Research Interests:
Model Based Systems Engineering depends on correct models. However, thus far, relatively little attention has been paid to ensuring their correctness - particularly for larger system engineering models. This paper describes a methodology... more
Model Based Systems Engineering depends on correct models. However, thus far, relatively little attention has been paid to ensuring their correctness - particularly for larger system engineering models. This paper describes a methodology for performing verification and validation on models written in SysML. The method relies on a catalog of candidate requirements that can be selected and tailored for a specific project. Many of these requirements can be verified automatically. Examples of diagrams taken from an independently created SysML model of a satellite are presented to show how automated verification can be used to identify non-obvious modeling deficiencies.
This article describes an approach to cyberattack resilience modeling for an example cyberphysical system – a network controlling an electric power distribution station. The approach is based on survivability analysis and uses Markov... more
This article describes an approach to cyberattack resilience modeling for an example cyberphysical system – a network controlling an electric power distribution station. The approach is based on survivability analysis and uses Markov models implemented using Matlab and SysML. Example results from a transient analysis of the system are shown to demonstrate the utility of the approach.
Research Interests:
Software failure rate, long a primary reliability measure, is difficult to apply in a distributed computing environment with an uncontrolled number of active nodes and usage patterns. Since it is not useful as a measure, it is also not a... more
Software failure rate, long a primary reliability measure, is difficult to apply in a distributed computing environment with an uncontrolled number of active nodes and usage patterns. Since it is not useful as a measure, it is also not a good prediction tool during software development. Instead we assess reliability of software segments in terms of the severity of system level effects of their failure modes and the extent of the protection (fault detection and recovery) that is built into the program. Where the protection provisions cover all failure modes that can cause high severity failures, and where the effectiveness of the provisions has been established by test, the program may be considered reliable even in the absence of a quantitative failure rate assessment. We describe UML based FMEA procedures as a means of focusing of V&V activities on coverage and effectiveness of protective measures, and recommend pursuit of these procedures as a means of reducing the cost of high re...
This paper presents an analytical model and software tool that can be used by non-experts to relate FAA maintenance resources including staffing, training, shift allocation, and geographical deployment to NAS facility and service downtime... more
This paper presents an analytical model and software tool that can be used by non-experts to relate FAA maintenance resources including staffing, training, shift allocation, and geographical deployment to NAS facility and service downtime and availability. The analytical methodology and tool presented in this paper make it possible for any user to rapidly assess how changes in staffing, training, equipment count, and reliability will impact outage time, availability, maintenance backlog and technician utilization. It allows users to easily perform parametric studies on a variety of what if scenarios related to economics and capacity. The most significant benefit is that these results cam now be made available to analysts and decision makers. The net result will be more informed decisions that to account for the impact of maintenance resources on NAS capacity and overall economics.
: A growing need exists for improved fault tolerance, reliability, and testability in distributed systems which support Command, Control and Communications and Intelligence (C3I) activities. The objective of this study is to provide a... more
: A growing need exists for improved fault tolerance, reliability, and testability in distributed systems which support Command, Control and Communications and Intelligence (C3I) activities. The objective of this study is to provide a foundation for the development of design measures and guidelines for the design of fault tolerant systems. Taxonomies of fault tolerance and distributed systems are developed, and typical Air Force C3I needs in both fault tolerant and distributed computer systems are characterized. Reliability and availability experience for ten typical computer systems is reported in a consistent format, and the data are analyzed from the perspective of a distributed system user. Previous work on the identification of problems in distributed systems and design methods for their solutions is discussed. Key issues in the design of fault tolerant distributed systems are identified. Fault location techniques for specific computer configurations found in C3I applications a...
Research Interests:
Research Interests:
Research Interests:
Research Interests:
• Question — How can Failure Modes and Effects Analyses be generated from SysML models? • Motivation — Technical: Growing ubiquity, complexity, and safety criticality of systems containing software — Programmatic: Reduce cost and schedule... more
• Question — How can Failure Modes and Effects Analyses be generated from SysML models? • Motivation — Technical: Growing ubiquity, complexity, and safety criticality of systems containing software — Programmatic: Reduce cost and schedule burden of FMEAs to levels tolerated by developers and their management — Cultural: Growing use of SysML and • Method — Define success criterion and ensure model includes it — Create Structural models (primarily the system connections in internal block diagrams) that can be used to assess the success criterion — Create behavioral models for both normal flows and flows in the presence of simulated failures and cyber-attacks — Run simulations and log results — Analyze the logs and develop assessment artifacts.
Research Interests:
Research Interests:
This paper describes the use of standard reliability modeling techniques-Markov modeling and reliability block diagrams-to analyze a web site and develop the answers to strategic questions on the configuration and operation of high... more
This paper describes the use of standard reliability modeling techniques-Markov modeling and reliability block diagrams-to analyze a web site and develop the answers to strategic questions on the configuration and operation of high availability computing systems. The analyses are performed using MEADEP, a powerful reliability analysis tool capable of hierarchical modeling and integrating Markov and block diagram techniques. In the example 3-tier architecture e-commerce site described in this paper, it is shown that (a) the most frequently failing subsystem is not necessarily the availability bottleneck, and (b) that restoration time is often a more important parameter than availability when attempting to maximize system throughput.
Research Interests: Information Systems, Computer Science, Spine, Probabilistic Markov Modeling, Reliability Theory, and 13 moreHardware, Reliability, Predictive models, Bayesian hierarchical model, Availability, Web Server, Internet, E Commerce, Electronic Commerce, Switches, High Availability, Markov model, and Information System
Abstract : The functional capabilities of digital devices together with their comparatively low cost and physical resource requirements make it desirable to use computer based systems in all areas of USAF activities and particularly for... more
Abstract : The functional capabilities of digital devices together with their comparatively low cost and physical resource requirements make it desirable to use computer based systems in all areas of USAF activities and particularly for those aboard aircraft. Of special concern is the use of such systems where the failure of a computer can cause loss of the aircraft and flight crew -- the use of computers in flight critical applications. Special reliability and fault tolerance (RAFT) techniques are being used within ASD and also in other military and civilian aircraft organizations to minimize and cope with the effect of failure. However, each installation of computers in connection with a flight critical function is being treated as a special case, and there are few guidelines for establishing requirements for such systems, managing their development or conducting acceptance or certification tests. This Computer Resources Handbook for Flight Critical Systems is intended as a step in filling this need. The Handbook is intended to cover the entire life cycle of a weapon system: concept definition, development, test, and operation and maintenance. Emphasis is placed on the early stages of the life cycle because deficiencies introduced there can be remedied in later stages only at very great cost. (Author)
Research Interests:
This paper describes a method for automated generation of Failure Modes and Effects Analyses from SysML models containing block definition diagrams, internal block diagrams, state transition machines, and activity diagrams. The SysML... more
This paper describes a method for automated generation of Failure Modes and Effects Analyses from SysML models containing block definition diagrams, internal block diagrams, state transition machines, and activity diagrams. The SysML model can be created in any SysML modeling tool and then an analysis is performed using the AltaRica language and modeling tool. An example using a simple satellite and ground user shows the approach.
With the increasing air traffic and growth of deployed FAA equipment, high equipment availability and low outage time is also becoming more important. While the use of simulation models and simple queuing models for assessing the impact... more
With the increasing air traffic and growth of deployed FAA equipment, high equipment availability and low outage time is also becoming more important. While the use of simulation models and simple queuing models for assessing the impact of staffing on availability has been available for more than 5 decades, it has not been widely used because of the cost and
Research Interests: Computer Science, Human Resource Management, Economic Forecasting, Safety, Air traffic control, and 14 moreNational Airspace System, Reliability, Maintenance Engineering, Predictive models, FAA, Analytical Model, Discrete Event Simulation, Availability, Software Tool, Decision Maker, Simulation Models, Simulation Model, Parametric Study, and Queuing Model
Research Interests:
Research Interests:
A distributed fault tolerant system for process control based on an enhancement of the distributed recovery block has been implemented and integrated into a chemical processing system. Fault tolerance provisions in the system cover... more
A distributed fault tolerant system for process control based on an enhancement of the distributed recovery block has been implemented and integrated into a chemical processing system. Fault tolerance provisions in the system cover software faults by use of the distributed recovery block (DRB); hardware faults by means of replication, loose coupling, periodic status messages, and restart capability; and network faults by means of replication and diverse interconnection paths. Maintainability is enhanced through an automated restart capability and logging function resident on a system supervisor node.<<ETX>>
Research Interests:
Research Interests:
ABSTRACT
Research Interests:
ABSTRACT
Research Interests:
ABSTRACT
Research Interests:
A model that predicts staffing requirements in the National Air Space (NAS) Facilities using three sub-models (preventative maintenance, watch-standing, and corrective maintenance) is described. The means by which service metrics can be... more
A model that predicts staffing requirements in the National Air Space (NAS) Facilities using three sub-models (preventative maintenance, watch-standing, and corrective maintenance) is described. The means by which service metrics can be defined using these models is proposed, and the benefit of being able to use these service metrics as a basis for predicting the cost of service is explained. The results of this model can be used to estimate the cost of meeting Service Level Agreements between the maintainers and users of NAS facilities and services.
Research Interests:
ABSTRACT
Research Interests:
This paper describes an approach reliability and maintainability practices and programs that address problems specific to software intensive space systems. Elements of these programs include a precise statement of reliability... more
This paper describes an approach reliability and maintainability practices and programs that address problems specific to software intensive space systems. Elements of these programs include a precise statement of reliability requirements, a reliability program that addresses software, a software development program that addresses reliability, and data collection methods that address software. Nomenclature
Research Interests:
Research Interests:
Research Interests:
Research Interests: Fault Tolerant and Ftcs
Big data is the term for a collection of data sets so large and complex that it becomes difficult to process using on-hand database management tools or traditional data processing applications. This chapter articulates some of the success... more
Big data is the term for a collection of data sets so large and complex that it becomes difficult to process using on-hand database management tools or traditional data processing applications. This chapter articulates some of the success enablers for deploying big data on clouds (BDOC), in the context of some historical perspectives and emerging global services. The chapter considers cloud and mobile applications, complex heterogeneous enterprises, and discusses big data availability for several commercial providers. In addition, the chapter offers some legal insights for successful deployment of BDOC. The chapter, in particular, highlights the emergence of emerging hybrid BDOC management roles, the development and operations (DevOps), and site reliability engineering (SRE). Finally, it highlights science, technology, engineering, and mathematics (STEM) talent cultivation and engagement, as an enabler to technical succession and future success for global enterprises of BDOC.
Research Interests:
Requirements for large information systems are not reliable if we interpret that term to mean complete, consistent and current. A General Accounting Office examination of 10 major systems shows deficiencies in generating complete... more
Requirements for large information systems are not reliable if we interpret that term to mean complete, consistent and current. A General Accounting Office examination of 10 major systems shows deficiencies in generating complete requirements and in keeping them consistent and current. Requirements analysis tools, formal methods, and recursive development formats are beneficial but do not address organizational and contractual issues. As an alternative to the current methodology we discuss a figure of merit as the key requirement and giving the developer more responsibility for trade-offs during development.
Software failure rate, long a primary reliability measure, is difficult to apply in a distributed computing environment with an uncontrolled number of active nodes and usage patterns. Since it is not useful as a measure, it is also not a... more
Software failure rate, long a primary reliability measure, is difficult to apply in a distributed computing environment with an uncontrolled number of active nodes and usage patterns. Since it is not useful as a measure, it is also not a good prediction tool during software development. Instead we assess reliability of software segments in terms of the severity of system level effects of their failure modes and the extent of the protection (fault detection and recovery) that is built into the program. Where the protection provisions cover all failure modes that can cause high severity failures, and where the effectiveness of the provisions has been established by test, the program may be considered reliable even in the absence of a quantitative failure rate assessment. We describe UML based FMEA procedures as a means of focusing of V&V activities on coverage and effectiveness of protective measures, and recommend pursuit of these procedures as a means of reducing the cost of high re...
used to determine the measure of association of candidate causes and effects during the development process and analyses can therefore be used to make adjustments in the development process. However, such data are not useful for... more
used to determine the measure of association of candidate causes and effects during the development process and analyses can therefore be used to make adjustments in the development process. However, such data are not useful for quantitative measurement of reliability, availability, recovery time, recovery probability, and extent of common mode failures in replicated systems. For such purposes, most software defect reporting systems (also called "issue trackers" or "bug trackers") are insufficient because they do not assure that operating time is collected, that all failures (whether they occur repeatedly and whether or not they can be reproduced) are recorded, and that data for consequent system recovery actions (or the lack of such actions) are recorded. Because of these problems, operating system event logs have been used to estimate quantitative parameters for software and system reliability and availability (4,5,6)
Thesis (M.S.)--University of California, Los Angeles--Engineering. Includes abstract. Includes bibliographical references.