196,647 research outputs found
An Assurance Framework for Independent Co-assurance of Safety and Security
Integrated safety and security assurance for complex systems is difficult for
many technical and socio-technical reasons such as mismatched processes,
inadequate information, differing use of language and philosophies, etc.. Many
co-assurance techniques rely on disregarding some of these challenges in order
to present a unified methodology. Even with this simplification, no methodology
has been widely adopted primarily because this approach is unrealistic when met
with the complexity of real-world system development.
This paper presents an alternate approach by providing a Safety-Security
Assurance Framework (SSAF) based on a core set of assurance principles. This is
done so that safety and security can be co-assured independently, as opposed to
unified co-assurance which has been shown to have significant drawbacks. This
also allows for separate processes and expertise from practitioners in each
domain. With this structure, the focus is shifted from simplified unification
to integration through exchanging the correct information at the right time
using synchronisation activities
Combining behavioural types with security analysis
Today's software systems are highly distributed and interconnected, and they
increasingly rely on communication to achieve their goals; due to their
societal importance, security and trustworthiness are crucial aspects for the
correctness of these systems. Behavioural types, which extend data types by
describing also the structured behaviour of programs, are a widely studied
approach to the enforcement of correctness properties in communicating systems.
This paper offers a unified overview of proposals based on behavioural types
which are aimed at the analysis of security properties
Future prospects for personal security in travel by public transport
This work was supported by the Engineering and Physical Sciences Research Council [grant number EP/I037032/1]. No other funding support from any other bodies was provided.Peer reviewedPublisher PD
Designing the venue logistics management operations for a World Exposition
World Expositions, due to their size and peculiar features, pose a number of logistics challenges. This paper aims at developing a design framework for the venue logistics management (VLM) operations to replenish food products to the event site, through a combination of qualitative and quantitative research approaches. First, an in-depth interview methodology, combined with the outcomes of a literature review, is adopted for defining the key variables for the tactical and operational set-up of the VLM system. Second, a quantitative approach is developed to define the necessary logistics resources. The framework is then applied to the case of Milan 2015 World Exposition. It is the first time that such a design framework for a World Exposition is presented: the originality of this research lies in the proposal of a systematic approach that adds to the experiential practices constituting the current body of knowledge on event logistics
An Analysis of issues against the adoption of Dynamic Carpooling
Using a private car is a transportation system very common in industrialized
countries. However, it causes different problems such as overuse of oil,
traffic jams causing earth pollution, health problems and an inefficient use of
personal time. One possible solution to these problems is carpooling, i.e.
sharing a trip on a private car of a driver with one or more passengers.
Carpooling would reduce the number of cars on streets hence providing worldwide
environmental, economical and social benefits. The matching of drivers and
passengers can be facilitated by information and communication technologies.
Typically, a driver inserts on a web-site the availability of empty seats on
his/her car for a planned trip and potential passengers can search for trips
and contact the drivers. This process is slow and can be appropriate for long
trips planned days in advance. We call this static carpooling and we note it is
not used frequently by people even if there are already many web-sites offering
this service and in fact the only real open challenge is widespread adoption.
Dynamic carpooling, on the other hand, takes advantage of the recent and
increasing adoption of Internet-connected geo-aware mobile devices for enabling
impromptu trip opportunities. Passengers request trips directly on the street
and can find a suitable ride in just few minutes. Currently there are no
dynamic carpooling systems widely used. Every attempt to create and organize
such systems failed. This paper reviews the state of the art of dynamic
carpooling. It identifies the most important issues against the adoption of
dynamic carpooling systems and the proposed solutions for such issues. It
proposes a first input on solving the problem of mass-adopting dynamic
carpooling systems.Comment: 10 pages, whitepaper, extracted from B.Sc. thesis "Dycapo: On the
creation of an open-source Server and a Protocol for Dynamic Carpooling"
(Daniel Graziotin, 2010
COST Action IC 1402 ArVI: Runtime Verification Beyond Monitoring -- Activity Report of Working Group 1
This report presents the activities of the first working group of the COST
Action ArVI, Runtime Verification beyond Monitoring. The report aims to provide
an overview of some of the major core aspects involved in Runtime Verification.
Runtime Verification is the field of research dedicated to the analysis of
system executions. It is often seen as a discipline that studies how a system
run satisfies or violates correctness properties. The report exposes a taxonomy
of Runtime Verification (RV) presenting the terminology involved with the main
concepts of the field. The report also develops the concept of instrumentation,
the various ways to instrument systems, and the fundamental role of
instrumentation in designing an RV framework. We also discuss how RV interplays
with other verification techniques such as model-checking, deductive
verification, model learning, testing, and runtime assertion checking. Finally,
we propose challenges in monitoring quantitative and statistical data beyond
detecting property violation
SmartUnit: Empirical Evaluations for Automated Unit Testing of Embedded Software in Industry
In this paper, we aim at the automated unit coverage-based testing for
embedded software. To achieve the goal, by analyzing the industrial
requirements and our previous work on automated unit testing tool CAUT, we
rebuild a new tool, SmartUnit, to solve the engineering requirements that take
place in our partner companies. SmartUnit is a dynamic symbolic execution
implementation, which supports statement, branch, boundary value and MC/DC
coverage. SmartUnit has been used to test more than one million lines of code
in real projects. For confidentiality motives, we select three in-house real
projects for the empirical evaluations. We also carry out our evaluations on
two open source database projects, SQLite and PostgreSQL, to test the
scalability of our tool since the scale of the embedded software project is
mostly not large, 5K-50K lines of code on average. From our experimental
results, in general, more than 90% of functions in commercial embedded software
achieve 100% statement, branch, MC/DC coverage, more than 80% of functions in
SQLite achieve 100% MC/DC coverage, and more than 60% of functions in
PostgreSQL achieve 100% MC/DC coverage. Moreover, SmartUnit is able to find the
runtime exceptions at the unit testing level. We also have reported exceptions
like array index out of bounds and divided-by-zero in SQLite. Furthermore, we
analyze the reasons of low coverage in automated unit testing in our setting
and give a survey on the situation of manual unit testing with respect to
automated unit testing in industry.Comment: In Proceedings of 40th International Conference on Software
Engineering: Software Engineering in Practice Track, Gothenburg, Sweden, May
27-June 3, 2018 (ICSE-SEIP '18), 10 page
Advocacy Coalition Framework Lens on Pressing Healthcare Issues
In deciding how to interpret and understand public policy, many experts use theories and frameworks to justify their reasoning. One of the most common avenue of viewing policy involves the advocacy coalition framework based on its broad applicability. This popular framework consists of banding like-minded individuals together into a coalition to advance the narrative by creating acceptable policies for their group. These coalitions normally include a wide range of professional backgrounds from interest groups, elected officials, researchers in academia. These groups utilize special events to influence subfields consisting of actors who decide the solutions for policy problems. Subfields normally are made up of key players employed in government institutions and private industrial groups who willingly agree to work toward a compromise with the goal to create policy acceptable for both sides (Cairney 2014) These coalitions influence the subfield in different ways through capitalizing on their influential power or by ignoring the alliances and mergers of the groups. This paper shall explore how advocacy coalition framework works for three pressing issues facing the healthcare industry. These three policies focus on drug pricing, heath data privacy and opioid liability. This paper will explore the policy in depth, provide historical context and the major players while outlining how the specific proposals fit in the framework as well as identifying the framework’s limitations with the policy
- …