Context-aware adaptation in DySCAS

DySCAS is a dynamically self-configuring middleware for automotive control systems. The addition of autonomic, context-aware dynamic configuration to automotive control systems brings a potential for a wide range of benefits in terms of robustness, flexibility, upgrading etc. However, the automotive systems represent a particularly challenging domain for the deployment of autonomics concepts, having a combination of real-time performance constraints, severe resource limitations, safety-critical aspects and cost pressures. For these reasons current systems are statically configured. This paper describes the dynamic run-time configuration aspects of DySCAS and focuses on the extent to which context-aware adaptation has been achieved in DySCAS, and the ways in which the various design and implementation challenges are met

On the tailoring of CAST-32A certification guidance to real COTS multicore architectures

The use of Commercial Off-The-Shelf (COTS) multicores in real-time industry is on the rise due to multicores' potential performance increase and energy reduction. Yet, the unpredictable impact on timing of contention in shared hardware resources challenges certification. Furthermore, most safety certification standards target single-core architectures and do not provide explicit guidance for multicore processors. Recently, however, CAST-32A has been presented providing guidance for software planning, development and verification in multicores. In this paper, from a theoretical level, we provide a detailed review of CAST-32A objectives and the difficulty of reaching them under current COTS multicore design trends; at experimental level, we assess the difficulties of the application of CAST-32A to a real multicore processor, the NXP P4080.This work has been partially supported by the Spanish Ministry of Economy and Competitiveness (MINECO) under grant TIN2015-65316-P and the HiPEAC Network of Excellence. Jaume Abella has been partially supported by the MINECO under Ramon y Cajal grant RYC-2013-14717.Peer ReviewedPostprint (author's final draft

Large-scale Complex IT Systems

This paper explores the issues around the construction of large-scale complex systems which are built as 'systems of systems' and suggests that there are fundamental reasons, derived from the inherent complexity in these systems, why our current software engineering methods and techniques cannot be scaled up to cope with the engineering challenges of constructing such systems. It then goes on to propose a research and education agenda for software engineering that identifies the major challenges and issues in the development of large-scale complex, software-intensive systems. Central to this is the notion that we cannot separate software from the socio-technical environment in which it is used.Comment: 12 pages, 2 figure

Market Based Approaches for Dynamic Spectrum Assignment

Abstract—Much of the technical literature on spectrum sharing has been on developing technologies and systems for non-cooperative) opportunistic use. In this paper, we situate this approach to secondary spectrum use in a broader context, one that includes cooperative approaches to Dynamic Spectrum Access (DSA). In this paper, we introduce readers to this broader approach to DSA by contrasting it with non-cooperative sharing (opportunistic use), surveying relevant literature, and suggesting future directions for researc

Safety arguments for next generation location aware computing

Concerns over the accuracy, availability, integrity and continuity of Global Navigation Satellite Systems (GNSS) have limited the integration of GPS and GLONASS for safety-critical applications. More recent augmentation systems, such as the European Geostationary Navigation Overlay Service (EGNOS) and the North American Wide Area Augmentation System (WAAS) have begun to address these concerns. Augmentation architectures build on the existing GPS/GLONASS infrastructures to support locationbased services in Safety of Life (SoL) applications. Much of the technical development has been directed by air traffic management requirements, in anticipation of the more extensive support to be offered by GPS III and Galileo. WAAS has already been approved to provide vertical guidance against ICAO safety performance criteria for aviation applications. During the next twelve months, we will see the full certification of EGNOS for SoL applications. This paper identifies strong similarities between the safety assessment techniques used in Europe and North America. Both have relied on hazard analysis techniques to derive estimates of the Probability of Hazardously Misleading Information (PHMI). Later sections identify significant differences between the approaches adopted in application development. Integrated fault trees have been developed by regulatory and commercial organisations to consider both infrastructure hazards and their impact on non-precision RNAV/VNAV approaches using WAAS. In contrast, EUROCONTROL and the European Space Agency have developed a more modular approach to safety-case development for EGNOS. It remains to be seen whether the European or North American strategy offers the greatest support as satellite based augmentation systems are used within a growing range of SoL applications from railway signalling through to Unmanned Airborne Systems. The key contribution of this paper is to focus attention on the safety arguments that might support this wider class of location based services

Human Error Management Paying Emphasis on Decision Making and Social Intelligence -Beyond the Framework of Man-Machine Interface Design-

How latent error or violation induces a serious accident has been reviewed and a proper addressing measure of this has been proposed in the framework of decision making, emotional intelligence (EI) and social intelligence (SI) of organization and its members. It has been clarified that EI and SI play an important role in decision making. Violations frequently occur all over the world, although we definitely understand that we should not commit violations, and a secret to prevent this might exist in the enhancement of both social intelligence and reliability. The construction of social structure or system that supports organizational efforts to enhance both social intelligence and reliability would be essential. Traditional safety education emphasizes that it is possible to change attitudes or mind toward safety by means of education. In spite of this，accidents or scandals frequently occur and never decrease. These problems must be approached on the basis of the full understanding of social intelligence and limited reasonability in decision making. Social dilemma (We do not necessarily cooperate in spite of understanding its importance, and we sometimes make decision not to select cooperative behavior. Non-cooperation gives rise to a desirable result for an individual. However, if all take non-cooperative actions, undesirable results are finally induced to all.) must be solved in some ways and the transition from relief (closed) society to global (reliability) society must be realized as a whole. New social system, where cooperative relation can be easily and reliably obtained, must be constructed to support such an approach and prevent violation-based accidents

Interacting Components

SystemCSP is a graphical modeling language based on both CSP and concepts of component-based software development. The component framework of SystemCSP enables specification of both interaction scenarios and relative execution ordering among components. Specification and implementation of interaction among participating components is formalized via the notion of interaction contract. The used approach enables incremental design of execution diagrams by adding restrictions in different interaction diagrams throughout the process of system design. In this way all different diagrams are related into a single formally verifiable system. The concept of reusable formally verifiable interaction contracts is illustrated by designing set of design patterns for typical fault tolerance interaction scenarios

Enforcement in Dynamic Spectrum Access Systems

The spectrum access rights granted by the Federal government to spectrum users come with the expectation of protection from harmful interference. As a consequence of the growth of wireless demand and services of all types, technical progress enabling smart agile radio networks, and on-going spectrum management reform, there is both a need and opportunity to use and share spectrum more intensively and dynamically. A key element of any framework for managing harmful interference is the mechanism for enforcement of those rights. Since the rights to use spectrum and to protection from harmful interference vary by band (licensed/unlicensed, legacy/newly reformed) and type of use/users (primary/secondary, overlay/underlay), it is reasonable to expect that the enforcement mechanisms may need to vary as well.\ud \ud In this paper, we present a taxonomy for evaluating alternative mechanisms for enforcing interference protection for spectrum usage rights, with special attention to the potential changes that may be expected from wider deployment of Dynamic Spectrum Access (DSA) systems. Our exploration of how the design of the enforcement regime interacts with and influences the incentives of radio operators under different rights regimes and market scenarios is intended to assist in refining thinking about appropriate access rights regimes and how best to incentivize investment and growth in more efficient and valuable uses of the radio frequency spectrum