A Dependability Model to Enhance Security of Cloud Environment using System-

Level Virtualization Techniques

Dawei Sun1, Guiran Chang

2,Qiang Guo

1,3, Chuan Wang

1, Xingwei Wang

1

1School of Information Science and Engineering, Northeastern University, Shenyang, P.R. China, 110004

2Computing Center, Northeastern University, Shenyang, P.R. China, 110004

3Information Center, State Taxation Bureau of Liaoning Province, Shenyang, P.R. China, 110004

E-mail: sundaweicn@163.com, chang@neu.edu.cn, guoqiang_mike@yahoo.com, silver_chuan@hotmail.com,

wangxw@mail.neu.edu.cn

Abstract—Security of cloud computing is one of the challenges

to be addressed before the novel pas-as-you-go business model

is widely applied, and dependability is one of the most

important means to improve security of current heterogeneous

cloud platforms. Previous research on dependability in

computing systems only uses qualitative approaches and there

are few systematic works on dependability in cloud systems. In

this paper, the definition of dependability in cloud systems is

given and a series of quantitative indicators are presented to

evaluate the dependability. A novel cloud dependability model

CDSV is established to enhance the security of heterogeneous

cloud environments. System-level virtualization techniques are

used to enhance the dependability of cloud environments.

Systematic analysis shows that this model can enhance the

system dependability and security. Experimental results show

that the dependability model CDSV can efficiently and safely

construct dependability relationship in heterogeneous cloud

environments.

Keywords-cloud computing; security; dependability model;

system-level virtualization techniques; quantitative evaluation

I. INTRODUCTION

Several trends are opening up the era of cloud computing [1] [2] [3], a large-scale distributed computing paradigm driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, highly available, and configurable and reconfigurable computing resources (e.g., networks, servers, storage, applications, and data) can be rapidly provisioned and released with minimal management effort, and services are delivered on demand to external customers over high-speed Internet, together with the “X as a service (XaaS)” computing architecture. Its aims are to provide users with more flexible services in a transparent manner and with ever cheaper and more powerful processors. In computational terms, cloud computing is a network of data centers and is described as a powerful, low-cost, and energy-efficient approach to future computing. From a sociological standpoint on the other hand, in the cloud, applications are accessible anywhere, anytime, and storage becomes infinite for all intents and purposes. And the users can access to powerful applications, platforms, and services delivered over high-speed Internet.

While cloud computing leads to the new pay-as-you-go business model, however, the massive concentrations of resources and data present more attractive targets to attackers.

This brings new security issues, but the research in cloud computing security is far from mature [4] [5]. First of all, the unique features of the cloud computing security are not recognized. Some researchers think that cloud computing security is not much different form existing security practices and the security aspects can be well managed with the existing techniques, such as digital signature, encryption, firewalls, etc. Secondly, the specific security requirements in cloud computing are still cloudy to the community. Nevertheless, cloud security is an important ongoing research area. Many consultants and security agencies have issued warnings on the security threats in the cloud computing model. And cloud consumers are still wondering whether the cloud is secure. More efforts than conventional security mechanisms are required to solve this problem.

Cloud computing itself is unlikely to cause the security problems as most of us are too worried about. Security issues in cloud computing are not all technological, rather, it is the issue of reliability, confidence, and lack of clear and enough information about cloud security. In order to improve the security of heterogeneous independent cloud environments, a novel cloud dependability model named CDSV (Cloud Dependability by using System-level Virtualization) is proposed by using system-level virtualization techniques [6] [7]. The CDSV model is much efficient and light-weighted, which contributes good scalability to the much larger cloud systems. Our contributions can be summarized as follows: (1) We propos a general formal CDSV model with good scalability by using system-level virtualization techniques for cloud systems; (2) We equipped the proposed CDSV construction with the definition of dependability in cloud systems and a series of quantitative indicators to evaluate the dependability, which are missing in most existing schemes; (3) We have proved the dependability and security of our proposed CDSV model, and give systematic analysis on how CDSV model can enhance the system dependability.

The remainder of this paper is organized as follows. In section 2, we analyze the related work on security and dependability of cloud systems. Section 3 gives the definition of dependability in cloud systems and a series of quantitative indicators. Section 4 presents the mechanism of CDSV model by using system-level virtualization. Section 5 systematically analyzes how CDSV model can enhance the system dependability. Finally, conclusions are given in section 6.

2010 First International Conference on Pervasive Computing, Signal Processing and Applications

978-0-7695-4180-8/10 $26.00 © 2010 IEEE

DOI 10.1109/PCSPA.2010.276

305

2010 First International Conference on Pervasive Computing, Signal Processing and Applications

978-0-7695-4180-8/10 $26.00 © 2010 IEEE

DOI 10.1109/PCSPA.2010.81

305

2010 First International Conference on Pervasive Computing, Signal Processing and Applications

978-0-7695-4180-8/10 $26.00 © 2010 IEEE

DOI 10.1109/PCSPA.2010.81

305

II. RELATED WORK

Cloud computing is an emerging technology which promises to revolutionize software and business life-cycles. It is a subject of fierce debate in forums and on-line communities, with rapid technological developments and intensive business analyses and speculations. As a research field, cloud computing is a derivative of several established research areas, including service oriented architecture and virtualization techniques.

There are a few works that have addressed cloud security. Khan [5] explored various dimensions of cloud computing security. He argued that security concerns on cloud computing needs to be addressed form the perspective of individual stakeholder. Jensen et al. [8] discussed the importance and capabilities of browser security in SaaS, raised concerns about cloud service integrity and binding issues in PaaS, sketched the threat of flooding attacks on IaaS, and gave in-depth analysis for each threat to cloud security on their potential impact and relevance to real-world. Wang et al. [9] explored the problem of providing simultaneous public verifiability and data dynamics for remote data integrity check in cloud computing. Konstantinou et al. [6] proposed an approach and architecture for composition and deployment of virtual software services in cloud environments. Li et al. [10] presented a new identity-based authentication protocol for cloud computing and services, which was more light-weighted and efficient than SAP, especially the more lightweight user side. Yan et al. [11] proposed to use federated identity management and HIBC in the cloud and depicted how could the system generate and distribute the public and private keys to users and servers.

Other academic publications are not seen on using dependability to improve security of cloud environment by system-level virtualization techniques similar to the approach proposed in this paper. Our work can be generally positioned in the area of IaaS (Infrastructure as a Service).

III. PROBLEM STATEMENT AND CDSV MODEL

Dependability is a very important property for a cloud system as it provides services with the features of high availability, high stability, high fault tolerance and dynamical extensibility. Because cloud computing is a large-scale distributed computing paradigm and its applications are accessible at anywhere, anytime, and in anyway, dependability in cloud system becomes more important and more difficult to achieve.

A. Dependability and Security of Cloud System

There is no unique definition of dependability. By one definition, it is the ability of a system to deliver the required specific services that can justifiably be trusted [12]. It is also defined as the system property that prevents a system from failing in an unexpected or catastrophic way [13]. Although these definitions are all similar, the dependability of cloud systems can be defined by Definition 1.

Definition 1: Dependability of cloud systems. The dependability of a cloud system is characterized by a four-

tuple , , ,D A W Of , where vector 1 2, , , nA a a a is

a system property that prevents a cloud system from failing in an unexpected or catastrophic way, vector

1 2, , , nW w w w is the system preference of each

property, Of is an objective function for optimizing the

dependability in a cloud system, and it is defined according

to (1), and is the means of optimization.

0

0

max max max ,

. . 0,1 , 0,1 , 0,1 , 1.

nT

sys i i

i

n

i sys i i

i

Of d t A W a w

s t a d t w w

In this paper, we only focus on five basic and general attributes [13] of the system property vector A for cloud systems: reliability, availability, safety, integrity, and maintainability. A generalized view of dependability attributes along with their threats and the means to achieve dependability are shown in Table 1.

TABLE I. THREATS, ATTRIBUTES, AND MEANS FOR DEPENDABILITY

Threats

Faults

Errors

Failures

Attributes

Reliability

Availability

Safety

Confidentiality

Integrity

Maintainability

Means

Fault Prevention

Fault Tolerance

Fault Removal

Fault Forecasting

Security has not been characterized as a single attribute of dependability. This is in agreement with the definitions of security which view it as a composite notion, namely, “the combination of confidentiality, the prevention of the unauthorized disclosure of information, integrity, the prevention of the unauthorized amendment or deletion of information, and availability, the prevention of the unauthorized withholding of information” [12]. Our unified definition for security is the absence of unauthorized access to, or handling of, the system state. The main dimensions of security are availability, confidentiality and integrity. The relationship between dependability and security is illustrated in Figure 1 [12].

Dependability

Reliability

Availability

Safety

Confidentiality

Integrity

Maintainability

Security

Figure 1. Relationship between dependability and security.

306306306

As we can see from Figure 1, security can be considered as a sub-dimension within dependability. There exist other concepts similar to dependability, such as high confidence, high survivability, and dynamic trustworthiness. A side-by-side comparison leads to the conclusion that all the four concepts are essentially equivalent in their goals and address similar threats. More detail discussed can be found in [12].

B. Dependability Property Evaluation of CDSV

Definition 2: Reliability. it is expressed by probability

that the system will perform its required function under

given conditions for a stated time interval [13] [14]. r t is

a function of time that calculates the probability, r of

uninterrupted service in the interval 0, . r t is also

related to the failure rate function z t , which is the

probability that a component which has functioned up to

time t and will fail in the next dt seconds. The relation

between r t and z t is shown by (2).

,z t d t

r t e

If the cloud system is in a useful life stage, where

z t , then the solution is reduced to an exponential

function of the parameter given by (3).

,tr t e

Definition 3: Availability. it is a measure of the

frequency of periods of improper service, defined as the

“readiness for correct service” of a systerm [12] [13] [14]

[15]. The lifetime of a cloud system can be divided into a set

of “up states” and a set “down states”. It can be categorized

in instantaneous availability, steady-state availability and

inherent availability.

The instantaneous availability ia t of a system is

defined as the probability that a system is in an “up state” at time t under the constraint that it was correct at time t=0 (i.e.

0 1ia ), shown by (4):

0

, ,

| , .i

t i i

r t if no repair operationsa t

p s p up s p init otherwise

where ts refers to the state occupied at time t, ip up is a

predicate that specifies the states where the system is

operational, doing something useful, ip init specifies the

initial states, and ip init true .

The steady-state availability sa t of a system is defined

as the probability that a system is in an “up state” after a “sufficiently long time” after system start when looking at it

at an arbitrary point in time, and is the limit value of ia t

as t approaches infinity, given by (5).

0lim lim ,

t

i

s it t

a k dka t a t

t

The inherent availability a t of a system is expected

value of the percentage of the time interval during which the system performs its required function, as defined by (6):

,MTBF

a tMTBF MTTR

where MTBF is the mean time between faults, and MTTR is the mean time to repair.

Definition 4:Safety. it is defined as the “does not fail in

a manner that causes catastrophic damages during a

specified period of time” in a systerm [12] [13] [14]. s t is

defined by (7):

,F

s

i s

s t p i

where Fs is a set of catastrophic damages in interval 0,

and sp i is the steady-state probability at state i.

Definition 5:Integrity. it is defined as “guarding against

improper information modification or destruction, including

ensuring information non-repudiation and authenticity” of a

system [12] [13] [14]. it t is shown by (8):

,I

i

i s

it t p i

where Is is a set of improper information modifications or

destructions in the interval 0, , and ip i is the integrity-

state probability at state i.

Definition 6:Maintainability. it is defined as “the case

that can be modified to correct faults, improve performances,

or other attributes, or adapt to a changed environment” of a

system [12] [13] [14]. m t is defined by (9):

0| ,t m mm t p s p up s p init

where ts refers to the state occupied at time t. For simplicity

in the engineering, MTTF (mean time to failure) is often used to represent the maintainability of the system, too.

IV. MODEL OF CLOUD DEPENDABILITY BY USING

SYSTEM-LEVEL VIRTUALIZATION

Virtualization is a technique for hiding the physical characteristics of computing resources from the way in which other systems, applications, or end users interact with those resources. It includes making a single physical (e.g., a server, an OS, or application) resource appearing to function as multiple logical resources, or it can include making

307307307

multiple physical resources (e.g., storage pool) appearing as a single logical resource [16].

System-level virtualization is the faithful reproduction of an entire architecture in software which provides the illusion of a real machine to all software running above it. It is classified into two categories (see Figure 2): Bare-metal virtualization and Hosted virtualization. Bare-metal virtualization is used for the reason that it has direct access to hardware resource and its performance is comparable to that of native execution. In contrast, hosted virtualization incurs additional overhead due to the layering of the VMM on top of the host OS when servicing resource requests from the VMs [17].

...

Hardware

VMM/Hypervisor

...

Hardware

VMM/HypervisorVM1

Host OS

(a). Bare-metal virtualization (b). Hosted virtualization

OS

App

VM2

OS

App

VMn

OS

App

VM1

OS

App

VMn

OS

App Ap

plicatio

n

Figure 2. Classification of system-level virtualization.

System-level virtualization can improve dependability and enhance security of cloud systems for a number of reasons and the three major justifications are: (1) consolidation, (2) isolation, and (3) live migration.

A. Consolidation

System consolidation is the major market for virtualization solutions as is showed in Figure 3. It enables the sharing of expensive servers among different applications with guarantees that each application will have its own view of the system and is isolated from each other. This allows service providers to consolidate works to fewer servers (cost effective server usage) and also to support incompatible or legacy operating environments without the need to separate the hardware and achieve integrity of the cloud system.

HW 1

OS 1

App 1 App 2

HW 2

OS 2

App 3 App 4

Hardware

VMM/Hypervisor

OS 1

App 1 App 2

OS 2

App 3 App 4

Figure 3. Server consolidation.

In addition, server consolidation can increase function unit reuse degree, reduce hardware cost, improve resource utilization, save power and achieve system load balance.

Figure 4 illustrates the comparison of resource utilization rate before and after server consolidation. With the improvement of hardware, in most existing architectures, for ease of maintenance, a given server hosts only one

application, the average load of server is about 10-20%. While by using virtualization, some of the VMs share the same hardware resources and the load of the server can reach up to 80% [16].

App 1

Work

lo

ad

Work

load

App 2

App 3

Con

App

Figure 4. Comparison of resource utilization rate.

B. Isolation

Isolation aims at improving the security and reliability of a system by isolating the execution environment for applications in VMs which cannot corrupt the bare hardware, as shown in Figure 5.

Hardware

VMM/Hypervisor

OS 1

App 1 App 2

OS 2

App 3 App 4

Hardware

VMM/Hypervisor

OS 1

App 1

OS 2

App 2

OS 3

App 3

OS 4

App 4

Figure 5. Server isolation.

Isolation forbids a misbehaving virtual machine to consume other machine resources, provides fairness according to the shares of virtual machines, and improves the reliability and availability of the cloud system. The applications running on the VMs are well defined entities, and are isolated from all other applications and even from the core host operating system. It is possible to enhance the security of the system.

C. Live Migration

The capability of live migrating the entire VMs, makes it possible to improve the quality of service by balancing the global loads among several servers without interruption the application execution and by moving the VMs (and therefore applications) when a failure is predicted for a specific server. It also enables a transparent programmable downtime of the servers by live migrating the VMs to other servers before a server is shut down for maintenance, as shown in Figure 6.

Hardware

VMM/Hypervisor

Hardware

VMM/Hypervisor

VM

OS

App

VM

OS

App

VM

OS

App

VM

OS

App

VM

OS

App

VM

OS

App

Figure 6. Server live migration.

308308308

In addition, some other capabilities of system-level virtualization can also enhance the maintainability, improve the dependability and enhance the security of cloud systems, such as VM pause/ unpause, VM checkpoint/ restart, and so on. These mechanisms enable the implementation of three fault tolerance policies: (1) reactive fault tolerance (do something after a failure occurs), (2) proactive fault tolerance (do something before the failure occurs), and (3) hybrid policies mixing both reactive and proactive fault tolerance.

V. CDSV PERFORMANCE EVALUATION

Combinatorial modeling [18] [19] and Markov modeling [14] [20] are the two main types of model representation techniques. We choose combinatorial modeling to analyze the dependability of cloud systems as its simplicity enables easy elimination of “hopeless” choices in the early stage, and the assumption is that each part failure is independent with others. We consider a condition in which multiple VMs run on the same node and offer an identical service, as shown in Figure 7.

...Application

Hardware

VMM/Hypervisor

VM

OS

App

VM

OS

App

VM

OS

App

Hardware

Operating System

(a). Non-virtualized system (b). Virtualized system with n VMs

Figure 7. Analyze of non-virtualized and virtualized system.

For a non-virtualized system, it is composed of two functional subsystems (see Figure 7(a)): hardware and software (applications and operating system). Thus, the subsystem is a simple serial system, whose dependability

nv

sysd t is given by (10):

, , 0,1 ,nv

sys h s h sd t d t d t d t d t

where nv

sysd t is calculated from (1) and is composed of five

major dimensions: r t , a t , s t , it t , and m t .

hd t and sd t denote the dependability of the hardware

subsystem and the software subsystem. For a virtualized system with n independent, identical

VMs (see Figure 7(b)). The subsystem is a serial-parallel

system, whose dependability vm n

sysd t is given by (11):

0

1 1 ,i

nvm n

sys h vmm s

i

d t d t d t d t

where vmmd t denotes the dependability of the VMM

subsystem and is

d t denotes the dependability of the ith

virtual machine system (applications and operating system).

If we want to improve the dependability and enhance the security of the virtualized system with n-replicated service than the non-virtualized system, it should meet (12).

,vm n nv

sys sysd t d t

In detail, (12) is the same as (13),

0

1 1 ,i

n

vmm s s

i

d t d t d t

As each virtual machine system has the same functionality with the non-virtualized software system, for

simplicity, let is sd t d t for all 0 i n . Then,

condition (13) becomes (14).

1 1 ,

,

n

vmm s s

vmm s

d t d t d t

d t d t

If n=1, then again (14) does not hold ( 1vmmd t ), and n

should meet (15).

log 1,

log 1

s vmm

s

d t d tn

d t

For a virtualized system, suppose that we desire the

system dependability to be d t , it is given by (16).

1 1 ,n

h vmm sd t d t d t d t

The number of VMs n should meet (17).

log 1,

log 1

h vmm

s

d t d t d tn

d t

In practice, the number of VMs that can be hosted on a physical node is ultimately limited by the resources available. In addition, moving functionality out of the VMs into the VMM, virtual the node with VMM-level voting, and so on, can also improve the dependability and enhance the security of the virtualized system.

VI. CONCLUSIONS AND FUTURE WORKS

As a novel pas-as-you-go business model, security is one of the challenges to be addressed before cloud computing is widely applied, and dependability is one of the most important means to improve the security of current heterogeneous cloud platforms. System-level virtualization offers enormous opportunities for flexibility, security management, and deployment of cloud systems. It is clear that the scope of virtualization will expand in the future,

309309309

including non-functional system properties such as dependability and so on.

Focusing on the problems that traditional researches on dependability in computing systems are just using qualitative approaches and there are very few systematic works on dependability in cloud systems at present, we give the definition of dependability in cloud systems, and a series of quantitative indicators are presented to evaluate the dependability. Then a novel cloud dependability model CDSV is given to improve the dependability and enhance the security in heterogeneous cloud environments. System-level virtualization techniques are applied to enhance the dependability of cloud environments. Systematic analysis is given to show how this model can enhance the system dependability. Our results provide useful information on the type of conditions that need to be satisfied to uphold the overall system dependability in the presence of system-level virtualization techniques

Future works include more rigorous modeling and further analysis of dependability in the context of system-level virtualization, particularly in dynamic situations such as live migration. The CDSV model will be deployed and systematically tested on private cloud computing platform of State Taxation Bureau of Liaoning Province.

ACKNOWLEDGMENT

This work is supported by the National Natural Science Foundation of China under Grant No. 70671020, No. 70931001 and No.60673159; the National Science & Technology Pillar Program under Grant No. 2008BAH37B03 and No. 2008BAH37B07; the Specialized Research Fund for the Doctoral Program of Higher Education under Grant 20070145017; the Fundamental Research Funds for the Central Universities under Grant No. N090504003 and No. N090504006; the Oracle Sun & Mars Information Open Source Center of Excellence. The authors gratefully thank Junling Hu for her help and comments.

REFERENCES

[1] A. Weiss, “Computing in the clouds,” Networker, ACM, vol. 11(4), Dec. 2007, pp. 16-25.

[2] I. Foster, Y. Zhao, I. Raicu and S. Y. Lu, “Cloud Computing and Grid Computing 360-degree compared,” Proc. Grid Computing Environments Workshop, GCE 2008, IEEE Press, Nov. 2008, pp. 1-10.

[3] P. Mell and T. Grance, “Presentation on effective and secure use of cloud computing paradigm,” National Institute of Standards and Technology, Information Technology Laboratory, http://csrc.nist.gov/groups/SNS/cloud-computing/index.html, Oct. 2009.

[4] ENISA, “Cloud Computing: benefits, risks and recommendations for information security,” European Network and Information Security Agency, http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment/at_download/fullReport, Nov. 2009.

[5] K.M. Khan, “Security dynamics of cloud computing,” Cutter IT Journal, vol. 22(6-7), Jun.-Jul. 2009, pp. 38-43.

[6] A. Konstantinou, T. Eilam, M. Kalantar, A. A. Totok, W. Arnold and E. Snible, “An architecture for virtual solution composition and deployment in infrastructure clouds,” Proc. 3rd International Workshop on Virtualization Technologies in Distributed Computing, VTDC'09, IEEE Press, Jun. 2009, pp. 9-17.

[7] K.L. Kroeker, “The evolution of virtualization,” Communications of the ACM, vol. 52(3), Mar. 2009, pp. 18-20.

[8] M. Jensen, J. Schwenk, N. Gruschka and L. L. Iacono, “On technical security issues in cloud computing,” Proc. 2009 IEEE International Conference on Cloud Computing, CLOUD 2009, IEEE Press, Sep. 2009, pp. 109-116.

[9] Q. Wang, C. Wang, J. Li, K. Ren and W. Lou, “Enabling public verifiability and data dynamics for storage security in cloud computing,” Proc. 14th European Symposium on Research in Computer Security, ESORICS 2009, IEEE Press, Sep. 2009, pp. 355-370.

[10] H. Li, Y. Dai, L. Tian and H. Yang, “Identity-based authentication for cloud computing,” Proc. 1st International Conference on Cloud Computing, CloudCom 2009, IEEE Press, Dec. 2009, pp. 157-166.

[11] L. Yan, C. Rong and G. Zhao, “Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography,” Proc. 1st International Conference on Cloud Computing, CloudCom 2009, IEEE Press, Dec. 2009, pp. 167-177.

[12] A. Algirdas, L. Jean-Claude, R. Brian and L. Carl, “Basic concepts and taxonomy of dependable and secure computing,” IEEE Transactions on Dependable and Secure Computing, vol. 1 (1), Jan.-Mar. 2004, pp. 11-33.

[13] M. Al-Kuwaiti, N. Kyriakopoulos and S. Hussein, “A comparative analysis of network dependability, fault-tolerance, reliability, security, and survivability,” IEEE Communications Surveys & Tutorials, vol. 11 (2), Feb. 2009, pp. 106-124.

[14] X. Zhang, C. Lin and X. Kong, “Model-driven dependability analysis of virtualization systems,” Proc. 8th IEEE/ACIS International Conference on Computer and Information Science, ICIS 2009, IEEE Press, Jun. 2009, pp. 199-204.

[15] A. Dhama, O. Theel, P. Crouzen, H. Hermanns, R. Wimmer and B. Becker, “Dependability engineering of silent self-stabilizing systems,” Proc. 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems, SSS 2009, IEEE Press, Nov. 2009, pp. 238-253.

[16] R. Alain, “Using virtualization to improve durability and portability of industrial applications,” Proc. 6th IEEE International Conference on Industrial Informatics, IEEE INDIN 2008, IEEE Press, Jul. 2008, pp. 1545-1550.

[17] S. L. Scott, G. Vallée, T. Naughton, A. Tikotekar, C, Engelmann and H. Ong, “System-level virtualization research at Oak Ridge National Laboratory,” Future Generation Computer Systems, vol. 26 (3), Mar. 2010, pp. 304-307.

[18] B. Jansen, H. V. Ramasamy, M. Schunter and A. Tanner, “Architecting dependable and secure systems using virtualization,” Architecting Dependable Systems V, vol. 5135 LNCS, 2008, pp. 124-149.

[19] H. H. Hashemi and H. A. Sarbazi, “Combinatorial performance modelling of toroidal cubes,” Journal of Systems Architecture, vol. 54 (1-2), Jan.-Feb. 2008, pp. 241-252.

[20] C. W. Wee and J. H. Lee, “Realistic disturbance modeling using Hidden Markov Models: applications in model-based process control,” Journal of Process Control, vol.19 (9), Oct. 2009, pp. 1438-1450.

310310310