An Incremental Approach to Identifying Causes of System Failures using Fault Tree Analysis

This work presents a systematic, incremental approach to identifying causes of potential failures in complex systems. The approach builds upon Fault Tree Analysis (FTA), but enhances previous work to deliver better results. FTA has been applied in a number of domains to determine what combinations of events might lead to a specified undesired event that represents a system failure. Given an undesired event, FTA constructs a fault tree (FT) and computes its cut sets, the sets of events that together could cause the undesired event. Such cut sets provide valuable insights into how to improve the design of the system being analyzed to reduce the likelihood of the failure. Manual FT construction can be tedious and error-prone. Previous approaches to automatic FT construction are limited to systems modeled in specific modeling languages and often fail to recognize some important causes of failures. Also, these approaches tend to not provide enough information to help users understand how the events in a cut set could lead to the specified undesired event and, at the same time, often provide too many cut sets to be helpful, especially when systems are large and complex. Our approach to identifying causes of potential system failures is incremental and consists of two phases that support selective exploration. In the first phase, a high-level FT, called the initial FT, is constructed based on the system\u27s data and control dependence information and then the initial FT\u27s cut sets, called the initial cut sets, are computed. In the second phase, users select one initial cut set for more detailed analysis. In this detailed analysis, additional control dependence information is incorporated and error combinations are considered to construct a more detailed FT, called the elaborated FT, that focuses on the chosen initial cut set. The cut sets of the elaborated FT, called the elaborated cut sets, are then computed, and concrete scenarios are generated to show how events in each of those elaborated cut sets could cause the specified undesired event. Our approach is applicable to any system model that incorporates control and data dependence information. The approach also improves the precision of the results by automatically eliminating some inconsistent and spurious cut sets

Modeling and Analyzing Faults to Improve Election Process Robustness

This paper presents an approach for continuous process improvement and illustrates its application to improving the robustness of election processes. In this approach, the Little-JIL process definition language is used to create a precise and detailed model of an election process. Given this process model and a potential undesirable event, or hazard, a fault tree is automatically derived. Fault tree analysis is then used to automatically identify combinations of failures that might allow the selected potential hazard to occur. Once these combinations have been identified, we iteratively improve the process model to increase the robustness of the election process against those combinations that seem the most likely to occur. We demonstrate this approach for the Yolo County election process. We focus our analysis on the ballot counting process and what happens when a discrepancy is found during the count. We identify two single points of failure (SPFs) in this process and propose process modifications that we then show remove these SPFs

Generating Natural-language Process Descriptions from Formal Process Definitions

ABSTRACT Process models are often used to support the understanding and analysis of complex systems. The accuracy of such process models usually requires that domain experts carefully review, evaluate, correct, and propose improvements to these models. Domain experts, however, are often not experts in process modeling and may not even have any programming experience. Consequently, domain experts may not have the skills to understand the process models except at a relatively superficial level. To address this issue, we have developed an approach for automatically generating natural-language process descriptions based on formal process models. Unlike natural language process descriptions in existing electronic process guides, these process descriptions are generated completely automatically and can describe complex process features, such as exception handling, concurrency, and non-determinisitc choice. The generated process descriptions have been well-received by domain experts from several different fields, and they have also proven useful to process programmers

Model-Based Guidance for Human-Intensive Processes

Human-intensive processes (HIPs), such as medical processes involving coordination among doctors, nurses, and other medical staff, often play a critical role in society. Despite considerable work and progress in error reduction, human errors are still a major concern for many HIPs. To address this problem of human errors in HIPs, this thesis investigates two approaches for online process guidance, i.e., for guiding process performers while a process is being executed. Both approaches rely on monitoring a process execution and base the guidance they provide on a detailed formal process model that captures the recommended ways to perform the corresponding HIP. The first approach, which we call deviation detection and explanation, automatically detects when an executing HIP deviates from a set of recommended executions of that HIP, as specified by the process model. Such deviations could represent errors and, thus, detecting and reporting deviations as they occur could help catch errors before something bad happens. The approach also provides information to help explain a detected deviation to assist process performers with identifying potential errors and with planning recovery from these errors. The second approach, which we call process state visualization, proactively guides process performers by showing them information relevant to the current process execution, such as the activities that need to be performed at each point of that process execution. The goal of the process state visualization approach is to reduce the number of human errors. The major contributions of this work can be summarized as follows: -- Compared the relative strengths and weaknesses of several techniques for process elicitation and process model validation to help create correct and sufficiently complete process models needed for the proposed online process guidance approaches. -- Developed an approach for deviation detection and explanation and evaluated it with realistic process models and synthetic process executions with seeded errors. * Recognized delayed deviation detection as a potential obstacle for the approach and investigated its frequency and consequences. -- Developed an initial approach for visualization of process execution state and demonstrated it on a medical case study

Data base management system analysis and performance testing with respect to NASA requirements

Several candidate Data Base Management Systems (DBM's) that could support the NASA End-to-End Data System's Integrated Data Base Management System (IDBMS) Project, later rescoped and renamed the Packet Management System (PMS) were evaluated. The candidate DBMS systems which had to run on the Digital Equipment Corporation VAX 11/780 computer system were ORACLE, SEED and RIM. Oracle and RIM are both based on the relational data base model while SEED employs a CODASYL network approach. A single data base application which managed stratospheric temperature profiles was studied. The primary reasons for using this application were an insufficient volume of available PMS-like data, a mandate to use actual rather than simulated data, and the abundance of available temperature profile data

A study of systems implementation languages for the POCCNET system

The results are presented of a study of systems implementation languages for the Payload Operations Control Center Network (POCCNET). Criteria are developed for evaluating the languages, and fifteen existing languages are evaluated on the basis of these criteria

The design and implementation of the VRPML support environment.

Proses pembangunan penslan berkait rapat dengan turutan langkah yang mesti dilakukan oleh jurutera perisian untuk memenuhi matlamat kejuruteraan perisian. Untuk menghasilkan proses yang tepat dan lengkap, proses pembangunan perisian boleh dimodel dan dilari menggunakan bahasa pennodelan (PML) dengan dibantu oleh sistem proses bantuan (PSEE). Software processes relate to the sequences of steps that must be performed by software engineers in order to pursue the goals of software engineering. In order to have an accurate representation and implementation of what the actual steps are, software processes may be modeled and enacted by a process modeling language (PML) and its process support system (called the Process Centered Environments i.e. PSEE)

Variation in Human-Intensive Systems: a Conceptual Framework for Characterizing, Modeling, and Analyzing Families of Systems

A system model---namely a formal definition of the coordination of people, hardware devices, and software components performing activities, using resources and artifacts, and producing various outputs---can aid understanding of the real-world system it models. Complex real-world systems, however, exhibit considerable amounts of variation that can be difficult or impossible to represent within a single model. This dissertation evaluates the hypothesis that the careful characterization and representation of system variation can aid in the generation and analysis of concrete system instances related to one another in specified ways and manifesting different kinds of variation. When a set of closely related systems can be characterized by a compelling set-membership criterion, it is often useful and appropriate to characterize the set as a family of systems. In this dissertation, a variety of system variation requirements and corresponding needs for family specification criteria are identified. We focus on two specific kinds of variation, namely functional and agent variation, and suggest an approach for meeting these needs both at the level of requirements specification (problem-level variation), as well as at the level of implementation specification (solution-level variation). We present a framework for generating and analyzing new system instances, using the Little-JIL process definition language as an experimental vehicle to study what process definition language capabilities are necessary to support the explicit modeling of variation at the solution level, and thereby to address needs at the problem level. We define a formal notation for specifying functional and agent variation in human-intensive processes and describe a prototype system to accommodate this specification within an existing modeling framework. Once a family of systems is formally defined and characterized at the solution level, different analysis techniques can be applied to make assurances that all members of the family share certain kinds of properties. These analysis results can then be used to inform variation needs at the problem level. To evaluate the applicability of the approach, we study and model the variation observed in two real-world, human-intensive systems from the domains of conflict resolution and elections. Both case study domains have been observed to employ functional variants of their processes, and, given their complex coordination of human and software agents, both domains require agent variation, therefore fostering a fruitful application of our approach