An Analysis Tool for Models of Virtualized Systems

This paper gives an example-driven introduction to modelling and analyzing virtualized systems in, e.g., cloud computing, using virtually timed ambients, a process algebra developed to study timing aspects of resource management for (nested) virtual machines. The calculus supports nested virtualization and virtual machines compete with other processes for the resources of their host environment. Resource provisioning in virtually timed ambients extends the capabilities of mobile ambients to model the dynamic creation, migration, and destruction of virtual machines. Quality of service properties for virtually timed ambients can be formally expressed using modal contracts describing aspects of resource provisioning and verified using a model checker for virtually timed ambients, implemented in the rewriting system Maude

Inseguendo fagiani selvatici: Partial order reduction for guarded command languages

This paper presents a method for testing whether objects in actor languages and active object languages exhibit locally deterministic behavior. We investigate such a method for a class of guarded command programs, abstracting from object-oriented features like method calls but focusing on cooperative scheduling of dynamically spawned processes executing in parallel. The proposed method can answer questions such as whether all permutations of an execution trace are equivalent, by generating candidate traces for testing which may lead to different final states. To prune the set of candidate traces, we employ partial order reduction. To further reduce the set, we introduce an analysis technique to decide whether a generated trace is schedulable. Schedulability cannot be decided for guarded commands using standard dependence and interference relations because guard enabledness is non-monotonic. To solve this problem, we use concolic execution to produce linearized symbolic traces of the executed program, which allows a weakest precondition computation to decide on the satisfiability of guards

Can group-based reassuring information alter low back pain behavior? A cluster-randomized controlled trial?

Background Low back pain (LBP) is common in the population and multifactorial in nature, often involving negative consequences. Reassuring information to improve coping is recommended for reducing the negative consequences of LBP. Adding a simple non-threatening explanation for the pain (temporary muscular dysfunction) has been successful at altering beliefs and behavior when delivered with other intervention elements. This study investigates the isolated effect of this specific information on future occupational behavior outcomes when delivered to the workforce. Design A cluster-randomized controlled trial. Methods Publically employed workers (n=505) from 11 Danish municipality centers were randomized at center-level (cluster) to either intervention (two 1-hour group-based talks at the workplace) or control. The talks provided reassuring information together with a simple non-threatening explanation for LBP - the ‘functional-disturbance’-model. Data collections took place monthly over a 1-year period using text message tracking (SMS). Primary outcomes were self-reported days of cutting down usual activities and work participation. Secondary outcomes were self-reported back beliefs, work ability, number of healthcare visits, bothersomeness, restricted activity, use of pain medication, and sadness/depression. Results There was no between-group difference in the development of LBP during follow-up. Cumulative logistic regression analyses showed no between-group difference on days of cutting down activities, but increased odds for more days of work participation in the intervention group (OR=1.83 95% CI: 1.08-3.12). Furthermore, the intervention group was more likely to report: higher work ability, reduced visits to healthcare professionals, lower bothersomeness, lower levels of sadness/depression, and positive back beliefs. Conclusion Reassuring information involving a simple non-threatening explanation for LBP significantly increased the odds for days of work participation and higher work ability among workers who went on to experience LBP during the 12-month follow-up. Our results confirm the potential for public-health education for LBP, and add to the discussion of simple versus multidisciplinary interventions

Developing Real-Time Collaborative Editing Using Formal Methods

Real-time collaboration allows multiple users to view and edit a document simultaneously over a network. In this thesis, we develop a new protocol, called Shared Buffer, which enables real-time collaboration in existing editors. Shared Buffer leverages a client-server architecture and minimizes the implementation effort of the client-side algorithm. It achieves this without degrading the responsiveness of the editor. The greatest challenge of a real-time collaborative system is ensuring consistency between the distributed copies of the document. We chose eventual consistency as the consistency model, which essentially states that if all users stop typing, then eventually they will look at the same document. We apply a formal verification technique called model checking, using it as a tool to validate the protocol. The behavior of the system is formally specified in Maude, a language based on equational and rewriting logic. Linear Temporal Logic (LTL) is used to formalize the consistency model. Using the Maude LTL model checker, we have verified that the system exhibits eventual consistency for a limited number of clients and operations. A Shared Buffer server has been implemented in Clojure, a modern functional language with strong support for concurrency. Client implementations have been developed as an extension for Emacs, a widely used text editor, and as a library for the Python programming language

Geological Development of the Jan Mayen Micro Continent and its Continental Margins

The Jan Mayen micro continent is isolated from other continental crust central in the North Atlantic. This master thesis is a seismic interpretation study of the northern part of the micro continent, using 2D seismic reflection data. Broadband seismic surveys from 2012 and 2011 are used together with older data in order to get an overview of the geological history of the micro continent, with emphasis on the continental margins.The method of interpretation was initial observation of the seismic lines, then mapping of the important features such as major truncation-surfaces and strong basal reflectors. Finally, the mapped lines were interpreted and linked to geological processes. Five seismic lines that displayed important features were included in the thesis. The general features displayed on these lines were put together and used to create one profile which displays the geological development of the micro continent. The general development of the micro continent is strongly linked to the continental break ups between Greenland and Eurasia in the Early Eocene and between Jan Mayen and East-Greenland in the Early Miocene.The result of the Early Eocene breakup was a volcanic margin on the eastern margin of the Jan Mayen area. Accumulation space in the Jan Mayen area was filled in with sediments from Greenland as Greenland and Norway drifted apart, identified in a pre-breaking sequence. Subsequently, the area became subject to significant extension. Sedimentation continued throughout the extensional phase, which was identified in a syn-rifting sedimentary sequence. Eventually, the sea floor spreading to the east of Jan Mayen died out, and a non-volcanic break on the western margin of the Jan Mayen area separated the micro continent from Greenland, and a post rifting sequence was deposited. It is suggested in this thesis that an increase in melt production post-break-up lead to an extensive distribution of volcanic intrusions throughout the Jan Mayen Basin, as well as the area above the eastern continent-ocean transition. The intruded areas are thought to have been areas of weakness in the crust, making propagation for the intrusion easier

Global Reproducibility Through Local Control for Distributed Active Objects

Non-determinism in a concurrent or distributed setting may lead to many different runs or executions of a program. This paper presents a method to reproduce a specific run for non-deterministic actor or active object systems. The method is based on recording traces of events reflecting local transitions at so-called stable states during execution; i.e., states in which local execution depends on interaction with the environment. The paper formalizes trace recording and replay for a basic active object language, to show that such local traces suffice to obtain global reproducibility of runs; during replay different objects may operate fairly independently of each other and in parallel, yet a program under replay has guaranteed deterministic outcome. We then show that the method extends to the other forms of non-determinism as found in richer active object languages. Following the proposed method, we have implemented a tool to record and replay runs, and to visualize the communication and scheduling decisions of a recorded run, for Real-Time ABS, a formally defined, rich active object language for modeling timed, resource-aware behavior in distributed systems

An Analysis Tool for Models of Virtualized Systems

This paper gives an example-driven introduction to modelling and analyzing virtualized systems in, e.g., cloud computing, using virtually timed ambients, a process algebra developed to study timing aspects of resource management for (nested) virtual machines. The calculus supports nested virtualization and virtual machines compete with other processes for the resources of their host environment. Resource provisioning in virtually timed ambients extends the capabilities of mobile ambients to model the dynamic creation, migration, and destruction of virtual machines. Quality of service properties for virtually timed ambients can be formally expressed using modal contracts describing aspects of resource provisioning and verified using a model checker for virtually timed ambients, implemented in the rewriting system Maude

Synkende obduksjonsrate : KLoK-oppgave

Obduksjoner utføres ved sykehus av flere årsaker. Obduksjon er gullstandard for postmortal diagnostisering og således en kvalitetsindikator for sykehusets arbeid. I tillegg er det en obligat del av patologispesialiseringen, samt viktig for forskning og statistikk. Obduksjonsraten har likevel gått ned i den vestlige verden de siste tiårene. I Norge har den nye loven om obduksjon fra 2004, med krav om innhenting av samtykke fra pårørende, antagelig forsterket denne effekten. Vi har i arbeidet vårt valgt å se på forholdene ved Ullevål universitetssykehus og hva som kan gjøres for å øke obduksjonsraten. Etter systematisk gjennomgang av litteraturen, har vi kommet frem til et pakketiltak bestående av et informasjonsmøte for klinikerne, et skjema som skal fylles ut samtidig med dødsattesten (der en bekrefter at en har spurt om samtykke til å utføre obduksjon), samt å innføre som rutine at alle dødsfall blir tatt opp på morgenmøtet, hvor det vurderes om obduksjon bør rekvireres hvis dette ikke er gjort. Dette tiltaket krever små ressurser (internundervisningsmøte, trykking av skjema med gjennomslag samt endring av rutine ved morgenmøte). Prospektive studier har vist nytte av tiltakene, men at de krever oppfølging og vedlikehold. Vi foreslår at patologisk anatomisk avdeling blir ansvarlig for å holde internundervisning, for utarbeidelse og bekostning av skjema og ukentlig tilbakemelding til de kliniske avdelinger. I tillegg må det settes ned en prosjektgruppe sammensatt av representanter for patologisk anatomisk avdeling og de kliniske avdelingene, som vurderer effekten av tiltakene samt har ansvar for kontinuerlig prosessforbedring. Tiltakene bør være permanente

Inseguendo fagiani selvatici: Partial order reduction for guarded command languages

This paper presents a method for testing whether objects in actor languages and active object languages exhibit locally deterministic behavior. We investigate such a method for a class of guarded command programs, abstracting from object-oriented features like method calls but focusing on cooperative scheduling of dynamically spawned processes executing in parallel. The proposed method can answer questions such as whether all permutations of an execution trace are equivalent, by generating candidate traces for testing which may lead to different final states. To prune the set of candidate traces, we employ partial order reduction. To further reduce the set, we introduce an analysis technique to decide whether a generated trace is schedulable. Schedulability cannot be decided for guarded commands using standard dependence and interference relations because guard enabledness is non-monotonic. To solve this problem, we use concolic execution to produce linearized symbolic traces of the executed program, which allows a weakest precondition computation to decide on the satisfiability of guards

SymPaths: Symbolic Execution Meets Partial Order Reduction

Symbolic execution is an important technique for software analysis, which enables systematic model exploration by following all possible execution paths for a given program. For multithreaded shared variable programs, this technique leads to a state space explosion. Partial order reduction is a technique which allows equivalent execution paths to be recognized, reducing the state space explosion problem. This paper provides formal justifications for these techniques in a multithreaded setting by proving the correctness and completeness of symbolic execution for multithreaded shared variable programs, with and without the use of partial order reduction. We then show how these formal justifications carry over to prove the soundness and relative completeness of a proof system for such multithreaded shared variable programs in dynamic logic, such that partial order reduction can be used to simplify the proof construction by mitigating the state space explosion