A Case Study on Formal Verification of Self-Adaptive Behaviors in a Decentralized System

Self-adaptation is a promising approach to manage the complexity of modern software systems. A self-adaptive system is able to adapt autonomously to internal dynamics and changing conditions in the environment to achieve particular quality goals. Our particular interest is in decentralized self-adaptive systems, in which central control of adaptation is not an option. One important challenge in self-adaptive systems, in particular those with decentralized control of adaptation, is to provide guarantees about the intended runtime qualities. In this paper, we present a case study in which we use model checking to verify behavioral properties of a decentralized self-adaptive system. Concretely, we contribute with a formalized architecture model of a decentralized traffic monitoring system and prove a number of self-adaptation properties for flexibility and robustness. To model the main processes in the system we use timed automata, and for the specification of the required properties we use timed computation tree logic. We use the Uppaal tool to specify the system and verify the flexibility and robustness properties.Comment: In Proceedings FOCLASA 2012, arXiv:1208.432

Dependability of IT Systems in Emergency Situations – Theory and Practice

As our dependence on IT systems increases, evaluating the dependability of critical IT systems becomes more important. One of the main challenges in software reliability engineering is the sensitivity of software systems to a changing usage. This is especially important for systems that are critical in the aftermath of a crisis and for which reliability is the most important aspect of dependability. The crisis might change the usage of the system, and this could have a negative effect on the reliability. Because crisis situations are typically rare events, both the reliability and the criticality of IT systems after a crisis situation are hard to predict. The first part of this thesis focuses on the analysis of the sensitivity of the reliability of IT systems to changes in their usage. With the help of statistical methods the effects of changing usage profiles, modelled through the use of Markov models, can be examined. After a theoretical derivation of the properties of different models for the usage of software systems, the results were validated by applying the models to the data collected from the logfiles of a webserver. Swedish municipalities also depend more and more on IT systems for their daily work. Because of their important role in the relief coordination after a crisis, the dependability of their IT systems during these emergency situations is especially critical. The evaluation of this dependability requires the combination of two kinds of information: how critically needed the IT systems are in the aftermath of a crisis and how trustworthy the critical systems are. To avoid that a failing IT system disturbs the relief work, risk and vulnerability analyses need to take into account the dependability of critical IT systems. This way, municipalities can make sure that the relief work is not critically dependent on systems that are not sufficiently reliable. The second part of this thesis describes a case study on how two Swedish municipalities deal with these issues. The study focuses especially on the division of responsibilities in the municipalities and on their current methods. The study shows that today there is much room for improvement, especially in the communication between IT personnel and emergency managers. The main goal of these case studies is to form a basis for the development of practical methods that can assist Swedish municipalities in evaluating the dependability of their IT systems and integration of this information in their emergency planning in the near future

Automating Pipelines of A/B Tests with Population Split Using Self-Adaptation and Machine Learning

A/B testing is a common approach used in industry to facilitate innovation through the introduction of new features or the modification of existing software. Traditionally, A/B tests are conducted sequentially, with each experiment targeting the entire population of the corresponding application. This approach can be time-consuming and costly, particularly when the experiments are not relevant to the entire population. To tackle these problems, we introduce a new self-adaptive approach called AutoPABS, short for Automated Pipelines of A/B tests using Self-adaptation, that (1) automates the execution of pipelines of A/B tests, and (2) supports a split of the population in the pipeline to divide the population into multiple A/B tests according to user-based criteria, leveraging machine learning. We started the evaluation with a small survey to probe the appraisal of the notation and infrastructure of AutoPABS. Then we performed a series of tests to measure the gains obtained by applying a population split in an automated A/B testing pipeline, using an extension of the SEAByTE artifact. The survey results show that the participants express the usefulness of automating A/B testing pipelines and population split. The tests show that automatically executing pipelines of A/B tests with a population split accelerates the identification of statistically significant results of the parallel executed experiments of A/B tests compared to a traditional approach that performs the experiments sequentially

DynCNET: a negotiation and coordination protocol for dynamic task assignment.

Task assignment in Multi-Agent Systems is a complex coordination problem, especially in systems that operate under dynamic and changing conditions. Adaptive task assignment is used to handle these dynamic and changing circumstances. This technical document describes an adaptive task assignment protocol, DynCNET which is an extension of the Contract Net Protocol. In this document, the DynCNET protocol will be build step by step, starting from the Contract Net protocol. We will add dynamic task assignment, synchronization of abort messages and scope handling. The final result will be the DynCNET protocol with support for synchronization of abort messages and scope handling.

On the Need for Artifacts to Support Research on Self-Adaptation Mature for Industrial Adoption

Despite the vast body of knowledge developed by the self-adaptive systems community and the wide use of self-adaptation in industry, it is unclear whether or to what extent industry leverages output of academics. Hence, it is important for the research community to answer the question: Are the solutions developed by the self-adaptive systems community mature enough for industrial adoption? Leveraging a set of empirically-grounded guidelines for industry-relevant artifacts in self-adaptation, we develop a position to answer this question from the angle of using artifacts for evaluating research results in self-adaptation, which is actively stimulated and applied by the community.Comment: 18th Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS 2023

Dealing with Drift of Adaptation Spaces in Learning-based Self-Adaptive Systems using Lifelong Self-Adaptation

Recently, machine learning (ML) has become a popular approach to support self-adaptation. ML has been used to deal with several problems in self-adaptation, such as maintaining an up-to-date runtime model under uncertainty and scalable decision-making. Yet, exploiting ML comes with inherent challenges. In this paper, we focus on a particularly important challenge for learning-based self-adaptive systems: drift in adaptation spaces. With adaptation space we refer to the set of adaptation options a self-adaptive system can select from at a given time to adapt based on the estimated quality properties of the adaptation options. Drift of adaptation spaces originates from uncertainties, affecting the quality properties of the adaptation options. Such drift may imply that eventually no adaptation option can satisfy the initial set of the adaptation goals, deteriorating the quality of the system, or adaptation options may emerge that allow enhancing the adaptation goals. In ML, such shift corresponds to novel class appearance, a type of concept drift in target data that common ML techniques have problems dealing with. To tackle this problem, we present a novel approach to self-adaptation that enhances learning-based self-adaptive systems with a lifelong ML layer. We refer to this approach as lifelong self-adaptation. The lifelong ML layer tracks the system and its environment, associates this knowledge with the current tasks, identifies new tasks based on differences, and updates the learning models of the self-adaptive system accordingly. A human stakeholder may be involved to support the learning process and adjust the learning and goal models. We present a reusable architecture for lifelong self-adaptation and apply it to the case of drift of adaptation spaces that affects the decision-making in self-adaptation. We validate the approach for a series of scenarios using the DeltaIoT exemplar

From Self-Adaptation to Self-Evolution Leveraging the Operational Design Domain

Engineering long-running computing systems that achieve their goals under ever-changing conditions pose significant challenges. Self-adaptation has shown to be a viable approach to dealing with changing conditions. Yet, the capabilities of a self-adaptive system are constrained by its operational design domain (ODD), i.e., the conditions for which the system was built (requirements, constraints, and context). Changes, such as adding new goals or dealing with new contexts, require system evolution. While the system evolution process has been automated substantially, it remains human-driven. Given the growing complexity of computing systems, human-driven evolution will eventually become unmanageable. In this paper, we provide a definition for ODD and apply it to a self-adaptive system. Next, we explain why conditions not covered by the ODD require system evolution. Then, we outline a new approach for self-evolution that leverages the concept of ODD, enabling a system to evolve autonomously to deal with conditions not anticipated by its initial ODD. We conclude with open challenges to realise self-evolution.Comment: 7 page