An architecture-based dependability modeling framework using AADL

For efficiency reasons, the software system designers' will is to use an integrated set of methods and tools to describe specifications and designs, and also to perform analyses such as dependability, schedulability and performance. AADL (Architecture Analysis and Design Language) has proved to be efficient for software architecture modeling. In addition, AADL was designed to accommodate several types of analyses. This paper presents an iterative dependency-driven approach for dependability modeling using AADL. It is illustrated on a small example. This approach is part of a complete framework that allows the generation of dependability analysis and evaluation models from AADL models to support the analysis of software and system architectures, in critical application domains

Software dependability modeling using an industry-standard architecture description language

Performing dependability evaluation along with other analyses at architectural level allows both making architectural tradeoffs and predicting the effects of architectural decisions on the dependability of an application. This paper gives guidelines for building architectural dependability models for software systems using the AADL (Architecture Analysis and Design Language). It presents reusable modeling patterns for fault-tolerant applications and shows how the presented patterns can be used in the context of a subsystem of a real-life application

A two-level structure for advanced space power system automation

The tasks to be carried out during the three-year project period are: (1) performing extensive simulation using existing mathematical models to build a specific knowledge base of the operating characteristics of space power systems; (2) carrying out the necessary basic research on hierarchical control structures, real-time quantitative algorithms, and decision-theoretic procedures; (3) developing a two-level automation scheme for fault detection and diagnosis, maintenance and restoration scheduling, and load management; and (4) testing and demonstration. The outlines of the proposed system structure that served as a master plan for this project, work accomplished, concluding remarks, and ideas for future work are also addressed

Evaluation of fault-tolerant parallel-processor architectures over long space missions

The impact of a five year space mission environment on fault-tolerant parallel processor architectures is examined. The target application is a Strategic Defense Initiative (SDI) satellite requiring 256 parallel processors to provide the computation throughput. The reliability requirements are that the system still be operational after five years with .99 probability and that the probability of system failure during one-half hour of full operation be less than 10(-7). The fault tolerance features an architecture must possess to meet these reliability requirements are presented, many potential architectures are briefly evaluated, and one candidate architecture, the Charles Stark Draper Laboratory's Fault-Tolerant Parallel Processor (FTPP) is evaluated in detail. A methodology for designing a preliminary system configuration to meet the reliability and performance requirements of the mission is then presented and demonstrated by designing an FTPP configuration

The Carnegie-Irvine Galaxy Survey. III. The Three-Component Structure of Nearby Elliptical Galaxies

Motivated by recent developments in our understanding of the formation and evolution of massive galaxies, we explore the detailed photometric structure of a representative sample of 94 bright, nearby elliptical galaxies, using high-quality optical images from the Carnegie-Irvine Galaxy Survey. The sample spans a range of environments and stellar masses, from M* = 10^{10.2} to 10^{12.0} solar mass. We exploit the unique capabilities of two-dimensional image decomposition to explore the possibility that local elliptical galaxies may contain photometrically distinct substructure that can shed light on their evolutionary history. Compared with the traditional one-dimensional approach, these two-dimensional models are capable of consistently recovering the surface brightness distribution and the systematic radial variation of geometric information at the same time. Contrary to conventional perception, we find that the global light distribution of the majority (>75%) of elliptical galaxies is not well described by a single Sersic function. Instead, we propose that local elliptical galaxies generically contain three subcomponents: a compact (R_e < 1 kpc) inner component with luminosity fraction f ~ 0.1-0.15; an intermediate-scale (R_e ~ 2.5 kpc) middle component with f ~ 0.2-0.25; and a dominant (f = 0.6), extended (R_e ~ 10 kpc) outer envelope. All subcomponents have average Sersic indices n ~ 1-2, significantly lower than the values typically obtained from single-component fits. The individual subcomponents follow well-defined photometric scaling relations and the stellar mass-size relation. We discuss the physical nature of the substructures and their implications for the formation of massive elliptical galaxies.Comment: To appear in The Astrophysical Journal; 36 pages, 2 tables, 38 figures; For the full resolution version, see: http://users.obs.carnegiescience.edu/shuang/PaperIII.pdf ; For the atlas of all selected models, see http://users.obs.carnegiescience.edu/shuang/AppendixE.pd

A safety analysis approach to clinical workflows : application and evaluation

Clinical workflows are safety critical workflows as they have the potential to cause harm or death to patients. Their safety needs to be considered as early as possible in the development process. Effective safety analysis methods are required to ensure the safety of these high-risk workflows, because errors that may happen through routine workflow could propagate within the workflow to result in harmful failures of the system’s output. This paper shows how to apply an approach for safety analysis of clinic al workflows to analyse the safety of the workflow within a radiology department and evaluates the approach in terms of usability and benefits. The outcomes of using this approach include identification of the root causes of hazardous workflow failures that may put patients’ lives at risk. We show that the approach is applicable to this area of healthcare and is able to present added value through the detailed information on possible failures, of both their causes and effects; therefore, it has the potential to improve the safety of radiology and other clinical workflows

Reliability model generator

An improved method and system for automatically generating reliability models for use with a reliability evaluation tool is described. The reliability model generator of the present invention includes means for storing a plurality of low level reliability models which represent the reliability characteristics for low level system components. In addition, the present invention includes means for defining the interconnection of the low level reliability models via a system architecture description. In accordance with the principles of the present invention, a reliability model for the entire system is automatically generated by aggregating the low level reliability models based on the system architecture description

GIS-based method to assess seismic vulnerability of interconnected infrastructure: A case of EU gas and electricity networks

Our study concerns the interconnected European Electricity and Gas transmission grid where we address two important issues of these interdependent critical infrastructures. First we assessed the response under seismic hazard for each independent network; then we analysed the increased vulnerability due to coupling between these two heterogeneous networks. We developed a probability reliability model that encompasses the spatial distribution of the network structures using a Geographic Information System (GIS). We applied the seismic risk assessment of individual network facilities and presented the results in the form of the system fragility curves of the (independent and dependant) networks in terms of various performance measures - connectivity loss, power loss, and impact on the population. We characterized the coupling behaviour between the two networks as a physical dependency: here the electricity grid, in part, depends on the gas network due to the generation capacity of gas-fired power plants. The dependence of one network on the other is modelled with an interoperability matrix, which is defined in terms of the strength of coupling; additionally we consider how the mechanical-structural fragility of the pipelines of the gas-source supply stream contributes to this dependence. In addition to network-wide assessment, damage was also evaluated at a local level by examining the performance status of each and every electricity distribution substation in the electricity grid. Finally, the comprehensive geographical distributions of performance loss at the European level can be visualized on a GIS tool; showing, as expected, that the highest direct damage in southeast Europe.JRC.DG.G.5-European laboratory for structural assessmen

Learning STEM Through Integrative Visual Representation

Previous cognitive models of memory have not comprehensively taken into account the internal cognitive load of chunking isolated information and have emphasized the external cognitive load of visual presentation only. Under the Virk Long Term Working Memory Multimedia Model of cognitive load, drawing from the Cowan model, students presented with integrated animations of the key neural signal transmission subcomponents where the interrelationships between subcomponents are visually and verbally explicit, were hypothesized to perform significantly better on free response and diagram labeling questions, than students presented with isolated animations of these subcomponents. This is because the internal attentional cognitive load of chunking these concepts is greatly reduced and hence the overall cognitive load is less for the integrated visuals group than the isolated group, despite the higher external load for the integrated group of having the interrelationships between subcomponents presented explicitly. Experiment 1 demonstrated that integrating the subcomponents of the neuron significantly enhanced comprehension of the interconnections between cellular subcomponents and approached significance for enhancing recall of the layered molecular correlates of the cellular structures and their interconnections. Experiment 2 corrected time on task confounds from Experiment 1 and focused on the cellular subcomponents of the neuron only. Results from the free response essay subcomponent subscores did demonstrate significant differences in favor of the integrated group as well as some evidence from the diagram labeling section. Results from free response, short answer and What-If (problem solving), and diagram labeling detailed interrelationship subscores demonstrated the integrated group did indeed learn the extra material they were presented with. This data demonstrating the integrated group learned the extra material they were presented with provides some initial support for the assertion that chunking mediated the greater gains in learning for the neural subcomponent concepts over the control