Proceedings Third IEEE International High-Assurance Systems Engineering Symposium (Cat. No.98EX231)

13-14 Nov. 1998

Filter Results

Displaying Results 1 - 25 of 41
  • Proceedings Third IEEE International High-Assurance Systems Engineering Symposium (Cat. No.98EX231)

    Publication Year: 1998
    Request permission for reuse | PDF file iconPDF (383 KB)
    Freely Available from IEEE
  • Checking modification tolerance

    Publication Year: 1998, Page(s):4 - 12
    Cited by:  Papers (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (143 KB)

    We elaborate a relational framework which allows the modeling and analysis of unintended and fault-tolerant system behavior. The framework is based on the notions of concurrent finite state machines and on tolerance and error relations over the state set of these machines. The focus is on permanent errors which modify the transition structure of these machines. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Formal specification in collaborative design of critical software tools

    Publication Year: 1998, Page(s):13 - 20
    Cited by:  Papers (7)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (229 KB)

    Engineers use software tools to analyze designs for critical systems. Because important decisions are based on tool results, tools must provide valid modeling constructs, engineers must understand them to validate their models; and tools must be implemented without major error. Such tools thus demand careful conceptual and software design. One aspect of such design is the use of rigorous specifica... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Combining various solution techniques for dynamic fault tree analysis of computer systems

    Publication Year: 1998, Page(s):21 - 28
    Cited by:  Papers (42)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (66 KB)

    Fault trees provide a conceptually simple modeling framework to represent system-level reliability in terms of interactions between component reliabilities. DIFtree (Dynamic Innovative Fault trees) effectively combines the best static fault tree solution technique (binary decision diagrams) with Markov solution techniques for dynamic fault trees. DIFtree includes advanced techniques for modeling c... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using composition to design secure, fault-tolerant systems

    Publication Year: 1998, Page(s):29 - 32
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (38 KB)

    Complex systems must be analyzed in smaller pieces. Analysis must support both bottom-up (composition) and top-down (refinement) development, and it must support the consideration of several critical properties, e.g. functional correctness, fault tolerance and security, as appropriate. We describe a mathematical framework, called the CSS (Composability for Secure Systems) framework, for performing... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Log-logistic software reliability growth model

    Publication Year: 1998, Page(s):34 - 41
    Cited by:  Papers (40)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (110 KB)

    The finite-failure non-homogeneous Poisson process (NHPP) models proposed in the literature exhibit either constant, monotonic increasing or monotonic decreasing failure occurrence rates per fault, and are inadequate to describe the failure processes underlying certain failure data sets. In this paper, we propose the log-logistic reliability growth model, which can capture the increasing/decreasin... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A flexible software architecture for high availability computing

    Publication Year: 1998, Page(s):42 - 49
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (68 KB)

    Presents an overview of the Chameleon architecture for supporting a wide range of criticality requirements in a heterogeneous network environment. Chameleon employs ARMORs (Adaptive, Reconfigurable and Mobile Objects for Reliability) to synthesize different fault-tolerant configurations and to maintain run-time adaptation to changes in the fault tolerance requirements of an application. ARMORs hav... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • ROAFTS: a middleware architecture for real-time object-oriented adaptive fault tolerance support

    Publication Year: 1998, Page(s):50 - 57
    Cited by:  Papers (20)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (331 KB)

    A middleware architecture named ROAFTS (Real-time Object-oriented Adaptive Fault Tolerance Support) is presented. ROAFTS is designed to support adaptive fault-tolerant execution of not only conventional process-structured distributed real-time (RT) application software but also new-style object-structured distributed RT application software. While ROAFTS contains fault tolerance schemes devised fo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Design considerations in Boeing 777 fly-by-wire computers

    Publication Year: 1998, Page(s):64 - 72
    Cited by:  Papers (37)  |  Patents (1)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (175 KB)

    The new technologies in flight control avionics systems selected for the Boeing 777 airplane program consist of the following: fly-by-wire (FBW), the ARINC 629 data bus, and deferred maintenance. The FBW must meet extremely high levels of functional integrity and availability. The heart of the FBW concept is the use of triple redundancy for all hardware resources: the computing system, airplane el... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Software component independence

    Publication Year: 1998, Page(s):74 - 81
    Cited by:  Papers (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (74 KB)

    Independence is a fundamental requirement for calculating system reliability from component reliabilities, whether in hardware or software systems. Markov analysis is often used in such calculation; however, procedures as conventionally used do not qualify as nodes in a Markov system. We outline the requirements for several classes of component independence and use the CPS (continuation passing st... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using classification trees for software quality models: lessons learned

    Publication Year: 1998, Page(s):82 - 89
    Cited by:  Papers (6)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (192 KB)

    High software reliability is an important attribute of high-assurance systems. Software quality models yield timely predictions of reliability indicators on a module-by-module basis, enabling one to focus on finding faults early in development. This paper introduces the CART (Classification And Regression Trees) algorithm to practitioners in high-assurance systems engineering. This paper presents ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The application of fuzzy enhanced case-based reasoning for identifying fault-prone modules

    Publication Year: 1998, Page(s):90 - 97
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (192 KB)

    As highly reliable software is becoming an essential ingredient in many systems, the process of assuring reliability can be a time-consuming, costly process. One way to improve the efficiency of the quality assurance process is to target reliability enhancement activities to those modules that are likely to have the most problems. Within the field of software engineering, much research has been pe... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Estimating the number of residual defects [in software]

    Publication Year: 1998, Page(s):98 - 105
    Cited by:  Papers (7)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (122 KB)

    The number of residual defects is one of the most important factors that allows one to decide if a piece of software is ready to be released. In theory, one can find all the defects and count them. However, it is impossible to find all the defects within a reasonable amount of time. Estimating the defect density can become difficult for high-reliability software, since the remaining defects can be... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • System survivability through security bug tolerance

    Publication Year: 1998
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (6 KB)

    Summary form only given. A traditional approach to system security is the construction of entirely new software that satisfy well defined security properties. However, the market pressure towards features seems to make such approach infeasible in the near term. Increasingly, commercial off-the-shelf software such as Windows NT is being used in mission critical information infrastructures. Therefor... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Design for constraint violation detection in safety-critical systems

    Publication Year: 1998, Page(s):109 - 116
    Cited by:  Papers (1)  |  Patents (5)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (57 KB)

    In safety critical systems, certain safety constraints must be satisfied before an operation can be performed. Such constraints typically depend on the state of the system at the instant of invocation of the operation. Further, for a specific version in a family of related systems, its intended application and the individual user profiles may play a role in determining the constraints. To promote ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fault and leak tolerance in firewall engineering

    Publication Year: 1998, Page(s):117 - 122
    Cited by:  Papers (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (176 KB)

    The idea and associated benefits of a Firewall cascade, with the firewalls (FWs) placed across a large complex network, distributed system has been proposed and evaluated by the authors (R.N. Smith and S. Bhattacharya, 1997). The paper extends the FW cascade approach to illustrate its applicability in a perspective of FW fault tolerance. We target the class of FW faults that are due to design erro... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Verification in concurrent programming with Petri nets structural techniques

    Publication Year: 1998, Page(s):124 - 133
    Cited by:  Papers (7)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (108 KB)

    The paper deals with verification of flow control in concurrent programs. We use the Ada language model as reference. After translation of Ada programs into Petri nets (named Ada nets for Ada programs), we show how one can fully exploit the relationship between the behavior of the concurrent program and the structure of the corresponding Petri net. Using the siphon structure, we specify some struc... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Automatic verification on the large

    Publication Year: 1998, Page(s):134 - 141
    Cited by:  Papers (10)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (145 KB)

    An automatic verification method from a high level resource management standpoint is presented. Various manipulators can be incorporated in the method to construct, refine, reduce, and model-check state space representation. Proper combinations of manipulators can then be picked strategically by users or computers for less resource (time and space) consumption. An algorithm based on group theory t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Incremental development of a high integrity compiler: experience from an industrial development

    Publication Year: 1998, Page(s):142 - 149
    Cited by:  Papers (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (196 KB)

    We have developed and successfully applied a technique to build a high integrity compiler from Pasp, a Pascal-like language, to ASP, the target language for a high integrity processor designed for the UK's Atomic Weapons Establishment at Aldermaston. We overview the technique itself, including a description of how it can be extended to separate compilation. We also describe some of our experiences... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Specifying and verifying temporal behavior of high assurance systems using reachability tree logic

    Publication Year: 1998, Page(s):150 - 156
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (378 KB)

    The paper presents our reachability tree logic (RTL) and its integration with temporal Petri nets to specify and verify the temporal behavior of high assurance systems. In addition, we demonstrate how to reduce the complexity of a model checking algorithm by using the reachability tree. We have implemented a specification and verification toolkit called NCUPN (National Central University Petri Net... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Object-oriented software testing-some research and development

    Publication Year: 1998, Page(s):158 - 165
    Cited by:  Papers (3)  |  Patents (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (137 KB)

    It is widely accepted that the OO paradigm will significantly increase software reusability, extendibility, interoperability, and reliability. This is also true for high assurance systems engineering, provided that the systems are tested adequately. Software testing is an important software quality assurance activity to ensure that the benefits of OO programming will be realized. OO software testi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Good enough versus high assurance software testing and analysis methods

    Publication Year: 1998, Page(s):166 - 175
    Cited by:  Papers (7)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (2093 KB)

    Good enough evaluation methods are reviewed, including low volume statistical testing. High assurance software is viewed as requiring high volume statistical testing, or analysis methods that prove that a program has certain desired properties. The weaknesses of some previous high assurance strategies are discussed, and a new approach called pattern directed testing and analysis is described. In t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Enhancing competitiveness via a public fault and failure data repository

    Publication Year: 1998, Page(s):178 - 185
    Cited by:  Papers (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (62 KB)

    Today most software companies are under pressure to get reliable software products built quickly. To assist both industry and researchers, the Information Technology Laboratory (ITL) at NIST in the US, has initiated the Reference Data: Software Error, Fault, Failure Data Collection & Analysis Repository Project. Usually referred to as the EFF Project, the project treats the term "error" as the... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Analytical partition of software components for evolvable and reliable MEMS design tools

    Publication Year: 1998, Page(s):188 - 199
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (195 KB)

    Transforming software requirements into a software design involves the iterative partition of a solution into software components. The process is human-intensive and does not guarantee that design objectives such as reusability, evolvability, and reliable performance are satisfied. The costly process of designing, building, and modifying high assurance systems motivates the need for precise method... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Predictable safety in the control of high consequence systems

    Publication Year: 1998, Page(s):200 - 204
    Cited by:  Patents (2)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (49 KB)

    Many industries transmit large amounts of energy under the control of safety critical systems. Inadvertent release of energy by such systems can result in negative high consequences. This paper describes a principle-based strategy for preventing inadvertent release due to normal operational stresses or abnormal (e.g., accident) stresses. The safety principles, developed by Sandia National Laborato... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.