Optimizing a Multi-State Cold-Standby System with Multiple Vacations in the Repair and Loss of Units

A complex multi-state redundant system with preventive maintenance subject to multiple events is considered. The online unit can undergo several types of failure: both internal and those provoked by external shocks. Multiple degradation levels are assumed as both internal and external. Degradation levels are observed by random inspections and, if they are major, the unit goes to a repair facility where preventive maintenance is carried out. This repair facility is composed of a single repairperson governed by a multiple vacation policy. This policy is set up according to the operational number of units. Two types of task can be performed by the repairperson, corrective repair and preventive maintenance. The times embedded in the system are phase type distributed and the model is built by using Markovian Arrival Processes with marked arrivals. Multiple performance measures besides the transient and stationary distribution are worked out through matrix-analytic methods. This methodology enables us to express the main results and the global development in a matrix-algorithmic form. To optimize the model, costs and rewards are included. A numerical example shows the versatility of the model

Software Reliability Modeling

International audienceSoftware Reliability Modelin

Availability modeling and evaluation of web-based services - A pragmatic approach

Cette thèse porte sur le développement d’une approche de modélisation pragmatique permettant aux concepteurs d’applications et systèmes mis en oeuvre sur le web d’évaluer la disponibilité du service fourni aux utilisateurs. Plusieurs sources d’indisponibilité du service sont prises en compte, en particulier i) les défaillances matérielles ou logicielles affectant les serveurs et ii) des dégradations de performance (surcharge des serveurs, temps de réponse trop long, etc.). Une approche hiérarchique multi-niveau basée sur une modélisation de type performabilité est proposée, combinant des chaînes de Markov et des modèles de files d’attente. Les principaux concepts et la faisabilité de cette approche sont illustrés à travers l’exemple d’une agence de voyage. Plusieurs modèles analytiques et études de sensibilité sont présentés en considérant différentes hypothèses concernant l’architecture, les stratégies de recouvrement, les fautes, les profils d’utilisateurs, et les caractéristiques du trafic. ABSTRACT : This thesis presents a pragmatic modeling approach allowing designers of web-based applications and systems to evaluate the service availability provided to the users. Multiple sources of service unavailability are taken into account, in particular i) hardware and software failures affecting the servers, and ii) performance degradation (overload of servers, very long response time, etc.). An hierarchical multi-level approach is proposed based on performability modeling, combining Markov chains and queueing models. The main concepts and the feasibility of this approach are illustrated using a web-based travel agency. Various analytical models and sensitivity studies are presented considering different assumptions with respect to the architectures, recovery strategies, faults, users profile and traffic characteristics

Markov and Semi-markov Chains, Processes, Systems and Emerging Related Fields

This book covers a broad range of research results in the field of Markov and Semi-Markov chains, processes, systems and related emerging fields. The authors of the included research papers are well-known researchers in their field. The book presents the state-of-the-art and ideas for further research for theorists in the fields. Nonetheless, it also provides straightforwardly applicable results for diverse areas of practitioners

Towards Optimal IT Availability Planning: Methods and Tools

The availability of an organisation’s IT infrastructure is of vital importance for supporting business activities. IT outages are a cause of competitive liability, chipping away at a company financial performance and reputation. To achieve the maximum possible IT availability within the available budget, organisations need to carry out a set of analysis activities to prioritise efforts and take decisions based on the business needs. This set of analysis activities is called IT availability planning. Most (large) organisations address IT availability planning from one or more of the three main angles: information risk management, business continuity and service level management. Information risk management consists of identifying, analysing, evaluating and mitigating the risks that can affect the information processed by an organisation and the information-processing (IT) systems. Business continuity consists of creating a logistic plan, called business continuity plan, which contains the procedures and all the useful information needed to recover an organisations’ critical processes after major disruption. Service level management mainly consists of organising, documenting and ensuring a certain quality level (e.g. the availability level) for the services offered by IT systems to the business units of an organisation. There exist several standard documents that provide the guidelines to set up the processes of risk, business continuity and service level management. However, to be as generally applicable as possible, these standards do not include implementation details. Consequently, to do IT availability planning each organisation needs to develop the concrete techniques that suit its needs. To be of practical use, these techniques must be accurate enough to deal with the increasing complexity of IT infrastructures, but remain feasible within the budget available to organisations. As we argue in this dissertation, basic approaches currently adopted by organisations are feasible but often lack of accuracy. In this thesis we propose a graph-based framework for modelling the availability dependencies of the components of an IT infrastructure and we develop techniques based on this framework to support availability planning. In more detail we present: 1. the Time Dependency model, which is meant to support IT managers in the selection of a cost-optimal set of countermeasures to mitigate availability-related IT risks; 2. the Qualitative Time Dependency model, which is meant to be used to systematically assess availability-related IT risks in combination with existing risk assessment methods; 3. the Time Dependency and Recovery model, which provides a tool for IT managers to set or validate the recovery time objectives on the components of an IT architecture, which are then used to create the IT-related part of a business continuity plan; 4. A2THOS, to verify if availability SLAs, regulating the provisioning of IT services between business units of the same organisation, can be respected when the implementation of these services is partially outsourced to external companies, and to choose outsourcing offers accordingly. We run case studies with the data of a primary insurance company and a large multinational company to test the proposed techniques. The results indicate that organisations such as insurance or manufacturing companies, which use IT to support their business can benefit from the optimisation of the availability of their IT infrastructure: it is possible to develop techniques that support IT availability planning while guaranteeing feasibility within budget. The framework we propose shows that the structure of the IT architecture can be practically employed with such techniques to increase their accuracy over current practice

An Explanatory Model of Motivation for Cyber-Attacks Drawn from Criminological Theories

A new influence model for Cyber Security is presented that deals with security attacks and implementation of security measures from an attacker's perspective. The underlying hypothesis of this model is that Criminological theories of Rational Choice, Desire for Control, and Low Self-Control are relevant to cybercrime and thereby aid in the understanding its basic Motivation. The model includes the roles of Consequences, Moral Beliefs such as Shame and Embarrassment together with Formal Sanctions in deterring cybercrime, as well as role of Defense Posture to limit the Opportunity to attack and increase the likelihood that an attacker will be detected and exposed. One of the motivations of the study was the observation that few attempts have been made to understand cybercrime, in the context of typical crime because: (a) an attacker may consider his actions as victimless due to remoteness of the victim; (b) ease to commit cybercrimes due to opportunities afforded by the Internet and its accessibility, and readily available tools and knowledge for an attack; and (c) vagueness of cybercrime laws that makes prosecution difficult. In developing the model, information from studies in classical crime was related to Cybercrime allowing for analysis of past cyber-attacks, and subsequently preventing future IS attacks, or mitigating their effects. The influence model's applicability is demonstrated by applying it to case studies of actual information attacks which were prosecuted through the United States Courts, and whose judges' opinions are used for statements of facts. Additional, demonstration of the use and face validity of the model is through the mapping of the model to major annual surveys' and reports' results of computer crime. The model is useful in qualitatively explaining "best practices" in protecting information assets and in suggesting emphasis on security practices based on similar results in general criminology