MATrA: meta-modelling approach to traceability for avionics

PhD ThesisTraceability is the common term for mechanisms to record and navigate relationships between artifacts produced by development and assessment processes. Effective management of these relationships is critical to the success of projects involving the development of complex aerospace products. Practitioners use a range of notations to model aerospace products (often as part of a defined technique or methodology). Those appropriate to electrical and electronic systems (avionics) include Use Cases for requirements, Ada for development and Fault Trees for assessment (others such as PERT networks support product management). Most notations used within the industry have tool support, although a lack of well-defined approaches to integration leads to inconsistencies and limits traceability between their respective data sets (internal models). Conceptually, the artifacts produced using such notations populate four traceability dimensions. Of these, three record links between project artifacts (describing the same product), while the fourth relates artifacts across different projects (and hence products), and across product families within the same project. The scope of this thesis is to define a meta-framework that characterises traceability dimensions for aerospace projects, and then to propose a concrete framework capturing the syntax and semantics of notations used in developing avionics for such projects which enables traceability across the four dimensions. The concrete framework is achieved by exporting information from the internal models of tools supporting these notations to an integrated environment consisting of. i) a Workspace comprising a set of structures or meta-models (models describing models) expressed in a common modelling language representing selected notations (including appropriate extensions reflecting the application domain); ii) well-formedness constraints over these structures capturing properties of the notations (and again, reflecting the domain); and iii) associations between the structures. To maintain consistency and identify conflicts, elements of the structures are verified against a system model that defines common building blocks underlying the various notations. The approach is evaluated by (partial) tool implementation of the structures which are populated using case study material derived from actual commercial specifications and industry standards

ReSCon '09, Research Student Conference: Book of Abstracts

The second SED Research Student Conference (ReSCon2009) was hosted over three days, 22-24 June 2009, in the Lecture Centre at Brunel University. The conference consisted of technical presentations, a poster session and social events. The abstracts and presentations were the result of ongoing research by postgraduate research students from the School of Engineering and Design at Brunel University. The conference is held annually, and ReSCon plays a key role in contributing to research and innovations within the School

On power system automation: a Digital Twin-centric framework for the next generation of energy management systems

The ubiquitous digital transformation also influences power system operation. Emerging real-time applications in information (IT) and operational technology (OT) provide new opportunities to address the increasingly demanding power system operation imposed by the progressing energy transition. This IT/OT convergence is epitomised by the novel Digital Twin (DT) concept. By integrating sensor data into analytical models and aligning the model states with the observed system, a power system DT can be created. As a result, a validated high-fidelity model is derived, which can be applied within the next generation of energy management systems (EMS) to support power system operation. By providing a consistent and maintainable data model, the modular DT-centric EMS proposed in this work addresses several key requirements of modern EMS architectures. It increases the situation awareness in the control room, enables the implementation of model maintenance routines, and facilitates automation approaches, while raising the confidence into operational decisions deduced from the validated model. This gain in trust contributes to the digital transformation and enables a higher degree of power system automation. By considering operational planning and power system operation processes, a direct link to practice is ensured. The feasibility of the concept is examined by numerical case studies.The electrical power system is in the process of an extensive transformation. Driven by the energy transition towards renewable energy resources, many conventional power plants in Germany have already been decommissioned or will be decommissioned within the next decade. Among other things, these changes lead to an increased utilisation of power transmission equipment, and an increasing number of complex dynamic phenomena. The resulting system operation closer to physical boundaries leads to an increased susceptibility to disturbances, and to a reduced time span to react to critical contingencies and perturbations. In consequence, the task to operate the power system will become increasingly demanding. As some reactions to disturbances may be required within timeframes that exceed human capabilities, these developments are intrinsic drivers to enable a higher degree of automation in power system operation. This thesis proposes a framework to create a modular Digital Twin-centric energy management system. It enables the provision of validated and trustworthy models built from knowledge about the power system derived from physical laws, and process data. As the interaction of information and operational technologies is combined in the concept of the Digital Twin, it can serve as a framework for future energy management systems including novel applications for power system monitoring and control, which consider power system dynamics. To provide a validated high-fidelity dynamic power system model, time-synchronised phasor measurements of high-resolution are applied for validation and parameter estimation. This increases the trust into the underlying power system model as well as the confidence into operational decisions derived from advanced analytic applications such as online dynamic security assessment. By providing an appropriate, consistent, and maintainable data model, the framework addresses several key requirements of modern energy management system architectures, while enabling the implementation of advanced automation routines and control approaches. Future energy management systems can provide an increased observability based on the proposed architecture, whereby the situational awareness of human operators in the control room can be improved. In further development stages, cognitive systems can be applied that are able to learn from the data provided, e.g., machine learning based analytical functions. Thus, the framework enables a higher degree of power system automation, as well as the deployment of assistance and decision support functions for power system operation pointing towards a higher degree of automation in power system operation. The framework represents a contribution to the digital transformation of power system operation and facilitates a successful energy transition. The feasibility of the concept is examined by case studies in form of numerical simulations to provide a proof of concept.Das elektrische Energiesystem befindet sich in einem umfangreichen Transformations-prozess. Durch die voranschreitende Energiewende und den zunehmenden Einsatz erneuerbarer Energieträger sind in Deutschland viele konventionelle Kraftwerke bereits stillgelegt worden oder werden in den nächsten Jahren stillgelegt. Diese Veränderungen führen unter anderem zu einer erhöhten Betriebsmittelauslastung sowie zu einer verringerten Systemträgheit und somit zu einer zunehmenden Anzahl komplexer dynamischer Phänomene im elektrischen Energiesystem. Der Betrieb des Systems näher an den physikalischen Grenzen führt des Weiteren zu einer erhöhten Störanfälligkeit und zu einer verkürzten Zeitspanne, um auf kritische Ereignisse und Störungen zu reagieren. Infolgedessen wird die Aufgabe, das Stromnetz zu betreiben anspruchsvoller. Insbesondere dort wo Reaktionszeiten erforderlich sind, welche die menschlichen Fähigkeiten übersteigen sind die zuvor genannten Veränderungen intrinsische Treiber hin zu einem höheren Automatisierungsgrad in der Netzbetriebs- und Systemführung. Aufkommende Echtzeitanwendungen in den Informations- und Betriebstechnologien und eine zunehmende Menge an hochauflösenden Sensordaten ermöglichen neue Ansätze für den Entwurf und den Betrieb von cyber-physikalischen Systemen. Ein vielversprechender Ansatz, der in jüngster Zeit in diesem Zusammenhang diskutiert wurde, ist das Konzept des so genannten Digitalen Zwillings. Da das Zusammenspiel von Informations- und Betriebstechnologien im Konzept des Digitalen Zwillings vereint wird, kann es als Grundlage für eine zukünftige Leitsystemarchitektur und neuartige Anwendungen der Leittechnik herangezogen werden. In der vorliegenden Arbeit wird ein Framework entwickelt, welches einen Digitalen Zwilling in einer neuartigen modularen Leitsystemarchitektur für die Aufgabe der Überwachung und Steuerung zukünftiger Energiesysteme zweckdienlich einsetzbar macht. In Ergänzung zu den bereits vorhandenen Funktionen moderner Netzführungssysteme unterstützt das Konzept die Abbildung der Netzdynamik auf Basis eines dynamischen Netzmodells. Um eine realitätsgetreue Abbildung der Netzdynamik zu ermöglichen, werden zeitsynchrone Raumzeigermessungen für die Modellvalidierung und Modellparameterschätzung herangezogen. Dies erhöht die Aussagekraft von Sicherheitsanalysen, sowie das Vertrauen in die Modelle mit denen operative Entscheidungen generiert werden. Durch die Bereitstellung eines validierten, konsistenten und wartbaren Datenmodells auf der Grundlage von physikalischen Gesetzmäßigkeiten und während des Betriebs gewonnener Prozessdaten, adressiert der vorgestellte Architekturentwurf mehrere Schlüsselan-forderungen an moderne Netzleitsysteme. So ermöglicht das Framework einen höheren Automatisierungsgrad des Stromnetzbetriebs sowie den Einsatz von Entscheidungs-unterstützungsfunktionen bis hin zu vertrauenswürdigen Assistenzsystemen auf Basis kognitiver Systeme. Diese Funktionen können die Betriebssicherheit erhöhen und stellen einen wichtigen Beitrag zur Umsetzung der digitalen Transformation des Stromnetzbetriebs, sowie zur erfolgreichen Umsetzung der Energiewende dar. Das vorgestellte Konzept wird auf der Grundlage numerischer Simulationen untersucht, wobei die grundsätzliche Machbarkeit anhand von Fallstudien nachgewiesen wird

Behavioural aspects of term-rewriting systems

Imperial Users onl

The Characteristics and Trading Behaviour of Dual-listed Companies

We examine the characteristics and stock price behaviour of existing and recently unified dual-listed companies (DLCs, also known as Siamese-twin companies). DLC structures are effectively mergers in which companies agree to combine their operations and cash flows, but retain separate identities and shareholder registries. We identify 14 such international structures and survey the rationales that have been advanced for the creation as well as the unification of such groups. We find that three recent Anglo-Australian DLCs exhibit the ‘excess comovement’ phenomenon identified by Froot and Dabora (1999) and confirm this phenomenon has persisted for the long-standing Anglo-Dutch DLCs. We also investigate what happens to the market exposures of DLCs that have been abandoned in favour of a unified structure. Standard models would suggest there should be no change in the betas of the combined firm, while models of trading-based comovement would suggest that betas could change. We find that the market value of the unified DLCs becomes more (less) correlated with the market index of the new primary (secondary) market after unification. Together with the evidence for excess comovement, this result is consistent with a model where the market prices of assets depend not only on fundamentals, but also on the location of trade and the investors that hold the assets. Finally, we conduct an event study into the stock returns of DLC twins around the time of unification announcements. Unifications of the share structure have typically occurred on the market that placed the higher value on the cash flows of the DLC. Not surprisingly, the pricing of the twins converges after these announcements, and we find that a rise in the value of the discounted twin is apparently accompanied by a modest fall in the value of the twin trading at a premium.dual-listed company; Siamese twin companies; international equities

Ecosystem synergies, change and orchestration

This thesis investigates ecosystem synergies, change, and orchestration. The research topics are motivated by my curiosity, a fragmented research landscape, theoretical gaps, and new phenomena that challenge extant theories. To address these motivators, I conduct literature reviews to organise existing studies and identify their limited assumptions in light of new phenomena. Empirically, I adopt a case study method with abductive reasoning for a longitudinal analysis of the Alibaba ecosystem from 1999 to 2020. My findings provide an integrated and updated conceptualisation of ecosystem synergies that comprises three distinctive but interrelated components: 1) stack and integrate generic resources for efficiency and optimisation, 2) empower generative changes for variety and evolvability, and 3) govern tensions for sustainable growth. Theoretically grounded and empirically refined, this new conceptualisation helps us better understand the unique synergies of ecosystems that differ from those of alternative collective organisations and explain the forces that drive voluntary participation for value co-creation. Regarding ecosystem change, I find a duality relationship between intentionality and emergence and develop a phasic model of ecosystem sustainable growth with internal and external drivers. This new understanding challenges and extends prior discussions on their dominant dualism view, focus on partial drivers, and taken-for-granted lifecycle model. I propose that ecosystem orchestration involves systematic coordination of technological, adoption, internal, and institutional activities and is driven by long-term visions and adjusted by re-visioning. My analysis reveals internal orchestration's important role (re-envisioning, piloting, and organisation architectural reconfiguring), the synergy and system principles in designing adoption activities, and the expanding arena of institutional activities. Finally, building on the above findings, I reconceptualise ecosystems and ecosystem sustainable growth to highlight multi-stakeholder value creation, inclusivity, long-term orientation and interpretative approach. The thesis ends with discussing the implications for practice, policy, and future research.Open Acces

Protecting applications using trusted execution environments

While cloud computing has been broadly adopted, companies that deal with sensitive data are still reluctant to do so due to privacy concerns or legal restrictions. Vulnerabilities in complex cloud infrastructures, resource sharing among tenants, and malicious insiders pose a real threat to the confidentiality and integrity of sensitive customer data. In recent years trusted execution environments (TEEs), hardware-enforced isolated regions that can protect code and data from the rest of the system, have become available as part of commodity CPUs. However, designing applications for the execution within TEEs requires careful consideration of the elevated threats that come with running in a fully untrusted environment. Interaction with the environment should be minimised, but some cooperation with the untrusted host is required, e.g. for disk and network I/O, via a host interface. Implementing this interface while maintaining the security of sensitive application code and data is a fundamental challenge. This thesis addresses this challenge and discusses how TEEs can be leveraged to secure existing applications efficiently and effectively in untrusted environments. We explore this in the context of three systems that deal with the protection of TEE applications and their host interfaces: SGX-LKL is a library operating system that can run full unmodified applications within TEEs with a minimal general-purpose host interface. By providing broad system support inside the TEE, the reliance on the untrusted host can be reduced to a minimal set of low-level operations that cannot be performed inside the enclave. SGX-LKL provides transparent protection of the host interface and for both disk and network I/O. Glamdring is a framework for the semi-automated partitioning of TEE applications into an untrusted and a trusted compartment. Based on source-level annotations, it uses either dynamic or static code analysis to identify sensitive parts of an application. Taking into account the objectives of a small TCB size and low host interface complexity, it defines an application-specific host interface and generates partitioned application code. EnclaveDB is a secure database using Intel SGX based on a partitioned in-memory database engine. The core of EnclaveDB is its logging and recovery protocol for transaction durability. For this, it relies on the database log managed and persisted by the untrusted database server. EnclaveDB protects against advanced host interface attacks and ensures the confidentiality, integrity, and freshness of sensitive data.Open Acces