Reliability Analysis of Complex NASA Systems with Model-Based Engineering

The emergence of model-based engineering, with Model- Based Systems Engineering (MBSE) leading the way, is transforming design and analysis methodologies. The recognized benefits to systems development include moving from document-centric information systems and document-centric project communication to a model-centric environment in which control of design changes in the life cycles is facilitated. In addition, a single source of truth about the system, that is up-to-date in all respects of the design, becomes the authoritative source of data and information about the system. This promotes consistency and efficiency in regard to integration of the system elements as the design emerges and thereby may further optimize the design. Therefore Reliability Engineers (REs) supporting NASA missions must be integrated into model-based engineering to ensure the outputs of their analyses are relevant and value-needed to the design, development, and operational processes for failure risks assessment and communication

SafeWeb: A Middleware for Securing Ruby-Based Web Applications

Web applications in many domains such as healthcare and finance must process sensitive data, while complying with legal policies regarding the release of different classes of data to different parties. Currently, software bugs may lead to irreversible disclosure of confidential data in multi-tier web applications. An open challenge is how developers can guarantee these web applications only ever release sensitive data to authorised users without costly, recurring security audits. Our solution is to provide a trusted middleware that acts as a “safety net” to event-based enterprise web applications by preventing harmful data disclosure before it happens. We describe the design and implementation of SafeWeb, a Ruby-based middleware that associates data with security labels and transparently tracks their propagation at different granularities across a multi-tier web architecture with storage and complex event processing. For efficiency, maintainability and ease-of-use, SafeWeb exploits the dynamic features of the Ruby programming language to achieve label propagation and data flow enforcement. We evaluate SafeWeb by reporting our experience of implementing a web-based cancer treatment application and deploying it as part of the UK National Health Service (NHS)

A Historical Perspective on Runtime Assertion Checking in Software Development

This report presents initial results in the area of software testing and analysis produced as part of the Software Engineering Impact Project. The report describes the historical development of runtime assertion checking, including a description of the origins of and significant features associated with assertion checking mechanisms, and initial findings about current industrial use. A future report will provide a more comprehensive assessment of development practice, for which we invite readers of this report to contribute information

Formal transformation methods for automated fault tree generation from UML diagrams

With a growing complexity in safety critical systems, engaging Systems Engineering with System Safety Engineering as early as possible in the system life cycle becomes ever more important to ensure system safety during system development. Assessing the safety and reliability of system architectural design at the early stage of the system life cycle can bring value to system design by identifying safety issues earlier and maintaining safety traceability throughout the design phase. However, this is not a trivial task and can require upfront investment. Automated transformation from system architecture models to system safety and reliability models offers a potential solution. However, existing methods lack of formal basis. This can potentially lead to unreliable results. Without a formal basis, Fault Tree Analysis of a system, for example, even if performed concurrently with system design may not ensure all safety critical aspects of the design. [Continues.]</div

Unity and Plurality of the European Cycle

We apply uni- and multivariate unobserved components models to the study of European growth cycles. The multivariate dimension enables to search similar or, more strongly, common components among national GDP series (quarterly data from 1960 to 1999). Three successive ways to exhibit the European cycle satisfactorily converge: the direct decomposition of the aggregate European GDP; the aggregation of the member countries' national cycles; the search for common components between these national cycles. The European aggregate fluctuations reveal two distinct cyclical components, assimilated to the classical Juglar (decennial, related to investment) and Kitchin (triennial, related to inventories) cycles. The European Juglar cycle cannot be reduced to a single common component of the national cycles. It has at least a dimension of "three": it can be understood as the interference of three elementary and independent sequences of stochastic shocks, that correspond to the European geographical division. The euro-zone is not yet an optimal currency area, as the shocks generating the European cycles are not completely symmetrical. Studying the sequences of innovations extracted from the models shows that euro-zone vulnerability to strong shocks and asymmetry of these shocks tend to decrease during the last decades, but this trend is neither regular, nor irreversible.(A)symmetrical shocks, Common factors, European integration, Growth cycles, Stochastic trends, Structural time series model.

Oblivious Bounds on the Probability of Boolean Functions

This paper develops upper and lower bounds for the probability of Boolean functions by treating multiple occurrences of variables as independent and assigning them new individual probabilities. We call this approach dissociation and give an exact characterization of optimal oblivious bounds, i.e. when the new probabilities are chosen independent of the probabilities of all other variables. Our motivation comes from the weighted model counting problem (or, equivalently, the problem of computing the probability of a Boolean function), which is #P-hard in general. By performing several dissociations, one can transform a Boolean formula whose probability is difficult to compute, into one whose probability is easy to compute, and which is guaranteed to provide an upper or lower bound on the probability of the original formula by choosing appropriate probabilities for the dissociated variables. Our new bounds shed light on the connection between previous relaxation-based and model-based approximations and unify them as concrete choices in a larger design space. We also show how our theory allows a standard relational database management system (DBMS) to both upper and lower bound hard probabilistic queries in guaranteed polynomial time.Comment: 34 pages, 14 figures, supersedes: http://arxiv.org/abs/1105.281

Measurement of the cosmic ray antiproton/proton flux ratio at TeV energies with the ARGO-YBJ detector

Cosmic ray antiprotons provide an important probe to study the cosmic ray propagation in the interstellar space and to investigate the existence of dark matter. Acting the Earth-Moon system as a magnetic spectrometer, paths of primary antiprotons are deflected in the opposite sense with respect to those of the protons in their way to the Earth. This effect allows, in principle, the search for antiparticles in the direction opposite to the observed deficit of cosmic rays due to the Moon (the so-called `Moon shadow'). The ARGO-YBJ experiment, located at the Yangbajing Cosmic Ray Laboratory (Tibet, P.R. China, 4300 m a.s.l., 606 g/cm$^2$), is particularly effective in measuring the cosmic ray antimatter content via the observation of the cosmic rays shadowing effect due to: (1) good angular resolution, pointing accuracy and long-term stability; (2) low energy threshold; (3) real sensitivity to the geomagnetic field. Based on all the data recorded during the period from July 2006 through November 2009 and on a full Monte Carlo simulation, we searched for the existence of the shadow cast by antiprotons in the TeV energy region. No evidence of the existence of antiprotons is found in this energy region. Upper limits to the $\bar{p}/p$ flux ratio are set to 5 % at a median energy of 1.4 TeV and 6 % at 5 TeV with a confidence level of 90%. In the TeV energy range these limits are the lowest available.Comment: Contact authors: G. Di Sciascio ([email protected]) and R. Iuppa ([email protected]), INFN Sezione di Roma Tor Vergata, Roma, Ital

List of requirements on formalisms and selection of appropriate tools

This deliverable reports on the activities for the set-up of the modelling environments for the evaluation activities of WP5. To this objective, it reports on the identified modelling peculiarities of the electric power infrastructure and the information infrastructures and of their interdependencies, recalls the tools that have been considered and concentrates on the tools that are, and will be, used in the project: DrawNET, DEEM and EPSys which have been developed before and during the project by the partners, and M\uf6bius and PRISM, developed respectively at the University of Illinois at Urbana Champaign and at the University of Birmingham (and recently at the University of Oxford)