Diagnosis of repeated failures for discrete event systems with linear-time temporal-logic specifications

In our earlier work, we introduced a state-based approach for the diagnosis of repeatedly occurring failures in discrete event systems (DESs). Since temporal logic provides a simpler way of specifying system properties; in this paper, a temporal-logic-based approach for diagnosing the occurrence of a repeated number of failures is developed. Linear-time temporal-logic (LTL) formulae are used to represent the specifications of DESs. Notions of prediagnosability for failures and diagnosability for repeated failures are introduced in the setting of temporal logic. A polynomial algorithm for the test of prediagnosability for failures is provided. The diagnosis problem for repeated failures in the temporal-logic setting is reduced to one in a state-based setting, and so the prior results of a state-based repeated failure diagnosis can be applied. Finally, a simple example is given for illustration. Note to Practitioners-Certain failures in a system are repeatable, such as routing errors in a manufacturing system. A theory for the diagnosis of such failures was presented in an earlier work of Jiang et al. The present paper uses temporal logic to specify such failures. It turns out that repeatable failures can be specified as violations of invariant properties (i.e., properties that must always hold). Given an invariant property that the system must always satisfy, an algorithm is presented to refine the system model and label those states of the refined system where the property is violated. The problem of repeated diagnosis then requires determining, within a bounded delay, each time a "failure-state" is visited. For this analysis, the existing theory developed by Jiang et al. is used.     

Generative tracking of 3D human motion in latent space by sequential clonal selection algorithm

High dimensional pose state space is the main challenge in articulated human pose tracking which makes pose analysis computationally expensive or even infeasible. In this paper, we propose a novel generative approach in the framework of evolutionary computation, by which we try to widen the bottleneck with effective search strategy embedded in the extracted state subspace. Firstly, we use ISOMAP to learn the low-dimensional latent space of pose state in the aim of both reducing dimensionality and extracting the prior knowledge of human motion simultaneously. Then, we propose a manifold reconstruction method to establish smooth mappings between the latent space and original space, which enables us to perform pose analysis in the latent space. In the search strategy, we adopt a new evolutionary approach, clonal selection algorithm (CSA), for pose optimization. We design a CSA based method to estimate human pose from static image, which can be used for initialization of motion tracking. In order to make CSA suitable for motion tracking, we propose a sequential CSA (S-CSA) algorithm by incorporating the temporal continuity information into the traditional CSA. Actually, in a Bayesian inference view, the sequential CSA algorithm is in essence a multilayer importance sampling based particle filter. Our methods are demonstrated in different motion types and different image sequences. Experimental results show that our CSA based pose estimation method can achieve viewpoint invariant 3D pose reconstruction and the S-CSA based motion tracking method can achieve accurate and stable tracking of 3D human motion.     

Diagnosing rediscovered software problems using symptoms

This paper presents an approach to automatically diagnosing rediscovered software failures using symptoms, in environments in which many users run the same procedural software system. The approach is based on the observation that the great majority of field software failures are rediscoveries of previously reported problems and that failures caused by the same defect often share common symptoms. Based on actual data, the paper develops a small software failure fingerprint, which consists of the procedure call trace, problem detection location, and the identification of the executing software. The paper demonstrates that over 60 percent of rediscoveries can be automatically diagnosed based on fingerprints; less than 10 percent of defects are misdiagnosed. The paper also discusses a pilot that implements the approach. Using the approach not only saves service resources by eliminating repeated data collection for and diagnosis of reoccurring problems, but it can also improve service response time for rediscoveries     

Integrated static code analysis and runtime verification

Static code analysis tools automatically generate alerts for potential software faults that can lead to failures. However, these tools usually generate a very large number of alerts, some of which are subject to false positives. Because of limited resources, it is usually hard to inspect all the alerts. As a complementary approach, runtime verification techniques verify dynamic system behavior with respect to a set of specifications. However, these specifications are usually created manually based on system requirements and constraints. In this paper, we introduce a noval approach and a toolchain for integrated static code analysis and runtime verification. Alerts that are generated by static code analysis tools are utilized for automatically generating runtime verification specifications. On the other hand, runtime verification results are used for automatically generating filters for static code analysis tools to eliminate false positives. The approach is illustrated for the static analysis and runtime verification of an open‐source bibliography reference manager software. Copyright © 2014 John Wiley & Sons, Ltd.     

Observer‐based Reliable Control for Discrete Time Systems: An Average Dwell Time Approach

This paper deals with the problem of reliable control for discrete time systems with actuator failures. The actuator is assumed to fail occasionally and can recover over a time interval. During the time of suffering failures, the considered closed‐loop system is assumed unstable. Using an average dwell time method and under the condition that the activation time ratio between the system without actuator failures and the system with actuator failures is not less than a specified constant, an observer‐based feedback controller is developed in terms of linear matrix inequalities such that the resulting closed‐loop system is exponentially stable. An example is included to demonstrate the effectiveness of the proposed approach.     

Code-based prioritization: a pre-testing effort to minimize post-release failures

Improving the efficiency of the testing process is a challenging goal. Prior work has shown that often a small number of errors account for the majority of software failures; and often, most errors are found in a small portion of a source code. We argue that prioritizing code elements before conducting testing can help testers focus their testing effort on the parts of the code most likely to expose errors. This can, in turn, promote more efficient testing of software. Keeping this in view, we propose a testing effort prioritization method to guide tester during software development life cycle. Our approach considers five factors of a component such as Influence value, Average execution time, Structural complexity, Severity and Value as inputs and produce the priority value of the component as an output. Once all components of a program have been prioritized, testing effort can be apportioned so that the components causing more frequent and/or more severe failures will be tested more thoroughly. Our proposed approach is effective in guiding testing effort as it is linked to external measure of defect severity and business value, internal measure of frequency and complexity. As a result, the failure rate is decreased and the chance of severe type of failures is also decreased in the operational environment. We have conducted experiments to compare our scheme with a related scheme. The results establish that our proposed approach that prioritizes the testing effort within the source code is able to minimize highly severed types of failures and also number of failures at the post-release time of a software system.     

Human factors risk assessment: An integrated method for improving safety in clinical use of medical devices

Medical devices play a critical role in care and treatment. The human-related failures can significantly affect the safety of patients in clinical use of medical devices. This study develops a comprehensive risk assessment model for identification and evaluation of failures which may occur in the clinical use of medical devices. First, the “Swiss cheese” model and SHEL model (the acronym of software, hardware, environment, and liveware) are integrated to comprehensively identify the potential human errors. Then, a new failure mode and effects analysis (FMEA) approach improved by rough set theory and grey relational analysis is developed to assess the risk of the identified failures. The proposed method integrates the strengths of the “Swiss cheese” and SHEL model in identifying human failures from both the vertical and horizontal perspectives of the system, and the advantages of the improved FMEA approach in flexibly manipulating vague information in risk evaluation without much priori information. Finally, the proposed method is applied in clinical use of respirator to verify its efficiency and effectiveness.     

考虑电磁铁故障的磁浮列车单悬浮模块的容错控制

本文针对参数具有不确定性的磁浮列车单模块悬浮系统,利用线性矩阵不等式(LMI)方法,设计了对执行器失效具有完整性的容错控制器.同时考虑到工程实际的需要,引入权重概念对控制律进行修改,并利用数值方法对新控制律作用下闭环系统的稳定性进行验证.对不同执行器故障模式下悬浮间隙的变化进行了仿真分析,结果表明该方法对闭环系统的参数不确定性具有鲁棒性,对部分执行器失效具有容错能力.     

Fuzzy Bayesian reliability and availability analysis of production systems

To have effective production planning and control, it is necessary to calculate the reliability and availability of a production system as a whole. Considering only machine reliability in the calculations would most likely result unmet due dates. In this study, a new modelling approach for determining the reliability and availability of a production system is proposed by considering all the components of the system and their hierarchy in the system structure. Components of a production system are defined as production processes; components of the processes are defined as sub-processes. In this hierarchical structure we could model all kinds of failures such as material and supply, management and personnel, and machine and equipment. In the analysis, a fuzzy Bayesian method is used to quantify the uncertainties in the production environment. The suggested modelling approach is illustrated on an example. In the example, also a separate reliability and availability analysis is conducted which only considered machine failures, and the results of both analyses are compared.     

网络态势感知研究

随着Internet规模的迅速扩大,复杂性和不确定性也随之增加,基于融合的网络态势感知必将成为网络管理的发展方向.在分析现有网络管理不足以及发展需求的基础上,介绍了网络态势感知的起源、概念、目标和特点.首先,提出了一个网络态势感知研究框架,介绍了研究历程,指出了研究重点以及存在的问题,并将现有评估方法分为3类:基于数学模型的方法、基于知识推理的方法、基于模式识别的方法.然后详细讨论了模型、知识表示和评估方法这3方面的研究内容,总结存在的共性问题,着重评价了每种评估方法的基本思路、评估过程和优缺点,并进行了对比分析.随后介绍了网络态势感知在安全、传输、生存性、系统评价等领域的应用研究.最后指出了网络态势感知的发展方向,并从问题体系、技术体系和应用体系3方面作了总结.     

网络态势感知研究

随着Internet规模的迅速扩大,复杂性和不确定性也随之增加,基于融合的网络态势感知必将成为网络管理的发展方向.在分析现有网络管理不足以及发展需求的基础上,介绍了网络态势感知的起源、概念、目标和特点.首先,提出了一个网络态势感知研究框架,介绍了研究历程,指出了研究重点以及存在的问题,并将现有评估方法分为3类:基于数学模型的方法、基于知识推理的方法、基于模式识别的方法.然后详细讨论了模型、知识表示和评估方法这3方面的研究内容,总结存在的共性问题,着重评价了每种评估方法的基本思路、评估过程和优缺点,并进行了对比分析.随后介绍了网络态势感知在安全、传输、生存性、系统评价等领域的应用研究.最后指出了网络态势感知的发展方向,并从问题体系、技术体系和应用体系3方面作了总结.     

Reliable observer-based H∞ control of uncertain state-delayed systems

This paper is concerned with the reliable H_∞ control design problem for linear state-delayed system using observed-based output feedback. It proposes a reliable control design scheme for the case of possibly a simultaneous presence of actuator failures and sensor failures. Modified algebraic Riccati inequalities are developed to solve the problem addressed. Based on this approach, observer-based feedback control laws are designed that guarantee closed-loop asymptotic stability and reduction of the effect of an augmented disturbance input on the controlled output of a prescribed level, not only when the system is operating properly, but also under actuator and sensor failures. A numerical example is presented to demonstrate the applicability and effectiveness of the proposed approach.     

Model-driven estimation approach for system reliability using integrated tasks and resources

The increasing complexity of software systems in embedded systems or industrial business domains has led to the importance of reliability analysis for current systems. Reliability analysis has become a crucial part of the system development life cycle, and a new approach is needed to enable an early analysis for reliability estimation, especially for the system under design. However, the existing approach neglects the correlation between system resource and system task for estimating system reliability. This subsequently restricts accuracy of the estimation as well as causing difficulties in identifying critical resources and tasks during the design phase. This paper proposes a model-driven system reliability estimation using a scenario-based approach to estimate system reliability and identify its critical resources and system tasks during the design phase. This model is based on the PerFAM model, which can specifically view timing failures through a system scenario. The proposed approach is validated by the application of a sensitivity analysis into one case study. The case study demonstrates an essential relationship between system reliability, as well as both resources and tasks, which ultimately becomes the integral part for a system reliability estimation assessment.     

最优鲁棒解析余度设计方案研究

利用广义特征结构理论求解最优鲁棒性能指标,来获得奇偶向量.采用了非线性滤 波估计传感器的误差,再补偿奇偶向量,实现了用常值门限进行故障检测;提出了均值检验法 (MVT)分离故障的最优性能指标,由此求解分离故障的检测量,并用于冗余捷联惯导系统的 故障检测与分离.     

System analysts’ orientations and perceptions of system failure

System analysts approach tasks with different orientations to their actions. Likewise, system failures are perceived to be because of a variety of causes. A survey of 239 analysts is conducted to explore the similarities between these orientations and perceptions of failure reasons. The findings indicate that analysts’ perceptions of failure reasons and their approach to development fall along similar lines. This trait enables information system management to select project teams to help avoid failures. The variety of orientations needed for success can be chosen from within the organization or training of analysts can be targeted more effectively to consider missing elements based on current orientations.     

基于CAI与综合集成思想的云平台选择方法

云计算的安全问题及市场中云供应商众多的现状,要求有基于权威框架的、有效而较全面的供应商选择方案。提出面向云计算的综合集成DCGVE选择方法：使用德尔菲法构建云计算共识评估的扩展指标体系,利用G1法与变异系数法对各指标进行主、客观综合集成赋权,引入欧氏距离来定义云平台综合最适贴近度。对CSA STAR中的报告规范化后的计算与分析表明提出的方法使用的选择准则全面,过程清晰,结果区分度较高。     

Relational programs: An architecture for robust real-time safety-critical process-control systems

Software for safety-critical systems, such as avionic, medical, defense, and manufacturing systems, must be highly reliable since failures can have catastrophic consequences. While existing methods, such as formal techniques, testing, and fault-tolerant software, can significantly enhance software reliability, they have some limitations in achieving ultrahigh reliability requirements. Formal methods are not able to cope with specification faults, testing is not able to provide high assurance, and fault-tolerant software based on diverse designs is susceptible to common-mode failures. We present a new approach that starts with a decomposition of the system requirements into a conjunction of subtasks (goals and constraints). The system state space is then projected onto a restricted space that is specialized for a subtask. The control problem corresponding to each subtask is solved and validated in its restricted “view” of the system state space. To allow the programs for the individual subtasks to be easily composed together, the model for each subtask is relational rather than functional, i.e., it represents a set of control trajectories for each input rather than just one trajectory. The overall system is obtained by composing the models for the subtasks using well-defined set intersection and union operations. The relational approach has several significant advantages. With appropriate priority assignments, it provides strong guarantees that the safety-critical components are immune to defects in other components of the system. Also, the system reliability can be rigorously derived from the component reliabilities. This significantly reduces the validation effort since the number of states and transitions in the decomposition is a fraction of those in the overall system. The system can be composed from its components either statically or dynamically; the latter facilitates on-the-fly maintenance as well as incorporation of advanced adaptive and evolving control programs. The paper contains a detailed example to illustrate the relational approach. This revised version was published online in June 2006 with corrections to the Cover Date.     

Change-point detection in failure intensity: A case study with repairable artillery systems

Repairable systems can experience unexpected environmental changes over long operational periods. Such changes affect the incidence of failures, causing different system failure patterns before and after the changes. In this article, we propose an informational change-point approach for the pattern of recurrent failures in repairable artillery systems. Unlike other trend tests, this approach provides additional information about the locations of change-points over rates of occurrence of failures (ROCOFs) as well as failure trends. We adopt the modified information criterion (MIC) proposed by Pan and Chen (2006) to detect the locations of the changes and propose sequential procedures for determining the number of change-points in independent exponential sequences. The change-point approach is applied to unscheduled maintenance data from eight artillery system exercises performed by the Republic of Korea Army. The change-point test along with a graphical presentation of estimated ROCOF lines can provide easy interpretation of changes in failure trends/intensities in a homogeneous Poisson process.     

Optimizing decomposition of software architecture for local recovery

The increasing size and complexity of software systems has led to an amplified number of potential failures and as such makes it harder to ensure software reliability. Since it is usually hard to prevent all the failures, fault tolerance techniques have become more important. An essential element of fault tolerance is the recovery from failures. Local recovery is an effective approach whereby only the erroneous parts of the system are recovered while the other parts remain available. For achieving local recovery, the architecture needs to be decomposed into separate units that can be recovered in isolation. Usually, there are many different alternative ways to decompose the system into recoverable units. It appears that each of these decomposition alternatives performs differently with respect to availability and performance metrics. We propose a systematic approach dedicated to optimizing the decomposition of software architecture for local recovery. The approach provides systematic guidelines to depict the design space of the possible decomposition alternatives, to reduce the design space with respect to domain and stakeholder constraints and to balance the feasible alternatives with respect to availability and performance. The approach is supported by an integrated set of tools and illustrated for the open-source MPlayer software.     

Robust Isolation Of Sensor Failures

Sensor self‐validity check is a critical step in system control and fault diagnostics. In this paper, a robust approach to isolate sensor failures is proposed. First, a residual model for a given system is built off‐line and directly based on input‐output measurement data. The residual model outputs are called “primary residuals” and are zero when there is no fault. Most conventional approaches to residual model generation are indirect, as they first require the determination of state‐space or other models using standard system identification algorithms. Second, a new max‐min design of structured residuals, which can maximize the sensitivity of structured residuals with respect to sensor failures, is proposed. Based on the structured residuals, one can then isolate the sensor failures. This design can also be done in an off‐line manner. It is an optimization procedure that avoids local optimal solutions. Simulation and experimental results demonstrated the effectiveness of the proposed method.