Engineering secure systems: Models, patterns and empirical validation

Several development approaches have been proposed to handle the growing complexity of software system design. The most popular methods use models as the main artifacts to construct and maintain. The desired role of such models is to facilitate, systematize and standardize the construction of software-based systems. In our work, we propose a model-driven engineering (MDE) methodological approach associated with a pattern-based approach to support the development of secure software systems. We address the idea of using patterns to describe solutions for security as recurring security problems in specific design contexts and present a well-proven generic scheme for their solutions. The proposed approach is based on metamodeling and model transformation techniques to define patterns at different levels of abstraction and generate different representations according to the target domain concerns, respectively. Moreover, we describe an operational architecture for development tools to support the approach. Finally, an empirical evaluation of the proposed approach is presented through a practical application to a use case in the metrology domain with strong security requirements, which is followed by a description of a survey performed among domain experts to better understand their perceptions regarding our approach

Balancing profitability of energy production, societal impacts and biodiversity in offshore wind farm design

The global demand for renewable energy is on the rise. Expansion of onshore wind energy is in many parts of the world limited by societal acceptance, and also ecological impacts are a concern. Here, pragmatic methods are developed for the integration of high-dimensional spatial data in offshore wind energy planning. Over 150 spatial data layers are created, which either oppose or support offshore wind energy development, and represent ecological, societal, and economic factors. The method is tested in Finland, where interest in developing offshore wind energy is growing. Analyses were done using a spatial prioritization approach, originally developed for the prioritization of high dimensional ecological data, and rarely used in planning offshore wind energy. When all criteria are integrated, it is possible to find a balanced solution where offshore wind farms cause little disturbance to biodiversity and society, while at the same time yielding high profitability for wind energy production. Earlier proposed areas for offshore wind farms were also evaluated. They were generally well suited for wind power, with the exception of a couple of areas with comparatively high environmental impacts. As an outcome, new areas well suited for large scale wind power deployment were recognized, where construction costs would be moderate and disturbance to biodiversity, marine industries and people limited. A novel tradeoff visualization method was also developed for the conflicts and synergies of offshore energy deployment, which could ease the dialogue between different stakeholders in a spatial planning context. Overall, this study provides a generic and transparent approach for well-informed analysis of offshore wind energy development potential when conflict resolution between biodiversity, societal factors and economic profits is needed. The proposed approach is replicable elsewhere in the world. It is also structurally suitable for the planning of impact avoidance and conflict resolution in the context of other forms of construction or resource extraction.Peer reviewe

Search-based system architecture development using a holistic modeling approach

This dissertation presents an innovative approach to system architecting where search algorithms are used to explore design trade space for good architecture alternatives. Such an approach is achieved by integrating certain model construction, alternative generation, simulation, and assessment processes into a coherent and automated framework. This framework is facilitated by a holistic modeling approach that combines the capabilities of Object Process Methodology (OPM), Colored Petri Net (CPN), and feature model. The resultant holistic model can not only capture the structural, behavioral, and dynamic aspects of a system, allowing simulation and strong analysis methods to be applied, it can also specify the architectural design space. Both object-oriented analysis and design (OOA/D) and domain engineering were exploited to capture design variables and their domains and define architecture generation operations. A fully realized framework (with genetic algorithms as the search algorithm) was developed. Both the proposed framework and its suggested implementation, including the proposed holistic modeling approach and architecture alternative generation operations, are generic. They are targeted at systems that can be specified using object-oriented or process-oriented paradigm. The broad applicability of the proposed approach is demonstrated on two examples. One is the configuration of reconfigurable manufacturing systems (RMSs) under multi-objective optimization and the other is the architecture design of a manned lunar landing system for the Apollo program. The test results show that the proposed approach can cover a huge number of architecture alternatives and support the assessment of several performance measures. A set of quality results was obtained after running the optimization algorithm following the proposed framework --Abstract, page iii

A Distributed Object Model for CSCW in the Construction Industry

Information about products for the construction industry is increasingly often provided to designers in digital ways that enable them to apply the information directly in the design process. Digital product catalogues are provided using various media and formats and several initiatives are taken by the industry and by CAD developers to integrate this kind of information into CAD systems. Generally, current practice is to distribute the information to designers, for example, by using CD-ROMs or a website where the information can be downloaded. In our research we recognise that distributing information in this manner detaches it from the business processes in the construction supply chain, which is a major disadvantage. The project presented in this paper concerns the implementation in the Dutch construction industry of a methodology for sharing product information through a distributed object model. The methodology, which is called Concept Modelling, forms a generic basis for the support of collaborative design, but is applied in this project to the integration of information from the supply chain in the design process. Through the distributed object model, design information and product information can be integrated while the actual data objects remain at their source. This enables the supply chain to provide information of a high semantic level to designers while keeping the control over the information and maintaining the relationship of the information with their business processes. The advantages of this approach in which information is shared, rather than exchanged, are numerous. Redundancy of information is minimised, consistency is improved, and updated information is available immediately. Moreover, design and construction processes can benefit significantly from the dynamic aspects of accessing information that is tied to business processes in the supply chain. For example, product selection during design can be based on latest information on product details, prices, production methods, and variants of products. This information can be provided to designers automatically and on demand

Integrated, multi-attribute decision support system for the evaluation of underground utility construction methods

The dissertation research work described herein is comprised of three primary objectives: (1) the development of a rehabilitation method selection software (TAG-R) for the National Association of Sewer Service Companies (NASSCO) and its subsequent validation and combination with TAG (a sister decision support system (DSS) software developed by the author in an earlier work); (2) the development of a social cost calculator (SCC) and its validation; and (3) the development of a proposed framework for multi-segment optimization for construction methods selection using the tools developed in the first two objectives as well as additional project related data. The selection of a construction method involves many factors, which should be considered each time a new pipe segment needs to be addressed. This creates the need for a localized database containing technical data for the construction methods that are available for installation, replacement and rehabilitation of buried utilities. In addition to the database, a fully automated algorithm is needed for processing the project data, comparing it to the construction method databases, and identifying technically viable construction methods for the specific pipe segment under consideration. Each of these was accomplished with the developments of TAG-R, originally made commercially available through NASSCO on CD and now also being available through the TTC website in its full form, combined with TAG (a sister software developed in earlier work) at the web address . The study of social costs and the benefit offered by trenchless technologies when compared with open cut construction methods has been investigated over the past 25 years by many researchers, with methodologies for estimating social cost elements and incorporating them in the bid process being examined. However, there is no algorithm that combined this work into a single, generic approach in the public domain. This created the need for a software capable of evaluating alternative construction methods based on project input and providing reliable calculations for multiple social cost categories including, (1) traffic delays and vehicle operating costs; (2) pedestrian delays; (3) noise pollution; (4) dust pollution; (5) air pollution; (6) loss of parking revenues; and, (7) pavement restoration. This was accomplished by codifying an algorithm, which uses established calculation methods, into a standalone software called Social Cost Calculator (SCC), which can evaluate up to two competing construction methods at a time. Once all methods deemed technically viable for a pipe segment were identified and their social costs determined, the most economical method can be selected by including the direct construction costs. However, there is a need to be able to evaluate multiple segments, since most utility projects involve more than a single pipe segment. This necessitated to the development of a framework for optimizing the method selection process for multiple segments. Once a method selection evaluation has been conducted for all of the segments on a given project, their direct cost and social costs are calculated for each combination of methods. The multi-segment analysis include additional parameters such as perceived risk, adjustment of the direct cost for the method service life and mobilization/demobilization cost, to determine the most economical method solution set for the project at hand

A Generic library of problem-solving methods for scheduling applications

In this paper we describe a generic library of problem-solving methods (PSMs) for scheduling applications. Although, some attempts have been made in the past at developing libraries of scheduling methods, these only provide limited coverage: in some cases they are specific to a particular scheduling domain; in other cases they simply implement a particular scheduling technique; in other cases they fail to provide the required degree of depth and precision. Our library is based on a structured approach, whereby we first develop a scheduling task ontology, and then construct a task-specific but domain independent model of scheduling problem-solving, which generalises from specific approaches to scheduling problem-solving. Different PSMs are then constructed uniformly by specialising the generic model of scheduling problem-solving. Our library has been evaluated on a number of real-life and benchmark applications to demonstrate its generic and comprehensive nature

Development of a semantic knowledge modelling approach for evaluating offsite manufacturing production processes

The housing sector in the UK and across the globe is constantly under pressure to deliver enough affordable houses to meet the increasing demand. Offsite Manufacturing (OSM), a modern method of construction, is considered to be a key aspect in meeting these demands given its potential to increase efficiency and boost productivity. Although the use of OSM to increase the supply of affordable and efficient homes is getting popular, the focus has been on ‘what’ methods of construction are used (i.e. whether implementing OSM or traditional approach) rather than ‘how’ the alternative construction approach shall be done (i.e. choice of OSM method to meet set objectives). There have been criticisms of the approaches used by professionals implementing OSM methods as some of these approaches are non-structured and these methods have been criticised for being similar to the conventional onsite methods with little process gains. There are previous studies that have compared the performance of OSM and other modern methods of construction with conventional methods of construction. However, there is hardly any attempt nor quantitative evidence comparing the performance of various competing OSM approaches (i.e. methods with standardised and non-standardised processes) in order to support stakeholders in making an informed decision on choices of methods. In pursuit of the research gap identified, this research aims to develop a proof-of-concept knowledge-based process analysis tool that would enable OSM practitioners to efficiently evaluate the performances of their choice of OSM methods to support informed decision-making and continuous improvement. To achieve this aim, an ontology knowledge modelling approach was adopted for leveraging data and information sources with semantics, and an offsite production workflow (OPW) ontology was developed to enable a detailed analysis of OSM production methods. The research firstly undertook an extensive critical review of the OSM domain to identify the existing OSM knowledge and how this knowledge can be formalised to aid communication in the OSM domain. In addition, a separate review of process analysis methods and knowledge-based modelling methods was done concurrently to identify the suitable approach for analysing and systemising OSM knowledge respectively. The lean manufacturing value system analysis (VSA) approach was used for the analysis in this study using two units of analysis consisting of an example of atypical non-standardised (i.e. static method of production) and standardised (i.e. semi-automated method of production) OSM methods. The knowledge systematisation was done using an ontology knowledge modelling approach to develop the process analysis tool – OPW ontology. The OPW ontology was further evaluated by mapping a case of lightweight steel frame modular house production to model a real-life context. A two-staged validation approach was then implemented to test the ontology which consists of firstly an internal validation of logic and consistency of the results and then an expert validation process using an industry-approved set of criteria. The result from the study revealed that the non-standardised ad-hoc OSM production method, involving a significant amount of manual tasks, contributes little process improvement from the conventional onsite method when using the metrics of process time and cost. In comparison with the structured method e.g. semi-automated OSM production method, it is discovered that the process cost and time are 82% and 77% more in the static method respectively based on a like-to-like production schedule. The study also evaluates the root causes of process wastes, accounting for non-value-added time and cost consumed. The results contribute to supporting informed decision-making on the choices of OSM production methods for continuous improvement. The main contributions to knowledge and practice are as follows: i. The output of this research contributes to the body of literature on offsite concepts, definition and classification, through the generic classification framework developed for the OSM domain. This provides a means of supporting clear communication and knowledge sharing in the domain and supports knowledge systematisation. ii. The approach used in this research, integrating the value system analysis (VSA) and activity-based costing (ABC) methods for process analysis is a novel approach that bridges that gaps with the use of the ABC method for generating detailed process-related data to support cost/time-based analysis of OSM processes. iii. The developed generic process map which represents the OSM production process captures activity sequences, resources and information flow within the process will help in disseminating knowledge on OSM and improve best practices in the industry. iv. The developed process analysis tool (the OPW ontology) has been tested with a real-life OSM project and validated by domain experts to be a competent tool. The knowledge structure and rules integrated into the OPW ontology have been published on the web for knowledge sharing and re-use. This tool can be adapted by OSM practitioners to develop a company-specific tool that captures their specific business processes, which can then support the evaluation of their processes to enable continuous improvement

A generic framework for the development of standardised learning objects within the discipline of construction management

E-learning has occurred in the academic world in different forms since the early 1990s. Its use varies from interactive multimedia tools and simulation environments to static resources within learning management systems. E-learning tools and environments are no longer criticised for their lack of use in higher education in general and within the construction domain in particular. The main criticism, however, is that of reinventing the wheel in order to create new learning environments that cater for different educational needs. Therefore, sharing educational content has become the focus of current research, taking e-learning into a whole new era of developments. This era is enabled by the emergence of new technologies (online and wireless) and the development of educational standards, such as SCORM (Sharable Content Object Reference Model) and LOM (Learning Object Metadata) for example. Accordingly, the broad definition of the construction domain and the interlocking nature of subjects taught within this domain, makes the concept of sharing content most appealing. This paper proposes a framework developed to describe the various steps required in order to enable the application of e-learning metadata standards and ontology for sharable learning objects to serve the construction discipline. The paper further describes the application of the proposed framework to a case study for developing an online environment for learning objects that are standardised, sharable, transparent and that cater for the needs of learners, educators and curricula developers in Construction Management. Based on the framework, a learning objects repository is developed incorporating educational and web standards. The repository manages objects as well as metadata using ontology and offers a set of services such as storing, retrieving and searching of learning objects using Semantic Web technologies. Thus, it increases the reusability, sharability and interoperability of learning objects