Event tracking for real-time unaware sensitivity analysis (EventTracker)

This is the author's accepted manuscript. The final published article is available from the link below. Copyright @ 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works.This paper introduces a platform for online Sensitivity Analysis (SA) that is applicable in large scale real-time data acquisition (DAQ) systems. Here we use the term real-time in the context of a system that has to respond to externally generated input stimuli within a finite and specified period. Complex industrial systems such as manufacturing, healthcare, transport, and finance require high quality information on which to base timely responses to events occurring in their volatile environments. The motivation for the proposed EventTracker platform is the assumption that modern industrial systems are able to capture data in real-time and have the necessary technological flexibility to adjust to changing system requirements. The flexibility to adapt can only be assured if data is succinctly interpreted and translated into corrective actions in a timely manner. An important factor that facilitates data interpretation and information modelling is an appreciation of the affect system inputs have on each output at the time of occurrence. Many existing sensitivity analysis methods appear to hamper efficient and timely analysis due to a reliance on historical data, or sluggishness in providing a timely solution that would be of use in real-time applications. This inefficiency is further compounded by computational limitations and the complexity of some existing models. In dealing with real-time event driven systems, the underpinning logic of the proposed method is based on the assumption that in the vast majority of cases changes in input variables will trigger events. Every single or combination of events could subsequently result in a change to the system state. The proposed event tracking sensitivity analysis method describes variables and the system state as a collection of events. The higher the numeric occurrence of an input variable at the trigger level during an event monitoring interval, the greater is its impact on the final analysis of the system state. Experiments were designed to compare the proposed event tracking sensitivity analysis method with a comparable method (that of Entropy). An improvement of 10% in computational efficiency without loss in accuracy was observed. The comparison also showed that the time taken to perform the sensitivity analysis was 0.5% of that required when using the comparable Entropy based method.EPSR

AVAILABILITY MODEL OF COMMUNICATION NETWORK IN CONNECTING SHIP SYSTEMS USING OPTICAL FIBRE TECHNOLOGY

For an efficient operation of a ship it is essential that all its systems work properly and reliably. In order to be able to control and monitor the systems, it is necessary to connect all of the systems’ components with a communication network. To ensure effective and reliable connecting of ship systems, all the elements which constitute the optical communication network were analysed, and the elements whish affect the most the overall system’s availability were identified. Based on these studies, a mathematical model of network has been developed. The model includes all the network’s elements, and, based on the failure data; it calculates the input data required for the analysis of network availability. A novel method of calculation has been introduced, which includes the impact factors based on the cable network construction mode. In order to enable the usage of the network model for networks of different topology, size, construction modes and purposes, a novel algorithm for calculating the communication network’s availability has been created. The availabilities of individual components and the whole network have been calculated, the impact of individual components’ availability on the availability of the system has been established, and the methods of communication networks protection have been defined. Based on the conducted researches, the behaviour of the system in the event of failures and the possibility of finding optimal and reliable modes of connecting ship systems have been determined, thus contributing to the overall reliability of ship systems and of a ship as a whole

Failure prediction for high-performance computing systems

The failure rate in high-performance computing (HPC) systems continues to escalate as the number of components in these systems increases. This affects the scalability and the performance of parallel applications in large-scale HPC systems. Fault tolerance (FT) mechanisms help mitigating the impact of failures on parallel applications. However, utilizing such mechanisms requires additional overhead. Besides, the overuse of FT mechanisms results in unnecessarily large overhead in the parallel applications. Knowing when and where failures will occur can greatly reduce the excessive overhead. As such, failure prediction is critical in order to effectively utilize FT mechanisms. In addition, it also helps in system administration and management, as the predicted failure can be handled beforehand with limited impact to the running systems. This dissertation proposes new proficiency metrics for failure prediction based on failure impact in UPC environment that the existing proficiency metrics tire unable to reflect. Furthermore, an efficient log message clustering algorithm is proposed for system event log data preprocessing and analysis. Then, two novel association rule mining approaches are introduced and employed for HPC failure prediction. Finally, the performances of the existing and the proposed association rule mining methods are compared and analyzed

Event-driven Principles and Complex Event Processing for Self-adaptive Network Analysis and Surveillance Systems

Event-driven approaches and Complex Event Processing (CEP) have the potential to aid in tackling the complex requirements and challenges of monitoring contemporary computer networks. The applicability of such methods, however, depends on, e.g., architectural considerations, data processing performance, or usability. In this thesis, we study the applicability of event-driven principles and CEP for analyzing and surveying computer networks and present ways for improving the applicability of these paradigms. The main contributions that are presented and discussed in this thesis are: an analysis of important properties of network analysis and surveillance, the introduction of a corresponding Event-driven Architecture (EDA) for addressing these requirements, the empirical evaluation of the proposed EDA using a prototype implementation, the development of cooperative and self-adaptive methods for addressing performance and usability issues, and the development of techniques for improving the integration of components implemented in different languages in event-driven systems. Assuring and maintaining the proper operation of computer networks is as crucial as assuring the proper operation of the Information Technology (IT) systems they connect. However, collecting and analyzing information about computer networks, which is required for assuring their proper operation, is increasingly challenging because of, e.g., the growing logical and spatial extent of computer networks, accelerated changes in computer network structures and network traffic, or near real-time requirements. Furthermore, a wide variety of methods for network analysis and surveillance exists and for acquiring comprehensive information at optimal resource requirements these various methods have to be combined with a converging approach. Based on the results of an analysis of important properties and requirements for network analysis and surveillance, we propose an approach which leverages event-driven paradigms such as EDA and CEP for addressing the complex mix of requirements in this field and for enabling convergence of the various existing methods. We evaluate our proposed approach with a case study and performance benchmarks using a prototype. Our results show that our approach is a good fit for addressing the complex mix of requirements and that it is feasible from a performance perspective. In contrast to other related recent research, which is limited to specific use cases, we propose a generic and versatile event-driven approach for universal network analysis and surveillance. Moreover, we present techniques for further improving network analysis and surveillance. While our general approach already constitutes an important improvement, we also propose and investigate further innovations. Based on the evaluation of our approach, we consider distributed operation, usability, performance in distributed deployments and of sensors, integration of data sources, and the interoperation of implementations in different programming languages in event-driven systems as most important aspects for further improvement. For improving the operation, usability, and performance in distributed contexts, we develop an approach for cooperative and self-adaptive data acquisition using the example of packet capturing. In order to research ways for advancing the operation of sensors and integration of data sources, we use the example of packet capturing with the Java Virtual Machine (JVM), for which we develop and analyze various improvements at various abstraction levels such as data extraction via a Domain Specific Language (DSL) or self-adaptive adjustments based on performance constraints. Even though packet capturing with the JVM was already employed in other research, these studies only consider the overall systems such that neither the specific implications of JVM-based packet capturing nor methods for improving the performance in this scenario were discussed in detail yet. Furthermore, we analyze the impact of programming language barriers in event-driven systems and present a batch-based approach for increasing the data exchange throughput. In conclusion, we improve the state-of-the-art of network analysis and surveillance. Our work aims on taking the next step towards holistic network analysis and surveillance by addressing distribution, convergence, usability, and performance aspects. We demonstrate the benefits and evaluate the applicability of event-driven data processing paradigms and show how self-adaptivity and cooperation can further improve the capabilities

A Statistical Evaluation of Risk Priority Numbers in Failure Modes and Effects Analysis Applied to the Prediction of Complex Systems

Complex systems such as military aircraft and naval ships are difficult to cost effectively maintain. Frequently, large-scale maintenance of complex systems (i.e., a naval vessel) is based on the reduction of the system to its base subcomponents and the use of manufacturer-suggested, time-directed, preventative maintenance, which is augmented during the systems lifecycle with predictive maintenance which assesses the system\u27s ability to perform its mission objectives. While preventative maintenance under certain conditions can increase reliability, preventative maintenance systems are often costly, increase down time, and allow for maintenance-induced failures, which may decrease the reliability of the system (Ebeling, 1997). This maintenance scheme ignores the complexity of the system it tries to maintain. By combining the base components or subsystems into a larger system, and introducing human interaction with the system, the complexity of the system creates a unique entity that cannot be completely understood by basing predictability of the system to perform tasks on the reduction of the system to its subcomponents. This study adds to the scholarly literature by developing a model, based on the traditional failure modes and effects analysis commonly used for research and development projects, to capture the effects of the human interaction with the system. Based on the ability of personnel assigned to operate and maintain the system, the severity of the system failure on the impact on the metasystems ability to perform its mission and the likelihood of the event of the failure to occur. Findings of the research indicate that the human interaction with the system, in as far as the ability of the personnel to repair and maintain the system, is a vital component in the ability to predict likelihood of the system failure and the prioritization of the risk of system failure, may be adequately captured for analysis through use of expert opinion elicitation. The use of the expert\u27s opinions may provide additional robustness to the modeling and analysis of system behavior in the event that failure occurs

Real time, Non-Intrusive Instrumentation & Monitoring of Standards-based Event-based Middleware

poster abstractStandards-based middleware, such as the Common Object Request Broker Architecture (CORBA) Component Model and the Data Distribution Service, support event-based services for decoupled, asynchronous messaging between software components in a distributed system. The messaging models use the publisher-subscriber paradigm where one or more subscribers can subscribe to events from one or more publishers. The advantage of this paradigm is neither the publisher nor subscriber needs to be aware of the other. Instead, either entity is only concerned with the publication or receipt of an event. A critical aspect of these systems, however, is their instrumentation for analysis purposes, like monitoring its performance, state, and behavior to ensure the system is executing as expected. Traditionally, instrumenting such systems relied on intrusive instrumentation approaches, where developer inserted code snippets into the source code to collect the information needed. This means that developers must understand the original code, run the risk of inserting malicious code, and intermix code related to instrumentation with the normal business logic. Moreover, as the normal business logic evolves, the instrumentation code must also evolve. This can become a burden on developers until the business logic become less volatile. To overcome this complexity, we present Dynamic Event Monitor, a tool that can non-intrusively instrument and monitor events in a large scale distributed system at run time, using dynamic binary instrumentation. It operates in contexts without any a priori knowledge of the concrete events in the system, or how the system is composed. We have applied Dynamic Event Monitor to applications implemented in CORBA. Our results show that once the application is completely instrumented, the performance impact of actually monitoring events is minimal. For the applications we have tested, the instrumentation time is about 30-45 seconds and the time for real-time monitoring of events is about 2 milliseconds

Architecture Level Safety Analyses for Safety-Critical Systems

The dependency of complex embedded Safety-Critical Systems across Avionics and Aerospace domains on their underlying software and hardware components has gradually increased with progression in time. Such application domain systems are developed based on a complex integrated architecture, which is modular in nature. Engineering practices assured with system safety standards to manage the failure, faulty, and unsafe operational conditions are very much necessary. System safety analyses involve the analysis of complex software architecture of the system, a major aspect in leading to fatal consequences in the behaviour of Safety-Critical Systems, and provide high reliability and dependability factors during their development. In this paper, we propose an architecture fault modeling and the safety analyses approach that will aid in identifying and eliminating the design flaws. The formal foundations of SAE Architecture Analysis & Design Language (AADL) augmented with the Error Model Annex (EMV) are discussed. The fault propagation, failure behaviour, and the composite behaviour of the design flaws/failures are considered for architecture safety analysis. The illustration of the proposed approach is validated by implementing the Speed Control Unit of Power-Boat Autopilot (PBA) system. The Error Model Annex (EMV) is guided with the pattern of consideration and inclusion of probable failure scenarios and propagation of fault conditions in the Speed Control Unit of Power-Boat Autopilot (PBA). This helps in validating the system architecture with the detection of the error event in the model and its impact in the operational environment. This also provides an insight of the certification impact that these exceptional conditions pose at various criticality levels and design assurance levels and its implications in verifying and validating the designs

Security Analysis of System Behaviour - From "Security by Design" to "Security at Runtime" -

The Internet today provides the environment for novel applications and processes which may evolve way beyond pre-planned scope and purpose. Security analysis is growing in complexity with the increase in functionality, connectivity, and dynamics of current electronic business processes. Technical processes within critical infrastructures also have to cope with these developments. To tackle the complexity of the security analysis, the application of models is becoming standard practice. However, model-based support for security analysis is not only needed in pre-operational phases but also during process execution, in order to provide situational security awareness at runtime. This cumulative thesis provides three major contributions to modelling methodology. Firstly, this thesis provides an approach for model-based analysis and verification of security and safety properties in order to support fault prevention and fault removal in system design or redesign. Furthermore, some construction principles for the design of well-behaved scalable systems are given. The second topic is the analysis of the exposition of vulnerabilities in the software components of networked systems to exploitation by internal or external threats. This kind of fault forecasting allows the security assessment of alternative system configurations and security policies. Validation and deployment of security policies that minimise the attack surface can now improve fault tolerance and mitigate the impact of successful attacks. Thirdly, the approach is extended to runtime applicability. An observing system monitors an event stream from the observed system with the aim to detect faults - deviations from the specified behaviour or security compliance violations - at runtime. Furthermore, knowledge about the expected behaviour given by an operational model is used to predict faults in the near future. Building on this, a holistic security management strategy is proposed. The architecture of the observing system is described and the applicability of model-based security analysis at runtime is demonstrated utilising processes from several industrial scenarios. The results of this cumulative thesis are provided by 19 selected peer-reviewed papers

Architectural Design of a Safe Mission Manager for Unmanned Aircraft Systems

[EN] Civil Aviation Authorities are elaborating a new regulatory framework for the safe operation of Unmanned Aircraft Systems (UAS). Current proposals are based on the analysis of the specific risks of the operation as well as on the definition of some risk mitigation measures. In order to achieve the target level of safety, we propose increasing the level of automation by providing the on-board system with Automated Contingency Management functions. The aim of the resulting Safe Mission Manager System is to autonomously adapt to contingency events while still achieving mission objectives through the degradation of mission performance. In this paper, we discuss some of the architectural issues in designing this system. The resulting architecture makes a conceptual differentiation between event monitoring, decision-making on a policy for dealing with contingencies and the execution of the corresponding policy. We also discuss how to allocate the different Safe Mission Manager components to a partitioned, Integrated Modular Avionics architecture. Finally, determinism and predictability are key aspects in contingency management due to their overall impact on safety. For this reason, we model and verify the correctness of a contingency management policy using formal methods.This work was supported by the Spanish Regional Government "Generalitat Valenciana" under contract ACIF/2016/197.Usach Molina, H.; Vila Carbó, JA.; Torens, C.; Adolf, FM. (2018). Architectural Design of a Safe Mission Manager for Unmanned Aircraft Systems. Journal of Systems Architecture. 90:94-108. https://doi.org/10.1016/j.sysarc.2018.09.003S941089