COMPLIANCE METHOD FOR A CYBER-PHYSICAL SYSTEM
First Claim
Patent Images
1. A method of adjusting a cyber-physical system having a plurality of components, said method comprising:
- (a) describing each of said plurality of components and defining at least one compliance penalty as a quality associated with at least one component of said plurality of components wherein said compliance penalty results from said at least one component being noncompliant with a compliance requirement;
(b) defining an initial state for said cyber-physical system;
(c) generating a set of paths, wherein each path comprises at least one event necessary for transition from said initial state to an end state, which transition can include passage through one or more intermediate states in transit from said initial state to said end state;
(d) identifying a set of violation paths from said set of paths where each violation path contains at least one violation state in which said at least one component is noncompliant with said compliance requirement;
(e) identifying said compliance penalty associated with said violation state; and
(f) adjusting said cyber-physical system to prevent said compliance penalty.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides for analysis of cyber-physical systems with relation to compliance requirements such as regulatory compliance, maintenance compliance and safety compliance. Generally, the invention provides for a set of paths from an initial state to an end state, and analyzing the paths to determine which ones contain a violation state. Based on the resultant paths test scripts are generated. Additionally, other compliance related procedures can be performed utilizing the path analysis.
29 Citations
30 Claims
-
1. A method of adjusting a cyber-physical system having a plurality of components, said method comprising:
-
(a) describing each of said plurality of components and defining at least one compliance penalty as a quality associated with at least one component of said plurality of components wherein said compliance penalty results from said at least one component being noncompliant with a compliance requirement; (b) defining an initial state for said cyber-physical system; (c) generating a set of paths, wherein each path comprises at least one event necessary for transition from said initial state to an end state, which transition can include passage through one or more intermediate states in transit from said initial state to said end state; (d) identifying a set of violation paths from said set of paths where each violation path contains at least one violation state in which said at least one component is noncompliant with said compliance requirement; (e) identifying said compliance penalty associated with said violation state; and (f) adjusting said cyber-physical system to prevent said compliance penalty. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of systematically identifying compliance issues in a cyber-physical system having a plurality of components, said method comprising:
-
(a) constructing a compliance requirement model for said cyber-physical system including describing each of said plurality of components, defining at least one compliance penalty as a quality associated with at least one component of said plurality of components, defining at least one operational rule as an event, and defining at least one compliance violation as an event, wherein said compliance penalty results from said at least one component being noncompliant with a compliance requirement, wherein said compliance penalties are selected from said group consisting of fines, regulatory penalties, legal sanctions and shutdowns, and wherein said compliance requirements are selected from said group consisting of safety requirements, maintenance requirements and regulatory requirements; (b) defining an initial state for said cyber-physical system; (c) performing the following computer implemented steps; (i) generating a set of paths utilizing said compliance requirement model, wherein each path comprises at least one event necessary for transition from said initial state to an end state, which transition can include passage through one or more intermediate states in transit from said initial state condition to said end state; (ii) identifying a set of violation paths from said set of paths where each violation path contains at least one violation state in which said at least one component is noncompliant with said compliance requirement; and (iii) identifying said compliance penalty associated with said violation state; and (d) adjusting said cyber-physical system to prevent said compliance penalty.
-
-
11. A method of generating test scripts for compliance in a cyber-physical system comprising:
-
(a) generating a hybrid compliance graph utilizing at least one compliance penalty as a quality of a component of said cyber-physical system;
at least one operational rule as an event and at least one compliance violation as an event, wherein said compliance penalty results from said component being noncompliant with a compliance requirement;(b) searching said hybrid compliance graph for a path from an initial state to a violation state selected from a group of violation states where, for each violation state in said group, said component is noncompliant with said compliance requirement; (c) if said path is found in step (b), adding said path to a list of violation scenarios; (d) repeating steps (b) through (c) for each violation state in said group of violation states; and (e) generating test scripts from said list of violation scenarios. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A computer implemented method of checking the validity of a compliance test for a cyber-physical system comprising:
-
(a) generating a hybrid compliance graph utilizing at least one compliance penalty as a quality of a component of said cyber-physical system, at least one operational rule as an event, at least one compliance violation as an event, and at least one test condition as an event, wherein said compliance penalty results from said component being noncompliant with a compliance requirement and wherein said at least one test condition is associated with said compliance test for said cyber-physical system; (b) searching said hybrid compliance graph for a path from an initial state to a violation state associated with said compliance test; and (c) determining whether said compliance test is valid based on said existence of said path. - View Dependent Claims (21, 22, 23)
-
-
24. A method of changing a first component of a cyber-physical system comprised of components, which includes said first component and a plurality of other components, and a set of connections between said components, said method comprising:
-
(a) identifying said first component in said cyber-physical system; (b) generating a hybrid compliance graph utilizing at least one operational rule as an event, and at least one compliance violation as an event, wherein said operational rules are at least partially based on operational changes resulting from changing said first component; (c) searching said hybrid attack graph for a path from an initial state to a violation state associated with changing said first component; and (d) if said path is found, adjusting said cyber-physical system so that said violation state will not occur. - View Dependent Claims (25, 26)
-
-
27. A method of generating a hybrid compliance graph for a cyber-physical system having a plurality of components, said method comprising:
-
(a) describing each of said plurality of components and defining at least one compliance penalty as a quality associated with at least one component of said plurality of components and wherein said compliance penalty results from said at least one component being noncompliant with a compliance requirement; (b) defining an initial state for said cyber-physical system; (c) generating a set of paths, wherein each path comprises at least one event necessary for transition from said initial state to an end state, which transition can include passage through one or more intermediate states in transit from said initial state to said end state; (d) identifying a set of violation paths from said set of paths where each said violation path contains a violation state in which said at least one component is noncompliant with said compliance requirement; (e) generating from said set of paths a hybrid compliance graph illustrating said paths from said initial state to said violation state. - View Dependent Claims (28, 29, 30)
-
Specification