Redundant VoD Streaming Service in a Private Cloud: Availability Modeling and Sensitivity Analysis

For several years cloud computing has been generating considerable debate and interest within IT corporations. Since cloud computing environments provide storage and processing systems that are adaptable, efficient, and straightforward, thereby enabling rapid infrastructure modifications to be made according to constantly varying workloads, organizations of every size and type are migrating to web-based cloud supported solutions. Due to the advantages of the pay-per-use model and scalability factors, current video on demand (VoD) streaming services rely heavily on cloud infrastructures to offer a large variety of multimedia content. Recent well documented failure events in commercial VoD services have demonstrated the fundamental importance of maintaining high availability in cloud computing infrastructures, and hierarchical modeling has proved to be a useful tool for evaluating the availability of complex systems and services. This paper presents an availability model for a video streaming service deployed in a private cloud environment which includes redundancy mechanisms in the infrastructure. Differential sensitivity analysis was applied to identify and rank the critical components of the system with respect to service availability. The results demonstrate that such a modeling strategy combined with differential sensitivity analysis can be an attractive methodology for identifying which components should be supported with redundancy in order to consciously increase system dependability

Dynamic model-based safety analysis: from state machines to temporal fault trees

Finite state transition models such as State Machines (SMs) have become a prevalent paradigm for the description of dynamic systems. Such models are well-suited to modelling the behaviour of complex systems, including in conditions of failure, and where the order in which failures and fault events occur can affect the overall outcome (e.g. total failure of the system). For the safety assessment though, the SM failure behavioural models need to be converted to analysis models like Generalised Stochastic Petri Nets (GSPNs), Markov Chains (MCs) or Fault Trees (FTs). This is particularly important if the transformed models are supported by safety analysis tools.This thesis, firstly, identifies a number of problems encountered in current safety analysis techniques based on SMs. One of the existing approaches consists of transforming the SMs to analysis-supported state-transition formalisms like GSPNs or MCs, which are very powerful in capturing the dynamic aspects and in the evaluation of safety measures. But in this approach, qualitative analysis is not encouraged; here the focus is primarily on probabilistic analysis. Qualitative analysis is particularly important when probabilistic data are not available (e.g., at early stages of design). In an alternative approach though, the generation of combinatorial, Boolean FTs has been applied to SM-based models. FTs are well-suited to qualitative analysis, but cannot capture the significance of the temporal order of events expressed by SMs. This makes the approach potentially error prone for the analysis of dynamic systems. In response, we propose a new SM-based safety analysis technique which converts SMs to Temporal Fault Trees (TFTs) using Pandora — a recent technique for introducing temporal logic to FTs. Pandora provides a set of temporal laws, which allow the significance of the SM temporal semantics to be preserved along the logical analysis, and thereby enabling a true qualitative analysis of a dynamic system. The thesis develops algorithms for conversion of SMs to TFTs. It also deals with the issue of scalability of the approach by proposing a form of compositional synthesis in which system large TFTs can be generated from individual component SMs using a process of composition. This has the dual benefits of allowing more accurate analysis of different sequences of faults, and also helping to reduce the cost of performing temporal analysis by producing smaller, more manageable TFTs via the compositionality.The thesis concludes that this approach can potentially address limitations of earlier work and thus help to improve the safety analysis of increasingly complex dynamic safety-critical systems

An overview of fault tree analysis and its application in model based dependability analysis

YesFault Tree Analysis (FTA) is a well-established and well-understood technique, widely used for dependability evaluation of a wide range of systems. Although many extensions of fault trees have been proposed, they suffer from a variety of shortcomings. In particular, even where software tool support exists, these analyses require a lot of manual effort. Over the past two decades, research has focused on simplifying dependability analysis by looking at how we can synthesise dependability information from system models automatically. This has led to the field of model-based dependability analysis (MBDA). Different tools and techniques have been developed as part of MBDA to automate the generation of dependability analysis artefacts such as fault trees. Firstly, this paper reviews the standard fault tree with its limitations. Secondly, different extensions of standard fault trees are reviewed. Thirdly, this paper reviews a number of prominent MBDA techniques where fault trees are used as a means for system dependability analysis and provides an insight into their working mechanism, applicability, strengths and challenges. Finally, the future outlook for MBDA is outlined, which includes the prospect of developing expert and intelligent systems for dependability analysis of complex open systems under the conditions of uncertainty

Hierarchical Control of the ATLAS Experiment

Control systems at High Energy Physics (HEP) experiments are becoming increasingly complex mainly due to the size, complexity and data volume associated to the front-end instrumentation. In particular, this becomes visible for the ATLAS experiment at the LHC accelerator at CERN. ATLAS will be the largest particle detector ever built, result of an international collaboration of more than 150 institutes. The experiment is composed of 9 different specialized sub-detectors that perform different tasks and have different requirements for operation. The system in charge of the safe and coherent operation of the whole experiment is called Detector Control System (DCS). This thesis presents the integration of the ATLAS DCS into a global control tree following the natural segmentation of the experiment into sub-detectors and smaller sub-systems. The integration of the many different systems composing the DCS includes issues such as: back-end organization, process model identification, fault detection, synchronization with external systems, automation of processes and supervisory control. Distributed control modeling is applied to the widely distributed devices that coexist in ATLAS. Thus, control is achieved by means of many distributed, autonomous and co-operative entities that are hierarchically organized and follow a finite-state machine logic. The key to integration of these systems lies in the so called Finite State Machine tool (FSM), which is based on two main enabling technologies: a SCADA product, and the State Manager Interface (SMI++) toolkit. The SMI++ toolkit has been already used with success in two previous HEP experiments providing functionality such as: an object-oriented language, a finite-state machine logic, an interface to develop expert systems, and a platform-independent communication protocol. This functionality is then used at all levels of the experiment operation process, ranging from the overall supervision down to device integration, enabling the overall sequencing and automation of the experiment. Although the experience gained in the past is an important input for the design of the detector's control hierarchy, further requirements arose due to the complexity and size of ATLAS. In total, around 200.000 channels will be supervised by the DCS and the final control tree will be hundreds of times bigger than any of the antecedents. Thus, in order to apply a hierarchical control model to the ATLAS DCS, a common approach has been proposed to ensure homogeneity between the large-scale distributed software ensembles of sub-detectors. A standard architecture and a human interface have been defined with emphasis on the early detection, monitoring and diagnosis of faults based on a dynamic fault-data mechanism. This mechanism relies on two parallel communication paths that manage the faults while providing a clear description of the detector conditions. The DCS information is split and handled by different types of SMI++ objects; whilst one path of objects manages the operational mode of the system, the other is to handle eventual faults. The proposed strategy has been validated through many different tests with positive results in both functionality and performance. This strategy has been successfully implemented and constitutes the ATLAS standard to build the global control tree. During the operation of the experiment, the DCS, responsible for the detector operation, must be synchronized with the data acquisition system which is in charge of the physics data taking process. The interaction between both systems has so far been limited, but becomes increasingly important as the detector nears completion. A prototype implementation, ready to be used during the sub-detector integration, has achieved data reconciliation by mapping the different segments of the data acquisition system into the DCS control tree. The adopted solution allows the data acquisition control applications to command different DCS sections independently and prevents incorrect physics data taking caused by a failure in a detector part. Finally, the human-machine interface presents and controls the DCS data in the ATLAS control room. The main challenges faced during the design and development phases were: how to support the operator in controlling this large system, how to maintain integration across many displays, and how to provide an effective navigation. These issues have been solved by combining the functionalities provided by both, the SCADA product and the FSM tool. The control hierarchy provides an intuitive structure for the organization of many different displays that are needed for the visualization of the experiment conditions. Each node in the tree represents a workspace that contains the functional information associated with its abstraction level within the hierarchy. By means of an effective navigation, any workspace of the control tree is accessible by the operator or detector expert within a common human interface layout. The interface is modular and flexible enough to be accommodated to new operational scenarios, fulfil the necessities of the different kind of users and facilitate the maintenance during the long lifetime of the detector of up to 20 years. The interface is in use since several months, and the sub-detector's control hierarchies, together with their associated displays, are currently being integrated into the common human-machine interface

Cyclic blackout mitigation and prevention

Severe and long-lasting power shortages plague many countries, resulting in cyclic blackouts affecting the life of millions of people. This research focuses on the design, development and evolution of a computer-controlled system for chronic cyclic blackouts mitigation based on the use of an agent-based distributed power management system integrating Supply Demand Matching (SDM) with the dynamic management of Heat, Ventilation, and Air Conditioning (HVAC) appliances. The principle is supported through interlocking different types of HVAC appliances within an adaptive cluster, the composition of which is dynamically updated according to the level of power secured from aggregating the surplus power from underutilised standby generation which is assumed to be changing throughout the day. The surplus power aggregation provides a dynamically changing flow, used to power a basic set of appliances and one HVAC per household. The proposed solution has two modes, cyclic blackout mitigation and prevention modes, selecting either one depends on the size of the power shortage. If the power shortage is severe, the system works in its cyclic blackout mitigation mode during the power OFF periods of a cyclic blackout. The system changes the composition of the HVAC cluster so that its demand added to the demand of basic household appliances matches the amount of secured supply. The system provides the best possible air conditioning/cooling service and distributes the usage right and duration of each type of HVAC appliance either equally among all houses or according to house temperature. However if the power shortage is limited and centred around the peak, the system works in its prevention mode, in such case, the system trades a minimum number of operational air conditioners (ACs) with air cooling counterparts in so doing reducing the overall demand. The solution assumes the use of a new breed of smart meters, suggested in this research, capable of dynamically rationing power provided to each household through a centrally specified power allocation for each family. This smart meter dynamically monitors each customer’s demand and ensures their allocation is never exceeded. The system implementation is evaluated utilising input power usage patterns collected through a field survey conducted in a residential quarter in Basra City, Iraq. The results of the mapping formed the foundation for a residential demand generator integrated in a custom platform (DDSM-IDEA) built as the development environment dedicated for implementing and evaluating the power management strategies. Simulation results show that the proposed solution provides an equitably distributed, comfortable quality of life level during cyclic blackout periods.Severe and long-lasting power shortages plague many countries, resulting in cyclic blackouts affecting the life of millions of people. This research focuses on the design, development and evolution of a computer-controlled system for chronic cyclic blackouts mitigation based on the use of an agent-based distributed power management system integrating Supply Demand Matching (SDM) with the dynamic management of Heat, Ventilation, and Air Conditioning (HVAC) appliances. The principle is supported through interlocking different types of HVAC appliances within an adaptive cluster, the composition of which is dynamically updated according to the level of power secured from aggregating the surplus power from underutilised standby generation which is assumed to be changing throughout the day. The surplus power aggregation provides a dynamically changing flow, used to power a basic set of appliances and one HVAC per household. The proposed solution has two modes, cyclic blackout mitigation and prevention modes, selecting either one depends on the size of the power shortage. If the power shortage is severe, the system works in its cyclic blackout mitigation mode during the power OFF periods of a cyclic blackout. The system changes the composition of the HVAC cluster so that its demand added to the demand of basic household appliances matches the amount of secured supply. The system provides the best possible air conditioning/cooling service and distributes the usage right and duration of each type of HVAC appliance either equally among all houses or according to house temperature. However if the power shortage is limited and centred around the peak, the system works in its prevention mode, in such case, the system trades a minimum number of operational air conditioners (ACs) with air cooling counterparts in so doing reducing the overall demand. The solution assumes the use of a new breed of smart meters, suggested in this research, capable of dynamically rationing power provided to each household through a centrally specified power allocation for each family. This smart meter dynamically monitors each customer’s demand and ensures their allocation is never exceeded. The system implementation is evaluated utilising input power usage patterns collected through a field survey conducted in a residential quarter in Basra City, Iraq. The results of the mapping formed the foundation for a residential demand generator integrated in a custom platform (DDSM-IDEA) built as the development environment dedicated for implementing and evaluating the power management strategies. Simulation results show that the proposed solution provides an equitably distributed, comfortable quality of life level during cyclic blackout periods

Improved System Models for Building-Integrated Hybrid Renewable Energy Systems with Advanced Storage: A Combined Experimental and Simulation Approach

The domestic sector will play an important role in the decarbonisation and decentralisation of the energy sector in the future. Installation numbers of building-integrated small-scale energy systems such as photovoltaics (PV), wind turbines and micro-combined heat and power (CHP) have significantly increased. However, the power output of PV and wind turbines is inherently linked to weather conditions; thus, the injected power into the public grid can be highly intermittent. With the increasing share of renewable energy at all voltage levels challenges arise in terms of power stability and quality. To overcome the volatility of such energy sources, storage technologies can be applied to temporarily decouple power generation from power consumption. Two emerging storage technologies which can be applied at residential level are hydrogen systems and vanadium-redox-flow-batteries (VRFB). In addition, the building-integrated energy sources and storage system can be combined to form a hybrid renewable energy system (HRES) to manage the energy flow more efficiently. The main focus of this thesis is to investigate the dynamic performance of two emerging energy storage technologies, a hydrogen loop composed of alkaline electrolyser, gas storage and proton exchange membrane (PEM) fuel cell, and a VRFB. In addition, the application of building-integrated HRES at customer level to increase the self-consumption of the onsite generated electricity and to lower the grid interaction of the building has been analysed. The first part deals with the development of a research test-bed known as the Hybrid Renewable Energy Park (HREP). The HREP is a residential-scale distributed energy system that comprises photovoltaic, wind turbine, CHP, lead acid batteries, PEM fuel cell, alkaline electrolyser and VRFB. In addition, it is equipped with programmable electronic loads to emulate different energy consumption patterns and a charging point for electric vehicles. Because of its modular structure different combinations of energy systems can be investigated and it can be easily extended. A unified communication channel based on the local operating network (LON) has been established to coordinate and control the HREP. Information from the energy systems is gathered with a temporal resolution of one second. Integration issues encountered during the integration process have been addressed. The second part presents an experimental methodology to assess the steady state and dynamic performance of the electrolyser, the fuel cell and the VRFB. Operational constrains such as minimum input/output power or start-up times were extracted from the experiments. The response of the energy systems to single and multiple dynamic events was analysed, too. The results show that there are temporal limits for each energy system, which affect its response to a sudden load change or the ability to follow a load profile. Obstacles arise in terms of temporal delays mainly caused by the distributed communication system and should be considered when operating or simulating a HRES at system level. The third part shows how improved system models of each component can be developed using the findings from the experiments. System models presented in the literature have the shortcoming that operational aspects are not adequately addressed. For example, it is commonly assumed that energy systems at system level can respond to load variations almost instantaneously. Thus, component models were developed in an integrated manner to combine theoretical and operational aspects. A generic model layout was defined containing several subsystems, which enables an easy implementation into an overall simulation model in MATLAB®/Simulink®. Experimental methods were explained to extract the new parameters of the semi-empirical models and discrete operational aspects were modelled using Stateflow®, a graphical tool to formulate statechart diagrams. All system models were validated using measured data from the experimental analysis. The results show a low mean-absolute-percentage-error (<3%). Furthermore, an advanced energy management strategy has been developed to coordinate and to control the energy systems by combining three mechanisms; statechart diagrams, double exponential smoothing and frequency decoupling. The last part deals with the evaluation, operation and control of HRES in the light of the improved system models and the energy management strategy. Various simulated case studies were defined to assess a building-integrated HRES on an annual basis. Results show that the overall performance of the hydrogen loop can be improved by limiting the operational window and by reducing the dynamic operation. The capability to capture the waste heat from the electrolyser to supply hot water to the residence as a means of increasing the overall system efficiency was also determined. Finally, the energy management strategy was demonstrated by real-time experiments with the HREP and the dynamic performance of the combined operation has been evaluated. The presented results of the detailed experimental study to characterise the hydrogen loop and the VRFB as well as the developed system models revealed valuable information about their dynamic operation at system level. These findings have relevance to the future application and for simulation studies of building-integrated HRES. There are still integration aspects which need to be addressed in the future to overcome the proprietary problem of the control systems. The innovations in the HREP provide an advanced platform for future investigations such as electric-vehicles as decentralised mobile storage and the development of more advanced control approaches.The research formed part of the “Dezentrale Speicher für Gebäude DeSG-Projekt“ funded by the German Federal Ministry of Education and Research (BMBF) under grant FKZ 17N1611. The research was also financially supported by the Rud. Otto Meyer-Umwelt-Stiftung during the last months of this research