7 research outputs found
Hierarchical Communication Diagrams
Formal modelling languages range from strictly textual ones like process algebra scripts to visual modelling languages based on hierarchical graphs like coloured Petri nets. Approaches equipped with visual modelling capabilities make developing process easier and help users to cope with more complex systems. Alvis is a modelling language that combines possibilities of formal models verification with flexibility and simplicity of practical programming languages. The paper deals with hierarchical communication diagrams - the visual layer of the Alvis modelling language. It provides all necessary information to model system structure with Alvis, to manipulate a model hierarchy and to understand a model semantics. All considered concepts are discussed using illustrative examples
Probabilistic and Epistemic Model Checking for Multi-Agent Systems
Model checking is a formal technique widely used to verify security and communication protocols in epistemic multi-agent systems against given properties. Qualitative
properties such as safety and liveliness have been widely analysed in the literature. However, systems also have quantitative and uncertain (i.e., probabilistic) properties such as degree of reliability and reachability, which still need further attention from the model checking perspective. In this dissertation, we analyse such properties and present a new method for probabilistic model checking of epistemic multi-agent
systems specified by a new probabilistic-epistemic logic PCTLK. We model multiagent systems distributed knowledge bases using probabilistic interpreted systems. We also define transformations from those interpreted systems into discrete-time Markov chains and from PCTLK formulae to PCTL formulae, an existing extension of CTL with probabilities. By so doing, we are able to convert the PCTLK model checking problem into the PCTL one. We address the problem of verifying probabilistic properties
and epistemic properties in concurrent probabilistic systems as well. We then prove that model checking a formula of PCTLK in concurrent probabilistic systems is
PSPACE-complete. Furthermore, we represent models associated with PCTLK logic symbolically with Multi-Terminal Binary Decision Diagrams (MTBDDs).
Finally, we make use of PRISM, the model checker of PCTL without adding new computation cost. Dining cryptographers protocol is implemented to show the
applicability of the proposed technique along with performance analysis and comparison in terms of execution time and state space scalability with MCK, an existing
epistemic-probabilistic model checker, and MCMAS, a model checker for multi-agent systems. Another example, NetBill protocol, is also implemented with PRISM to verify probabilistic epistemic properties and to evaluate the complexity of this verification
A formal framework for heterogeneous systems semantics
Cyber physical systems are usually complex systems which are often critical, meaning their failure can have significant negative impacts on human lives. A key point in their development is the verification and validation (V & V) activities which are used to assess their correctness towards user requirements and the associated specifications. This process aims at avoiding failure cases, thus preventing any incident or accident. In order to conduct these V & V steps on such complex systems, separations of concerns of various nature are used. In that purpose, the system is modeled using heterogeneous models that have to be combined together. The nature of these separations of concerns can be as follows: horizontal, which corresponds to a structural decomposition of the system; vertical, which corresponds to the different steps leading from the abstract specification to the concrete implementation; and transversal, which consists in gathering together the parts that are thematically identical (function, performance, security, safety...). These parts are usually expressed using domain specific modeling languages, while the V & V activities are historically conducted using testing and proofreading, and more and more often, using formal methods, which is advocated in our approach. In all these cases, the V & V activities must take into account these separations in order to provide confidence in the global system from the confidence of its sub-parts bound to the separation in question. In other words, to ensure the correctness of the system, a behavioral semantics is needed which has to rely on the ad-hoc semantics of the subsystems. In order to define it, these semantics must be successfully combined in a single formalism. This thesis stems from the GEMOC project a workbench that allows the definition of various languages along with their coordination properties, and target the formal modeling of the GEMOC core through the association of trace semantics to each preoccupation and the expression of constraints between them to encode the correct behavior of the system. This thesis follows several other works conducted under the TOPCASED, OPEES, QuarteFt, P and GEMOC projects, and provides four contributions in that global context: the first one proposes a methodology to give an operational semantics to executable models illustrated through two case studies: Petri nets and models of processes. The second one proposes a formal context on which refinement can be expressed to tackle vertical separation. The third one gives a denotational semantics to CCSL which is the language that is currently used in the GEMOC projects to express behavioural properties between events from one or several models, possibly heterogeneous. Finally, the fourth one proposes an investigation on how to extend CCSL with the notion of refinement we proposed. All these contribution are mechanized in the Agda proof assistant, and thus have been modeled and proven in a formal manner
Understanding eruption dynamics: insights from volcanic seismicity in Ecuador
Persistently active volcanoes in close proximity to society can pose a huge danger to infrastructure,
lives and the economy. Careful monitoring of volcanic seismicity is integral to
successful hazard assessment and risk management. Geophysical monitoring at active volcanoes
can provide rich datasets to examine internal systems. Specifically, seismic monitoring
offers the potential to develop real time analysis and forecasts. The generation of volcanic
seismicity has been linked to processes such as magma ascent, degassing and rock fracturing.
However, studies are often limited to individual volcanoes or specific episodes of unrest, and
so it is difficult to compare interpretations. This aim of this thesis is twofold: to develop
methodologies to better quantify and characterise volcanic seismicity, and to use these to
provide new understanding of volcanic systems, the hazards they might pose and how we
can better forecast and monitor unrest.
First, I present an extensive literature review of our current understanding of volcanic
seismicity. As there is no standardised procedure for the analysis of volcanic earthquakes,
there are inconsistent uses of techniques and ambiguous terminology. Existing studies also
tend to focus on a handful of well monitored volcanoes where dense arrays can be used to
calculate source mechanisms and depths to interpret seismic swarms. In order to address
this, I develop a thorough signal processing routine which generates a suite of metrics to
characterise a single earthquake event. These metrics can be used across a sequence of
earthquakes to track changes in the behaviour of seismicity, and distinguish different types
of earthquakes. It is developed with poorly monitored volcanoes in mind, as metrics can
be determined for signal from a single station, and even a single component instrument.
I use parameters in the time domain including amplitude, duration and cross correlation,
and compare three different approaches to calculate the quality (Q) factor, in the frequency
domain.
I then present two candidate volcanoes to apply the methodology and attempt to
describe the internal processes at each. Tungurahua and Cayambe are two relatively understudied
volcanoes and yet they are potentially the most dangerous natural hazards in
Ecuador. Tungurahua’s most recent eruptive phase (1999-2016) was explosive and persistent.
In contrast, Cayambe volcano has not erupted in over 200 years and yet has been
seismically restless in recent years. This presents an opportunity to compare the seismicity
associated with ongoing, and reawakening volcanic processes.
In chapter 4, I characterise the seismicity atTungurahua between 2012 and the final explosions
in 2016. Seismicity at Tungurahua was dominated by long-period (LP) earthquakes,
particularly episodes of highly periodic, repeating LP seismicity, known as drumbeats. In
this chapter, I show that persistent drumbeats occur in phase with cyclical Vulcanian eruptions.
These events are attributed to the initial failure and subsequent resealing of an upper
conduit plug. In each explosive episode, the signal metrics are able to distinguish a shift in
the signal properties of drumbeat LPs. In chapter 5, I focus specifically on accelerating rates
of drumbeat LPs, often considered precursors to eruptions. I use temporal statistics and a
Markov chain Monte Carlo (MCMC) approach to model three episodes of drumbeats. In one
significant episode, the last ever recorded drumbeats at Tungurahua, I show these events are
precursors to a ‘failed’ attempt at an explosion. In chapter 6 I then compare these findings at
Tungurahua, with the 2016 seismic crisis at Cayambe. Here I demonstrate the repeating LP
seismicity is likely a result of shallow hydrothermal systems, rather than surficial ‘icequakes’
or magmatic ascent. However, swarms of volcano-tectonic events (VTs) in 2016, are likely
attributed to stresses on regional faults and ascent of a new pulse of magma. Finally, I begin
to explore the complex volcano-tectonic interactions at both Tungurahua and Cayambe.
Where there are high rates of tectonic events globally, and high rates of eruptions, it is important
to distinguish causality and coincidence. VT swarms at Cayambe occur two months
after the Mw7.8 Pedernales earthquake, 200km west. Using models of static stress change I
suggest the crust at Cayambe was subject to a dilational regime, prompting resumed activity
in 2016. However, the Pedernales earthquake occurs just two months after the final eruption
at Tungurahua and yet does not appear to promote or restrict further explosive activity.
This thesis presents case studies of two active volcanoes that are subject to limited
seismic monitoring. These methods are not computationally intensive and could be readily
adopted into routine volcano monitoring, to further inform hazard assessment. Although
Cayambe and Tungurahua are neighbouring volcanoes, comparable in their rheology, they
are very different in their current dynamic state, and this is evident in the seismicity. An
enhanced understanding of these systems should inform further assessment of seismicity at
intermediate-composition, arc volcanoes
A controlled comparative evaluation of conjoint counselling and self-help behavioural treatment for sexual dysfunction
Forty-eight couples representing four of the most commonly referred forms of sexual dysfunction in this country (viz. female sexual unresponsiveness, vaginismus, premature ejaculation and erectile impotence) were treated by either a modified form of Masters and Johnson's approach (i.e. directed practice and once weekly counselling with a single therapist) or a minimal contact bibliotherapy programme, based on the same behavioural lines. Half of the couples were randomly allocated to a no treatment control condition before receiving either therapy. Treatment effects with both approaches were evident but those of the self-help approach were more circumscribed with respect to not only the sexual but also the non-sexual relationship. Thus, some evidence was obtained in support of the hypotheses that practice plus counselling would be superior to self-help in facilitating change in the general relationship and in sexual attitudes. However, a wide range of significant pre-treatment differences among the four problem subgroups comprising the sample was found. In particular, the sexually unresponsive female complainants reported less satisfaction with the general relationship, whereas the reported difficulties of those with vaginismus were less generalised, being restricted mainly to coital fears. In general higher baseline levels, i.e. less disturbance of the sexual and marital relationship, were reported by each of the two male subgroups. There was also evidence that the differential response to the two treatments was not uniform across forms of sexual dysfunction. As hypothesised, guided practice plus counselling was significantly more effective than the self-help regime in enhancing marital and sexual adjustment for female unresponsiveness. On the other hand, in contrast to other problem subgroups, vaginismus was shown to respond favourably to both treatments. In general, few significant changes with either treatment and few notable differences between treatments, were observed within the male problem subgroups. The implications of these results for the design and analysis of future treatment outcome research in this field are discussed