Presentation Schedule Thursday, September 19, 2019

Room: R2-141 13:05-17:00

Examination Committee: Adnan Causevic, Barbara Gallina, Marjan Sirjani, Daniel Sundmark

13:05 - 13:45



Modeling security implications on safety in Rebeca

Aleksandar Matovic

Advisor: Aida Causevic, Elena Lisova

Examiner: Marjan Sirjani


Security is widely considered to be one of the most important parts of the system, it has been clear that in order to achieve optimal security level, safety aspect needs to be tightly connected as well. Therefore, in this research, we analyzed the security aspects of an industrial robot arm system as an example of the system with safety-critical properties. This thesis aims to explore how security and safety aspect is connected and to analyze potential security implications on the safety-critical aspects of the system and possibly prevent severe implications on system security. To design the safety aspect of the system and incorporate security attacks we used Rebeca version called Timed Rebeca for purpose of analyzing timing requirements within the robot arm function execution. Rebeca has proven to be reliable and useful when it comes to designing security issues and real-time requirements as well. To fully understand these issues and present findings we conducted extensive literature survey concerning existing work in the topic of security and model-checking approaches. For conducting this literature survey we have been inspired by well known B. Kitchenham approach regarding systematic literature review. During the first stage of the investigation, we got 18892 papers within all relevant digital databases. In the final stage, we identified 43 highly relevant papers and their essential information are briefly described. Throughout the research, we mostly focus on security analysis of system properties if the physical access to the system is already gained. However, we investigate existing publication within frequently used industrial control systems (ICS) security protocols in order to show how malicious user first can gain physical access to the system and then manipulate the values without being detected by providing the false values to the system. Furthermore, we choose two robot arm functions. Stand Stand Supervision function is used for guaranteeing that the robot is in standing still mode. Control Error Supervision as a central part of the safety concept since is used in order to ensure that reference and the measured position are coordinated. We choose these two functions due to its crucial importance for the safety-critical aspect of robot arm system and by manipulating its provided values to the system we have more chance to jeopardize safety-critical aspect damage to the system. Our attacks scenarios are based on the man-in-a-middle attack which is proven to be most successful within ICS context as well. In order to possible effectively prevent or mitigate these attacks, we proposed a redundant mechanism for the sensitive functions that are responsible for robot movement.

13:50 - 14:35



A Comparative Analysis of Argumentation Languages in the Context of Safety Case Development

Sirishabai Govardhanrao

Advisor: Faiz UL Muram, Jan Gustafsson

Examiner:  Barbara Gallina


"The safety case creation has become an explicit requirement in most of the safety-critical domains to ensure the safety of a system or an application. In the process of developing a safety case the foremost requirement is choosing an efficient argumentation language which fulfills all the functionalities needed to develop a safety case.

In general, there are text-based argumentation notations and graphics-based argumentation notations to represent a safety case. In this paper we are comparing and analyzing the graphics-based argumentation notations like Goal Structuring Notations (GSN), Claims Arguments and Evidence (CAE), Structured Assurance Case Metamodel (SACM, the standardized modeling language to describe the safety case), NOR-STA Services (software platform which supports graphics-based notations), Resolute (which is both language and tool that supports graphics-based notations) and Dynamic Safety Cases (special type of safety case which supports graphics-based notations).

In this paper, we compared the argumentation notations with respect to different aspects in the context of safety case development. We present our findings like the types of stakeholders gaining benefits from different types of notations, the list of domains where these types of notations are applicable. We also presented the major advantages and disadvantages of using different argumentation notations."

14:40 - 15:15




Zaid Abed Jaser; Osamah Haitham Sabhan Al-Braichi

Advisor: Daniel Sundmark

Examiner: Adnan Causevic


Most of the hardware products today, especially those that people interact with, are controlled by software. There are many devices with inbuilt software which many people do not bother to notice. Software may be critical in terms of strict quality requirements due to failures which enable risks of endangering the production and more importantly the lives of people. The testing team of Westermo Network Technologies AB faced a challenge with not being able to identify the coverage of tested cases in software. Identifying the coverage of total executed test cases enables the possibility of knowing the potential future quality of a software. By reaching such a stage a software will likely not suffer from failures due to higher quality, therefore the lives of people and the production at stake will not get harmed. The essential problem is that test cases are both tested and skipped, which makes it more difficult for the company to identify what has been actually tested and skipped. The purpose of this thesis is to identify and calculate the coverage of test cases, the process was mainly to understand the essence in the identification of executed test cases. The ethical aspect of putting people's lives at stake is what inspired us to investigate software failures. Software is typically tested before a release, therefore our investigation was to research testing process of software. When investigating test result over many days and test systems we developed a coverage calculator system which helps Westermo to decide and determine the release of tested software, either the software test result is acceptable for a release or not.

14:15 - 15:30


15:30 - 16:15



Using Autonomous Agents for Software Testing Based on JADE

Adlet Nyussupov

Advisor: Eduard Enoiu, Mirgita Frasheri

Examiner: Daniel Sundmark


The thesis work describes the development of a multiagent testing application (MTA) based on an agent approach for solving challenges in regression testing domain, such as: reducing the complexity of testing, optimizing the time consumption, increasing the efficiency and implementing the automation of this approach for regression testing. All these challenges related to effectiveness and cost, can be represented as measures of achieved code coverage and number of test cases created. A multiagent approach is proposed in this thesis since it allows the implementation of the autonomous behaviour and optimizes the data processing in a heterogeneous environment. In addition, the agent-based approach provides flexible design methods for building multitask applications and conducting parallel task execution. However, all of these advantages of using an agent-based approach need to be investigated in the regression testing domain for realistic scenarios. Therefore, a hypothesis was formulated in order to investigate the efficiency of the MTA approach using an experiment as the main research method for obtaining results. The thesis includes a comparison analysis between the MTA and well-known test case generation tools (i.e. EvoSuite and JUnitTools) for identifying the differences in terms of efficiency and code coverage achieved. The comparison results showed advantages of the MTA within regression testing context due to optimal level of code coverage and test cases. The outcome of the thesis work moves toward solving the aforementioned problems in regression testing domain and shows some advantages of using the multagent approach within regression testing context.

Room: R2-205 13:15-17:00

Examination Committee: Mats Björkman, Mobyen Uddin, Antonio Cicchetti, Björn Lisper

13:15 - 13:45



Fieldbus Communication: Industry Requirements and Future Projection

Erik Viking Niklasson

Advisor:  Elisabeth Uhlemann

Examiner: Mats Björkman


Fieldbuses are defined as a family of communication media specified for industry application. They usually interconnect embedded systems. Embedded systems exist everywhere in modern worlds, they are included in simple personal technology as well as the most advanced spaceships. They aid in producing specific task often with the purpose to make a greater system function. These kinds of implementations put high demands on communication media. For a media to be applicable it has to reach certain requirements. Systems in industry practice react on real-time events or depend on consistent timing. All kinds are time sensitive in their way. Failing to complete a task could lead to irriation in slow mobile phones, or catastrophic events in failing nuclear reactors. Fieldbuses are optimized for this usage. This thesis aims to research fieldbus theory and connect it to industry practice. Through interviews, requirements put on industry are explored and utilization of specific fieldbuses assessed. By asking companies, guidliens are put forward into what fieldbus techniques are relevant to study in preparation for future work in the field. A discussion is held, analysing trends in, and synergy between, state of art and state of practice. A strong momentum is identified. The traditional communication media Ethernet, not orginaly intended for time-sensitive industry appliances, are expanding throughout the field, both in practice and research. It is mainly motivated through benefits of somewhat lesser technical signifance. An upstream of methods have emarge trying to optimize Ethernet for real-time purposes, with all resulting in some drawback. In the of this paper, the large-scale trend of Real Time Ethernet is questioned in terms of effectiveness and sustainability.

13:50 - 14:35




Rasmus Blomstrand; Daniel Jansson

Advisor: Shaibal Barua, Shahina Begum

Examiner: Mobyen Uddin


Since the creation of assembly lines back in the beginning of the 20th century, a constant strive to ease the work done in the manufacturing process has been a goal for many factories. Coming into the 21th century, a step further has been taken to try and automate the manufacturing processes even further to minimise the risk of human errors and the injuries in said factories. Among all different areas of manufacturing, one company focuses on the manufacturing of PTUs. The PTUs are manufactured at a rate that if 1 % were faulty than it would result up to a total of 12000 faulty units a year. This thesis proposes a method to possibly reduce the number of faulty PTUs by having machine learning methods predict, through regression, new values for the computation of shims which aligns the cogs in the PTUs, and this within real-time requirements specified by the company. Additionally, this thesis proposes machine learning methods which can classify on the given data in an attempt to help the company foreseeing faulty PTUs before they are assembled, so that the company can automate their assembly line. A graphical user interface is presented for making the usage of the implemented models in this thesis easier. This thesis presents evidence and validation that said methods can make an increased automation achievable for the company. This thesis lays ground for future research and development of automated manufacturing processes regarding PTUs.

14:40 - 15:25



Automating Integration-Level Test Case Generation for Object-Oriented .Net Applications

Mehdi Qorbanpur

Advisor: Mehrdad Saadatmand

Examiner: Antonio Cicchetti


In spite of introducing many techniques and tools, nowadays still most of software testings are done manually. This means spending more cost and time, and increasing the possibility of bugs.öIn addition, by the emergence of new distributed development environments and agile methodologies in recent years, the process of software development has considerably speeded-up, and as a consequence, the concept of DevOpsöincluding continuous integration and continuous delivery (CI/CD) has become important more and more. In this context, automatically generation and execution of test cases, specially at integration level has been getting software specialistsö attention more than before; so as to improve the scalability of test process. While many tools have been created for automating Unit Testing in industry, the Integration Testing automation, because of its complexity, has always been a challenge in software engineering and no automation tool has been used in industry for testing at this level. In this thesis, an automated solution for integration-level test-case generation for .Net application was provided. Its test-case generation is technically based on a combination of data-flow analysis and object-oriented concepts such as coupling, and it was implemented by the newly presented .Net compiler named Roslyn. At the next step, the quality of generated test cases was evaluated by examining the solution on a couple of C# projects as benchmarks and confronting the results to 10 mostly-used Integration-Level Mutation Operators (, which are specific to Object-Oriented applications). Despite some limitations such as not taking all object-oriented aspects of tested code (e.g. inheritance) into account in the implementation, by considering the reflection of most interface mutations on the generated test paths, and the average execution times, the proposed algorithm showed promising potentials of acceptable coverage on integration-specific parts of code with a reasonable performance. At the end, based on Coupling-Based Analysis, and applicable Roslyn features, a comprehensive automated integration testing (both generation and execution) are proposed as future works.

15:30 - 16:15




Efficient Generation of Mutants for Testing Execution Time.

Mohammed Z. B. Abuayyash; Mohammed M. Z. Abusamaan

Advisor: MehrdadSaadatmand; PasqualinaPotena

Examiner: Björn Lisper


The process of testing programs and software is one of the most critical phases during the development process, for validating and verifying the program's behaviours. Therefore, several techniques proposed for this purpose, such as Mutation testing which considered as one of the most essential and powerful testing techniques for this purpose; form another side, it is also considered computationally expensive. Therefore, different methods and techniques proposed to enhance Mutation testing and minimise their costs. In this thesis, we are investigating in Targeted Mutation, which is a fault-based testing technique where differences of a software program are subjected to the suitcases. Therefore, Mutation testing focus on creating a robust test suite for specific parts of the program for testing non-functional properties such as security, performance, reliability, availability, robustness, efficiency, scalability, and fault-tolerance for determining the most efficient and effective test set. During the experiments, we showed how Targeted Mutation generating a suitable test suite for estimating WCET, by using code slicing to focus on the specific parts included in the internal code which have the most effects of the program execution time.