Data Migration in an Object-Oriented Software Development Environment

As software systems grow from small systems developed by a handful of people to large, complex systems developed by hundreds of people, the environment in which they are developed evolves. Large software systems contain vast quantities of data that must migrate to new development environments. Object-oriented software development environments (OOSDEs) have received research attention recently, and seem destined to become commonplace for software development of these large systems. System growth involves data migration, a problem that must be solved before OOSDEs become practical tools. Data migration includes immigration (import) of systems developed using traditional facilities, reorganization of systems supported by object-oriented databases (objectbases), and schema evolution as the class structure of the objectbase changes. This thesis presents graphics-oriented tools -- Marvelizer and Organ -- that solve the first two problems for the Marvel OOSDE. Marvelizer and Organ have been implemented and used on Marvel itself

Monitoring Assumptions in Assume-Guarantee Contracts

Pre-deployment verification of software components with respect to behavioral specifications in the assume-guarantee form does not, in general, guarantee absence of errors at run time. This is because assumptions about the environment cannot be discharged until the environment is fixed. An intuitive approach is to complement pre-deployment verification of guarantees, up to the assumptions, with post-deployment monitoring of environment behavior to check that the assumptions are satisfied at run time. Such a monitor is typically implemented by instrumenting the application code of the component. An additional challenge for the monitoring step is that environment behaviors are typically obtained through an I/O library, which may alter the component’s view of the input format. This transformation requires us to introduce a second pre-deployment verification step to ensure that alarms raised by the monitor would indeed correspond to violations of the environment assumptions. In this paper, we describe an approach for constructing monitors and verifying them against the component assumption. We also discuss limitations of instrumentation-based monitoring and potential ways to overcome it

Marvel Implementor's Guide

This document is an implementor's manual for the MARVEL software development environment. It discusses the technical details of the system, rather than providing a description of the system. It is intended for those people doing actual development work on MARVEL. References are provides throughout the manual for background information

Linking Abstract Analysis to Concrete Design: A Hierarchical Approach to Verify Medical CPS Safety

Complex cyber-physical systems are typically hierarchically organized into multiple layers of abstraction in order to manage design complexity and provide verification tractability. Formal reasoning about such systems, therefore, necessarily involves the use of multiple modeling formalisms, verification paradigms, and concomitant tools, chosen as appropriate for the level of abstraction at which the analysis is performed. System properties verified using an abstract component specification in one paradigm must then be shown to logically follow from properties verified, possibly using a different paradigm, on a more concrete component description, if one is to claim that a particular component when deployed in the overall system context would still uphold the system properties. But, as component specifications at one layer get elaborated into more concrete component descriptions in the next, abstraction induced differences come to the fore, which have to be reconciled in some meaningful way. In this paper, we present our approach for providing a logical glue to tie distinct verification paradigms and reconcile the abstraction induced differences, to verify safety properties of a medical cyber-physical system. While the specifics are particular to the case example at hand - a high-level abstraction of a safety-interlock system to stop drug infusion along with a detailed design of a generic infusion pump - we believe the techniques are broadly applicable in similar situations for verifying complex cyber-physical system properties

A Data-Driven Behavior Modeling and Analysis Framework for Diabetic Patients on Insulin Pumps

About 30%-40% of Type 1 Diabetes (T1D) patients in the United States use insulin pumps. Current insulin infusion systems require users to manually input meal carb count and approve or modify the system-suggested meal insulin dose. Users can give correction insulin boluses at any time. Since meal carbohydrates and insulin are the two main driving forces of the glucose physiology, the user-specific eating and pump-using behavior has a great impact on the quality of glycemic control. In this paper, we propose an “Eat, Trust, and Correct” (ETC) framework to model the T1D insulin pump users’ behavior. We use machine learning techniques to analyze the user behavior from a clinical dataset that we collected on 55 T1D patients who use insulin pumps. We demonstrate the usefulness of the ETC behavior modeling framework by performing in silico experiments. To this end, we integrate the user behavior model with an individually parameterized glucose physiological model, and perform probabilistic model checking on the user-in-the-loop system. The experimental results show that switching behavior types can significantly improve a patient’s glycemic control outcomes. These analysis results can boost the effectiveness of T1D patient education and peer support

Relationship between Extensions and Intensions in Categorization: A Match Made in Heaven?

The present study investigated the relationship between category extension and intension for eleven different semantic categories. It is often tacitly assumed that there is a (strong) extension-intension link. However, a recent study by Hampton and Passanisi (2016) examining the patterns of stable individual differences in concepts across participants called this hypothesis into question. To conceptually replicate their findings, two studies were conducted. We employed a category judgment task to measure category extensions, whereas a property generation (in Study 1) and property judgment task (Study 2) were used to measure intensions. Using their method, that is, correlating extension and intension similarity matrices, we found non-significant correlations in both studies, supporting their conclusion that similarity between individuals for extensional judgments does not map onto similarity between individuals for intensional judgments. However, multi-level logistic regression analyses showed that the properties a person generated (Study 1) or endorsed (Study 2) better predicted her own category judgments compared to other people’s category judgments. This result provides evidence in favor of a link between extension and intension at the subject level. The conflicting findings, resulting from two different approaches, and their theoretical repercussions are discussed.status: accepte

From Requirements to Code: Model Based Development of a Medical Cyber Physical System

The advanced use of technology in medical devices has improved the way health care is delivered to patients. Unfortunately, the increased complexity of modern medical devices poses challenges for development, assurance, and regulatory approval. In an e ort to improve the safety of advanced medical devices, organizations such as FDA have supported exploration of techniques to aid in the development and regulatory approval of such systems. In an ongoing research project, our aim is to provide effective development techniques and exemplars of system development artifacts that demonstrate state of the art development techniques. In this paper we present an end-to-end model-based approach to medical device software development along with the artifacts created in the process. While outlining the approach, we also describe our experiences, challenges, and lessons learned in the process of formulating and analyzing the requirements, modeling the system, formally verifying the models, generating code, and executing the generated code in the hardware for generic patient controlled analgesic infusion pump (GPCA). We believe that the development artifacts and techniques presented in this paper could serve as a generic reference to be used by researchers, practitioners, and authorities while developing and evaluating cyber physical medical devices

Origins Space Telescope: baseline mission concept

The Origins Space Telescope will trace the history of our origins from the time dust and heavy elements permanently altered the cosmic landscape to present-day life. How did galaxies evolve from the earliest galactic systems to those found in the Universe today? How do habitable planets form? How common are life-bearing worlds? To answer these alluring questions, Origins will operate at mid- and far-infrared (IR) wavelengths and offer powerful spectroscopic instruments and sensitivity three orders of magnitude better than that of the Herschel Space Observatory, the largest telescope flown in space to date. We describe the baseline concept for Origins recommended to the 2020 US Decadal Survey in Astronomy and Astrophysics. The baseline design includes a 5.9-m diameter telescope cryocooled to 4.5 K and equipped with three scientific instruments. A mid-infrared instrument (Mid-Infrared Spectrometer and Camera Transit spectrometer) will measure the spectra of transiting exoplanets in the 2.8 to 20  μm wavelength range and offer unprecedented spectrophotometric precision, enabling definitive exoplanet biosignature detections. The far-IR imager polarimeter will be able to survey thousands of square degrees with broadband imaging at 50 and 250  μm. The Origins Survey Spectrometer will cover wavelengths from 25 to 588  μm, making wide-area and deep spectroscopic surveys with spectral resolving power R  ∼  300, and pointed observations at R  ∼  40,000 and 300,000 with selectable instrument modes. Origins was designed to minimize complexity. The architecture is similar to that of the Spitzer Space Telescope and requires very few deployments after launch, while the cryothermal system design leverages James Webb Space Telescope technology and experience. A combination of current-state-of-the-art cryocoolers and next-generation detector technology will enable Origins’ natural background-limited sensitivity