A controlled experiment for the empirical evaluation of safety analysis techniques for safety-critical software

Context: Today's safety critical systems are increasingly reliant on software. Software becomes responsible for most of the critical functions of systems. Many different safety analysis techniques have been developed to identify hazards of systems. FTA and FMEA are most commonly used by safety analysts. Recently, STPA has been proposed with the goal to better cope with complex systems including software. Objective: This research aimed at comparing quantitatively these three safety analysis techniques with regard to their effectiveness, applicability, understandability, ease of use and efficiency in identifying software safety requirements at the system level. Method: We conducted a controlled experiment with 21 master and bachelor students applying these three techniques to three safety-critical systems: train door control, anti-lock braking and traffic collision and avoidance. Results: The results showed that there is no statistically significant difference between these techniques in terms of applicability, understandability and ease of use, but a significant difference in terms of effectiveness and efficiency is obtained. Conclusion: We conclude that STPA seems to be an effective method to identify software safety requirements at the system level. In particular, STPA addresses more different software safety requirements than the traditional techniques FTA and FMEA, but STPA needs more time to carry out by safety analysts with little or no prior experience.Comment: 10 pages, 1 figure in Proceedings of the 19th International Conference on Evaluation and Assessment in Software Engineering (EASE '15). ACM, 201

Vortical structures on three-dimensional shock control bumps

Three-dimensional shock control bumps have long been investigated for their promising wave drag reduction capability. However, a recently emerging application has been their deployment as “smart” vortex generators, which offset the parasitic drag of their vortices against their wave drag reduction. It is known that three-dimensional shock control bumps produce streamwise vortices under most operating conditions; however, there have been very few investigations that have aimed to specifically examine the relevant flow structures. In particular, the strength of the vortices produced as well as the factors influencing their production are not well known. This paper uses a joint experimental and computational approach to test three different shock control bump shapes, categorizing their flow structures. Four common key vortical structures are observed, predominantly shear flows, although all bumps also produce a streamwise vortex pair. Both cases with and without flow separation on the bump tails are scrutinized. Finally, correlations between the strength of the main wake vortices and pressure gradients at various locations on the bumps are assessed to investigate which parts of the flow control the vortex formation. Spanwise flows on the bump ramp are seen to be the most influential factor in vortex strength.The research leading to these results has received funding from the European Union’s Seventh Framework Programme (FP7/2007-2013) for the Clean Sky Joint Technology Initiative as part of the NextWing program under grant agreement no. 271843.This is the author accepted manuscript. The final version is available from the American Institute of Aeronautics and Astronautics via http://dx.doi.org/10.2514/1.J05466

NPTI: New Periodic Emission Inspection to guarantee PN Emission Stability of all modern vehicles

Periodic Technical Inspection of emission quality PTI was abandoned by most EU member states in 2014 following the EU-Directive 2014/45 which recommended to delegate emission quality to OBD. After Dieselgate this naïve dream was over and VERT proposed during the German Dieselgate Hearing Sept.2016 to re-introduce PTI for all vehicles with emission control by DPF and SCR. With the introduction of particulate filters on diesel as well as GDI engines, the measurement of particulate emissions during PTI or road-side checks however, became a nontrivial task. Opacity and smoke meters do not have sufficient sensitivity to identify particulate filter failures or tampering on new, low emission internal combustion engines. Recent studies conducted in the Netherlands, Switzerland and Belgium have shown that about 10% of passenger cars equipped with DPF have high PN emissions that could indicate a damaged or removed DPF. To address this problem, the VERT Association launched a New Periodic Technical Inspection (N-PTI) initiative to develop a simple, robust and tamper-proof method for checking the functionality of DPFs using particle number (PN) instruments. The N-PTI initiative, launched in November 2016, is supported by the European Union as well as the governments of Germany, the Netherlands, Belgium, and Switzerland. The proposed test is conducted at idle using a PN instrument. It is assumed that the process will be suitable with minor, if any, modifications for petrol engines. The test protocol is also appropriate for road-side inspections, such as by the police. The first results are promising. Instruments in their prototype stage are already capable of recognizing vehicles that have been manipulated using partial bypass that resulted in PN emissions close to maximum allowed type approval levels (i.e., 6×1011 1/km) and present a satisfactory correlation with PEMS compliant instrumentation. Work on the testing procedure and pass/fail limit is still ongoing. This work is also under the evaluation of the CITA (International Motor Vehicle Inspection Committee) Roadworthiness Technical Working Group which focuses on tampering with exhaust emission control systems. The results show a good correlation between emission levels during the type approval cycle (NEDC/ WLTC) and low idle emissions even with first generation N-PTI instruments. These results suggest that the technical specifications of NPTI instruments should have acceptable uncertainty, with low cost. The Netherlands and Germany have already started programs that will lead to the adoption of mandatory N-PTI emission testing requirements. NMI, the Dutch metrology institute, has released a draft InternationalRecommendation with the specifications of the PTI particulate number counter. The N-PTI DPF test maybecome available in the Netherlands at RDW test stations as soon as 2019, while the nationwide targetdate for the introduction of N-PTI testing is 2021. In Germany, the Federal Council passed a law inSeptember 2017 (published in the German StVZO 2017) that re-introduces PTI first by smokemeasurement but PN measurements at idle are to be required from 2021

On the succinctness of query rewriting over shallow ontologies

We investigate the succinctness problem for conjunctive query rewritings over OWL2QL ontologies of depth 1 and 2 by means of hypergraph programs computing Boolean functions. Both positive and negative results are obtained. We show that, over ontologies of depth 1, conjunctive queries have polynomial-size nonrecursive datalog rewritings; tree-shaped queries have polynomial positive existential rewritings; however, in the worst case, positive existential rewritings can be superpolynomial. Over ontologies of depth 2, positive existential and nonrecursive datalog rewritings of conjunctive queries can suffer an exponential blowup, while first-order rewritings can be superpolynomial unless NP �is included in P/poly. We also analyse rewritings of tree-shaped queries over arbitrary ontologies and note that query entailment for such queries is fixed-parameter tractable

Is Heavy Baryon Approach Necessary?

It is demonstrated that using an appropriately chosen renormalization condition one can respect power counting within the relativistic baryon chiral perturbation theory without appealing to the technique of the heavy baryon approach. Explicit calculations are performed for diagrams including two-loops. It is argued that the introduction of the heavy baryon chiral perturbation theory was useful but not necessary.Comment: 9 pages, 2 figures, minor changes, references adde

Quantum Walk with Jumps

We analyze a special class of 1-D quantum walks (QWs) realized using optical multi-ports. We assume non-perfect multi-ports showing errors in the connectivity, i.e. with a small probability the multi- ports can connect not to their nearest neighbor but to another multi-port at a fixed distance - we call this a jump. We study two cases of QW with jumps where multiple displacements can emerge at one timestep. The first case assumes time-correlated jumps (static disorder). In the second case, we choose the positions of jumps randomly in time (dynamic disorder). The probability distributions of position of the QW walker in both instances differ significantly: dynamic disorder leads to a Gaussian-like distribution, while for static disorder we find two distinct behaviors depending on the parity of jump size. In the case of even-sized jumps, the distribution exhibits a three-peak profile around the position of the initial excitation, whereas the probability distribution in the odd case follows a Laplace-like discrete distribution modulated by additional (exponential) peaks for long times. Finally, our numerical results indicate that by an appropriate mapping an universal functional behavior of the variance of the long-time probability distribution can be revealed with respect to the scaled average of jump size.Comment: 11 pages, 13 figure

Final results from the EU project AVATAR: aerodynamic modelling of 10 MW wind turbines

This paper presents final results from the EU project AVATAR in which aerodynamic models are improved and validated for wind turbines on a scale of 10 MW and more. Special attention is paid to the improvement of low fidelity engineering (BEM based) models with higher fidelity (CFD) models but also with intermediate fidelity free vortex wake (FVW) models. The latter methods were found to be a good basis for improvement of induction modelling in engineering methods amongst others for the prediction of yawed cases, which in AVATAR was found to be one of the most challenging subjects to model. FVW methods also helped to improve the prediction of tip losses. Aero-elastic calculations with BEM based and FVW based models showed that fatigue loads for normal production cases were over predicted with approximately 15% or even more. It should then be realised that the outcome of BEM based models does not only depend on the choice of engineering add-ons (as is often assumed) but it is also heavily dependent on the way the induced velocities are solved. To this end an annulus and element approach are discussed which are assessed with the aid of FVW methods. For the prediction of fatigue loads the so-called element approach is recommended but the derived yaw models rely on an annulus approach which pleads for a generalised solution method for the induced velocities

Power-law tail distributions and nonergodicity

We establish an explicit correspondence between ergodicity breaking in a system described by power-law tail distributions and the divergence of the moments of these distributions.Comment: 4 pages, 1 figure, corrected typo