Sara Tucci-Piergiovanni

Zaynah Dargaye, Önder Gürcan, Florent Kirchner et al.

Distributed immutable ledgers, or blockchains, allow the secure digitization of evidential transactions without relying on a trusted third-party. Evidential transactions involve the exchange of any form of physical evidence, such as money, birth certificate, visas, tickets, etc. Most of the time, evidential transactions occur in the context of complex procedures, called evidential protocols, among physical agents. The blockchain provides the mechanisms to transfer evidence, while smart contracts - programs executing within the blockchain in a decentralized and replicated fashion - allow encoding evidential protocols on top of a blockchain. As a smart contract foregoes trusted third-parties and runs on several machines anonymously, it constitutes a highly critical program that has to be secure and trusted-by-design. While most of the current smart contract languages focus on easy programmability, they do not directly address the need of guaranteeing trust and accountability, which becomes a significant issue when evidential protocols are encoded as smart contracts.

Önder Gürcan, Nataliya Yakymets, Sara Tucci-Piergiovanni et al.

Failure Mode, Effects and Criticality Analysis (FMECA) is one of the safety analysis methods recommended by most of the international standards. The classical FMECA is made in a form of a table filled in either manually or by using safety analysis tools. In both cases, the design engineers have to choose the trade-offs between safety and other development constraints. In the case of complex cyber-physical systems (CPS) with thousands of specified constraints, this may lead to severe problems and significantly impact the overall criticality of CPS. In this paper, we propose to adopt optimization techniques to automate the decision making process conducted after FMECA of CPS. We describe a multi-agent based optimization method which extends classical FMECA for offering optimal solutions in terms of criticality and development constraints of CPS.

Pierre-Yves Piriou, Olivier Boudeville, Gilles Deleuze et al.

In the industry, blockchains are increasingly used as the backbone of product and process traceability. Blockchain-based traceability participates in the demonstration of product and/or process compliance with existing safety standards or quality criteria. In this perspective, services and applications built on top of blockchains are business-critical applications, because an intended failure or corruption of the system can lead to an important reputation loss regarding the products or the processes involved. The development of a blockchain-based business-critical application must be then conducted carefully, requiring a thorough justification of its dependability and security. To this end, this paper encourages an engineering perspective rooted in well-understood tools and concepts borrowed from the engineering of safety-critical systems. Concretely, we use a justification framework, called CAE (Claim, Argument, Evidence), by following an approach based on assurance cases, in order to provide convincing arguments that a business-critical blockchain-based application is dependable and secure. The application of this approach is sketched with a case study based on the blockchain HYPERLEDGER FABRIC.

Zaynah Dargaye, Antonella Pozzo, Sara Tucci-Piergiovanni

The paper presents Pluralize a formal logical framework able to extend the execution of blockchain transactions to events coming from external oracles, like external time, sensor data, human-made declarations, etc. These events are by essence non-reliable, since transaction execution can be triggered by information whose veracity cannot be established by the blockchain. To overcome this problem, the language features a first-order logic and an authority algebra to allow formal reasoning and establish accountability of agents for blockchain-enabled transactions. We provide an accountability model that allows to formally prove the accountability of agents by a formal proof locally executable by each agent of the blockchain.