Seismic response to evolving injection at the Rotokawa geothermal field, New Zealand

Catalogs of microseismicity are routinely compiled at geothermal reservoirs and provide valuable insights into reservoir structure and fluid movement. Hypocentral locations are typically used to infer the orientations of structures and constrain the extent of the permeable reservoir. However, frequency-magnitude distributions may contain additional, and underused, information about the distribution of pressure. Here, we present a four-year catalog of seismicity for the Rotokawa geothermal field in the central Taupō Volcanic Zone, New Zealand starting two years after the commissioning of the 140 MWe Nga Awa Purua power station. Using waveform-correlation-based signal detection we double the size of the previous earthquake catalog, refine the location and orientation of two reservoir faults and identify a new structure. We find the rate of seismicity to be insensitive to major changes in injection strategy during the study period, including the injectivity decline and shift of injection away from the dominant injector, RK24. We also map the spatial distribution of the earthquake frequency-magnitude distribution, or b-value, and show that it increases from ∼1.0 to ∼1.5 with increasing depth below the reservoir. As has been proposed at other reservoirs, we infer that these spatial variations reflect the distribution of pressure in the reservoir, where areas of high b-value correspond to areas of high pore-fluid pressure and a broad distribution of activated fractures. This analysis is not routinely conducted by geothermal operators but shows promise for using earthquake b-value as an additional tool for reservoir monitoring and management

Security Testing: A Survey

Identifying vulnerabilities and ensuring security functionality by security testing is a widely applied measure to evaluate and improve the security of software. Due to the openness of modern software-based systems, applying appropriate security testing techniques is of growing importance and essential to perform effective and efficient security testing. Therefore, an overview of actual security testing techniques is of high value both for researchers to evaluate and refine the techniques and for practitioners to apply and disseminate them. This chapter fulfills this need and provides an overview of recent security testing techniques. For this purpose, it first summarize the required background of testing and security engineering. Then, basics and recent developments of security testing techniques applied during the secure software development lifecycle, i.e., model-based security testing, code-based testing and static analysis, penetration testing and dynamic analysis, as well as security regression testing are discussed. Finally, the security testing techniques are illustrated by adopting them for an example three-tiered web-based business application

Fault diversity among off-the-shelf SQL database servers

Fault tolerance is often the only viable way of obtaining the required system dependability from systems built out of "off-the-shelf" (OTS) products. We have studied a sample of bug reports from four off-the-shelf SQL servers so as to estimate the possible advantages of software fault tolerance - in the form of modular redundancy with diversity - in complex off-the-shelf software. We checked whether these bugs would cause coincident failures in more than one of the servers. We found that very few bugs affected two of the four servers, and none caused failures in more than two. We also found that only four of these bugs would cause identical, undetectable failures in two servers. Therefore, a fault-tolerant server, built with diverse off-the-shelf servers, seems to have a good chance of delivering improvements in availability and failure rates compared with the individual off-the-shelf servers or their replicated, nondiverse configurations

Model-Based Verification for SIMULINK Design

Testing a Model-Based design is the only way to determine the correctness of the designed model but not enough to conclude that the design is error free. Verification exposes all the design errors and describes the functionality of the system. Assertion based verification helps to determine whether the model obey the actual design requirements. This thesis work is mainly based on verification of a Water Tank control system modeling using SIMULINK model

Robustness-Driven Resilience Evaluation of Self-Adaptive Software Systems

An increasingly important requirement for certain classes of software-intensive systems is the ability to self-adapt their structure and behavior at run-time when reacting to changes that may occur to the system, its environment, or its goals. A major challenge related to self-adaptive software systems is the ability to provide assurances of their resilience when facing changes. Since in these systems, the components that act as controllers of a target system incorporate highly complex software, there is the need to analyze the impact that controller failures might have on the services delivered by the system. In this paper, we present a novel approach for evaluating the resilience of self-adaptive software systems by applying robustness testing techniques to the controller to uncover failures that can affect system resilience. The approach for evaluating resilience, which is based on probabilistic model checking, quantifies the probability of satisfaction of system properties when the target system is subject to controller failures. The feasibility of the proposed approach is evaluated in the context of an industrial middleware system used to monitor and manage highly populated networks of devices, which was implemented using the Rainbow framework for architecture-based self-adaptation

Fault tolerance via diversity for off-the-shelf products: A study with SQL database servers

If an off-the-shelf software product exhibits poor dependability due to design faults, then software fault tolerance is often the only way available to users and system integrators to alleviate the problem. Thanks to low acquisition costs, even using multiple versions of software in a parallel architecture, which is a scheme formerly reserved for few and highly critical applications, may become viable for many applications. We have studied the potential dependability gains from these solutions for off-the-shelf database servers. We based the study on the bug reports available for four off-the-shelf SQL servers plus later releases of two of them. We found that many of these faults cause systematic noncrash failures, which is a category ignored by most studies and standard implementations of fault tolerance for databases. Our observations suggest that diverse redundancy would be effective for tolerating design faults in this category of products. Only in very few cases would demands that triggered a bug in one server cause failures in another one, and there were no coincident failures in more than two of the servers. Use of different releases of the same product would also tolerate a significant fraction of the faults. We report our results and discuss their implications, the architectural options available for exploiting them, and the difficulties that they may present

Seismic Response to Injection Well Stimulation in a High-Temperature, High-Permeability Reservoir

Fluid injection into the Earth's crust can induce seismic events that cause damage to local infrastructure but also offer valuable insight into seismogenesis. The factors that influence the magnitude, location, and number of induced events remain poorly understood but include injection flow rate and pressure as well as reservoir temperature and permeability. The relationship between injection parameters and injection-induced seismicity in high-temperature, high-permeability reservoirs has not been extensively studied. Here we focus on the Ngatamariki geothermal field in the central Taupō Volcanic Zone, New Zealand, where three stimulation/injection tests have occurred since 2012. We present a catalog of seismicity from 2012 to 2015 created using a matched-filter detection technique. We analyze the stress state in the reservoir during the injection tests from first motion-derived focal mechanisms, yielding an average direction of maximum horizontal compressive stress (SHmax) consistent with the regional NE-SW trend. However, there is significant variation in the direction of maximum compressive stress (σ1), which may reflect geological differences between wells. We use the ratio of injection flow rate to overpressure, referred to as injectivity index, as a proxy for near-well permeability and compare changes in injectivity index to spatiotemporal characteristics of seismicity accompanying each test. Observed increases in injectivity index are generally poorly correlated with seismicity, suggesting that the locations of microearthquakes are not coincident with the zone of stimulation (i.e., increased permeability). Our findings augment a growing body of work suggesting that aseismic opening or slip, rather than seismic shear, is the active process driving well stimulation in many environments

Link-time smart card code hardening

This paper presents a feasibility study to protect smart card software against fault-injection attacks by means of link-time code rewriting. This approach avoids the drawbacks of source code hardening, avoids the need for manual assembly writing, and is applicable in conjunction with closed third-party compilers. We implemented a range of cookbook code hardening recipes in a prototype link-time rewriter and evaluate their coverage and associated overhead to conclude that this approach is promising. We demonstrate that the overhead of using an automated link-time approach is not significantly higher than what can be obtained with compile-time hardening or with manual hardening of compiler-generated assembly code