From Knowledge Based Systems to Knowledge Sharing Technology: Evaluation and Assessment

There is no set of general guidelines to evaluate Knowledge Sharing Technology, specific ideas to evaluate user-independent ontologies in their own whole life cycle, whether their definitions are reused by KBS or they are shared among software agents. Instead of starting from the beginning, this paper discusses similarities and differences between knowledge bases and ontologies. The idea is to learn from Knowledge Base Systems' evaluation and assessment by picking up some successful ideas and adapting them to the domain of the ontologies. We also learn from its mistakes by avoiding them. The paper also describes how different agents that use ontologies with different aims have different concerns in the evaluation and assessment processes. Definitions of the terms: evaluation, verification, validation and assessment in the knowledge sharing domain are also given

SAGA: A project to automate the management of software production systems

The Software Automation, Generation and Administration (SAGA) project is investigating the design and construction of practical software engineering environments for developing and maintaining aerospace systems and applications software. The research includes the practical organization of the software lifecycle, configuration management, software requirements specifications, executable specifications, design methodologies, programming, verification, validation and testing, version control, maintenance, the reuse of software, software libraries, documentation, and automated management

PriCL: Creating a Precedent A Framework for Reasoning about Privacy Case Law

We introduce PriCL: the first framework for expressing and automatically reasoning about privacy case law by means of precedent. PriCL is parametric in an underlying logic for expressing world properties, and provides support for court decisions, their justification, the circumstances in which the justification applies as well as court hierarchies. Moreover, the framework offers a tight connection between privacy case law and the notion of norms that underlies existing rule-based privacy research. In terms of automation, we identify the major reasoning tasks for privacy cases such as deducing legal permissions or extracting norms. For solving these tasks, we provide generic algorithms that have particularly efficient realizations within an expressive underlying logic. Finally, we derive a definition of deducibility based on legal concepts and subsequently propose an equivalent characterization in terms of logic satisfiability.Comment: Extended versio

A formal proof of the Kepler conjecture

This article describes a formal proof of the Kepler conjecture on dense sphere packings in a combination of the HOL Light and Isabelle proof assistants. This paper constitutes the official published account of the now completed Flyspeck project

Formal Methods for Trustworthy Voting Systems : From Trusted Components to Reliable Software

Voting is prominently an important part of democratic societies, and its outcome may have a dramatic and broad impact on societal progress. Therefore, it is paramount that such a society has extensive trust in the electoral process, such that the system’s functioning is reliable and stable with respect to the expectations within society. Yet, with or without the use of modern technology, voting is full of algorithmic and security challenges, and the failure to address these challenges in a controlled manner may produce fundamental flaws in the voting system and potentially undermine critical societal aspects. In this thesis, we argue for a development process of voting systems that is rooted in and assisted by formal methods that produce transparently checkable evidence for the guarantees that the final system should provide so that it can be deemed trustworthy. The goal of this thesis is to advance the state of the art in formal methods that allow to systematically develop trustworthy voting systems that can be provenly verified. In the literature, voting systems are modeled in the following four comparatively separable and distinguishable layers: (1) the physical layer, (2) the computational layer, (3) the election layer, and (4) the human layer. Current research usually either mostly stays within one of those layers or lacks machine-checkable evidence, and consequently, trusted and understandable criteria often lack formally proven and checkable guarantees on software-level and vice versa. The contributions in this work are formal methods that fill in the trust gap between the principal election layer and the computational layer by a reliable translation of trusted and understandable criteria into trustworthy software. Thereby, we enable that executable procedures can be formally traced back and understood by election experts without the need for inspection on code level, and trust can be preserved to the trustworthy system. The works in this thesis all contribute to this end and consist in five distinct contributions, which are the following: (I) a method for the generation of secure card-based communication schemes, (II) a method for the synthesis of reliable tallying procedures, (III) a method for the efficient verification of reliable tallying procedures, (IV) a method for the computation of dependable election margins for reliable audits, (V) a case study about the security verification of the GI voter-anonymization software. These contributions span formal methods on illustrative examples for each of the three principal components, (1) voter-ballot box communication, (2) election method, and (3) election management, between the election layer and the computational layer. Within the first component, the voter-ballot box communication channel, we build a bridge from the communication channel to the cryptography scheme by automatically generating secure card-based schemes from a small formal model with a parameterization of the desired security requirements. For the second component, the election method, we build a bridge from the election method to the tallying procedure by (1) automatically synthesizing a runnable tallying procedure from the desired requirements given as properties that capture the desired intuitions or regulations of fairness considerations, (2) automatically generating either comprehensible arguments or bounded proofs to compare tallying procedures based on user-definable fairness properties, and (3) automatically computing concrete election margins for a given tallying procedure, the collected ballots, and the computed election result, that enable efficient election audits. Finally, for the third and final component, the election management system, we perform a case study and apply state-of-the-art verification technology to a real-world e-voting system that has been used for the annual elections of the German Informatics Society (GI – “Gesellschaft für Informatik”) in 2019. The case study consists in the formal implementation-level security verification that the voter identities are securely anonymized and the voters’ passwords cannot be leaked. The presented methods assist the systematic development and verification of provenly trustworthy voting systems across traditional layers, i.e., from the election layer to the computational layer. They all pursue the goal of making voting systems trustworthy by reliable and explainable formal requirements. We evaluate the devised methods on minimal card-based protocols that compute a secure AND function for two different decks of cards, a classical knock-out tournament and several Condorcet rules, various plurality, scoring, and Condorcet rules from the literature, the Danish national parliamentary elections in 2015, and a state-of-the-art electronic voting system that is used for the German Informatics Society’s annual elections in 2019 and following

A formal proof of the Kepler conjecture

This article describes a formal proof of the Kepler conjecture on dense sphere packings in a combination of the HOL Light and Isabelle proof assistants. This paper constitutes the official published account of the now completed Flyspeck project

Security Standards and Best Practice Considerations for Quantum Key Distribution (QKD)

Quantum Key Distribution (QKD) systems combine cryptographic primitives with quantum information theory to produce a theoretic unconditionally secure cryptographic key. However, real-world implementations of QKD systems are far from ideal and differ significantly from the theoretic model. Because of this, real-world QKD systems require additional practical considerations when implemented to achieve secure operations. In this thesis, a content analysis of the published literature is conducted to determine if established security and cryptographic standards and best practices are addressed in real world, practical QKD implementations. The research reveals that most published, real world QKD implementations do not take advantage of established security and cryptographic standards and best practices. Based upon an analysis of existing security and cryptographic standards and best practices, systems architecture methodology is used to make recommendations as to how these standards can and should be applied to establish a practical, secure, QKD system framework

The Case for Continuous Auditing of Management Information Systems

In the wake of the recent financial crisis, increasing the effectiveness of auditing has weighed heavily on the minds of those responsible for governance. When a business is profitable and paying healthy dividends to its stockholders, fraudulent activities and accounting irregularities can go unnoticed. However, when revenue and cash flow decline, internal costs and operations may be scrutinized more diligently, and discrepancies can emerge as a result. Effective Auditing for Corporates provides you with proactive advice to ..