.
Typ
Stať ve sborníku
Anotace
Malicious network traffic originated by malware means a serious threat. Current malware is designed to hide itself from the eyes of victim users as well as network administrators. It is very difficult or impossible to discover such traffic using traditional ways of flow-based monitoring. This paper describes a network traffic analysis of a backbone network as an attempt to discover infected devices. Cooperation with forensic laboratory and analysis of samples of malware allow to gain information that can lead to find unwanted traffic. Special tailored Nemea framework with high speed monitoring pipeline was used to discover infected devices on the network.

Using Application-Aware Flow Monitoring for SIP Fraud Detection

Autoři
Čejka, T.; Kubátová, H.; Bartoš, V.; Truxa, L.
Rok
2015
Publikováno
Intelligent Mechanisms for Network Configuration and Security. Cham: Springer International Publishing, 2015. p. 87-99. ISSN 0302-9743. ISBN 978-3-319-20033-0.
Typ
Stať ve sborníku
Anotace
Flow monitoring helps to discover many network security threats targeted to various applications or network protocols. In this paper, we show usage of the flow data for analysis of a Voice over IP (VoIP) traffic and a threat detection. A traditionally used flow record is insufficient for this purpose and therefore it was extended by application-layer information. In particular, we focus on the Session Initiation Protocol (SIP) and the type of a toll-fraud in which an attacker tries to exploit poor configuration of a private branch exchange (PBX). The attacker’s motivation is to make unauthorized calls to PSTN numbers that are usually charged at high rates and owned by the attacker. As a result, a successful attack can cause a significant financial loss to the owner of PBX. We propose a method for stream-wise and near real-time analysis of the SIP traffic and detection of the described threat. The method was implemented as a module of the Nemea system and deployed on a backbone network. It was evaluated using simulated as well as real attacks.

Architecture of Effective High-Speed Network Stream Merger

Autoři
Kubátová, H.; Benáček, P.; Puš, V.
Rok
2014
Publikováno
Proceedings of 2014 17th Euromicro Conference. Piscataway: IEEE, 2014, pp. 459-464. ISBN 978-1-4799-5793-4.
Typ
Stať ve sborníku
Anotace
This paper deals with the architecture for effective merging of high-speed network streams into one communication line. Networking hardware typically has more than one Ethernet port and if we want to transfer data via single communication bus (PCI-Express, for example) we need to merge all the Ethernet lines into one wide data stream. This paper discusses various approaches of dealing with the emerging issues related to very wide data busses and their alignment. The main contribution of this paper is the introduction of the architecture for merging of high-speed network streams as effective as possible. We use Virtex-7 equipped FPGA card to implement and test our architecture.

Change-point detection method on 100 Gb/s ethernet interface

Autoři
Čejka, T.; Kubátová, H.; Benáček, P.; Blažek, R.
Rok
2014
Publikováno
Architectures for Networking and Communications Systems (ANCS), 2014 ACM/IEEE Symposium on. New York: ACM, 2014. p. 245-246. ISBN 978-1-4503-2839-5.
Typ
Stať ve sborníku
Anotace
This paper deals with hardware acceleration of statistical methods for detection of anomalies on 100Gb/s Ethernet. The approach is demonstrated by implementing a sequential Non-Parametric Cumulative Sum (NP-CUSUM) procedure. We use high-level synthesis in combination with emerging software defined monitoring (SDM) methodology for rapid development of FPGA-based hardware-accelerated network monitoring applications. The implemented method offloads detection of network attacks and anomalies directly into an FPGA chip. The parallel nature of FPGA allows for simultaneous detection of various kinds of anomalies. Our results show that hardware acceleration of statistical methods using the SDM concept with high-level synthesis from C/C++ is possible and very promising for traffic analysis and anomaly detection in high-speed 100Gb/s networks.

Fault Recovery Method of Modular Systems based on Reconfigurations

Autoři
Rok
2014
Publikováno
Designing with Uncertainty - Opportunities and Challenges Workshop. 2014,
Typ
Stať ve sborníku
Anotace
This paper presents the method of dependability parameters improvement for systems based on unreliable components such as Field Programmable Gate Arrays (FPGAs). It combines concurrent Error Detection (CED) techniques, FPGA dynamic reconfigurations and our previously designed Modified Duplex System (MDS) architecture. The methodology is developed with respect to the minimal area overhead. It is aimed for practical applications of modular systems. Therefore it is applied and tested on the safety railway station system. This Fault-Tolerant (FT) design is tested to fulfill strict Czech standards [8]. The proposed method is based on static and partial dynamic reconfiguration of totally self-checking blocks which allows a full recovery from a Single Even Upset (SEU).

Fault Recovery Method with High Availability for Practical Applications

Autoři
Rok
2014
Publikováno
MEMICS proceedings. Brno: NOVPRESS, 2014, pp. 127. ISBN 978-80-214-5022-6.
Typ
Stať ve sborníku
Anotace
Our research is focused on mission critical applications using SRAM based Field Programmable Gate Arrays (FPGAs).The main goal is to reach higher availability and dependability and low power using unreliable components (FPGAs) with respect to highest safety according to strict Czech standards. Our methodology is designed for fast applicatons and rapid prorotyping of modular systems, which are useful for fast development thanks to its regulars structure. The methodology combines Concurrent Error Detection (CED) techniques, FPGA dynamic recondfigurations and our previously designed Modified Duplex Systems (MDS) architecture. The methodology tries minimizes area overhead. It is aimed for practical applications of modular systems, which are composed from blocks. We applied and tested it on the safety railway station system. The proposed method is based on static and partial dynamic reconfiguration of totally self-checking blocks which allows a full recovery from a Single Even Upset (SEU).

Fault Tolerant Duplex System with High Availability for Practical Applications

Rok
2014
Publikováno
Proceedings of 2014 17th Euromicro Conference. Piscataway: IEEE, 2014. p. 320-325. ISBN 978-1-4799-5793-4.
Typ
Stať ve sborníku
Anotace
This paper presents the method of dependability parameters improvement for systems based on unreliable components such as Field Programmable Gate Arrays (FPGAs). It combines Concurrent Error Detection (CED) techniques [4], FPGA dynamic reconfigurations and our previously designed Modified Duplex System (MDS) architecture. The methodology is developed with respect to the minimal area overhead and high availability. It is aimed for mission critical practical applications of modular systems. Therefore it is applied and tested on the safety railway station system, where all these parameters are required. This Fault-Tolerant (FT) design is modeled and tested to fulfill strict Czech standards [7]. The proposed method is based on static and partial dynamic reconfiguration [5] of totally self-checking blocks which allows a full recovery from a Single Even Upset (SEU). This method is compared with triple module redundancy technique.

FPGA Accelerated Change-Point Detection Method for 100 Gb/s Networks

Autoři
Čejka, T.; Kubátová, H.; Kekely, L.; Benáček, P.; Blažek, R.
Rok
2014
Publikováno
MEMICS proceedings. Brno: NOVPRESS, 2014. pp. 40-51. ISBN 978-80-214-5022-6.
Typ
Stať ve sborníku
Anotace
The aim of this paper is a hardware realization of a statistical anomaly detection method as a part of high-speed monitoring probe for computer networks. The sequential Non-Parametric Cumulative Sum (NP-CUSUM) procedure is the detection method of our choice and we use an FPGA based accelerator card as the target platform. For rapid detection algorithm development, a high-level synthesis (HLS) approach is applied. Furthermore, we combine HLS with the usage of Software Defined Monitoring (SDM) framework on the monitoring probe, which enables easy deployment of various hardware-accelerated monitoring applications into high-speed networks. Our implementation of NP-CUSUM algorithm serves as hardware plug-in for SDM and realizes the detection of network attacks and anomalies directly in FPGA. Additionally, the parallel nature of the FPGA technology allows us to realize multiple different detections simultaneously without any losses in throughput. Our experimental results show the feasibility of HLS and SDM combination for effective realization of traffic analysis and anomaly detection in networks with speeds up to 100 Gb/s.

Hierarchical Models of Markov Chains: Optimizations with Limited Pessimism

Rok
2014
Publikováno
Proceedings of the 18th International Conference Electronics 2014. Kaunas: Technologija, 2014. p. 59-62. ISBN 978-609-02-1065-9.
Typ
Stať ve sborníku
Anotace
Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system (e.g. railway station signalling and interlocking equipment, automotive systems, etc.) is violated, thus the system may cause material loss, serious injuries or casualties. A hierarchical dependability model based on multiple Markov chains allows expressing multiple redundancies made at multiple levels of a system consisting of multiple cooperating blocks. The hazard rates of the blocks are calculated independently and, when combined, they are used to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks. The paper shows a method of reducing Markov chains and using them to create hierarchical dependability models and its extensions allowing more accurate results to be achieved. An example study is used to demonstrate the improvements obtained by the extensions when compared to the original method.

Pessimistic Dependability Models Based on Hierarchical Markov Chains

Rok
2014
Publikováno
Proceedings of the 2nd Prague Embedded Systems Workshop. 2014.
Typ
Stať ve sborníku
Anotace
Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system (e.g. railway station signaling and interlocking equipment, automotive systems, etc.) is violated, thus the system may cause material loss, serious injuries or casualties. A hierarchical dependability model based on multiple Markov chains allows expressing multiple redundancies made at multiple levels of a system consisting of multiple cooperating blocks. The hazard rates of the blocks are calculated independently and, when combined, they are used to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks.

Stream-wise Detection of Surreptitious Traffic over DNS

Autoři
Rok
2014
Publikováno
2014 IEEE 19th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD) (CAMAD 2014). Pomona, California: IEEE Communications Society, 2014. p. 300-304. ISSN 2378-4865. ISBN 978-1-4799-5725-5.
Typ
Stať ve sborníku
Anotace
The Domain Name System (DNS) belongs to crucial services in a computer network. Because of its importance, DNS is usually allowed in security policies. That opens a way to break policies and to transfer data from/to restricted area due to misusage of a DNS infrastructure. This paper is focused on a detection of communication tunnels and other anomalies in a DNS traffic. The proposed detection module is designed to process huge volume of data and to detect anomalies at near real-time. It is based on combination of statistical analysis of several observed features including application layer information. Our aim is a stream-wise processing of huge volume of DNS data from backbone networks. To achieve these objectives with minimal resource consumption, the detection module uses efficient extended data structures. The performance evaluation has shown that the detector is able to process approximately 511 thousand DNS flow records per second. In addition, according to experiments, a tunnel that lasts over 30 seconds can be detected in a minute. During the on-line testing on a real traffic from production network, the module signalized on average over 60 confirmed alerts including DNS tunnels per day.

Hierarchical Dependability Models Based on Markov Chains

Rok
2013
Publikováno
Proceedings of 2013 26th International Conference on Architecture of Computing Systems (ARCS). Berlin: VDE VERLAG GMBH Berlin, 2013, ISSN 0302-9743. ISBN 978-3-642-36423-5.
Typ
Stať ve sborníku
Anotace
A dependability model allows calculating the rate of an event leading to a hazard state - a situation, where safety of the modeled system is violated, thus the system may cause material loss, serious injuries or casualties. A hierarchical dependability model allows expressing multiple redundancies made at multiple levels of a system decomposed to multiple cooperating blocks. A hierarchical dependability model based on Markov chains allows each block and its relation to the other blocks to be expressed independently by a Markov chain. This allows a decomposition of a complex dependability model into multiple small models to be made. The decomposed model is easier to read, understand and modify. A hazard rate is calculated significantly faster using hierarchical model, because the decomposition allows exponential calculation-time explosion to be avoided. The hazard rate of the system is the key value to specify the Safety Integrity Level (SIL).

Markov chains hierarchical dependability models: Worst-case computations

Rok
2013
Publikováno
14th Latin American Test Workshop. Los Alamitos: IEEE Computer Society, 2013, ISBN 978-1-4799-0597-3.
Typ
Stať ve sborníku
Anotace
Dependability models allow calculating the rate of an event leading to a hazard state – a situation, where safety of the modeled dependable system (e.g. railway station signaling and interlocking equipment, automotive systems, etc.) is violated, thus the system may cause material loss, serious injuries or casualties. A hierarchical dependability model allows expressing multiple redundancies made at multiple levels of a system decomposed to multiple cooperating blocks. A hierarchical dependability model based on Markov chains allows each block and relations between these blocks to be expressed independently by Markov chains. This allows a decomposition of a complex dependability model into multiple small models to be made. The decomposed model is easier to read, understand and modify. A hazard rate is calculated significantly faster using hierarchical model, because the decomposition allows exponential calculation-time explosion to be avoided. The paper shows a method how to reduce Markov chains and use them to create hierarchical dependability models. An example study is used to demonstrate the advantages of the hierarchical dependability models (the decomposition of the complex model into multiple simple models and the speedup of the hazard rate calculation).

Petri Nets versus UML State Machines

Autoři
Kubátová, H.; Richta, K.; Richta, T.
Rok
2013
Publikováno
SDOT 2013. Praha: Vysoká škola manažerské informatiky a ekonomiky, a.s., 2013. p. 1-7. ISBN 978-80-86847-66-5.
Typ
Stať ve sborníku
Anotace
Petri nets are widely used for the specification of problems, in particular for describing concurrent systems. On the other hand, new versions of the UML specification precisely define the semantics of activity diagrams, and state machines, which can also be used to describe parallel systems. An interesting question is whether we can replace any Petri net machine by the state machine describing the same behavior, and vice versa.

Predictive Analysis of Mission Critical Systems

Autoři
Kubátová, H.; Daňhel, M.; Dobiáš, R.
Rok
2013
Publikováno
Proceedings of 16th Euromicro Conference on Digital System Design. Piscataway: IEEE Service Center, 2013. pp. 561-566. ISBN 978-0-7695-5074-9.
Typ
Stať ve sborníku
Anotace
This paper describes the analysis of dependability and predictive reliability. The proposed methodology is based on hierarchical models and the generally acclaimed standard MILHDBK 217F. The equipment is a real component of the railway interlocking system in Czech Republic. The equipment is designed for high dependability and with respect of disturbances caused by the near environment. A possible encapsulation using UML to model processes affecting the reliability is shown.

Predictive Analysis of Mission Critical Systems Dependability

Autoři
Daňhel, M.; Kubátová, H.; Dobiáš, R. D.
Rok
2013
Publikováno
Proceedings of 16th Euromicro Conference on Digital System Design. Piscataway: IEEE Service Center, 2013. ISBN 978-0-7695-5074-9.
Typ
Stať ve sborníku
Anotace
This paper describes the analysis of dependability and predictive reliability. The proposed methodology is based on hierarchical models and the generally acclaimed standard MIL-HDBK-217F. The equipment is a real component of the railway interlocking system in Czech Republic. The equipment is designed for high dependability and with respect of disturbances caused by the near environment. A possible encapsulation using UML to model processes affecting the reliability is shown.

Predikce a analýza spolehlivosti kritických systémů

Autoři
Daňhel, M.; Kubátová, H.; Dobiáš, R. D.
Rok
2013
Publikováno
Počítačové architektury a diagnostika - PAD 2013. Plzeň: Západočeská universita, Fakulta aplikovaných věd, 2013, pp. 69-74. ISBN 978-80-261-0270-0.
Typ
Stať ve sborníku
Anotace
Článek popisuje metodiku pro analýzu a predikci spolehlivosti. Navrhovaná metodika je založena na hierarchických modelech a vychází z normy MIL-HDBK-217F. Popisovaná metodika se uplatní zejména při analýze spolehlivosti drážních zabezpečovacích zařízení, kde se předpokládá jisté bezpečnostní doporučení upravené normou EN CSN 50126. Dále je nastíněno využití hierarchických modelů pro modelování se zálohou a využití provozní databáze spolehlivosti. V závěru je naznačen směr, kterým by se měla ubírat dizertační práce zabývající se právě garantovanou úrovní spolehlivosti a bezpečnosti.

Hierarchical Dependability Models Based on Markov Chains

Rok
2012
Publikováno
Počítačové architektury a diagnostika - PAD 2012. Praha: ČVUT v Praze, 2012, pp. 145-150. ISBN 978-80-01-05106-1.
Typ
Stať ve sborníku
Anotace
This paper presents the structure of the dissertation concerning two main topics. The first one is about the partial duplication - a method allowing the improvement of the fault coverage of the system based on dependable blocks implemented in FPGA (Field-programmable gate array). This method uses fault simulation to determine which part of the block that will be duplicated to obtain improvement of the fault security at the low overhead cost. The block-based design rewuires a dependability model able to make multiple levels of dependability improvements into account. There are models capable to deal with multiple levels of dependability imrpovements, but their capabatilies are limited. A new hierarchical models based on Markov chains are concerned as the second and the main topic of the dissertation thesis and this paper.

Metodologie pro analýzu rychlých síťových přenosů

Autoři
Kubátová, H.; Benáček, P.
Rok
2012
Publikováno
Počítačové architektury a diagnostika - PAD 2012. Praha: ČVUT v Praze, 2012, pp. 9-12. ISBN 978-80-01-05106-1.
Typ
Stať ve sborníku
Anotace
Tento článek pojednává o možnosti využití COMBO-LXT karty jako ethernetového testeru pro rychlosti vyšší jak 10Gb/s na platformě NetCOPE, která byla vytvořena v rámci projektu Liberouter a slouží pro rychlý vývoj síťových aplikací na programovatelných obvodech FPGA. Výhodou vytvořeného řešení je dosažení příznivé ceny, kdy si může vlastník COMBO-LXT karty vytvořit ethernetový tester například z Netflow sondy bez změny v infrastruktuře. Generátor paketů umožňuje vysílat data na síťové rozhraní přes dvě 10Gb/s linky z uloženého PCAP souboru v přesně definované časové okamžiky. Z pohledu budoucího rozvoje je zde také rozebrán vývoj v oblasti hardwarové akcelerace síťových aplikací.

Miscellaneous Types of Partial Duplication Modifications for Availability Improvements

Rok
2012
Publikováno
Proceedings of the 15th Euromicro Conference on Digital System Design. Los Alamitos: IEEE Computer Society Press, 2012, pp. 79-83. ISBN 978-0-7695-4798-5.
Typ
Stať ve sborníku
Anotace
This paper compares four different redundancy methods, which includes parity code, partial duplication and their combinations, with two standard methods (Duplex and Triple Module Redundancy). Two main attributes are observed: the Total size of system including overhead caused by redundancy addition and steady-state availability - dependability parameter defining the readiness for correct service of a system.

Reduction of Complex Safety Models based on Markov Chaints

Rok
2012
Publikováno
Proceedings of the 2012 IEEE 15th International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS). New York: IEEE Computer Society Press, 2012, pp. 183-186. ISBN 978-1-4673-1185-4.
Typ
Stať ve sborníku
Anotace
This paper presents a method how to reduce safety models based on Markov chains.The safety models is used to calculate the probability and rate of an event leading to the hazard state - situation, where safety of a modeled system is violated, so the system may cause material loss ot mortality. The reduction method allows us to prove that the rate of the event is sufficiently small hence the hazard state may be neglectede. The real safety model of railway station signaling and interlocking equipments is used as a case study.

Experiments with Physical Error Injection into FPGA Circuits

Autoři
Kubátová, H.; Vaňát, T.
Rok
2011
Publikováno
Proceedings of the Work in Progress Session - DSD 2011. Oulu: University of Oulu, 2011, pp. 35-36. ISBN 978-3-902457-30-1.
Typ
Stať ve sborníku
Anotace
Dependability parameters of FPGA chips, specially the SRAM-based ones, are still not so high, especially when using them in mission-critical applications. To prove or disprove this statement, we decide to make some experiments with real FPGA chips under extreme conditions and find out what really happens with the circuit when a single event upset occurs. This paper describes these experiments and their obtained and expected results.

Fault Models Usability Study for On-line Tested FPGA

Rok
2011
Publikováno
Proceedings of the 14th Euromicro Conference on Digital System Design. Los Alamitos: IEEE Computer Society Press, 2011, pp. 287-290. ISBN 978-0-7695-4494-6.
Typ
Stať ve sborníku
Anotace
FPGAs are susceptible to many environment effects that can cause soft errors (errors which can be corrected by the reconfiguration ability of the FPGA). Two different fault models are discussed and compared in this paper. The first one - Stuck-at model - is widely used in many applications and it is not limited to the FPGAs. The second one - Bit-flip model - can affect SRAM cells that are used to configure the internal routing of the FPGA and to set up the behavior of the Look-Up Tables (LUTs). The change of the LUT behavior is the only Bit-flip effect considered in this paper. A fault model analysis has been performed on small example designs in order to find the differences between the fault models. This paper discusses the relevance of using two types of models Stuck-at and Bit-flip with respect to the dependability characteristics Fault Security (FS) and Self-Testing (ST). The fault simulation using both fault models has been performed to verify the analysis

Fault-tolerant and fail-safe design based on reconfiguration

Rok
2011
Publikováno
Design and Test Technology for Dependable Systems-on-Chip. Hershey, Pennsylvania: IGI Global, 2011. p. 175-194. ISBN 978-1-60960-212-3.
Typ
Kapitola v knize
Anotace
The main aim of this chapter is to present the way, how to design fault-tolerant or fail-safe systems in programmable hardware (FPGAs) and therefore to use FPGAs in mission-critical applications, too. RAM based FPGAs are usually taken for unreliable due to high probability of transient faults (SEU) and therefore inapplicable in this area. But FPGAs can be easily reconfigured. Our aim is to utilize appropriate type of FPGA reconfiguration and to combine it with well-known methods for fail-safe and fault-tolerant design (duplex, TMR) including on-line testing methods for fault detection and then startup of the reconfiguration process. Dependability parameters' calculations based on reliability models is integral part of proposed methodology. The trade-off between the requested level of dependability characteristics of a designed system and area overhead with respect to FPGA possible faults is main property and advantage of proposed methodology.

Impact of FPGA Technology Process on Depandability of Counters

Autoři
Kubátová, H.; Vít, P.
Rok
2011
Publikováno
Proceedings of the Work in Progress Session - DSD 2011. Oulu: University of Oulu, 2011, pp. 33-34. ISBN 978-3-902457-30-1.
Typ
Stať ve sborníku
Anotace
This paper discusses a technology and a structure of FPGAs. Our aim is to design dependable systems. Most of them are based on FPGAs, because of shorter time to market, easy designing of complex circuits and lower price in comparison to ASIC. Consequently our research is aimed to using FPGAs, in which the security is given by hardware organization and due to this is higher than on PC based devices.

Methods of hierarchical reliability block diagrams in the program SHAMAP

Rok
2011
Publikováno
Proceedings of the Work in Progress Session - DSD 2011. Oulu: University of Oulu, 2011. pp. 31-32. ISBN 978-3-902457-30-1.
Typ
Stať ve sborníku
Anotace
The article discusses the reliability of hierarchical models, based on reliability block models. It describes the design methodology of hierarchical block models. At the same time introduced a program SHAMAP, which evolves according to the methodology. Hierarchical models can simplify the design, because they can be mutually nested. The blocks can be nested and different reliability models.

Self Repair Architectures Based on Partial Dynamic and Static Reconfiguration

Autoři
Rok
2011
Publikováno
Proceeding of the 7th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science. Brno: Brno University of Technology, 2011, pp. 11-18. ISBN 978-80-214-4305-1.
Typ
Stať ve sborníku
Anotace
This paper deals with a description of the method, how to increase dependability parameters (safety and reliability) of a system based on programmable hardware (FPGAs). This paper combines Concurrent Error Detection (CED) techniques, FPGA dynamic reconfigurations and our Modified Duplex System (MDS) architecture. The methodology is developed with respect to minimal area overhead and possible future low-power SoC (System on a chip) design. Our proposed methodology is great intended for practical applications, therefore our methodology is evaluated by safety railway station system. It is aimed especially for modular systems. The method is based on static and partial dynamic reconfiguration of totally self-checking blocks. The type and size of blocks to reconfigure depends on the used architecture and on the particular construction of a safety device for the particular railway station.

SEU Experiments Using Real FPGAs

Autoři
Kubátová, H.; Vaňát, T.
Rok
2011
Publikováno
POSTER 2011 - 15th International Student Conference on Electrical Engineering. Praha: České vysoké učení technické v Praze, Fakulta elektrotechnická, 2011, ISBN 978-80-01-04806-1.
Typ
Stať ve sborníku
Anotace
Dependability parameters of FPGA chips, specially the SRAM-based ones, are still not so high, especially when using them in mission-critical applications. To prove or disprove this statement, we decide to make some experiments with real FPGA chips under extreme conditions and find out what really happens with the circuit when a single event upset occurs. This paper describes these experiments and their obtained and expected results.

Using Decomposition to Create Fault Secure Counters of the Railway Station Safety Device

Autoři
Kubátová, H.; Vít, P.
Rok
2011
Publikováno
POSTER 2011 - 15th International Student Conference on Electrical Engineering. Praha: České vysoké učení technické v Praze, Fakulta elektrotechnická, 2011, pp. 1-5. ISBN 978-80-01-04806-1.
Typ
Stať ve sborníku
Anotace
This submission summarizes partial results of my work on the railway station safety device. The proposed electronic circuit simulates the coverage of single event upsets and is based on partial results from the diploma thesis. It describes properties of possible system decomposition with respect to dependability and reliability issues. The paper shows reliability parameters of counters and advantage of dividing wide counters into a few less wide counters.

Dependable Interconnection of Dependable Blocks

Rok
2010
Publikováno
Proceedings of the Work in Progress Session SEAA 2010 and DSD 2010. Linz: Johannes Kepler University, 2010, pp. 17-18. ISBN 978-3-902457-27-1.
Typ
Stať ve sborníku
Anotace
This paper presents future work, which the main goal is to find a solution for interconection between reconfigurable blocks and keep fault secure parameters. Described method will use a partial reconfiguration to obtain self-repair ability. Our concept will be proved on a practical problem, which is implementing the railway station system in the FPGA.

Faults Coverage Improvement based on Fault Simulation and Partial Duplication

Rok
2010
Publikováno
Proceedings of the 13th Euromicro Conference on Digital System Design. Los Alamitos: IEEE Computer Society Press, 2010. pp. 380-386. ISBN 978-0-7695-4171-6.
Typ
Stať ve sborníku
Anotace
A method how to improve the coverage of single faults in combinational circuits is proposed. The method is based on Concurrent Error Detection, but uses a fault simulation to find Critical points - the places, where faults are difficult to detect. The partial duplication of the design with regard to these critical points is able to increase the faults coverage with a low area overhead cost. Due to higher fault coverage we can increase the dependability parameters. The proposed modification is tested on the railway station safety devices designs implemented in the FPGA.

How to Measure Dependability Parameters of Programmable Digital Circuits - A Survey

Rok
2010
Publikováno
6th Doctoral Workshop on Mathematical and Engineering Methods in Computer Science. Brno: NOVPRESS, 2010, pp. 28-35. ISBN 978-80-87342-10-7.
Typ
Stať ve sborníku
Anotace
Our aim is to create a methodology for FPGA industrial applications with respect to area, speed, power consumption and reliability optimizations (both fail safe and fault-tolerant). We take into account different types of faults, the way they affect the circuit (Single Event Upset, Single Event Latchup, Delay faults etc.) and their injection into design (insertion into bitstream, edif, behavioral description or saboteur method). We need to create formal dependability models that are able to model mentioned faults and reconfifiguration ability of FPGAs. We use well-known Markov Chains and Stochastic Petri nets. The usage of both types of models is similar and they are mutually convertible. This paper describes the main problems how to obtain relevant and comparable results.

Model of Modular Secured Designs for Calculations of Availability

Rok
2010
Publikováno
Proceedings of the Work in Progress Session SEAA 2010 and DSD 2010. Linz: Johannes Kepler University, 2010, pp. 15-16. ISBN 978-3-902457-27-1.
Typ
Stať ve sborníku
Anotace
A method how to calculate the steady-state availability of designs composed of two cooperating secured modules is proposed. Our main goal is to create a dependability model that is able to be used to describe designs containing cooperating secured reconfigurable modules.

Reconfiguration Strategy for FPGA Dependability Characteristics Improvement based on Stochastic Petri Net

Rok
2009
Publikováno
Proc. of 4th Descrete-Event System Design. Valencia: University of Valencia, 2009, pp. 253-257. ISBN 978-3-902661-69-2.
Typ
Stať ve sborníku
Anotace
This paper shows the impact of the trade-off between reconfigurable and non-reconfigurable parts of the FPGA to the dependability characteristics of the whole design. Stochastic Petri nets have been used to compute reliability and dependability characteristics in a simple FPGA design with dynamically reconfigurable modules. Some parts of the design are not possible or proper to reconfigure dynamically (e.g. module interconnections, module-pin connections...). A non-reconfigurable overhead may have a significant effect to the availability of the design. The granularity of reconfigurable parts and their number can also affect dependability parameters. The method how to enumerate these effects via a formal dependability model is shown in this paper.

Reliable Railway Station System based on Regular Structure implemented in FPGA

Rok
2009
Publikováno
Proc. of 12th EUROMICRO Conference on Digital System Design. Los Alamitos: IEEE Computer Society, 2009. pp. 348-354. ISBN 978-0-7695-3782-5.
Typ
Stať ve sborníku
Anotace
The method how to design a safety device of railway station efficiently and scalable is proposed. The safety device for any configuration of railway station can be built from five basic blocks. These basic blocks are connected together with universal interface. Each block is based on a finite state machine. The finite state machines are "Moore" type. Each state machine is divided into three basic parts, where each part is designed as a self-checking circuit ensuring fault detection. Our methodology is intended for final implementation in FPGA and hence SEU faults occurring in the system is assumed.

Single Event Upset Tolerant FPGA Design

Autoři
Kubátová, H.; Kvasnička, J.
Rok
2009
Publikováno
Proceedings of the Work in Progress Session SEAA 2009 and DSD 2009. Linz: J. Kepler University - FAW, 2009, pp. 37-38. ISBN 978-3-902457-25-7.
Typ
Stať ve sborníku
Anotace
This paper summarizes previous work, which observed a design resistance against a single-bit error in bitstream. Created software tools allow to analyze the bitstream and to calculate its SEU sensitiveness. As a second step, the analysis can be verified by the hardware emulator, which gives reasonable data for reliability computation.

Teaching Principles of Petri Nets in Hardware Courses and Student' Projects

Autoři
Rok
2009
Publikováno
Handbook of Research on Discrete Event Simulation Environments: Technologies and Applications. Hershey: Information science Reference, 2009. p. 178-190. vol. 1. ISBN 978-1-60566-774-4.
Typ
Kapitola v knize
Anotace
Chapter 8, Teaching Principles of Petri Nets in Hardware Courses and Student's Projects, presents the principles of using Petri Net formalism in hardware design courses, especially in the course "Architecture of peripheral devices". Several models and results obtained by student individual or group projects are mentioned. First the using of formalism as a modeling tool is presented consecutively from Place/Transition nets to Coloured Petri nets. Then the possible Petri Nets using as a hardware specification for direct hardware implementation (synthesized VHDL for FPGA) is described. Implementation and simulation results of three directly implemented models are presented.