Publications

This report describes the architectural design for a high fidelity simulation of a refinery and refinery burner, including demonstrations of impacts to the refinery if errors occur during the refinery process. The refinery burner model and simulation are a part of the capabilities within the Sandia National Laboratories Virtual Control System Environment (VCSE). Three components comprise the simulation: HMIs developed with commercial SCADA software, a PLC controller, and visualization software. All of these components run on different machines. This design, documented after the simulation development, incorporates aspects not traditionally seen in an architectural design, but that were utilized in this particular demonstration development. Key to the success of this model development and presented in this report are the concepts of the multiple aspects of model design and development that must be considered to capture the necessary model representation fidelity of the physical systems.

Abstract not provided.

This paper describes a new hybrid modeling and simulation architecture developed at Sandia for understanding and developing protections against and mitigations for cyber threats upon control systems. It first outlines the challenges to PCS security that can be addressed using these technologies. The paper then describes Virtual Control System Environments (VCSE) that use this approach and briefly discusses security research that Sandia has performed using VCSE. It closes with recommendations to the control systems security community for applying this valuable technology.

This report documents a prototype tool developed to investigate the use of visualization and virtual reality technologies for improving software surety confidence. The tool is utilized within the execution phase of the software life cycle. It provides a capability to monitor an executing program against prespecified requirements constraints provided in a program written in the requirements specification language SAGE. The resulting Software Attribute Visual Analysis Tool (SAVAnT) also provides a technique to assess the completeness of a software specification.

This report documents a prototype tool developed to investigate the use of visualization and virtual reality technologies for improving software surety confidence. The tool is utilized within the execution phase of the software life cycle. It provides a capability to monitor an executing program against prespecified requirements constraints provided in a program written in the requirements specification language SAGE. The resulting Software Attribute Visual Analysis Tool (SAVAnT) also provides a technique to assess the completeness of a software specification. The prototype tool is described along with the requirements constraint language after a brief literature review is presented. Examples of how the tool can be used are also presented. In conclusion, the most significant advantage of this tool is to provide a first step in evaluating specification completeness, and to provide a more productive method for program comprehension and debugging. The expected payoff is increased software surety confidence, increased program comprehension, and reduced development and debugging time.

A strategic surety roadmap for high consequence software systems under the High Integrity Software (HIS) Program at Sandia National Laboratories guides research in identifying methodologies to improve software surety. Selected research tracks within this roadmap are identified and described detailing current technology and outlining advancements to be pursued over the coming decade to reach HIS goals. The tracks discussed herein focus on Correctness by Design, and System Immunology{trademark}. Specific projects are discussed with greater detail given on projects involving Correct Specification via Visualization, Synthesis, & Analysis; Visualization of Abstract Objects; and Correct Implementation of Components.

A programming tool has been developed to allow detailed analysis of Fortran programs for massively parallel architectures. The tool obtains counts for various arithmetic, logical, and input/output operations by data types as desired by the user. The tool operates on complete programs and recognizes user-defined and intrinsic language functions as operations that may be counted. The subset of functions recognized by the tool, STOPCNTR, can be extended by altering the input data sets. This feature facilitates analysis of programs targeted for different architectures. The basic usage and operation of the tool is described along with the more important data structures and more interesting algorithmic aspects before identifying future directions in continued development of the tool and discussing STOPCNTR`s inherent advantages and disadvantages.