243 research outputs found

    A formalism for describing and simulating systems with interacting components.

    Get PDF
    This thesis addresses the problem of descriptive complexity presented by systems involving a high number of interacting components. It investigates the evaluation measure of performability and its application to such systems. A new description and simulation language, ICE and it's application to performability modelling is presented. ICE (Interacting ComponEnts) is based upon an earlier description language which was first proposed for defining reliability problems. ICE is declarative in style and has a limited number of keywords. The ethos in the development of the language has been to provide an intuitive formalism with a powerful descriptive space. The full syntax of the language is presented with discussion as to its philosophy. The implementation of a discrete event simulator using an ICE interface is described, with use being made of examples to illustrate the functionality of the code and the semantics of the language. Random numbers are used to provide the required stochastic behaviour within the simulator. The behaviour of an industry standard generator within the simulator and different methods of number allocation are shown. A new generator is proposed that is a development of a fast hardware shift register generator and is demonstrated to possess good statistical properties and operational speed. For the purpose of providing a rigorous description of the language and clarification of its semantics, a computational model is developed using the formalism of extended coloured Petri nets. This model also gives an indication of the language's descriptive power relative to that of a recognised and well developed technique. Some recognised temporal and structural problems of system event modelling are identified. and ICE solutions given. The growing research area of ATM communication networks is introduced and a sophisticated top down model of an ATM switch presented. This model is simulated and interesting results are given. A generic ICE framework for performability modelling is developed and demonstrated. This is considered as a positive contribution to the general field of performability research

    A model-based approach to System of Systems risk management

    Get PDF
    The failure of many System of Systems (SoS) enterprises can be attributed to the inappropriate application of traditional Systems Engineering (SE) processes within the SoS domain, because of the mistaken belief that a SoS can be regarded as a single large, or complex, system. SoS Engineering (SoSE) is a sub-discipline of SE; Risk Management and Modelling and Simulation (M&S) are key areas within SoSE, both of which also lie within the traditional SE domain. Risk Management of SoS requires a different approach to that currently taken for individual systems; if risk is managed for each component system then it cannot be assumed that the aggregated affect will be to mitigate risk at the SoS level. A literature review was undertaken examining three themes: (1) SoS Engineering (SoSE), (2) M&S and (3) Risk. Theme 1 of the literature provided insight into the activities comprising SoSE and its difference from traditional SE with risk management identified as a key activity. The second theme discussed the application of M&S to SoS, providing an output, which supported the identification of appropriate techniques and concluding that, the inherent complexity of a SoS required the use of M&S in order to support SoSE activities. Current risk management approaches were reviewed in theme 3 as well as the management of SoS risk. Although some specific examples of the management of SoS risk were found, no mature, general approach was identified, indicating a gap in current knowledge. However, it was noted most of these examples were underpinned by M&S approaches. It was therefore concluded a general approach SoS risk management utilising M&S methods would be of benefit. In order to fill the gap identified in current knowledge, this research proposed a new model based approach to Risk Management where risk identification was supported by a framework, which combined SoS system of interest dimensions with holistic risk types, where the resulting risks and contributing factors are captured in a causal network. Analysis of the causal network using a model technique selection tool, developed as part of this research, allowed the causal network to be simplified through the replacement of groups of elements within the network by appropriate supporting models. The Bayesian Belief Network (BBN) was identified as a suitable method to represent SoS risk. Supporting models run in Monte Carlo Simulations allowed data to be generated from which the risk BBNs could learn, thereby providing a more quantitative approach to SoS risk management. A method was developed which provided context to the BBN risk output through comparison with worst and best-case risk probabilities. The model based approach to Risk Management was applied to two very different case studies: Close Air Support mission planning and the Wheat Supply Chain, UK National Food Security risks, demonstrating its effectiveness and adaptability. The research established that the SoS SoI is essential for effective SoS risk identification and analysis of risk transfer, effective SoS modelling requires a range of techniques where suitability is determined by the problem context, the responsibility for SoS Risk Management is related to the overall SoS classification and the model based approach to SoS risk management was effective for both application case studies

    Durchführbarkeitsanalyse und Validierung eines Feldbussystems mit einer großen Anzahl an Busteilnehmern mit formalen Methoden

    Get PDF
    The complexity of large scale fieldbus systems is two-fold: message-sending concurrency and emergent bus behavior. On the one hand, an increase in the number of accumulating nodes within one fieldbus system expands its message-sending concurrency; on the other hand, the growth of emergent bus behavior causes a temporary or lasting message burst on the fieldbus channel. The message sequences in turn have an increased burst behavior, aggravating the traffic density. Therefore, this dissertation evaluates the performability of large scale fieldbus systems by presenting a busload validation procedure by formal methods. The model concept is conceptualized and formulated by UMLCD and OSI Model. Furthermore, the validation procedure is formalized and structurally specified by applying the attribute hierarchy and BMW principle. Based on sorting the message-sending occurrences from the log data of a real fieldbus-based building automation system, the validation procedure is thus quantified with the real system timed-parameters. In addition, the stochastic distributions of message transmissions are determined by the goodness of fit method. The entire work is based on DSPN as formal means of descriptions and models. The corresponding Petri net communication model is hierarchically constructed, which has been further parameterized, integrated and simulated. The analysis of system complexity is provided by the programming-based extension of the Petri net communication model. In addition, the results of Monte-Carlo-Simulation have been sorted, analyzed and evaluated regarding the validation aspects of system performability. Finally, the emergent message burst generated from the function interrelations has also been observed and evaluated. The result of this work will make a formal contribution to the improvement the fieldbus specification.Insbesondere für Feldbussysteme mit einer großen Anzahl an Busteilnehmern wird die Komplexität über zwei Kenngrößen charakterisiert. Einerseits stellt die Erhöhung der Anzahl akkumulierter Feldbusknoten innerhalb eines Feldbussystems eine gestiegene Message-Sendung-Nebenläufigkeit dar. Andererseits steigt diese auch durch Zuwachs des emergenten Busverhaltens, die temporäre oder dauerhafte Nachrichtenfolgen mit sich führen. Die Nachrichtenfolgen wiederum können ein erhöhtes Burst-Verhalten auf dem Feldbus-Kanal, d.h. eine erhöhte Busauslastung verursachen. Ziel der vorliegenden Arbeit ist es, ein komplexes Feldbussystem formal zu beschreiben und ein formales Buslastvalidierungsverfahren darzustellen. Das Modellkonzept wird zunächst durch das UMLCD und das OSI-Modell formuliert, und anschließend wird das Validierungsverfahren mit der Attributhierarchie und dem BMW-Prinzip formalisiert und spezifiziert. Aufgrund der Sortierung des Sendungsverhaltens mittels Logdaten eines realen Feldbus-basierten Gebäudeautomationssystems, wird das Validierungsverfahren durch die quantitative Analyse weitergeführt. Zusätzlich werden die stochastischen Verteilungen der Sendungsverhaltene durch die Goodness-of-Fit Methode angepasst. Die gesamte Arbeit basiert auf DSPN als formales Beschreibungsmittel und Modellierungsmittel. Das entsprechende Petrinetz-Kommunikationsmodell wird vorgestellt, welches hierarchisch konstruiert, parametriert und simuliert wurde. Die Systemkomplexität wird mit Hilfe der Programmierung-basierten Erweiterung des Petrinetz-Kommunikationsmodells analysiert. Dazu werden die Monte-Carlo-Simulationsergebnisse dieses erweiterten Modells vorgestellt, analysiert und bewertet und in Bezug zu den Validierungsaspekten der Systemleistung gesetzt. Schließlich wird das erzeugte Nachrichten-Burst-Verhalten von den Funktionsverknüpfungen beobachtet und bewertet. Die Ergebnisse werden von dieser Arbeit nach der Vervollständigung der formalen Feldbusspezifikation zurückgeführt und verbessert

    Methodologies synthesis

    Get PDF
    This deliverable deals with the modelling and analysis of interdependencies between critical infrastructures, focussing attention on two interdependent infrastructures studied in the context of CRUTIAL: the electric power infrastructure and the information infrastructures supporting management, control and maintenance functionality. The main objectives are: 1) investigate the main challenges to be addressed for the analysis and modelling of interdependencies, 2) review the modelling methodologies and tools that can be used to address these challenges and support the evaluation of the impact of interdependencies on the dependability and resilience of the service delivered to the users, and 3) present the preliminary directions investigated so far by the CRUTIAL consortium for describing and modelling interdependencies

    Addressing Complexity and Intelligence in Systems Dependability Evaluation

    Get PDF
    Engineering and computing systems are increasingly complex, intelligent, and open adaptive. When it comes to the dependability evaluation of such systems, there are certain challenges posed by the characteristics of “complexity” and “intelligence”. The first aspect of complexity is the dependability modelling of large systems with many interconnected components and dynamic behaviours such as Priority, Sequencing and Repairs. To address this, the thesis proposes a novel hierarchical solution to dynamic fault tree analysis using Semi-Markov Processes. A second aspect of complexity is the environmental conditions that may impact dependability and their modelling. For instance, weather and logistics can influence maintenance actions and hence dependability of an offshore wind farm. The thesis proposes a semi-Markov-based maintenance model called “Butterfly Maintenance Model (BMM)” to model this complexity and accommodate it in dependability evaluation. A third aspect of complexity is the open nature of system of systems like swarms of drones which makes complete design-time dependability analysis infeasible. To address this aspect, the thesis proposes a dynamic dependability evaluation method using Fault Trees and Markov-Models at runtime.The challenge of “intelligence” arises because Machine Learning (ML) components do not exhibit programmed behaviour; their behaviour is learned from data. However, in traditional dependability analysis, systems are assumed to be programmed or designed. When a system has learned from data, then a distributional shift of operational data from training data may cause ML to behave incorrectly, e.g., misclassify objects. To address this, a new approach called SafeML is developed that uses statistical distance measures for monitoring the performance of ML against such distributional shifts. The thesis develops the proposed models, and evaluates them on case studies, highlighting improvements to the state-of-the-art, limitations and future work

    Self-Evaluation Applied Mathematics 2003-2008 University of Twente

    Get PDF
    This report contains the self-study for the research assessment of the Department of Applied Mathematics (AM) of the Faculty of Electrical Engineering, Mathematics and Computer Science (EEMCS) at the University of Twente (UT). The report provides the information for the Research Assessment Committee for Applied Mathematics, dealing with mathematical sciences at the three universities of technology in the Netherlands. It describes the state of affairs pertaining to the period 1 January 2003 to 31 December 2008

    Safety‐oriented discrete event model for airport A‐SMGCS reliability assessment

    Get PDF
    A detailed analysis of State of the Art Technologies and Procedures into Airport Advanced-Surface Movement Guidance and Control Systems has been provided in this thesis, together with the review ofStatistical Monte Carlo Analysis, Reliability Assessment and Petri Nets theories. This practical and theoretical background has lead the author to the conclusion that there is a lack of linkage in between these fields. At the same of time the rapid increasing of Air Traffic all over the world, has brought in evidence the urgent need of practical instruments able to identify and quantify the risks connected with Aircraft operations on the ground, since the Airport has shown to be the actual ‘bottle neck’ of the entire Air Transport System. Therefore, the only winning approach to such a critical matter has to be multi-disciplinary, sewing together apparently different subjects, coming from the most disparate areas of interest and trying to fulfil the gap. The result of this thesis work has come to a start towards the end, when a Timed Coloured Petri Net (TCPN) model of a ‘sample’ Airport A-SMGCS has been developed, that is capable of taking into account different orders of questions arisen during these recent years and tries to give them some good answers. The A-SMGCS Airport model is, in the end, a parametric tool relying on Discrete Event System theory, able to perform a Reliability Analysis of the system itself, that: • uses a Monte Carlo Analysis applied to a Timed Coloured Petri Net, whose purpose is to evaluate the Safety Level of Surface Movements along an Airport • lets the user to analyse the impact of Procedures and Reliability Indexes of Systems such as Surface Movement Radars, Automatic Dependent Surveillance-Broadcast, Airport Lighting Systems, Microwave Sensors, and so on… onto the Safety Level of Airport Aircraft Transport System • not only is a valid instrument in the Design Phase, but it is useful also into the Certifying Activities an in monitoring the Safety Level of the above mentioned System with respect to changes to Technologies and different Procedures.This TCPN model has been verified against qualitative engineering expectations by using simulation experiments and occupancy time schedules generated a priori. Simulation times are good, and since the model has been written into Simulink/Stateflow programming language, it can be compiled to run real-time in C language (Real-time workshop and Stateflow Coder), thus relying on portable code, able to run virtually on any platform, giving even better performances in terms of execution time. One of the most interesting applications of this work is the estimate, for an Airport, of the kind of A-SMGCS level of implementation needed (Technical/Economical convenience evaluation). As a matter of fact, starting from the Traffic Volume and choosing the kind of Ground Equipment to be installed, one can make predictions about the Safety Level of the System: if the value is compliant with the TLS required by ICAO, the A-SMGCS level of Implementation is sufficiently adequate. Nevertheless, even if the Level of Safety has been satisfied, some delays due to reduced or simplified performances (even if Safety is compliant) of some of the equipment (e.g. with reference to False Alarm Rates) can lead to previously unexpected economical consequences, thus requiring more accurate systems to be installed, in order to meet also Airport economical constraints. Work in progress includes the analysis of the effect of weather conditions and re-sequencing of a given schedule. The effect of re-sequencing a given schedule is not yet enough realistic since the model does not apply inter arrival and departure separations. However, the model might show some effect on different sequences based on runway occupancy times. A further developed model containing wake turbulence separation conditions would be more sensitive for this case. Hence, further work will be directed towards: • The development of On-Line Re-Scheduling based on the available actual runway/taxiway configuration and weather conditions. • The Engineering Safety Assessment of some small Italian Airport A-SMGCSs (Model validation with real data). • The application of Stochastic Differential Equations systems in order to evaluate the collision risk on the ground inside the Place alone on the Petri Net, in the event of a Short Term Conflict Alert (STCA), by adopting Reich Collision Risk Model. • Optimal Air Traffic Control Algorithms Synthesis (Adaptive look-ahead Optimization), by Dynamically Timed Coloured Petri Nets, together with the implementation of Error-Recovery Strategies and Diagnosis Functions

    OPTIMAL REQUIREMENT DETERMINATION FOR PRICING AVAILABILITY-BASED SUSTAINMENT CONTRACTS

    Get PDF
    Sustainment constitutes 70% or more of the total life-cycle cost of many safety-, mission- and infrastructure-critical systems. Prediction and control of the life-cycle cost is an essential part of all sustainment contracts. For many types of systems, availability is the most critical factor in determining the total life-cycle cost of the system. To address this, availability-based contracts have been introduced into the governmental and non-governmental acquisitions space (e.g., energy, defense, transportation, and healthcare).However, the development, implementation, and impact of availability requirements within contracts is not well understood. This dissertation develops a decision support model based on contract theory, formal modeling and stochastic optimization for availability-based contract design. By adoption and extension of the “availability payment” concept introduced for civil infrastructure Public-Private Partnerships (PPPs) and pricing for Performance-Based Logistics (PBL) contracts, this dissertation develops requirements that maximize the outcome of contracts for both parties. Under the civil infrastructure “availability payment” PPP, once the asset is available for use, the private sector begins receiving a periodical payment for the contracted number of years based on meeting performance requirements. This approach has been applied to highways, bridges, etc. The challenge is to determine the most effective requirements, metrics and payment model that protects the public interest, (i.e., does not overpay the private sector) but also minimizes that risk that the asset will become unsupported. This dissertation focuses on availability as the key required outcome for mission-critical systems and provides a methodology for finding the optimum requirements and optimum payment parameters, and introduces new metrics into availability-based contract structures. In a product-service oriented environment, formal modeling of contracts (for both the customer and the contractor) will be necessary for pricing, negotiations, and transparency. Conventional methods for simulating a system through its life cycle do not include the effect of the relationship between the contractor and customer. This dissertation integrates engineering models with the incentive structure using a game theoretic simulation, affine controller design and stochastic optimization. The model has been used to explore the optimum availability assessment window (i.e., the length of time over which availability must be assessed) for an availability-based contract
    • …
    corecore