Antonio Casimiro

• PhD
• Professor (Associate) at University of Lisbon

The Mixture-of-Experts (MoE) model has succeeded in deep learning (DL). However, its complex architecture and advantages over dense models in image classification remain unclear. In previous studies, MoE performance has often been affected by noise and outliers in the input space. Some approaches incorporate input clustering for training MoE models...

The rapid development of artificial intelligence (AI) and breakthroughs in Internet of Things (IoT) technologies have driven the innovation of advanced autonomous driving systems (ADSs). Image classification deep learning (DL) algorithms immensely contribute to the decision-making process in ADSs, showcasing their capabilities in handling complex r...

Due to the increasing performance demands of missionand safety-critical Cyber-Physical Systems (of Systems), these systems exhibit a rapidly growing complexity, manifested by an increasing number of (distributed) computational cores and application components connected via complex networks. However, with these systems' growing complexity and interc...

Deep neural networks (DNNs) have demonstrated promising performances in handling complex real-world scenarios, surpassing human intelligence. Despite their exciting performances, DNNs are not robust against adversarial attacks. They are specifically vulnerable to data poisoning attacks where attackers meddle with the initial training data, despite...

Autonomous driving is an area that has been growing in recent years. However, cars are unprepared to cooperate with others nearby, wasting resources and computational power. Thus, cooperative autonomous driving reveals its importance in the future. In this work-in-progress paper, we define, implement and test an architecture for a simulation enviro...

The VEDLIoT project aims to develop energy-efficient Deep Learning methodologies for distributed Artificial Intelligence of Things (AIoT) applications. During our project, we propose a holistic approach that focuses on optimizing algorithms while addressing safety and security challenges inherent to AIoT systems. The foundation of this approach lie...

Adversarial attacks significantly threaten the robustness of deep neural networks (DNNs). Despite the multiple defensive methods employed, they are nevertheless vulnerable to poison attacks, where attackers meddle with the initial training data. In order to defend DNNs against such adversarial attacks, this work proposes a novel method that combine...

Wireless Sensor Networks used in aquatic environments for continuous monitoring are typically subject to physical or environmental factors that create anomalies in collected data. A possible approach to identify and correct these anomalies, hence to improve the quality of data, is to use artificial neural networks, as done by the previously propose...

Low-power wide-area networks are extending beyond the conventional terrestrial domain. Coastal zones, rivers, wetlands, among others, are nowadays common deployment settings for Internet-of-Things nodes where communication technologies such as LoRa are becoming popular. In this article, we investigate large-scale fading dynamics of LoRa line-of-sig...

The VEDLIoT project targets the development of energy-efficient Deep Learning for distributed AIoT applications. A holistic approach is used to optimize algorithms while also dealing with safety and security challenges. The approach is based on a modular and scalable cognitive IoT hardware platform. Using modular microserver technology enables the...

Sensor platforms used in environmental monitoring applications are often subject to harsh environmental conditions while monitoring complex phenomena. Therefore, designing dependable monitoring systems is challenging given the external disturbances affecting sensor measurements. Even the apparently simple task of outlier detection in sensor data be...

Determining how to structure vehicular network environments can be done in various ways. Here, we highlight vehicle networks’ evolution from vehicular ad-hoc networks (VANET) to the internet of vehicles (IoVs), listing their benefits and limitations. We also highlight the reasons in adopting wireless technologies, in particular, IEEE 802.11p and 5G...

Global climate change originates frequent floods that may cause severe damage, justifying the need for real-time remote monitoring and alerting systems. Several works deal with LoRa (Long Range) communications over land and in the presence of obstacles, but little is known about LoRa communication reliability over water, as it may happen in real fl...

Industrial control systems (ICS) include networked control systems (NCS), which use Real-Time Ethernet (RTE) protocols since many years, well before the Time Sensitive Networking (TSN) initiative debut. Today, Ethernet based control systems are used all across Industry 4.0, including in critical applications, allowing for straight integration with...

The benefits of using Networked Control Systems (NCS) in the growing Industry 4.0 arenumerous, including better management and operational capabilities, as well as costs reduction.However, despite these benefits, the use of NCSs can also expose physical plants to new threatsoriginated in the cyber domain—such as data injection attacks in NCS links...

This book constitutes the proceedings of the 39th International Conference on Computer Safety, Reliability and Security, SAFECOMP 2020, held in Lisbon, Portugal, in September 2020.* The 27 full and 2 short papers included in this volume were carefully reviewed and selected from 116 submissions. They were organized in topical sections named: safety...

This book constitutes the proceedings of the Workshops held in conjunction with SAFECOMP 2020, 39th International Conference on Computer Safety, Reliability and Security, Lisbon, Portugal, September 2020. The 26 regular papers included in this volume were carefully reviewed and selected from 45 submissions; the book also contains one invited paper....

The possibility of cyberattacks in Networked Control Systems (NCS), along with the growing use of networked controllers in industry and critical infrastructures, is motivating studies about the cybersecurity of these systems. The literature on cybersecurity of NCSs indicates that accurate and covert model-based attacks require high level of knowled...

A fault-tolerant negotiation-based intersection crossing protocol is presented. Rigorous analytic proofs are used for demonstrating the correctness and fault-tolerance properties. Experimental results validate the correctness proof via detailed computer simulations and provide a preliminary evaluation of the system performances. The results are com...

Unmanned autonomous systems (UAS) avionics call for advanced computing system architectures fulfilling strict size, weight and power consumption (SWaP) requisites. The AIR (ARINC 653 in Space Real-Time Operating System) defines a partitioned environment for the development and execution of aerospace applications, preserving application timing and s...

The advent of cooperative systems entails a dynamic composition of their components. As this contrasts current, statically composed systems, new approaches for maintaining their safety are required. In that endeavor, we propose an integration step that evaluates the failure model of shared information in relation to an application’s fault tolerance...

Wireless sensor networks are being increasingly used in several application areas, particularly to collect data and monitor physical processes. Non-functional requirements, like reliability, security or availability, are often important and must be accounted for in the application development. For that purpose, there is a large body of knowledge on...

Advances in sensor, microprocessor and communication technologies have been fostering new applications of cyber-physical systems, often involving complex interactions between distributed autonomous components and the operation in harsh or uncertain contexts. This has led to new concerns regarding performance, safety and security, while ensuring tim...

State machine replication (SMR) is a fundamental technique for implementing stateful dependable systems. A key limitation of this technique is that the performance of a service does not scale with the number of replicas hosting it. Some works have shown that such scalability can be achieved by partitioning the state of the service into shards. The...

The articles in this special section examine safety and security concerns with intelligent vehicle technologies. The most demanding and challenging quality attribute the manufacturers of aerial and ground vehicles must guarantee is safety, meaning that its usage is, to a reasonable level, free from failures with catastrophic consequences on the use...

Software technologies are of paramount importance in the current and upcoming systems. In certain application domains, their design has to fit a difficult equation involving not only the expected functionality, but also broader dependable characteristics. Functional and non-functional characteristics have to adhere to requirements such as openness,...

Kernel-based architectures have been proposed as a possible solution to build safe cooperative systems with improved performance. These systems adjust their operation mode at run-time, depending on the actual quality of sensor data used in control loops and on the execution timeliness of relevant control functions. Sets of safety rules, defined at...

Reliable flood decision-support information systems comprise an extensive network of dependable water sensors and a bundle of accurate forecast simulations models. However, the quality of gathered data is affected by the pervasive nature of the monitoring network where aquatic sensors are vulnerable to external disturbances. Existing solutions for...

Execution of critical services traditionally requires multiple distinct replicas, supported by independent networks and hardware. To operate properly, these services often depend on the correctness of a fraction of replicas, usually over 2/3 or 1/2. Defying the ideal situation, economical reasons may tempt users to replicate critical services onto...

Future vehicular systems will be able to cooperate in order to perform many functions in a more effective and efficient way. However, achieving predictable and safe coordination of vehicles that autonomously cooperate in open and uncertain environments is a challenging task. Traditional solutions for achieving safety either impose restrictions on p...

Cooperative vehicular systems base their coordination on inherently uncertain inter-vehicle communications. Safe solutions that do not properly manage uncertainty, lead to inefficient outcomes. We consider that cooperative functions can be executed with several service levels, and we use the system architectural concept of safety kernel for managin...

The overall performance improvement in Byzantine fault-tolerant state machine replication algorithms has made them a viable option for critical high-performance systems. However, the construction of the proofs necessary to support these algorithms are complex and often make assumptions that may or may not be true in a particular implementation. Fur...

Real-time operation in Wireless Sensor Networks (WSNs) is conditioned not only by the current technological level (e.g., limited computing power) but also inherently by the target problem itself: WSNs are required to operate in very open and uncertain environments, subject to external radio interferences, highly dynamic network load, etc. Current W...

KARYON, a kernel-based architecture for safety-critical control, is a European project that proposes a new perspective to improve performance of smart vehicle coordination. The key objective of KARYON is to provide system solutions for predictable and safe coordination of smart vehicles that autonomously cooperate and interact in an open and inhere...

A flood monitoring system incorporates water sensor networks, fore-cast simulations models, and a decision-support web-based system. The objec-tive of the system is to achieve reliable flood protection and response. This is challenging because of the inherent presence of a cascade of uncertainties in the forecast models, and also uncertainties af...

This position paper describes initial efforts and ideas for the development of a middleware framework to support the operation of adaptive Wireless Sensor Networks applications with real-time and dependability requirements. We identify a set of underlying services that need to be implemented as part of this framework, explaining why they are needed...

Execution of critical services traditionally requires multiple distinct replicas, supported by independent network and hardware. To operate properly, these services often depend on the correctness of a fraction of replicas, usually over $2/3$ or $1/2$. Defying the ideal situation, economical reasons may tempt users to replicate critical services on...

KARYON, a kernel-based architecture for safety-critical control, is a European project that proposes a new perspective to improve performance of smart vehicle coordination focusing on Advanced Driver Assistance Systems (ADASs) and Unmanned Aerial Systems (UAS). The key objective is to provide system solutions for predictable and safe coordination o...

Future physical environments are expected to be pervasively enriched with sensors, which mobile embedded applications can use to safely interact in and with that environment. Unfortunately, due to the open and uncertain nature of the environment and the wireless communication, it is not possible to provide strict a priori guarantees with regard to...

The continuous emergence and improvement of sensor and communication technologies creates new opportunities for designing embedded and mobile systems that are able to interact with their environment, and exhibit "smart" and autonomous behaviour. Furthermore, collaboration between mobile entities can also be envisaged for improving their functionali...

Distributed protocols executing in uncertain environments, like the Internet or ambient computing systems, should dynamically adapt to environment changes in order to preserve Quality of Service (QoS). In earlier work, it was shown that QoS adaptation should be dependable, if correctness of protocol properties is to be maintained. More recently, so...

Cloud infrastructures play an increasingly important role for telecom operators, because they enable internal consolidation of resources with the corresponding savings in hardware and management costs. However, this same consolidation exposes core services of the infrastructure to very disruptive attacks. This is indeed the case with monitoring, wh...

We propose a fault- and intrusion-tolerant framework for datacenter and cloud infrastructure monitoring. In contrast to existing approaches, our framework is able to deal with Byzantine faults. It is based on a replicated event broker, lying in the core of the monitoring infrastructure, supporting the dissemination of all monitoring events. We desc...

Algorithms for solving distributed systems problems often use timeouts as a means to achieve progress. They are designed in a way that safety is always preserved despite timeouts being too small or too large. A conservatively large static timeout value is usually selected, such that the overall system performance is acceptable in the normal case. T...

Current monitoring systems for cloud infrastructures are based on local, centralized or hierarchical model approaches such as HP Openview and ArcSight. Additionally, they do not look deep into resilience and delivering trustworthy data of its own services under crash or Byzantine failures caused by attackers or any other kind of sources. This work...

Achieving dependable and real-time operation in Wireless Sensor Networks (WSNs) is a hard and open problem. This can be an obstacle for many applications, namely in the automotive and medical domains, particularly if safety-critical control is envisaged. To overcome the communication uncertainties that are intrinsic to wireless and dynamic environm...

Unreliable failure detectors are a fundamental building block in the design of reliable distributed systems. But unreliability must be bounded, despite the uncertainties affecting the timeliness of communication. This is why it is important to reason in terms of the quality of service (QoS) of failure detectors, both in their specification and eval...

Although the technology and applications of wireless sensor networks have greatly increased over the last years, ensuring a dependable real-time operation despite faults and temporal uncertainties is still an on-going research topic. The problems are particularly significant when considering that future applications will interact with their environ...

Building distributed embedded systems in wireless and mobile environments is more challenging than if fixed network infrastructures can be used. One of the main issues is the increased uncertainty and lack of reliability caused by interferences and fading in the communication, dynamic topologies, and so on. When predictability is an important requi...

Classical event/object models are usually software oriented. As such, when transported to a real-time, embedded systems setting, their harmony is cluttered by the conflict between, on the one side, send/receive of “software”

This paper describes the design and development of a proof-of-concept platooning application, which operates in a mobile and dynamic environment and makes use of architectural and middleware solutions that were proposed in the scope of the HIDENETS project. With this application it is possible to demonstrate the practical feasibility of a hybrid sy...

This workshop will continue the initiative, which started four years ago, of bringing together the international communities of dependability and software architectures. The first workshop on Architecting Dependable Systems was organised during the International Conference on Software Engineering 2002 (ICSE), and since then five workshops were orga...

Recently, we proposed a framework that allows to an- alyze stochastic data, namely end-to-end measurements of distributed interactions, and hence characterize the tempo- ral probabilistic behavior of underlying communication or transactional services, to gather fundamental information for adaptation and dependability purposes. In particular, we ar-...

ABSTRACT Distributed protocols executing in uncertain environments, like the Internet, had better adapt dynamically to environ- ment changes in order to preserve QoS. In a previous work, it was shown that QoS adaptation should be dependable, if correctness of protocol properties is to be maintained. In this paper we provide concrete strategies and...

This paper presents a study on the performance of intrusion-tolerant protocols in wireless LANs. The protocols are evaluated in several different environmental settings, and also within the context of a car platooning application for distributed cruise control. The experimental evaluation reveals how performance is affected by the various environme...

This document contains an update of the HIDENETS Reference Model, whose preliminary version was introduced in D1.1. The Reference Model contains the overall approach to development and assessment of end-to-end resilience solutions. As such, it presents a framework, which due to its abstraction level is not only restricted to the HIDENETS car-to-car...

Recent advances in wireless communication technology have opened the way for mobile services and applications. This paper describes ongoing work in the context of the HIDENETS project, which aims at the development of end-to-end resilience solutions for distributed applications and mobility-aware services in ubiquitous communication scenarios. In H...

On-time data management is becoming a key difficulty faced by the information infrastructure of most organizations. In fact, database applications for critical areas are increasingly giving more importance to the timely execution of transactions. Database applications with timeliness requirements have to deal with the possible occurrence of timing...

On-time data management is becoming a key difficulty faced by the information infrastructure of most organizations. In fact, database applications for critical areas are increasingly giving more importance to the timely execution of transactions. Database applications with timeliness requirements have to deal with the possible occurrence of timing...

In a future networked physical world, a myriad of smart sensors and actuators assess and control aspects of their environments and autonomously act in response to it. To a large extent, such systems operate proactively and independently of direct human control. They include computer hardware and software parts mixed with mechanical devices. Besides...

Developing database applications with timeliness requirements is a difficult problem. During the execution of transactions, database applications with timeliness requirements have to deal with the possible occurrence of timing failures, when the operations specified in the transaction do not complete within the expected deadlines. In spite of the i...

The CORTEX project envisions a new class of applications comprising (possibly many) smart components, called sentient objects, that can sense their environment and interact with it and each other by accepting and producing events. These interactions might occur in ways that demand predictable and sometimes guaranteed quality of service (QoS). Howev...

In a future networked physical world, a myriad of smart sensors and actuators assess and control aspects of their en- vironments and autonomously act in response to it. Exam- ples range in telematics, tra-c management, team robotics or home automation to name a few. To a large extent, such systems operate proactively and independently of direct hu-...

This paper describes and discusses the work carried on in the context of the CORTEX project, for the development of adaptive real-time applications in wormhole based systems. The architecture of CORTEX relies on the existence of a timeliness wormhole, called timely computing base (TCB), which we have described in previous papers. Here we focus on t...

A sentient object is a mobile, intelligent software component that is able to sense its environment via sensors and react to sensed information via actuators. Sentient objects are context-aware, aware of both their internal state and the state of their surrounding local environment, and are cooperative, cooperating with other sentient objects both...

requirements, which in essence calls for synchronous system models. However, systems often rely on unpredictable and unreliable infrastructures, that suggest the use of asynchronous models. Several models have been proposed to address this issue. We propose an architectural construct that takes a generic approach to the problem of programming in th...

A sentient object is a mobile, intelligent software component that is able to sense its environment via sensors and react to sensed information via actuators. Sentient objects are context-aware, aware of both their internal state and the state of their surrounding local environment, and are cooperative, cooperating with other sentient objects both...

The emergence of applications operating independently of direct human control is inevitable. Research on high-level models for this class of applications - e.g. on autonomous agents and distributed AI - has revealed the shortcomings of current architectures and middleware interaction paradigms. If we focus on complex real-time systems made of embed...

this paper was partly supported by the Irish Higher Education Authority's Programme for Research in Third Level Institutions cycle 0 (1998-2001) and by the Future and Emerging Technologies programme of the Commission of the European Union under research contract IST-2000-26031 (CORTEX - CO-operating Real-time sentient objects: architecture and EXpe...

Current systems are very often based on large-scale, unpredictable and unreliable infrastructures. However, users of these systems increasingly require services with timeliness properties. This creates a difficult-to-solve contradiction with regard to the adequate time model: should it be synchronous, or asynchronous? In this paper, we propose an a...

In a recent report we proposed an architectural construct to address the problem of dealing with timeliness specifications in a generic way. We called it the Timely Computing Base, TCB. The TCB defines a set of services available to applications, including timely execution, duration measurement and timing failure detection. We showed how these serv...

Current systems are very often based on largescale, unpredictable and unreliable infrastructures. However, users of these systems increasingly require services with timeliness properties. This creates a di#cult-to-solve contradiction with regard to the adequate time model: synchronous, or asynchronous? In this paper, we propose an architectural con...

We are now at the point where the emergence of a new class of applications that operate independently of direct human control can be envisaged However, this is also the crossroads between the requirements put on system support, by the advances of research on high-level models for this class of applications--- e.g. on autonomous agents and distribut...

The round-trip duration measurement technique is fundamental to solve many problems in asynchronous distributed systems. In essence, this technique provides the means for reading remote clocks with a known and bounded error. Therefore, it is used as a fundamental building block in several clock synchronization algorithms. In general, the technique...

Designing applications with timeliness requirements in environments of uncertain synchrony is known to be a difficult problem. In this paper we follow the perspective of timing fault tolerance: tinting errors occur and they are processed using redundancy, e.g., component replication, to recover and deliver timely service. We introduce a paradigm fo...

In open and heterogeneous environments, where an unpredictable number of applications compete for a limited amount of resources, executions can be affected by also unpredictable delays, which may not even be bounded. Since many of these applications have timeliness requirements, they can only be implemented if they are able to adapt to the existing...

In open and heterogeneous environments, where an unpredictable number of applications compete for a limited amount of resources, executions can be a#ected by also unpredictable delays, which may not even be bounded. Since many of these applications have timeliness requirements, they can only be implemented if they are able to adapt to the existing...

Introduction The development of applications in large-scale real-time systems is known to be a complex task. One of the main difficulties consists in reconciling timeliness expectations with the uncertainty of the environment. The problem has been addressed by several authors, each in its own way [3, 5, 6], but all share the observation that synchr...

In open and heterogeneous environments, where an unpredictable number of applications compete for a limited amount of resources, executions can be affected by also unpredictable delays, which may not even be bounded. Since many of these applications have timeliness requirements, they can only be implemented if they are able to adapt to the existing...

The round-trip duration measurement technique is fun- damental to solve many problems in asynchronous dis- tributed systems. In essence, this technique provides the means for reading remote clocks with aknown and bounded error. Therefore, it is used as a fundamental building block in several clock synchronization algorithms. In general, the techniq...