Noninterfering schedulers: when possibilistic noninterference implies probabilistic noninterference

We develop a framework for expressing and analyzing the behavior of probabilistic schedulers. There, we define noninterfering schedulers by a probabilistic interpretation of Goguen and Meseguer’s seminal notion of noninterference. Noninterfering schedulers are proved to be safe in the following sense: if a multi-threaded program is possibilistically noninterfering, then it is also probabilistically noninterfering when run under this scheduler

Formalizing probabilistic noninterference

We present an Isabelle formalization of probabilistic noninterference for a multi-threaded language with uniform scheduling. Unlike in previous settings from the literature, here probabilistic behavior comes from both the scheduler and the individual threads, making the language more realistic and the mathematics more challenging. We study resumption-based and trace-based notions of probabilistic noninterference and their relationship, and also discuss compositionality w.r.t. the language constructs and type-system-like syntactic criteria. The formalization uses recent development in the Isabelle probability theory library

Proving concurrent noninterference

We perform a formal analysis of compositionality techniques for proving possibilistic noninterference for a while language with parallel composition. We develop a uniform framework where we express a wide range of noninterference variants from the literature and compare them w.r.t. their contracts: the strength of the security properties they ensure weighed against the harshness of the syntactic conditions they enforce. This results in a simple implementable algorithm for proving that a program has a specific noninterference property, using only compositionality, which captures uniformly several security type-system results from the literature and suggests a further improved type system. All formalism and theorems have been mechanically verified in Isabelle/HOL

Formal verification of language-based concurrent noninterference

We perform a formal analysis of compositionality techniques for proving possibilistic noninterference for a while language with parallel composition. We develop a uniform framework where we express a wide range of noninterference variants from the literature and compare them w.r.t. their contracts: the strength of the security properties they ensure weighed against the harshness of the syntactic conditions they enforce. This results in a simple implementable algorithm for proving that a program has a specific noninterference property, using only compositionality, which captures uniformly several security type-system results from the literature and suggests a further improved type system. All formalism and theorems have been mechanically verified in Isabelle/HOL

Adapting Quality Assurance to Adaptive Systems: The Scenario Coevolution Paradigm

From formal and practical analysis, we identify new challenges that self-adaptive systems pose to the process of quality assurance. When tackling these, the effort spent on various tasks in the process of software engineering is naturally re-distributed. We claim that all steps related to testing need to become self-adaptive to match the capabilities of the self-adaptive system-under-test. Otherwise, the adaptive system's behavior might elude traditional variants of quality assurance. We thus propose the paradigm of scenario coevolution, which describes a pool of test cases and other constraints on system behavior that evolves in parallel to the (in part autonomous) development of behavior in the system-under-test. Scenario coevolution offers a simple structure for the organization of adaptive testing that allows for both human-controlled and autonomous intervention, supporting software engineering for adaptive systems on a procedural as well as technical level.Comment: 17 pages, published at ISOLA 201

Truly modular (co)datatypes for Isabelle/HOL

We extended Isabelle/HOL with a pair of definitional commands for datatypes and codatatypes. They support mutual and nested (co)recursion through well-behaved type constructors, including mixed recursion–corecursion, and are complemented by syntaxes for introducing primitive (co)recursive functions and by a general proof method for reasoning coinductively. As a case study, we ported Isabelle’s Coinductive library to use the new commands, eliminating the need for tedious ad hoc constructions

Towards the Formal Reliability Analysis of Oil and Gas Pipelines

It is customary to assess the reliability of underground oil and gas pipelines in the presence of excessive loading and corrosion effects to ensure a leak-free transport of hazardous materials. The main idea behind this reliability analysis is to model the given pipeline system as a Reliability Block Diagram (RBD) of segments such that the reliability of an individual pipeline segment can be represented by a random variable. Traditionally, computer simulation is used to perform this reliability analysis but it provides approximate results and requires an enormous amount of CPU time for attaining reasonable estimates. Due to its approximate nature, simulation is not very suitable for analyzing safety-critical systems like oil and gas pipelines, where even minor analysis flaws may result in catastrophic consequences. As an accurate alternative, we propose to use a higher-order-logic theorem prover (HOL) for the reliability analysis of pipelines. As a first step towards this idea, this paper provides a higher-order-logic formalization of reliability and the series RBD using the HOL theorem prover. For illustration, we present the formal analysis of a simple pipeline that can be modeled as a series RBD of segments with exponentially distributed failure times.Comment: 15 page

Observing Galaxy Clusters with eROSITA: Simulations

The eROSITA instrument on board the Russian Spectrum Roentgen Gamma spacecraft, which will be launched in 2013,will conduct an all sky survey in X-rays. A main objective of the survey is to observe galaxy clusters in order to constrain cosmological parameters and to obtain further knowledge about dark matter and dark energy. For the simulation of the eROSITA survey we present a Monte-Carlo code generating a mock catalogue of galaxy clusters distributed accordingto the mass function of [1]. The simulation generates the celestial coordinates as well as the cluster mass and redshift. From these parameters, the observed intensity and angular diameter are derived. These are used to scale Chandra cluster images as input for the survey-simulation

SiC/Al4SiC4-Based Heterostructure Transistors

A wide-band-gap (WBG) SiC/Al4SiC4 heterostructure transistor with a gate length of 5 μm is designed using a ternary carbide of Al4SiC4, and its performance is simulated by Silvaco Atlas. The simulations use a mixture of parameters obtained from ensemble Monte Carlo simulations, DFT calculations, and experimental data. The 5 μm gate length transistor is then laterally scaled to 2 and 1 μm gate length devices. The 5 μm gate length SiC/Al4SiC4 heterostructure transistor delivers a maximum drain current of 168 mA/mm, which increases to 244 mA/mm and 350 mA/mm for gate lengths of 2 and 1 μm, respectively. The device breakdown voltage is 59.0 V, which reduces to 31.0 V and to 18.0 V in the scaled 2 μm and the 1 μm gate length transistors, respectively. The scaled down 1 μm gate length device switches faster thanks to a higher transconductance of 65.1 mS/mm compared to only 1.69 mS/mm for the 5 μm gate length device. Finally, the subthreshold slope of the scaled devices is 197.3, 97.6, and 96.1 mV/dec for gate lengths of 5, 2, and 1 μm, respectively