Space shuttle: Low speed stability and control characteristics of the North American Rockwell delta wing orbiter -134D and -134C configurations

Longitudinal, lateral, and directional static stability and control characteristics of delta wing space shuttle orbiter models 134D and 134C at Mach 0.2

An Intraoperative Glucose Control Benchmark for Formal Verification

Diabetes associated complications are affecting an increasingly large population of hospitalized patients. Since glucose physiology is significantly impacted by patient-specific parameters, it is critical to verify that a clinical glucose control protocol is safe across a wide patient population. A safe protocol should not drive the glucose level into dangerous low (hypoglycemia) or high (hyperglycemia) ranges. Verification of glucose controllers is challenging due to the high-dimensional, non-linear glucose physiological models which contain both unobservable states and unmeasurable patient-specific parameters. This paper presents a hybrid system model of a closed-loop physiological system that includes an existing FDA-accepted high-fidelity physiological model tailored to intraoperative settings and a validated improvement to a clinical glucose control protocol for diabetic cardiac surgery patients. We propose the closed-loop model as a physiological system benchmark for verification and present our initial results on verifying the system using the SMT-based hybrid system verification tool dReach

Modeling and Analysis of Power-Aware Systems

The paper describes a formal approach for designing and reasoning about power-constrained, timed systems. The framework is based on process algebra, a formalism that has been developed to describe and analyze communicating concurrent systems. The proposed extension allows the modeling of probabilistic resource failures, priorities of resource usages, and power consumption by resources within the same formalism. Thus, it is possible to model alternative power-consumption behaviors and analyze tradeoffs in their timing and other characteristics. This paper describes the modeling and analysis techniques, and illustrates them with examples, including a dynamic voltage-scaling algorithm

Java-MaC A Run-time Assurance Tool for Java Programs

AbstractWe describe Java-MaC, a prototype implementation of the Monitoring and Checking (MaC) architecture for Java programs. The MaC architecture provides assurance about the correct execution of target programs at run-time. Monitoring and checking is performed based on a formal specification of system requirements. MaC bridges the gap between formal verification, which ensures the correctness of a design rather than an implementation, and testing, which only partially validates an implementation. Java-MaC provides a lightweight formal method solution as a viable complement to the current heavyweight formal methods. An important aspect of the architecture is the clear separation between monitoring implementation-dependent low-level behaviors and checking high-level behaviors against a formal requirements specification. Another salient feature is automatic instrumentation of executable codes. The paper presents an overview of the MaC architecture and a prototype implementation Java-MaC

Discrete-time rewards model-checked

This paper presents a model-checking approach for analyzing discrete-time Markov reward models. For this purpose, the temporal logic probabilistic CTL is extended with reward constraints. This allows to formulate complex measures – involving expected as well as accumulated rewards – in a precise and succinct way. Algorithms to efficiently analyze such formulae are introduced. The approach is illustrated by model-checking a probabilistic cost model of the IPv4 zeroconf protocol for distributed address assignment in ad-hoc networks

Study of composition of cosmic rays with energy .7 E 3 Ee

The longitudinal shower development of extensive air showers (EAS) observed in the fly's eye is used to determine the distribution of X sub max, the depth in the atmosphere of the EAS maximum. Data and Monte Carlo simulations of proton and iron primaries are compared. A substantial contribution from light primaries is noted

Program transformations using temporal logic side conditions

This paper describes an approach to program optimisation based on transformations, where temporal logic is used to specify side conditions, and strategies are created which expand the repertoire of transformations and provide a suitable level of abstraction. We demonstrate the power of this approach by developing a set of optimisations using our transformation language and showing how the transformations can be converted into a form which makes it easier to apply them, while maintaining trust in the resulting optimising steps. The approach is illustrated through a transformational case study where we apply several optimisations to a small program

A Homogeneous Actor-Based Monitor Language for Adaptive Behaviour

This paper describes a structured approach to encoding monitors in an actor language. Within a configuration of actors, each of which publishes a history, a monitor is an independent actor that triggers an action based on patterns occurring in the histories. We define a monitor language based on linear temporal logic and show how it can be homogeneously embedded within an actor language. The approach is demonstrated through a number of examples and evaluated in terms of a real-world actor-based simulation

Diagnosing and measuring incompatibilities between pairs of services

International audienceThis text presents a tool, from its design to its implementation, which detects all behavioural incompatibilities between two service interfaces. Unlike prior work, the proposed solution does not simply check whether two services are incompatible or not, it rather provides detailed diagnosis, including the incompatibilities and for each one the location in the service interfaces where these incompatibilities occur. A measure of similarity between interfaces which considers outputs from the detection algorithm is proposed too. A visual report of the comparison analysis is also provided which pinpoints a set of incompatibilities that cause a behavioural interface not to simulate another one