Fault Injection and Monitoring for Dependability Analysis of Wireless Sensor-Actuators Networks Fran¸ coise Sailhan 1 , Thierry Delot 2 , Animesh Pathak 3 , Aymeric Puech 4 , Matthieu Roy 5 1 Sempia group, Cedric laboratory, CNAM, 2 Valenciennes University 3 Arles Project, INRIA, 4 SmartGrains, 5 CNRS ; LAAS ; 7 avenue du Colonel Roche, F-31077 Toulouse, France 5 Universit´ e de Toulouse ; UPS , INSA , INP, ISAE ; LAAS ; F-31077 Toulouse, France 1 surname@ieee.org, 2 firstName.surname@univ-valenciennes.fr, 3 firstName.surname@inria.fr, 4 firstName.surname@smartgrains.com, 5 roy@laas.fr, Abstract The explosion in the instrumentation of our envi- ronment is driving the need for developing sensor net- works that not only observe and measure but that also show a high-level of fault tolerance. Towards this goal, we identify faults and key challenges related to the de- velopment and deployment of self-managing dependable sensor networks, on the account of two use cases: a monitoring system and a geo-localization application. We then cater requirements and envisage the design of a fault injector which deliberately injects software faults into an operational sensor network to determine if the target offers an effective response, and hence evaluate the dependability of the network. Taking into account the distributed nature of sensor networks and their in- herently unsafe (wireless) communication medium, we then insert in a distributed manner communication- related faults and monitor the network under study in order to detect and diagnose any resulting error. 1 Introduction Wireless sensor networks have been founded with the fundamental aim of monitoring a phenomenon (sens- ing) and performing actions in response (actuation). The architectural premise of such networks is a set of networked sensors, embedding a detector and an elec- tromechanical (actuating) device, being together ca- pable of observing, measuring, reacting and commu- nicating on a phenomenon and sharing it with each others. To get useful observations and provide an ad- equate response, several detectors and actuators may be required, each providing a basic observation and the corresponding reaction (e.g., a temperature sensor and a heating element), which may be combined to provide a complete behavior. With sensors, the key constraint remains resource saving. It has served as the primary argument for developing specific energy-, memory-, computationally-aware, low-data-rate proto- cols, systems and applications that together attempt to extend nodes lifetime. However, as the range of ap- plications extends in the fields of industrial, medical and mission-critical systems, additional requirements related to robustness and reliability must be taken into account [2]. Currently, we are confronted with wireless sensor networks that are optimized for their gather- ing abilities but that fail at ensuring their own reliance and their proper operation. Such assertion is reinforced by the increasing number of real-life deployment cam- paigns that fail [2]. Meeting the challenging task of developing depend- able sensor networks necessitates not only to provide fault-tolerant sensing and actuating capabilities but also to evaluate and validate their dependability at- tributes. Towards this goal, we present the founda- tions of a fault injection-based evaluator that deliber- ately accelerates the occurrence of faults to evaluate the quality of error handling mechanisms and, more generally, to analyze the dependability of the sensor network. This solution is grounded on two main build- ing blocks, namely: · a fault injection mechanism that inserts faults into one (or several) run-time node(s) in a remote and distributed way, · a monitoring component that checks for any mis- behavior or dysfunction at run-time, and reports it. These components together aim at evaluating the de- pendability of the applications and protocols deployed 1