Formal Modeling of Self-Adaptive Resource Scheduling in Cloud

A self-adaptive resource provisioning on demand is a critical factor in cloud computing.The selection of accurate amount of resources at run time is not easy due to dynamic nature of requests.Therefore,a self-adaptive strategy of resources is required to deal with dynamic nature of requests based on run time change in workload.In this paper we proposed a Cloud-based Adaptive Resource Scheduling Strategy(CARSS)Framework that formally addresses these issues and is more expressive than traditional approaches.The decision making in CARSS is based on more than one factors.TheMAPE-K based framework determines the state of the resources based on their current utilization.Timed-Arc Petri Net(TAPN)is used to model system formally and behaviour is expressed in TCTL,while TAPAAL model checker verifies the underline properties of the system.

Modeling and Verification of Aircraft Takeoff Through Novel Quantum Nets

The formal modeling and verification of aircraft takeoff is a challenge because it is a complex safety-critical operation.The task of aircraft takeoff is distributed amongst various computer-based controllers,however,with the growing malicious threats a secure communication between aircraft and controllers becomes highly important.This research serves as a starting point for integration of BB84 quantum protocol with petri nets for secure modeling and verification of takeoff procedure.The integrated model combines the BB84 quantum cryptographic protocol with powerful verification tool support offered by petri nets.To model certain important properties of BB84,a new variant of petri nets coined as Quantum Nets are proposed by defining their mathematical foundations and overall system dynamics,furthermore,some important system properties are also abstractly defined.The proposed QuantumNets are then applied for modeling of aircraft takeoff process by defining three quantum nets:namely aircraft,runway controller and gate controller.For authentication between quantum nets,the use of external places and transitions is demonstrated to describe the encryptiondecryption process of qubits stream.Finally,the developed takeoff quantum network is verified through simulation offered by colored petri-net(CPN)Tools.Moreover,reachability tree(RT)analysis is also performed to have greater confidence in feasibility and correctness of the proposed aircraft takeoff model through the Quantum Nets.

Establishing formal state space models via quantization forquantum control systems

Formal state space models of quantum control systems are deduced and a scheme to establish formal state space models via quantization could been obtained for quantum control systems is proposed. State evolution of quantum control systems must accord with Schrdinger equations, so it is foremost to obtain Hamiltonian operators of systems. There are corresponding relations between operators of quantum systems and corresponding physical quantities of classical systems, such as momentum, energy and Hamiltonian, so Schrdinger equation models of corresponding quantum control systems via quantization could been obtained from classical control systems, and then establish formal state space models through the suitable transformation from Schrdinger equations for these quantum control systems. This method provides a new kind of path for modeling in quantum control.

Research on system-of-systems combat simulation model formal specification and representation

To makesystem-of-systems combat simulation models easy to be developed and reused, simulation model formal specification and representation are researched. According to the view of system-of-systems combat simulation, and based on DEVS, the simulation model＇s fundamental formalisms are explored. It includes entity model, system-of-systems model and experiment model. It also presents rigorous formal specification. XML data exchange standard is combined to design the XML based language, SCSL, to support simulation model representation. The corresponding relationship between SCSL and simulation model formalism is discussed and the syntax and semantics of elements in SCSL are detailed. Based on simulation model formal specification, the abstract simulation algorithm is given and SCSL virtual machine, which is capable of automatically interpreting and executing simulation model represented by SCSL, is designed. Finally an application case is presented, which can show the validation of the theory and verification of SCSL.

METARO^(3):Metamorphic Relation Group for Automatic Program Repair

The application of metamorphic testing(MT)on automatic program repair(APR-MT)is used to generate a patch without test oracles by examining whether the input metamorphic relation(MR)is satisfied or not.However,the delivered patch is plausible since it may satisfy the input MR but violate other MRs.This inspires us to propose an improved approach to enhance the effectiveness of APR-MT with metamorphic relation group.Ourapproach involves three major steps.First,we formally define the repair process of APR-MT by building the model of automatic program repair and metamorphic testing separately.Then,we propose the advanced model of automatic program repair based on metamorphic relation group,named METARO^(3),which takes several MRs as input while only one MR is used in APR-MT.We additionally present two kinds of selection strategies to rank MRs in descending order of the fault detection capability,which helps shorten the repair time of finding a patch.To demonstrate the feasibility and procedure of our approach,an illustration example was conducted.The results show that METARO^(3) can improve the effectiveness of APR-MT significantly.

UBI-HIT联合硕士课程的正规模型(英文)

Existing university training curricular are usually presented using text and tables.Semantics and inter-relationships between courses are often implicit or even not defined.This paper tentatively presents a formal model of the joint UB1-HIT international master curriculum.The courses of the two years are modelled using UML and the relationships between the two years are explicitly shown.Complementarities between years 1 and 2 are also identified and possible improvements are discussed.

A Cognitive Approach to the Formalization of City and County Names in China’s Hunan Province

There were mainly six types of formalization models found in the study for 95 city and county names in China’s Hunan province,namely,the environment in a place for the place,the wish of the nomenclator for the place,the relative position of a place for the place,the resident for the place,the legend for the place,and the function of a place for the place.In the six formalization models,environment in a place for the place was the most in number,forging 47 names.Besides,the wish of the nomenclator for the place and the relative position of a place for the place came the second,taking 20 names respectively.The cognitive operation participating in the formalization was primarily single metonymy with only a few complex metonymies.Metaphtonymy could be only noted in the model of the wish of the nomenclator for the place.It was notable that single metaphor was missing in the cognitive operations.

A Simple Model for On-Sensor Phase-Detection Autofocusing Algorithm

A simple model of the phase-detection autofocus device based on the partially masked sensor pixels is described. The cross-correlation function of the half-images registered by the masked pixels is proposed as a focus function. It is shown that—in such setting—focusing is equivalent to searching of the cross-correlation function maximum. Application of stochastic approximation algorithms to unimodal and non-unimodal focus functions is shortly discussed.

Formal modeling and quantitative evaluation for information system survivability based on PEPA

Survivability should be considered beyond security for information system. To assess system survivability accurately, for improvement, a formal modeling and analysis method based on stochastic process algebra is proposed in this article. By abstracting the interactive behaviors between intruders and information system, a transferring graph of system state oriented survivability is constructed. On that basis, parameters are defined and system behaviors are characterized precisely with performance evaluation process algebra （PEPA）, simultaneously considering the influence of different attack modes. Ultimately the formal model for survivability is established and quantitative analysis results are obtained by PEPA Workbench tool. Simulation experiments show the effectiveness and feasibility of the developed method, and it can help to direct the designation of survivable system.

EasyModel:A Refinement-Based Modeling and Verification Approach for Self-Adaptive Software

Self-adaptive software(SAS)is gaining popularity as it can reconfigure itself in response to the dynamic changes in the operational context or itself.However,early modeling and formal analysis of SAS systems becomes increasingly difficult,as the system scale and complexity is rapidly increasing.To tackle the modeling difficulty of SAS systems,we present a refinement-based modeling and verification approach called Easy Model.Easy Model integrates the intuitive Unified Modeling Language(UML)model with the stepwise refinement Event-B model.Concretely,EasyModel:1)creates a UML profile called AdaptML that provides an explicit description of SAS characteristics,2)proposes a refinement modeling mechanism for SAS systems that can deal with system modeling complexity,3)offers a model transformation approach and bridges the gap between the design model and the formal model of SAS systems,and 4)provides an efficient way to verify and guarantee the correct behaviour of SAS systems.To validate EasyModel,we present an example application and a subject-based experiment.The results demonstrate that EasyModel can effectively reduce the modeling and formal verification difficulty of SAS systems,and can incorporate the intuitive merit of UML and the correct-by-const ruction merit of Event-B.

A METHOD FOR PERFORMANCE MODELING AND EVALUATION OF LDPC DECODER ARCHITECTURE

This paper presents a high-throughput memory efficient decoder for low density parity check(LDPC)codes in the high-rate wireless personal area network application.The novel techniques which can apply to our selected LDPC code is proposed,including parallel blocked layered decoding architecture and simplification of the WiGig networks.State-of-the-art flexible LDPC decoders cannot simultaneously achieve the high throughput mandated by these standards and the low power needed for mobile applications.This work develops a flexible,fully pipelined architecture for the IEEE 802.11ad standard capable of achieving both goals.We use Real Time–Performance Evaluation Process Algebra(RT-PEPA)to evaluate a typical LDPC Decoder system’s performance.The approach is more convenient,flexible,and lower cost than the former simulation method which needs to develop special hardware and software tools.Moreover,we can easily analyze how changes in performance depend on changes in a particular mode by supplying ranges for parameter values.

A formal model for access control with supporting spatial context

There is an emerging recognition of the importance of utilizing contextual information in authorization decisions. Controlling access to resources in the field of wireless and mobile networking require the definition of a formal model for access control with supporting spatial context. However, traditional RBAC model does not specify these spatial requirements. In this paper, we extend the existing RBAC model and propose the SC-RBAC model that utilizes spatial and location-based information in security policy definitions. The concept of spatial role is presented, and the role is assigned a logical location domain to specify the spatial boundary. Roles are activated based on the current physical position of the user which obtsined from a specific mobile terminal. We then extend SC-RBAC to deal with hierarchies, modeling permission, user and activation inheritance, and prove that the hierarchical spatial roles are capable of constructing a lattice which is a means for articulate multi-level security policy and more suitable to control the information flow security for safety-critical location-aware information systems. Next, con- strained SC-RBAC allows express various spatial separations of duty constraints, location-based cardinality and temporal constraints for specify fine-grained spatial semantics that are typical in location-aware systems. Finally, we introduce 9 in- variants for the constrained SC-RBAC and its basic security theorem is proven. The constrained SC-RBAC provides the foundation for applications in need of the constrained spatial context aware access control.

Verifying Functions in Online Stock Trading Systems

Temporal colored Petri nets, an extension of temporal Petri nets, areintroduced in this paper. It can distinguish the personality of individuals (tokens), describeclearly the causal and temporal relationships between events in concurrent systems, and representelegantly certain fundamental properties of concurrent systems, such as eventuality and fairness.The use of this method is illustrated with an example of modeling and formal verification of anonline stock trading system. The functional correctness of the modeled system is formally verifiedbased on the temporal colored Petri net model and temporal assertions. Also, some main properties ofthe system are analyzed. It has been demonstrated sufficiently that temporal colored Petri nets canverify efficiently some time-related properties of concurrent systems, and provide both the powerof dynamic representation graphically and the function of logical inference formally. Finally,future work is described.

A formal model for integrity protection based on DTE technique

In order to provide integrity protection for the secure operating system to satisfy the structured protection class＇ requirements, a DTE technique based integrity protection formalization model is proposed after the implications and structures of the integrity policy have been analyzed in detail. This model consists of some basic rules for configuring DTE and a state transition model, which are used to instruct how the domains and types are set, and how security invariants obtained from initial configuration are maintained in the process of system transition respectively. In this model, ten invariants are introduced, especially, some new invariants dealing with information flow are proposed, and their relations with corresponding invariants described in literatures are also discussed. The thirteen transition rules with well-formed atomicity are presented in a well-operational manner. The basic security theorems correspond to these invariants and transition rules are proved. The rationalities for proposing the invariants are further annotated via analyzing the differences between this model and ones described in literatures. At last but not least, future works are prospected, especially, it is pointed out that it is possible to use this model to analyze SE-Linux security.

Binary Logic State Transition Oriented Formal General Reliability Model

There were various conventional modeling techniques with varied semantics for system reliability assessment, such as fault trees(FT), Markov process(MP), and Petri nets. However, it is strenuous to construct and to maintain models utilizing these formalisms throughout the life cycle of system under development. This paper proposes a unified formal modeling language to build a general reliability model. The method eliminates the gap between the actual system and reliability model and shows details of the system clearly. Furthermore,the model could be transformed into FT and MP through specific rules defined by a formal language to assess system-level reliability.

Higher-Level Hardware Synthesis of the KASUMI Algorithm

Programmable Logic Devices （PLDs） continue to grow in size and currently contain several millions of gates. At the same time, research effort is going into higher-level hardware synthesis methodologies for reconfigurable computing that can exploit PLD technology. In this paper, we explore the effectiveness and extend one such formal methodology in the design of massively parallel algorithms. We take a step-wise refinement approach to the development of correct reconfigurable hardware circuits from formal specifications. A functional programming notation is used for specifying algorithms and for reasoning about them. The specifications are realised through the use of a combination of function decomposition strategies, data refinement techniques, and off-the-shelf refinements based upon higher-order functions. The off-the-shelf refinements are inspired by the operators of Communicating Sequential Processes （CSP） and map easily to programs in Handel-C （a hardware description language）. The Handel-C descriptions are directly compiled into reconfigurable hardware. The practical realisation of this methodology is evidenced by a case studying the third generation mobile communication security algorithms. The investigated algorithm is the KASUMI block cipher. In this paper, we obtain several hardware implementations with different performance characteristics by applying different refinements to the algorithm. The developed designs are compiled and tested under Celoxica＇s RC-1000 reconfigurable computer with its 2 million gates Virtex-E FPGA. Performance analysis and evaluation of these implementations are included.

A formal model for plastic human computer interfaces

The considerable and significant progress achieved in the design and development of new interaction devices between man and machine has enabled the emergence of various powerful and efficient input and/or output devices. Each of these new devices brings specific interaction modes. With the emergence of these devices, new interaction techniques and modes arise and new interaction capabilities are offered. New user interfaces need to be designed or former ones need to evolve. The design of so called plastic user interfaces contributes to handling such evolutions. The key requirement for the design of such a user interface is that the new obtained user interface shall be adapted to the application and have, at least, the same behavior as the previous （adapted） one. This paper proposes to address the problem of user interface evolution due to the introduction of new interaction devices and/or new interaction modes. More, precisely, we are interested by the study of the design process of a user interface resulting from the evolution of a former user interface due to the introduction of new devices and/or new interaction capabilities. We consider that interface behaviors are described by labelled transition systems and comparison between user interfaces is handled by an extended definition of the bi-simulation relationship to compare user interface behaviors when interaction modes are replaced by new ones.

A Theory of Hybrid Diagnosis

This paper establishes a formal model for hybrid diagnosis, novelfeatures including: (1) It provides a unified theoretical framework for utilizing de-vice models and heuristics in diagnosis, which naturally integrates all the importantcomponents of diagnosis - the structural and behavioral description of devices, faultmodes, the lower and upper fault bounds, fault possibilities and heuristic rules -into a diagnostic system. Device models predict outputs from inputs, heuristic rulesinfer the possibilities of certain components being faulty from symptoms, and yetthe combination of both constrains each other for us to reduce the hypothesis space.(2) It presents a typical way of modeling behavior of devices, to which the key isthe introduction of I-O functions with indefinite inputs/outputs. (3) It can easily beimplemented over a forward-chaining inference engine.

Formal analysis and design of multi-party fair exchange protocols

Based on the origin of message items and channel combination between transacting parties, and events and relations among events, this paper presents a concise, precise, and hierarchical model for general fair exchange protocols, formally specifies various security requirements which are able to reflect inherent requirements for fair exchange protocols more rigorously, and partition these security requirements with fine granularity. This work helps analyze, debug, and design multi-party fair exchange protocols more effectively and elaborately,