Task allocation in a multi-server system

We consider a slotted queueing system with $C$ servers (processors) that can handle tasks (jobs). Tasks arrive in batches of random size at the start of every slot. Any task can be executed by any server in one slot with success probability $alpha$. If a task execution fails, then the task must be handled in some later time slot until it has been completed successfully. Tasks may be processed by several servers simultaneously. In that case, the task is completed successfully if the task execution is successful on at least one of the servers. We determine the distribution of the number of tasks in the system for a broad class of task allocation strategies. Subsequently, we examine the impact of various allocation strategies on the mean number of tasks in the system and the mean response time of tasks. It is proven that both these performance measures are minimized by the strategy which always distributes the tasks over the servers as evenly as possible. Some numerical experiments are performed to illustrate the performance characteristics of the various strategies for a wide range of scenarios

Model-Based Security Testing

Security testing aims at validating software system requirements related to security properties like confidentiality, integrity, authentication, authorization, availability, and non-repudiation. Although security testing techniques are available for many years, there has been little approaches that allow for specification of test cases at a higher level of abstraction, for enabling guidance on test identification and specification as well as for automated test generation. Model-based security testing (MBST) is a relatively new field and especially dedicated to the systematic and efficient specification and documentation of security test objectives, security test cases and test suites, as well as to their automated or semi-automated generation. In particular, the combination of security modelling and test generation approaches is still a challenge in research and of high interest for industrial applications. MBST includes e.g. security functional testing, model-based fuzzing, risk- and threat-oriented testing, and the usage of security test patterns. This paper provides a survey on MBST techniques and the related models as well as samples of new methods and tools that are under development in the European ITEA2-project DIAMONDS.Comment: In Proceedings MBT 2012, arXiv:1202.582

A Study of the PDGF Signaling Pathway with PRISM

In this paper, we apply the probabilistic model checker PRISM to the analysis of a biological system -- the Platelet-Derived Growth Factor (PDGF) signaling pathway, demonstrating in detail how this pathway can be analyzed in PRISM. We show that quantitative verification can yield a better understanding of the PDGF signaling pathway.Comment: In Proceedings CompMod 2011, arXiv:1109.104

PUF-based authentication protocol to address ticket-switching of RFID-tagged items

Ticket-switching incidents where customers switch the price tag or bar code in order to pay a lower amount for their ‘purchased item’ is not uncommon in retail stores. Since the item has to pass through a check-out counter before leaving the store, it has a (even if miniscule) positive probability of being identified. However, when item-level RFID tags are used in an automated check-out environment, the probability of such incidents coming to light is estimated to be almost zero. We propose an authentication protocol for this scenario using a pair of item-level RFID tags, one of which is PUF-enabled to resist cloning attacks

Why men (and octopuses) cannot juggle a four ball cascade

The most common juggling pattern is the three ball cascade. A four ball cascade seems to be infeasible, but why? We formalize the notion of a cascade and the decomposition of juggling patterns in order to give an answer to this question

Checking secrecy by means of partial order reduction

We propose a partial order reduction for model checking security protocols for the secrecy property. Based on this reduction, we develop an automatic tool that can check security protocols for secrecy, given a finite execution scenario. We compare this tool to several other tools