Quantitative Verification: Formal Guarantees for Timeliness, Reliability and Performance

Computerised systems appear in almost all aspects of our daily lives, often in safety-critical scenarios such as embedded control systems in cars and aircraft or medical devices such as pacemakers and sensors. We are thus increasingly reliant on these systems working correctly, despite often operating in unpredictable or unreliable environments. Designers of such devices need ways to guarantee that they will operate in a reliable and efficient manner. Quantitative verification is a technique for analysing quantitative aspects of a system's design, such as timeliness, reliability or performance. It applies formal methods, based on a rigorous analysis of a mathematical model of the system, to automatically prove certain precisely specified properties, e.g. ``the airbag will always deploy within 20 milliseconds after a crash'' or ``the probability of both sensors failing simultaneously is less than 0.001''. The ability to formally guarantee quantitative properties of this kind is beneficial across a wide range of application domains. For example, in safety-critical systems, it may be essential to establish credible bounds on the probability with which certain failures or combinations of failures can occur. In embedded control systems, it is often important to comply with strict constraints on timing or resources. More generally, being able to derive guarantees on precisely specified levels of performance or efficiency is a valuable tool in the design of, for example, wireless networking protocols, robotic systems or power management algorithms, to name but a few. This report gives a short introduction to quantitative verification, focusing in particular on a widely used technique called model checking, and its generalisation to the analysis of quantitative aspects of a system such as timing, probabilistic behaviour or resource usage. The intended audience is industrial designers and developers of systems such as those highlighted above who could benefit from the application of quantitative verification,but lack expertise in formal verification or modelling

Mapping domain characteristics influencing Analytics initiatives: The example of Supply Chain Analytics

Purpose: Analytics research is increasingly divided by the domains Analytics is applied to. Literature offers little understanding whether aspects such as success factors, barriers and management of Analytics must be investigated domain-specific, while the execution of Analytics initiatives is similar across domains and similar issues occur. This article investigates characteristics of the execution of Analytics initiatives that are distinct in domains and can guide future research collaboration and focus. The research was conducted on the example of Logistics and Supply Chain Management and the respective domain-specific Analytics subfield of Supply Chain Analytics. The field of Logistics and Supply Chain Management has been recognized as early adopter of Analytics but has retracted to a midfield position comparing different domains. Design/methodology/approach: This research uses Grounded Theory based on 12 semi-structured Interviews creating a map of domain characteristics based of the paradigm scheme of Strauss and Corbin. Findings: A total of 34 characteristics of Analytics initiatives that distinguish domains in the execution of initiatives were identified, which are mapped and explained. As a blueprint for further research, the domain-specifics of Logistics and Supply Chain Management are presented and discussed. Originality/value: The results of this research stimulates cross domain research on Analytics issues and prompt research on the identified characteristics with broader understanding of the impact on Analytics initiatives. The also describe the status-quo of Analytics. Further, results help managers control the environment of initiatives and design more successful initiatives.DFG, 414044773, Open Access Publizieren 2019 - 2020 / Technische Universität Berli

Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS - a collection of Technical Notes Part 1

This report provides an introduction and overview of the Technical Topic Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS (Tigars) project. These notes aim to support the development and evaluation of autonomous vehicles. Part 1 addresses: Assurance-overview and issues, Resilience and Safety Requirements, Open Systems Perspective and Formal Verification and Static Analysis of ML Systems. Part 2: Simulation and Dynamic Testing, Defence in Depth and Diversity, Security-Informed Safety Analysis, Standards and Guidelines

An Empirical Study of the Effectiveness of 'Forcing Diversity' Based on a Large Population of Diverse Programs

Use of diverse software components is a viable defence against common-mode failures in redundant softwarebased systems. Various forms of "Diversity-Seeking Decisions" (“DSDs”) can be applied to the process of developing, or procuring, redundant components, to improve the chances of the resulting components not failing on the same demands. An open question is how effective these decisions, and their combinations, are for achieving large enough reliability gains. Using a large population of software programs, we studied experimentally the effectiveness of specific "DSDs" (and their combinations) mandating differences between redundant components. Some of these combinations produced much better improvements in system probability of failure per demand (PFD) than "uncontrolled" diversity did. Yet, our findings suggest that the gains from such "DSDs" vary significantly between them and between the application problems studied. The relationship between DSDs and system PFD is complex and does not allow for simple universal rules (e.g. "the more diversity the better") to apply