{"id":1516,"date":"2017-04-08T21:38:37","date_gmt":"2017-04-08T12:38:37","guid":{"rendered":"https:\/\/se.is.kit.ac.jp\/?post_type=jetpack-portfolio&p=1516"},"modified":"2017-09-21T11:51:41","modified_gmt":"2017-09-21T02:51:41","slug":"log-analysis-cps","status":"publish","type":"jetpack-portfolio","link":"https:\/\/se.is.kit.ac.jp\/\/portfolio\/log-analysis-cps\/","title":{"rendered":"(English) Log analysis of cyber physical systems"},"content":{"rendered":"
\n

Detecting anomalies of a cyber physical system (CPS), which is a complex system consisting of both physical and software parts, is important because a CPS often operates autonomously in an unpredictable environment.
\nHowever, because of the ever-changing nature and lack of a precise model for a CPS, detecting anomalies is still a challenging task.
\nTo address this problem, we propose applying an outlier detection method to a CPS log.
\nBy using a log obtained from an actual aquarium management system, we evaluated the effectiveness of our proposed method by analyzing outliers that it detected.
\nBy investigating the outliers with the developer of the system, we confirmed that some outliers indicate actual faults in the system.
\nFor example, our method detected failures of mutual exclusion in the control system that were unknown to the developer.
\nOur method also detected transient losses of functionalities and unexpected reboots.
\nOn the other hand, our method did not detect anomalies that were too many and similar.
\nIn addition, our method reported rare but unproblematic concurrent combinations of operations as anomalies.
\nThus, our approach is effective at finding anomalies, but there is still room for improvement.<\/p>\n

Open Data<\/h3>\n

A log of CPS system, Aqua-tan, recorded from the beginning of system operation.
\nThe log files contain id, timestamp, label, numeric value, and text value.
\nThe “label” column denotes commands and events of Aqua-tan system.<\/p>\n

This data is analyzed in our paper in IWESEP2017[1].<\/p>\n