Failure Behavior Analysis for Reliable Distributed Embedded Systems

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Failure Behavior Analysis for Reliable Distributed Embedded Systems"

Transcription

1 Failure Behavior Analysis for Reliable Distributed Embedded Systems Mario Tra, Bernd Schürmann, Torsten Tetteroo {tra schuerma Deartment of Comuter Science, University of Kaiserslautern Abstract Failure behavior analysis is a very imortant hase in develoing large distributed embedded systems with weak safety requirements which do graceful degradation in case of failures. Today, the analysis will usually be done by standard methods like FTA and FMEA considering the existence of faults, only. Gradations of errors are not regarded, although this is a very coarse system behavior aroximation. In contrast to that, our advanced failure behavior analysis yields more sohisticated and graded results. We obtain comrehensive results by assigning a quality descrition to all the information in a system and extending the ure information flow to an information quality flow, that models system failure behavior, too. We model this information quality flow by object-oriented hierarchical etri nets. Large arts of these nets can automatically be generated from the existing behavioral system structure. A net simulator enables us to erform all the sohisticated analyses we need to examine the failure behavior. 1 Introduction 1..* system tasks 1..* Task < sends information Failure Analysis is one of the main asects in develoing reliable embedded systems. Knowing the effects of faults on the system behavior enables the develoer to strengthen the weak oints and to revent the system from failing in the case of faults. In safety critical systems, e.g. drive-by-wire systems, failures must be revented, wherefore redundant comonents or functionality are added. Our research grou focuses on the develoment of large embedded systems with weak safety requirements like building automation systems. Preventing all ossible failures is not necessary, and, of course, too exensive in these systems. Therefore, our aroach meets the idea of graceful degradation. We allow certain failures, however, they must be controllable in order to obtain guaranteed and redictable gradations of the system functionality. These gradations can be seen as different failure modes of the system. We use an object-oriented aroach to model the system. Figure 1 shows the simlified data model used in our develoing rocess as an UML class diagram [1]. The system behavior is realized by tasks. Tasks are related to other tasks by the information they interchange. Each task is realized in a system comonent, which can aggregate other subcomonents, creating a structural hierarchy. One aroriate requirements analysis rocess ro- Fig. 1. Simlified data model. ducing data which can be maed to that simlified data model is, for examle, the requirements engineering rocess for large distributed reactive systems develoed in our research grou [2]. It has to be mentioned that the real data model is more comlex than it is shown in figure 1, but it could be transformed to the simlified model. To realize a controllable and redictable gradation of the system functionality, it is necessary to analyze which faults affect the system behavior. A fault causes a gradation of functionality, switching the system to a secific failure mode. Deending on that mode, a succeeding fault causes another failure mode. Therefore, the analysis must be able to handle successive faults and their chronological order. Furthermore, it is imortant to analyze in detail how faults affect the system. In section 2, we give an overview of related failure analysis and verification techniques. Then, we describe our analysis aroach in sections 3 and 4. 2 Related Work System realized in > Comonent system comonents subcomonents There exist a lot of techniques and methods to analyze and to verify systems, so that this section can give an incomlete overview, only. The techniques and methods can be divided into two grous: On the one hand there are formal verification techniques like model checking and markov chains, on the other hand there are semi-formal methods like fault tree analysis and failure mode and effects analysis. Fault Tree Analysis (FTA) is a to down aroach: It starts with system failure situations which must be avoided, and analyzes how these failures can be caused by faults of subsystems or system comonents. The faults are combined by boolean exressions like and, or, not, etc. roducing boolean equations as the result of FTA [3]. Usually, FTA does not consider different modes of the system excet success and failure, and it considers neither multile faults nor their chronological order

2 Failure Mode and Effects Analysis (FMEA) is another well known analysis technique. It starts with a ossible fault of a comonent and analyzes bottom-u, how higherlevel functionality and the systems functionality are affected. The results of FMEA are listed informally in large tables describing, for examle, the comonent failure, the effects to the system, the criticality of the failure, etc. Usually, FMEA oversimlifies a system into two modes: success and failure, and does not consider different modes, which could reresent gradations of system functionality and erformance [4]. Multile faults are usually not considered, either [5]. PRICE AND TAYLOR extended FMEA to analyze and reort the most likely multile simultaneous failure combinations, but they do not handle the chronological order of faults [5]. YANG AND KAPUR introduced a customer driven reliability to FMEA as a quality over time. They consider different erformance levels of a roduct which are degraded over time [4]. Model Checking is a formal verification technique used to automatically check systems which have a finite state sace. A system is modelled as a finite automaton and elementary roositions are maed to each state, which are fulfilled in these states. Then, this model of the system is used to automatically rove whether or not the secification is satisfied. Such a secification is given as a set of roerties, usually exressed in temoral logic [6]. Markov Chain Analysis is a technique to examine stochastic systems. The system is modelled with a finite set of states and transitions between the states. Each transition from state s i to state s j is labeled with ij exressing the robability that the transition will be executed in the next ste. This model is called a (discrete-time) Markov Chain which is interreted at discrete time stes. Continuous-time Markov chains are interreted over continuous time. Their transitions are labeled with the rate of the exonential robability distribution. It should be noted that Markov chains are memoryless: The robabilities of the transitions deend on the current state, only. Neither the revious states nor the time the system is in the current state influence these robabilities. Markov chains can be analyzed using numerical or analytical solutions. For examle, the evolution of the model u to a given oint in time or the long-run average behavior of the system can be studied [7]. Adding elementary roositions to the states enables the usage of Model Checking with Markov chains. For examle, the Erlangen-Twente Markov Chain Model Checker (E MC 2 ) is a Model Checker for discrete-time and continuous-time Markov chains [8]. 3 Failure Behavior Analysis 3.1 Motivation Usually, FTA and FMEA only consider a fault as existing or non-existing. Gradations of errors are not regarded. This is, however, only a very coarse aroximation of the system behavior in the case of a failure. A major disadvantage of FTA and FMEA is that they are comletely static, i.e. as soon as an outut error deends on the current characteristics of an inut error FTA and FMEA cannot be used. We want to exlain that in the following examle. Let us regard three comonents used to control a radiator temerature. The first comonent is a temerature sensor. The sensor value is smoothed in a secial moving average filter. Finally, the smoothed value is sent to the third comonent, a hysteresis switch which oens or closes the radiator valve, resectively. A new temerature value is samled every 20 seconds and the moving average filter uses the last 6 values to calculate a new mean temerature. Due to the secial imlementation of the moving average filter, the hysteresis switch gets a new value every 2 minutes. FTA examines how the hysteresis switch can be influenced. As it uses the value of the moving average filter as inut, it is of course influenced by a fault of the latter. In turn, the outut value of the moving average filter deends on the value of the temerature sensor. In consequence, it is concluded that a fault of the temerature sensor causes a failure in the hysteresis switch. A similar result would be obtained by an FMEA. Now, let us assume that a valve movement temorarily disturbs the temerature sensor and causes a relative error of 10%. Ten seconds are needed to oen or close the valve. That means, for a eriod of 10 seconds the temerature value might have a relative error of 10%. Now, it must be examined whether or not it is necessary to use a better and thus more exensive temerature sensor. For that, FTA as well as FMEA are useless. FTA and FMEA have only shown that the hysteresis switch deends on the temerature sensor. The detailed information if or how a relative error of 10% of the temerature value that ersists for 10 seconds influences the hysteresis switch cannot be obtained. Although it would be ossible to manually calculate the influence on the hysteresis switch in that simle examle, this is not ossible if the interdeendencies of large (distributed) systems must be considered. Therefore, a failure behavior analysis is required that is caable of treating the dynamic deendencies of the outut values on the error of the inut values as well as the timing asects. The treatment of dynamic deendencies oses two major roblems. First, it must be ossible to describe faults and errors, thus to use more gradations than only valid and invalid. Second, it is necessary to describe the deendency of an outut value of a comonent on the error characteristics of a current inut value. For the descrition of faults and the definition of the deendencies it must be ossible to consider timing asects. These additional features are rovided by the failure behavior analysis we will introduce in this aer. In comarison with FTA and FMEA, our failure behavior analysis enables the analyst to obtain much more sohisticated information about the failure behavior of a large and ossibly distributed system. 3.2 Overview of the Analysis The advanced analysis of the system behavior in the case of a failure shall deliver sohisticated and graded analysis results. We do not only want to know which comonents are influenced by certain errors, but also how and by which kind of errors they are influenced

3 We obtain such analysis results by assigning a quality descrition to all the information transformed and transorted in a system. Instead of regarding the ure information flow in a system that characterizes the functional behavior, we regard the flow of the information qualities which defines the system behavior in the case of a failure, too. In the following this will be exlained more detailed. As it has been mentioned earlier, we assume that the overall functionality of a system is decomosed into various tasks, whereby the relations between interdeendent tasks are known. The system functionality is defined by the collaboration of the single tasks. The stand-alone functionality of a single task is usually quite simle. Due to the communication between tasks, however, their functionalities are comosed to an arbitrarily comlex, suerordinated system functionality. That means, at the lowest level the system functionality is defined by task functionalities defining the ossibly state deendent transformation of inut information to outut information. To obtain the suerordinated functionality, the communication between tasks, i.e. the transortation of information, must be regarded. We want to seize the same concet for the failure behavior analysis. Instead of regarding the transformation and transortation of information, we are interested in the quality of the information. For that, we will first introduce a construct that enables us to describe such a quality. Then, we will define how these qualities are transformed by a single task. We describe this with etri nets. In the last ste, we will relace the transortation of information by the transortation of their qualities in the task collaboration network. For that, we use hierarchical etri nets. The system develoer needs only to define the maing of the information qualities at the task level. The suerordinated etri net defining the collaboration of the single tasks can be generated, automatically. This leads to a high scalability of our aroach. In section 3.3 we will give recise definition of the term information. After that, we will introduce the concet of the information quality in section 3.4. Finally, in section 3.5 we will show, how etri nets can be used to define the information quality flow. 3.3 Information Any kind of data that enters or leaves the system, or is moved or stored in the system is called information. This is the only meaning of the term information in this aer, indeendent of any other existing definitions. The information concet is illustrated in figure 2. A sensor value enters the system and is stored in attribute A1 of comonent A. This information is moved to comonent B, whereby information can be moved using method calls or by sending signals. Then, it is sent to an actuator. Sensor Comonent A Attribute A1 Information Comonent B Attribute B1 Fig. 2. Samle information flow. Actuator Although the sensor value has not been stored in the system, so far, it is called information since it is data that enters the system. The same alies to data sent to an actuator. 3.4 Information Quality We assign a quality attribute to each information. For examle, the validity of an information or its relative error could be used. We do this by using a class reresenting the information quality. This class may have an arbitrary number of attributes describing the quality of an information. Of course, all caabilities of the flexible object-oriented aroach can be utilized. A UML reresentation of the information quality class is shown in figure 3. InformationQuality validity relativeerror nominalvalue currentvalue MTTC MTTO roertylist Fig. 3. Information quality class. The attribute validity defines whether or not the information is valid, at all. The attribute relativeerror reresents the relative error of a continuous information, e.g. a temerature value. As we will see in the alication examles, in most cases it is sufficient only to have a relative error and no absolute error. As our aroach ought to be aliable at various stages of the develoment rocess, we do not assume an executable secification of the functional behavior. Therefore, it is not always ossible to examine the roagation of absolute errors of continuous values. However, it is ossible and even necessary to regard the absolute values of discrete information. Therefore, the attributes nominalvalue and currentvalue are used. If, for examle, the on/off-switch of a cruise control is defect, it is a crucial difference whether the control should be switched on or off. Therefore, considering the nominal value is necessary to describe how a comonent is influenced. If we regard a comonent that de-/activates an alarm system which has the ossible states deactivated, activated, and alarmon, then besides the nominal value (e.g. the alarm system should be deactivated) the current value must be given (e.g. due to a failure the alarm system might be activated). The attributes MTTC (Maximum Time To Correction) and MTTO (Minimal Time To Occurrence) are necessary to describe and to examine transient errors. A software or hardware fault leads to an error only if the affected comonent is used. If, for examle, a faulty sensor value is corrected before it has been read, it will not result in an error. Therefore, it is obviously necessary to regard the time that is required at maximum to correct a fault. This time is reresented by the attribute MTTC. Furthermore, it must be defined how long a value remains correct at minimum. This time is reresented by the attribute MTTO. We want to use the following examle to illustrate the - 3 -

4 meaning and the usage of these attributes. Let us regard a micro controller reading the values of a sensor. We assume that a watchdog timer is used to reinitialize the micro controller if it has been stalled, wherefore it can be assured that in the case of a failure the micro controller is working again after at latest t 1 seconds, i.e. the MTTC is t 1 seconds. Further, we assume that the micro controller has intensively been tested, so that it can be guaranteed that it takes at least t 2 seconds before a failure occurs after the micro controller has been reinitialized, i.e. the MTTO is t 2 seconds. In addition, our analysis can also be used to determine the required values of t 1 and t 2 as constraints at a very early stage of the develoment rocess. The last attribute we want to rovide is the roertylist. All characteristics of an information quality that are not required to determine whether and how a comonent is influenced, can be reresented by a roerty. For examle, it might be ossible to use a textual reresentation to describe the influence of a comonent failure on the energy consumtion of a system. Therefore, in each comonent traversed by an information quality due to the error roagation, a new roerty can be attached to the traversing information quality. Although the influences informally described in these roerties are not used to determine the failure behavior of deending comonents, at the end of the analysis the analyst obtains a detailed textual descrition of all relevant influences on arbitrary concerns, i.e. a kind of reort is generated automatically. Due to the usage of an information quality class, our aroach is very flexible and extendable, as it is ossible to modify the existing or to add new attributes and methods to the class to adat the concet to various domains and kinds of alication. 3.5 Information Quality Flow Errors can be described with information qualities. Now, it is necessary to describe the roagation of errors. Therefore, we regard the information quality flow instead of the information flow of a system, as it is shown in figure 4. Sensor Comonent A Attribute A1 InformationQuality Validity ProertyList Comonent B Attribute B1 Actuator Fig. 4. Samle information quality flow. A functional behavior secification defines the information flow. Therefore, it is secified how an information is modified by a single task. Further, the system structure defines the interdeendencies between tasks. A failure behavior secification basically uses the same flow structure, however, it is defined how the quality of an outut information of the task is influenced by the quality of the inut information. We use hierarchical reference nets [9] to describe this asect. Reference nets are object-oriented etri nets which suort redicates. These nets enable us to have tokens reresent the information qualities and we can assign conditions to transitions. Modelling the failure behavior of a single task Deending on the qualities of the inut information, a task is set to a certain failure mode. This deendency is described in a so-called guard condition that is assigned to the failure mode. If a guard condition of a failure mode is true, the task is set to that failure mode. In consequence, the guard conditions of all failure modes of a task must be mutually exclusive. Each ossible failure mode is reresented by a lace FM j in the etri net modelling the task. The according guard condition is assigned to the transition leading to that lace. The qualities of the outut information are defined deending on the current failure mode and the inut information qualities of a task. This is realized by assigning an action to a transition leading to the task outut lace, whereby the necessary inut information qualities are available at the transition in form of tokens moved from the inut laces to the outut laces. The resulting general structure of a task etri net is shown in figure 5. Inut 1 Inut i Inut m Guard 1 Guard j Guard n FM 1 FM j FM n Action 1 Action j Action n Outut 1 Outut k Outut o Fig. 5. General etri net structure for the definition of the information quality maing within a single task. When the etri net is to be evaluated, the tokens referencing information quality objects are moved to the inut laces, whereby an own lace exists for each inut information quality. According to the guard conditions the tokens are moved to the lace reresenting the aroriate failure mode (FM j). In the following transition, new tokens reresenting the qualities of each outut information are created. For each failure mode a different deendency of the outut qualities on the inut qualities may be defined. In section 4 this concet will be shown in an examle. Chronological order of faults One disadvantage of the data flow rincile of etri nets is that the token reresenting the current failure mode is directly removed from the failure mode lace FM j because the action transitions are enabled immediately after the according failure mode lace has been marked. We therefore create an additional token that is tagged with the name of the current failure mode and move it to an additional lace called currentfailuremode. This way, we can reserve the current failure mode. In consequence, the - 4 -

5 current failure mode can also be considered in the guard conditions. That means, the chronological order of faults and all receding events can influence the failure behavior. Although the current failure mode is reserved, it is not ossible to figure out the failure history after an analysis. We therefore further extend the etri net by a history lace (fig. 6) to log this history. The history lace can contain an arbitrary number of tokens. Each of these tokens is tagged with the name of the according failure mode and a time stam (NOW). As every change of the failure mode is reresented by a token on the history lace, the comlete failure behavior history of the task during the analysis is logged. Inut Guard 1 Guard i Guard n [ FM i,now] [ FM 1,NOW] [ FM n,now] History Fig. 6. All changes of the current failure mode during the analysis are logged in a history lace. Task A b Transition 1a Transition 2b Task B b Failure Modes c Task C is injected into the sub net. The token on the lace Failure Modes in the suerordinated net is a reference to the sub net. After the sub net has been executed, transition 2a is enabled and, in consequence, transition 2b is fired, too. Token c is then outreached to the suerordinated net and is roagated to task C. 4 Alication Examle In the following, an examle will be introduced that demonstrates the alication of the analysis. Thereby, the main asect is to show that the concets introduced in the receding sections are sufficient to obtain sohisticated analysis results. In the examle, we will regard a ressure control. The focus lies on data rocessing. Esecially, the usage of the relative error attribute will be shown. 4.1 Pressure Control Obviously, it is ossible to describe the roagation of a relative error of data rocessing comonents comletely mathematically. However, relative errors seem to be roblematic if absolute values must be considered. Therefore, data rocessing comonents, the error roagation behavior of which can be described mathematically, are combined with a failure behavior secification that uses absolute values in the guards. Thus, the examle is used to demonstrate that it is sufficient to use the relative error, although absolute values are required to decide whether a guard is fulfilled. Esecially, if the MTTC is considered, as well, a wide range of failure cases can be examined and sohisticated results can be obtained Requirements. The main task of the control system is to control the ressure of an oxygen tank that belongs to a chemical lant. The target ressure is 500 bar. A ressure between 480 and 520 bar is otimal. If the ressure is between 470 and 480 bar or 520 and 530 bar, resectively, the efficiency of the deending machines is decreased. As soon as the ressure gets higher than 530 bar the situation becomes dangerous. If the ressure is lower than 470 bar the machines are stalled. This is also illustrated in figure 8. Pressure/bar Plant state Transition 1b b b.valid c.valid=b.valid b Normal Failure c b c!b.valid c.valid=b.valid c Transition 2a otimal oeration or reduced efficiency / should be avoided <470 or > 530 machine stall, danger / must be avoided Fig. 8. Requirements on tank ressure. Fig. 7. General rincile of hierarchy in reference nets Modelling the interdeendencies of tasks By now, we have shown how the transformation of the information qualities by a single task can be modelled. Now, it is necessary to describe the interconnection of the tasks with etri nets. Utilizing the hierarchy concet rovided by etri nets, we can automatically generate a suerordinated etri net reresenting the interdeendencies of the tasks, as these interdeendencies are given by the system structure (figure 1). The general rincile of the hierarchy suort of reference nets is illustrated in figure 7. Transitions in the suerordinated net are uniquely connected with transitions in the sub nets (in figure 7 these connections are illustrated with dashed arcs). As soon as transition 1a is enabled, transition 1b is fired, too. Token b System Design. The chosen structure of the ressure control system is illustrated in figure 9. Basically, three ressure sensors at different laces in the ressure tank are available. An average filter calculates the actual overall ressure. In order to suress temoral fluctuations, addi

6 Pressure Sensor 1 Pressure Sensor 2 Pressure Sensor 3 Average Filter Moving Average Filter Hysteresis Switch Fig. 9. Structure of ressure control system. tionally, a moving average filter is alied in the next ste. After that, a hysteresis switch decides when the valve has to be oened or closed. The formulae defining the digital filters are shown in figure 10. The average filter weights all of the three ressure values equally to calculate the actual overall ressure value. The moving average filter uses the last five actual ressure values to calculate the smoothed average ressure value, whereby again all values are weighted equally. i[k]: ressure i at time k [k] : average ressure at time k a[k]: smoothed average ressure at time k average filter moving average filter k [ ] a[ k] The hysteresis loo of the switch is shown in figure 11. Although a ressure between 480 and 520 bar is otimal, the threshold values of the hysteresis have been set to 490 and 510 bar in order to have a 10 bar reserve at both ends. As the target ressure is 500 bar, a tolerance interval of +/- 10 bar has been established, before the valve is oened or closed, resectively Failure Behavior. In the next ste, the failure behavior must be defined. Therefore, the failure modes of the three comonents, that can be considered as tasks of the system, are secified. As it has been exlained earlier, we use extended etri nets to describe the failure behavior. Average Filter The failure behavior model of the average filter is shown in figure 12. The general structure illustrated in figure 5 has been used to model the failure behavior of that task. The qualities of the three ressure values 1, 2, and 3 are considered as inut. If any of these values has a relative error different from zero, the task is set to the failure mode Error, otherwise the task remains in the mode Normal. If the task is in the normal mode, the outut value has no error, therefore, the error attribute is set to 0 (The setting Valve 1 = -- ( 1[ k] + 2[ k] + 3[ k] ) = -- k [ i] 3 i = 0 Fig. 10. Formulae describing the digital filters. switch command [oen/close] oen close ressure [bar] Fig. 11. Hysteresis loo used for the hysteresis switch. enter Guards: g1 : 1.error>0 or 2.error>0 or 3.error>0 g2 : 1.error==0 and 2.error==0 and 3.error==0 Actions: a1 :.error = 1/3 (1.error + 2.error + 3.error) a2 :.error = currentfailuremode Error g1 [1,2,3] g2 Normal [1,2,3] Error Normal [1,2,3] a1 [1,2,3] getstate Fig. 12. Petri net secifying the failure behavior of the average filter. of the attribute validity has been neglected to kee the examle simle). In the failure mode Error the relative error of the outut ressure is calculated using the relative errors of the inut values, as it is secified by the formula shown in figure 13. The current failure mode is reresented by an additional token on the lace currentfailuremode, asithas been mentioned earlier. The transitions outside the box are required as interface and will be connected to transitions in the suerordinated net, as it has been exlained in section error = -- ( 3 1.error + 2.error + 3.error) Fig. 13. formula secifying error roagation of the average filter Moving Average Filter The moving average filter uses the last five values of the average filter, whereby every 2 milliseconds a new value is samled. The error roagation can be secified, in general, deending on the amount of regarded samles N and the samle eriod T, as it is shown in figure 14. The w = min 1, (.MTTC) N T a.error = w.error Fig. 14. Formula secifying error roagation of an moving average filter. quotient of the MTTC over the eriod T defines how many samles can be influenced by a fault. All other samles have no error (It is assumed that MTTO» N T ). Therefore, the ratio between the number of influenced samles and the number of all samles defines the weight w of the relative error. The according etri net for the filter is shown in figure 15. Again, the failure modes Normal and Error are defined. The normal mode is valid when the inut is correct, otherwise, the task is set to the error mode. In the normal mode, again, the error attribute of the outut quality is set to zero. In the error mode, the relative error of the outut value is calculated according to the formula shown in figure 14. To exress a ersistent error with the MTTC, the latter is set to the maximal ossible integer value (MAX- INT). If an error is ersistent, all samles are faulty, therefore, a must have the same relative error as. This fm a2 exit - 6 -

7 enter Guards: g1 :.error>0 g2 :.error==0 Actions: a1 : a.error = min(1, 1/5 * floor(.mttc / 2)) *.error a2 : a.error = 0 Error CurrentFailureMode g1 Normal g2 Normal getstate exit a Fig. 15. Petri net secifying the failure behavior of the moving average filter. requirement is met if the MTTC is set to MAXINT, asin that case the weight w always evaluates to 1, i.e. the error of is assigned to the error attribute of a. Error fm a1 a a2 a value of a is lower than the actual ressure: 520( 1 x) 510 => x = 1.9% value of a is higher than the actual ressure: 480( 1 + x) 510 => x = 6.25% Fig. 16. Maximal relative error for the uer threshold value Hysteresis Switch Before we define the etri net for the hysteresis switch, we examine its failure behavior. The hysteresis loo is illustrated in figure 11 and the consequences of too low or too high a ressure are shown in figure 8. Besides the normal oeration, wrong ressure values can result in a roblematic or dangerous situation, resectively. Obviously, it is reasonable to define the three failure modes Normal, Problem, and Danger. Now, we must examine which errors result in which failure mode. At first sight, it seems quite simle to define guards like.currentvalue > 520. However, our aroach is aliable at early stages of the develoment rocess, therefore, we do not assume to have absolute values or absolute errors available. For this reason, we regard the threshold values and use the available relative errors to obtain the absolute values. This is sufficient, as it is only necessary to consider the worst case. We must regard both threshold values and, since the relative error does not exress if the faulty value is higher or lower than the actual value, it is also necessary to cover both cases in the consideration. We want to calculate exemlarily the maximal relative error that is allowed to remain in the normal mode for the uer threshold value. The uer threshold value is 510 bar. Actually, it is only necessary to oen the valve when the ressure is higher than 520 bar. If the faulty value of a is lower than the actual ressure in the tank, it must be ensured, nevertheless, that the valve is oened at latest when the ressure is higher than 520 bar. That means, if the ressure is 520 bar, the current, faulty value of a must be at least 510 bar. According to the uer formula shown in figure 16, the relative error must therefore be lower than or equal to 1.9%. If the value of a is higher than the actual ressure, the valve might be oened too early. We demand that the ressure must be at least 480 bar before the valve is oened. The according maximal relative error is calculated using the lower formula of figure 16. The remaining maximal relative errors can be calculated in the same way. The etri net reresenting the resulting failure behavior of the hysteresis switch is shown in figure 17. As the outut of this task is a direct system outut (the command for the valve), it is only necessary to outreach the failure mode to obtain the influence on the system behavior. (a.error>1.9) and (a.error<=3.8) a a.error>3.8 a.error<=1.9 Problem Danger Normal currentfailuremode Fig. 17. Petri net secifying the failure behavior of the hysteresis switch Interdeendencies of tasks. So far, the failure behavior of three single tasks has been described. Now, it is necessary to combine the single etri nets in a suerordinated etri net to obtain the system failure behavior. The overall etri net secifying the failure behavior of the ressure control system is shown in figure 18. Mainly the system structure has been rebuilt. First, an instance of the etri net reresenting the average filter is created and three qualities of the ressure values can be injected, as it has been exlained in section 3.5. The current failure mode and the quality of the average ressure value are requested from the sub net describing the average filter. The quality of the average ressure value is used as inut for an instance of the etri net secifying the failure behavior of the moving average filter. The outut of this sub net is its current failure mode and the quality of the smoothed average ressure value, which, in turn, is used as inut for the hysteresis switch. As the outut of the hysteresis switch is a direct system outut, it is reasonable not to use an information quality as outut, but only the current failure mode. An analysis can be started by simulating the etri net. Errors can be injected using the injection transitions. We create an information quality object, which is referenced by a token, and ut this token on the lace leading to the resective transition. These information quality tokens can be either defined and laced manually on the inut laces, or automatically by a searate software. The injection and the roagation of the information qualities is then done automatically by a etri net simulator [10]. Placing the tokens manually has the disadvantage that the etri net simulator requires to create and to lace new information quality tokens for each analysis run. Furthermore, it is not ossible to change the injections during an analysis. However, it is one major advantage of our aroach that the exit getstate - 7 -

8 average filter Injection Transitions Inut Places sub net average filter failure mode moving average filter hysteresis switch Fig. 18. Petri net defining system failure behavior of ressure control. The etri net can be analyzed by utting tokens which reference according information qualties, on the inut laces. Qualities of all information in the system can be injected into arbitrary arts of the system. A etri net simulator handles the injection into the subnets and the roagation between deending nets. basic concets allow to simulate and to correct various errors during an analysis run, even the order of faults can be examined. For these reasons, it is reasonable to use a searate software. Then, it is ossible to define a comlete analysis scenario in advance and the software creates and laces the according information quality tokens in the aroriate order. Moreover, it is ossible that a user interface is rovided enabling the analyst to set new information qualities dynamically during the analysis Analysis. For the means of this aer, it is not necessary to distinguish between manual and automatic creation and lacing of information quality tokens. For that reason, in the following analyses the information quality tokens are assumed to be already laced. First, we will examine the ermanent fault of a single sensor. As a second scenario we will examine the influence of a transient disturbance on the system behavior. failure mode sub net moving average filter a sub net hysteresis switch failure mode Permanent Sensor Fault The first analysis is used to answer the question, whether or not it is necessary to rovide redundant ressure sensors. Therefore, we regard the ermanent fault of a single ressure sensor. We want to examine whether or not the two remaining sensors are sufficient to hold u a correct system behavior. In addition to the functionalities of the tasks introduced in the revious sections, we assume that an error detection is imlemented which detects a missing sensor value. In that case, the average filter only uses the two remaining values. The error detection also considers a sensor defect, if its value has a deviation of 15% to the values of the other two sensors. A detected failure of a single sensor has no effect on the system behavior. Exactly, that would be the result of a simle analysis, too. However, we want to examine the influence of a relative sensor error of 14%, as this error will not be recognized by the error detection. In advance, a token reresenting an information quality object with the error attribute set to 14% was laced on the inut lace of 1. As the fault is considered to be ermanent, the MTTC was set to MAXINT. The error attribute of the two remaining information qualities was set to 0. When the etri net simulation is started, the three information qualities are injected into an instance of the etri net defining the failure behavior of the average filter. After that etri net has been evaluated, besides the current failure mode, the token reresenting the information quality of is outreached. The relative error of is 4.66%, as the relative error of 14% has been reduced by the average filter. The token reresenting the information quality of is then injected into the etri net of the moving average filter. As the MTTC is assumed to be infinite, the moving average filter cannot reduce the error. For that reason, the error attribute of the outreached information quality of a is still 4.66%. This quality is then injected into the sub net of the hysteresis switch. As the relative error of a is higher than 3.8%, a dangerous situation arises. The analysis stes are illustrated in figure 19. Obviously, the error detection is not Created tokens: 1.valid=false; 1.error = 14%; 1.MTTC=MAXINT; 2.valid=true; 3.valid=true; Injection-Interfaces Inut Places Error average filter moving average filter error = 4.66% hysteresis switch Error a a.error = 4.66% Danger Fig. 19. Analysis of the influences of a ermanent sensor fault. sufficient. Even if only a deviation of 6% instead of 15% was allowed before an error is detected, a roblematic situation would be the consequence. Although we admit that it is ossible to calculate a correct deviation rate for that simle examle manually, this is imossible for large, comlex, and distributed systems. Our analysis, instead, is intended and articularly suited for the analysis of those systems. Transient Sensor Fault Now, we want to consider the following scenario: The sensors can be influenced by electromagnetic radiation. We assume, that the electromagnetic radiation does not ersist longer than 4 milliseconds in the tank. Measurements showed that in the case of electromagnetic radiation, the value of sensor 1 has a relative error of 15%, the value of 2 has a relative error of 6%, and sensor 3 is not influenced. Now, we want to examine, whether or not it is necessary to imrove the sensors or to suress the radiation. The according analysis is illustrated in figure 20. Two information qualities for the values of 1 and 2 are created with the according relative errors. The MTTC is set to 4 milliseconds. The MTTO is neglected as we assume that the frequency of occurrence of the disturbance is very low. After the average filter, the actual overall ressure value has a relative error of 7%. The disturbance ersists for 4 milliseconds, i.e. in the worst case 2 of 5 samles have a relative error of 7%. In consequence, the relative error of - 8 -

9 Created tokens: 1.valid=false; 1.error = 15%; 1.MTTC=4; 2.valid=false; 2.error = 6%; 2.MTTC=4; 3.valid=true; Error average filter Injection-Interfaces Inut Places moving average filter.error=7% hysteresis switch Fig. 20. Analysis of the influences of a transient sensor fault. the smoothed ressure value a is reduced to 2.8%. That means, the efficiency of the deending machines is reduced (see figure 17). It is obviously necessary to imrove the behavior. In the next scenario, we assume that the engineers of the lant roose two ossible imrovements: First, it is ossible to reduce the maximal time of ersistence of the radiation from 4 to 3.5 milliseconds. Second, it is ossible to shield the sensors, in consequence, the relative errors could be reduced to 12% and 4.8%, resectively, that means a reduction of the disturbance by 20%. If we use these values as inut for the analysis, we obtain the result, that the reduction of the time of disturbance to 3.5 milliseconds is sufficient to hold u the normal mode. A ersistence of the radiation of less than 4 milliseconds means that at most one samle is influenced. For that reason, the moving average filter comensates the relative error Ṡhielding the sensors as assumed above, however, is not sufficient. Desite the reduced relative errors, the overall ressure has still a relative error of 5.6%. The moving average filter only reduces the error to 2.24%, what is not sufficient to remain in the normal mode. 5 Conclusion: Analyzing large distributed systems Error a a.error= 2.8% Problem In this aer, we introduced a flexible, scalable, and extendable aroach for failure behavior analysis. In comarison to existing analyses, like FTA or FMEA, our analysis yields more sohisticated results which enable the analyst to understand the system behavior in the case of faults. In the alication examle, we demonstrated the alicability of our analysis. However, we limited the comlexity of the examle to revent going beyond the scoe of a aer. Our research focuses on large, distributed embedded systems. Therefore, our analysis has been develoed for those systems. Mastering the comlexity of those systems is one major roblem. For that reason, the scalability of our aroach is of crucial imortance. A further essential asect is the ossibility to automatically generate major arts of the etri nets. For examle, it is even ossible to generate a simle failure behavior that sets the validity attribute of the outut information qualities to false, if any inut quality is invalid. For that reason, similar results as they are obtained by FMEA are yielded automatically without any additional effort of the analyst. Although the generated etri nets define only a very coarse aroximation of the actual failure behavior, it is, in contrast to a common FMEA, ossible to examine the effects of fault combinations very easily or even automatically. A further asect that is imortant for the analysis of large systems is reuse. If tasks or comonents are reused in other rojects, the etri nets defining their failure behavior, can be reused, too. If distributed systems ought to be analyzed, our aroach has two further advantages. First, the artitioning of the system is suorted, as one can examine which tasks should be assigned to which artition so that a failure of one artition has the least influence on the overall system behavior. Second, the effects of missing or delayed information, interchanged between system artitions, can be analyzed. The delay of an information can be assigned to its quality and the effects on single tasks can be modelled exlicitly with etri nets. The effect on the overall system behavior is obtained automatically, as the error roagation is rovided by the etri net simulator. 6 References [1] G. Booch, I. Jacobson, J. Rumbaugh, The Unified Modelling Language User Guide, Addison Wesley Longman, Reading, MA [2] A. Metzger, S. Queins, A Reuse- and Prototying-based Aroach for the Secification of Building Automation Systems, OMER-2 Worksho, Hersching, Germany, 2001 [3] IEC ( ), Fault Tree Analysis, International Electrotechnical Commission, Geneva, Switzerland, 1990 [4] K. Yang, C. K. Kaur, Customer Driven Reliability: Integration Of QFD And Robust Desing, Proceedings IEEE Annual Reliability and Maintainability Symosium, 1997 [5] C. J. Price, N. S. Taylor, FMEA For Multile Failures, Proceedings IEEE Annual Reliability and Maintainability Symosium, 1998 [6] B. Berard, M. Bidoit, A. Finkel, F. Laroussinie, A. Petit, L.Petrucci, Ph. Schnoebelen, P. McKenzie, Systems and Software Verification, Sringer Verlag, Berlin, 2001 [7] H. Hermanns, Construction and Verification of Performance and Reliability Models, in Bulletin of the Euroean Association for Theoretical Comuter Science (EATCS), 2001 [8] H. Hermanns, J.P. Katoen, J. Meyer-Kayser and M. Siegle, A Markov chain model checker, Proceedings of Six International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), Sringer Verlag, Berlin, 2001 [9] Olaf Kummer, Simulating Synchronous Channels and Net Instances, 5. Worksho on Algorithms and Tools for Petri Nets, 1998 [10]Olaf Kummer, Frank Wienberg, RENEW - The Reference Net Worksho, Petri Net Newsletter, No. 56,

Concurrent Program Synthesis Based on Supervisory Control

Concurrent Program Synthesis Based on Supervisory Control 010 American Control Conference Marriott Waterfront, Baltimore, MD, USA June 30-July 0, 010 ThB07.5 Concurrent Program Synthesis Based on Suervisory Control Marian V. Iordache and Panos J. Antsaklis Abstract

More information

ENFORCING SAFETY PROPERTIES IN WEB APPLICATIONS USING PETRI NETS

ENFORCING SAFETY PROPERTIES IN WEB APPLICATIONS USING PETRI NETS ENFORCING SAFETY PROPERTIES IN WEB APPLICATIONS USING PETRI NETS Liviu Grigore Comuter Science Deartment University of Illinois at Chicago Chicago, IL, 60607 lgrigore@cs.uic.edu Ugo Buy Comuter Science

More information

The Online Freeze-tag Problem

The Online Freeze-tag Problem The Online Freeze-tag Problem Mikael Hammar, Bengt J. Nilsson, and Mia Persson Atus Technologies AB, IDEON, SE-3 70 Lund, Sweden mikael.hammar@atus.com School of Technology and Society, Malmö University,

More information

One-Chip Linear Control IPS, F5106H

One-Chip Linear Control IPS, F5106H One-Chi Linear Control IPS, F5106H NAKAGAWA Sho OE Takatoshi IWAMOTO Motomitsu ABSTRACT In the fi eld of vehicle electrical comonents, the increasing demands for miniaturization, reliability imrovement

More information

Leak Test of Sensors with the Test Medium compressed Air

Leak Test of Sensors with the Test Medium compressed Air DOI 10.516/sensor013/B7.3 Leak Test of Sensors with the Test Medium comressed Air Dr. Joachim Lasien CETA Testsysteme GmbH, Marie-Curie-Str. 35-37, 4071 Hilden, GERMANY, E-Mail: joachim.lasien@cetatest.com

More information

Monitoring Frequency of Change By Li Qin

Monitoring Frequency of Change By Li Qin Monitoring Frequency of Change By Li Qin Abstract Control charts are widely used in rocess monitoring roblems. This aer gives a brief review of control charts for monitoring a roortion and some initial

More information

TOWARDS REAL-TIME METADATA FOR SENSOR-BASED NETWORKS AND GEOGRAPHIC DATABASES

TOWARDS REAL-TIME METADATA FOR SENSOR-BASED NETWORKS AND GEOGRAPHIC DATABASES TOWARDS REAL-TIME METADATA FOR SENSOR-BASED NETWORKS AND GEOGRAPHIC DATABASES C. Gutiérrez, S. Servigne, R. Laurini LIRIS, INSA Lyon, Bât. Blaise Pascal, 20 av. Albert Einstein 69621 Villeurbanne, France

More information

SQUARE GRID POINTS COVERAGED BY CONNECTED SOURCES WITH COVERAGE RADIUS OF ONE ON A TWO-DIMENSIONAL GRID

SQUARE GRID POINTS COVERAGED BY CONNECTED SOURCES WITH COVERAGE RADIUS OF ONE ON A TWO-DIMENSIONAL GRID International Journal of Comuter Science & Information Technology (IJCSIT) Vol 6, No 4, August 014 SQUARE GRID POINTS COVERAGED BY CONNECTED SOURCES WITH COVERAGE RADIUS OF ONE ON A TWO-DIMENSIONAL GRID

More information

Simulation and Verification of Coupled Heat and Moisture Modeling

Simulation and Verification of Coupled Heat and Moisture Modeling Simulation and Verification of Couled Heat and Moisture Modeling N. Williams Portal 1, M.A.P. van Aarle 2 and A.W.M. van Schijndel *,3 1 Deartment of Civil and Environmental Engineering, Chalmers University

More information

Problem Set 6 Solutions

Problem Set 6 Solutions ( Introduction to Algorithms Aril 16, 2004 Massachusetts Institute of Technology 6046J/18410J Professors Erik Demaine and Shafi Goldwasser Handout 21 Problem Set 6 Solutions This roblem set is due in recitation

More information

C-Bus Voltage Calculation

C-Bus Voltage Calculation D E S I G N E R N O T E S C-Bus Voltage Calculation Designer note number: 3-12-1256 Designer: Darren Snodgrass Contact Person: Darren Snodgrass Aroved: Date: Synosis: The guidelines used by installers

More information

Software Cognitive Complexity Measure Based on Scope of Variables

Software Cognitive Complexity Measure Based on Scope of Variables Software Cognitive Comlexity Measure Based on Scoe of Variables Kwangmyong Rim and Yonghua Choe Faculty of Mathematics, Kim Il Sung University, D.P.R.K mathchoeyh@yahoo.com Abstract In this aer, we define

More information

Comparing Dissimilarity Measures for Symbolic Data Analysis

Comparing Dissimilarity Measures for Symbolic Data Analysis Comaring Dissimilarity Measures for Symbolic Data Analysis Donato MALERBA, Floriana ESPOSITO, Vincenzo GIOVIALE and Valentina TAMMA Diartimento di Informatica, University of Bari Via Orabona 4 76 Bari,

More information

D.Sailaja, K.Nasaramma, M.Sumender Roy, Venkateswarlu Bondu

D.Sailaja, K.Nasaramma, M.Sumender Roy, Venkateswarlu Bondu Predictive Modeling of Customers in Personalization Alications with Context D.Sailaja, K.Nasaramma, M.Sumender Roy, Venkateswarlu Bondu Nasaramma.K is currently ursuing her M.Tech in Godavari Institute

More information

Confidence Intervals for Capture-Recapture Data With Matching

Confidence Intervals for Capture-Recapture Data With Matching Confidence Intervals for Cature-Recature Data With Matching Executive summary Cature-recature data is often used to estimate oulations The classical alication for animal oulations is to take two samles

More information

Load Balancing Mechanism in Agent-based Grid

Load Balancing Mechanism in Agent-based Grid Communications on Advanced Comutational Science with Alications 2016 No. 1 (2016) 57-62 Available online at www.isacs.com/cacsa Volume 2016, Issue 1, Year 2016 Article ID cacsa-00042, 6 Pages doi:10.5899/2016/cacsa-00042

More information

Web Application Scalability: A Model-Based Approach

Web Application Scalability: A Model-Based Approach Coyright 24, Software Engineering Research and Performance Engineering Services. All rights reserved. Web Alication Scalability: A Model-Based Aroach Lloyd G. Williams, Ph.D. Software Engineering Research

More information

An inventory control system for spare parts at a refinery: An empirical comparison of different reorder point methods

An inventory control system for spare parts at a refinery: An empirical comparison of different reorder point methods An inventory control system for sare arts at a refinery: An emirical comarison of different reorder oint methods Eric Porras a*, Rommert Dekker b a Instituto Tecnológico y de Estudios Sueriores de Monterrey,

More information

An Efficient Method for Improving Backfill Job Scheduling Algorithm in Cluster Computing Systems

An Efficient Method for Improving Backfill Job Scheduling Algorithm in Cluster Computing Systems The International ournal of Soft Comuting and Software Engineering [SCSE], Vol., No., Secial Issue: The Proceeding of International Conference on Soft Comuting and Software Engineering 0 [SCSE ], San Francisco

More information

FIArch Workshop. Towards Future Internet Architecture. Brussels 22 nd February 2012

FIArch Workshop. Towards Future Internet Architecture. Brussels 22 nd February 2012 FIrch Worksho Brussels 22 nd February 2012 Towards Future Internet rchitecture lex Galis University College London a.galis@ee.ucl.ac.uk www.ee.ucl.ac.uk/~agalis FIrch Worksho Brussels 22 nd February 2012

More information

A Modified Measure of Covert Network Performance

A Modified Measure of Covert Network Performance A Modified Measure of Covert Network Performance LYNNE L DOTY Marist College Deartment of Mathematics Poughkeesie, NY UNITED STATES lynnedoty@maristedu Abstract: In a covert network the need for secrecy

More information

Synopsys RURAL ELECTRICATION PLANNING SOFTWARE (LAPER) Rainer Fronius Marc Gratton Electricité de France Research and Development FRANCE

Synopsys RURAL ELECTRICATION PLANNING SOFTWARE (LAPER) Rainer Fronius Marc Gratton Electricité de France Research and Development FRANCE RURAL ELECTRICATION PLANNING SOFTWARE (LAPER) Rainer Fronius Marc Gratton Electricité de France Research and Develoment FRANCE Synosys There is no doubt left about the benefit of electrication and subsequently

More information

Topology of the Prism Model for 3D Indoor Spatial Objects

Topology of the Prism Model for 3D Indoor Spatial Objects Toology of the Prism Model for 3D Indoor Satial Objects Joon-Seok Kim, Hye-Young Kang, Tae-Hoon Lee, Ki-Joune Li Deartment of Comuter Engineering Pusan National University joonseok@nu.edu, hyezero@nu.edu,

More information

Storage Basics Architecting the Storage Supplemental Handout

Storage Basics Architecting the Storage Supplemental Handout Storage Basics Architecting the Storage Sulemental Handout INTRODUCTION With digital data growing at an exonential rate it has become a requirement for the modern business to store data and analyze it

More information

HYPOTHESIS TESTING FOR THE PROCESS CAPABILITY RATIO. A thesis presented to. the faculty of

HYPOTHESIS TESTING FOR THE PROCESS CAPABILITY RATIO. A thesis presented to. the faculty of HYPOTHESIS TESTING FOR THE PROESS APABILITY RATIO A thesis resented to the faculty of the Russ ollege of Engineering and Technology of Ohio University In artial fulfillment of the requirement for the degree

More information

Operational Amplifiers Rail to Rail Input Stages Using Complementary Differential Pairs

Operational Amplifiers Rail to Rail Input Stages Using Complementary Differential Pairs Oerational Amlifiers Rail to Rail Inut Stages Using Comlementary Differential Pairs Submitted to: Dr. Khoman Phang Submitted by: Ahmed Gharbiya Date: November 15, 2002 Abstract A rail to rail inut common

More information

2.1 Simple & Compound Propositions

2.1 Simple & Compound Propositions 2.1 Simle & Comound Proositions 1 2.1 Simle & Comound Proositions Proositional Logic can be used to analyse, simlify and establish the equivalence of statements. A knowledge of logic is essential to the

More information

Time-Cost Trade-Offs in Resource-Constraint Project Scheduling Problems with Overlapping Modes

Time-Cost Trade-Offs in Resource-Constraint Project Scheduling Problems with Overlapping Modes Time-Cost Trade-Offs in Resource-Constraint Proect Scheduling Problems with Overlaing Modes François Berthaut Robert Pellerin Nathalie Perrier Adnène Hai February 2011 CIRRELT-2011-10 Bureaux de Montréal

More information

A Brief Introduction to Design of Experiments

A Brief Introduction to Design of Experiments J. K. TELFORD D A Brief Introduction to Design of Exeriments Jacqueline K. Telford esign of exeriments is a series of tests in which uroseful changes are made to the inut variables of a system or rocess

More information

Service Network Design with Asset Management: Formulations and Comparative Analyzes

Service Network Design with Asset Management: Formulations and Comparative Analyzes Service Network Design with Asset Management: Formulations and Comarative Analyzes Jardar Andersen Teodor Gabriel Crainic Marielle Christiansen October 2007 CIRRELT-2007-40 Service Network Design with

More information

A Virtual Machine Dynamic Migration Scheduling Model Based on MBFD Algorithm

A Virtual Machine Dynamic Migration Scheduling Model Based on MBFD Algorithm International Journal of Comuter Theory and Engineering, Vol. 7, No. 4, August 2015 A Virtual Machine Dynamic Migration Scheduling Model Based on MBFD Algorithm Xin Lu and Zhuanzhuan Zhang Abstract This

More information

A MOST PROBABLE POINT-BASED METHOD FOR RELIABILITY ANALYSIS, SENSITIVITY ANALYSIS AND DESIGN OPTIMIZATION

A MOST PROBABLE POINT-BASED METHOD FOR RELIABILITY ANALYSIS, SENSITIVITY ANALYSIS AND DESIGN OPTIMIZATION 9 th ASCE Secialty Conference on Probabilistic Mechanics and Structural Reliability PMC2004 Abstract A MOST PROBABLE POINT-BASED METHOD FOR RELIABILITY ANALYSIS, SENSITIVITY ANALYSIS AND DESIGN OPTIMIZATION

More information

Static and Dynamic Properties of Small-world Connection Topologies Based on Transit-stub Networks

Static and Dynamic Properties of Small-world Connection Topologies Based on Transit-stub Networks Static and Dynamic Proerties of Small-world Connection Toologies Based on Transit-stub Networks Carlos Aguirre Fernando Corbacho Ramón Huerta Comuter Engineering Deartment, Universidad Autónoma de Madrid,

More information

Risk in Revenue Management and Dynamic Pricing

Risk in Revenue Management and Dynamic Pricing OPERATIONS RESEARCH Vol. 56, No. 2, March Aril 2008,. 326 343 issn 0030-364X eissn 1526-5463 08 5602 0326 informs doi 10.1287/ore.1070.0438 2008 INFORMS Risk in Revenue Management and Dynamic Pricing Yuri

More information

On the predictive content of the PPI on CPI inflation: the case of Mexico

On the predictive content of the PPI on CPI inflation: the case of Mexico On the redictive content of the PPI on inflation: the case of Mexico José Sidaoui, Carlos Caistrán, Daniel Chiquiar and Manuel Ramos-Francia 1 1. Introduction It would be natural to exect that shocks to

More information

CABRS CELLULAR AUTOMATON BASED MRI BRAIN SEGMENTATION

CABRS CELLULAR AUTOMATON BASED MRI BRAIN SEGMENTATION XI Conference "Medical Informatics & Technologies" - 2006 Rafał Henryk KARTASZYŃSKI *, Paweł MIKOŁAJCZAK ** MRI brain segmentation, CT tissue segmentation, Cellular Automaton, image rocessing, medical

More information

Int. J. Advanced Networking and Applications Volume: 6 Issue: 4 Pages: 2386-2392 (2015) ISSN: 0975-0290

Int. J. Advanced Networking and Applications Volume: 6 Issue: 4 Pages: 2386-2392 (2015) ISSN: 0975-0290 2386 Survey: Biological Insired Comuting in the Network Security V Venkata Ramana Associate Professor, Deartment of CSE, CBIT, Proddatur, Y.S.R (dist), A.P-516360 Email: ramanacsecbit@gmail.com Y.Subba

More information

Solutions to Problem Set 3

Solutions to Problem Set 3 Massachusetts Institute of Technology 6.042J/18.062J, Fall 05: Mathematics for Comuter Science October 3 Prof. Albert R. Meyer and Prof. Ronitt Rubinfeld revised October 8, 2005, 979 minutes Solutions

More information

Buffer Capacity Allocation: A method to QoS support on MPLS networks**

Buffer Capacity Allocation: A method to QoS support on MPLS networks** Buffer Caacity Allocation: A method to QoS suort on MPLS networks** M. K. Huerta * J. J. Padilla X. Hesselbach ϒ R. Fabregat O. Ravelo Abstract This aer describes an otimized model to suort QoS by mean

More information

THE REVISED CONSUMER PRICE INDEX IN ZAMBIA

THE REVISED CONSUMER PRICE INDEX IN ZAMBIA THE REVISED CONSUMER PRICE INDEX IN ZAMBIA Submitted by the Central Statistical office of Zambia Abstract This aer discusses the Revised Consumer Price Index (CPI) in Zambia, based on revised weights,

More information

CRITICAL AVIATION INFRASTRUCTURES VULNERABILITY ASSESSMENT TO TERRORIST THREATS

CRITICAL AVIATION INFRASTRUCTURES VULNERABILITY ASSESSMENT TO TERRORIST THREATS Review of the Air Force Academy No (23) 203 CRITICAL AVIATION INFRASTRUCTURES VULNERABILITY ASSESSMENT TO TERRORIST THREATS Cătălin CIOACĂ Henri Coandă Air Force Academy, Braşov, Romania Abstract: The

More information

Safety evaluation of digital post-release environment sensor data interface for distributed fuzing systems

Safety evaluation of digital post-release environment sensor data interface for distributed fuzing systems Safety evaluation of digital ost-release environment sensor data interface for distributed fuzing systems 57 th Fuze Conference, Newark, NJ Wednesday, July 30 th, 2014 Oen Session IIIA, 3:20 PM S. Ebenhöch,

More information

Decision-Making on-board an Autonomous Agile Earth-Observing Satellite

Decision-Making on-board an Autonomous Agile Earth-Observing Satellite Decision-Making on-board an Automous Agile Earth-Observing Satellite Grégory Beaumet and Gérard Verfaillie ONERA, Toulouse, France {Gregory.Beaumet, Gerard.Verfaillie}@onera.fr Marie-Claire Charmeau CNES,

More information

NAVAL POSTGRADUATE SCHOOL THESIS

NAVAL POSTGRADUATE SCHOOL THESIS NAVAL POSTGRADUATE SCHOOL MONTEREY CALIFORNIA THESIS SYMMETRICAL RESIDUE-TO-BINARY CONVERSION ALGORITHM PIPELINED FPGA IMPLEMENTATION AND TESTING LOGIC FOR USE IN HIGH-SPEED FOLDING DIGITIZERS by Ross

More information

1 Gambler s Ruin Problem

1 Gambler s Ruin Problem Coyright c 2009 by Karl Sigman 1 Gambler s Ruin Problem Let N 2 be an integer and let 1 i N 1. Consider a gambler who starts with an initial fortune of $i and then on each successive gamble either wins

More information

GAS TURBINE PERFORMANCE WHAT MAKES THE MAP?

GAS TURBINE PERFORMANCE WHAT MAKES THE MAP? GAS TURBINE PERFORMANCE WHAT MAKES THE MAP? by Rainer Kurz Manager of Systems Analysis and Field Testing and Klaus Brun Senior Sales Engineer Solar Turbines Incororated San Diego, California Rainer Kurz

More information

Automatic Search for Correlated Alarms

Automatic Search for Correlated Alarms Automatic Search for Correlated Alarms Klaus-Dieter Tuchs, Peter Tondl, Markus Radimirsch, Klaus Jobmann Institut für Allgemeine Nachrichtentechnik, Universität Hannover Aelstraße 9a, 0167 Hanover, Germany

More information

Design of A Knowledge Based Trouble Call System with Colored Petri Net Models

Design of A Knowledge Based Trouble Call System with Colored Petri Net Models 2005 IEEE/PES Transmission and Distribution Conference & Exhibition: Asia and Pacific Dalian, China Design of A Knowledge Based Trouble Call System with Colored Petri Net Models Hui-Jen Chuang, Chia-Hung

More information

http://www.ualberta.ca/~mlipsett/engm541/engm541.htm

http://www.ualberta.ca/~mlipsett/engm541/engm541.htm ENGM 670 & MECE 758 Modeling and Simulation of Engineering Systems (Advanced Toics) Winter 011 Lecture 9: Extra Material M.G. Lisett University of Alberta htt://www.ualberta.ca/~mlisett/engm541/engm541.htm

More information

Memory management. Chapter 4: Memory Management. Memory hierarchy. In an ideal world. Basic memory management. Fixed partitions: multiple programs

Memory management. Chapter 4: Memory Management. Memory hierarchy. In an ideal world. Basic memory management. Fixed partitions: multiple programs Memory management Chater : Memory Management Part : Mechanisms for Managing Memory asic management Swaing Virtual Page relacement algorithms Modeling age relacement algorithms Design issues for aging systems

More information

A Simple Model of Pricing, Markups and Market. Power Under Demand Fluctuations

A Simple Model of Pricing, Markups and Market. Power Under Demand Fluctuations A Simle Model of Pricing, Markus and Market Power Under Demand Fluctuations Stanley S. Reynolds Deartment of Economics; University of Arizona; Tucson, AZ 85721 Bart J. Wilson Economic Science Laboratory;

More information

A New Method for Eye Detection in Color Images

A New Method for Eye Detection in Color Images Journal of Comuter Engineering 1 (009) 3-11 A New Method for Eye Detection in Color Images Mohammadreza Ramezanour Deartment of Comuter Science & Research Branch Azad University, Arak.Iran E-mail: Mr.ramezanoor@gmail.com

More information

Large-Scale IP Traceback in High-Speed Internet: Practical Techniques and Theoretical Foundation

Large-Scale IP Traceback in High-Speed Internet: Practical Techniques and Theoretical Foundation Large-Scale IP Traceback in High-Seed Internet: Practical Techniques and Theoretical Foundation Jun Li Minho Sung Jun (Jim) Xu College of Comuting Georgia Institute of Technology {junli,mhsung,jx}@cc.gatech.edu

More information

FDA CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES

FDA CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES Document: MRM-1004-GAPCFR11 (0005) Page: 1 / 18 FDA CFR PART 11 ELECTRONIC RECORDS, ELECTRONIC SIGNATURES AUDIT TRAIL ECO # Version Change Descrition MATRIX- 449 A Ga Analysis after adding controlled documents

More information

A NONLINEAR SWITCHING CONTROL METHOD FOR MAGNETIC BEARING SYSTEMS MINIMIZING THE POWER CONSUMPTION

A NONLINEAR SWITCHING CONTROL METHOD FOR MAGNETIC BEARING SYSTEMS MINIMIZING THE POWER CONSUMPTION Coyright IFAC 5th Triennial World Congress, Barcelona, Sain A NONLINEAR SWITCHING CONTROL METHOD FOR MAGNETIC BEARING SYSTEMS MINIMIZING THE POWER CONSUMPTION Kang-Zhi Liu Λ; Akihiro Ikai Λ Akihiro Ogata

More information

The risk of using the Q heterogeneity estimator for software engineering experiments

The risk of using the Q heterogeneity estimator for software engineering experiments Dieste, O., Fernández, E., García-Martínez, R., Juristo, N. 11. The risk of using the Q heterogeneity estimator for software engineering exeriments. The risk of using the Q heterogeneity estimator for

More information

It is important to be very clear about our definitions of probabilities.

It is important to be very clear about our definitions of probabilities. Use Bookmarks for electronic content links 7.6 Bayesian odds 7.6.1 Introduction The basic ideas of robability have been introduced in Unit 7.3 in the book, leading to the concet of conditional robability.

More information

STUDIES ON DYNAMIC VISCOSITY CHANGES OF THE ENGINE S LUBRICATION OIL DEPENDING ON THE PRESSURE

STUDIES ON DYNAMIC VISCOSITY CHANGES OF THE ENGINE S LUBRICATION OIL DEPENDING ON THE PRESSURE Journal of KONES Powertrain and Transort, Vol. 20, No. 4 2013 STUDIES ON DYNAMIC VISCOSITY CHANGES OF THE ENGINE S LUBRICATION OIL DEPENDING ON THE PRESSURE Grzegorz Sikora Gdynia Maritime University Deartment

More information

Theoretical comparisons of average normalized gain calculations

Theoretical comparisons of average normalized gain calculations PHYSICS EDUCATIO RESEARCH All submissions to PERS should be sent referably electronically to the Editorial Office of AJP, and then they will be forwarded to the PERS editor for consideration. Theoretical

More information

POISSON PROCESSES. Chapter 2. 2.1 Introduction. 2.1.1 Arrival processes

POISSON PROCESSES. Chapter 2. 2.1 Introduction. 2.1.1 Arrival processes Chater 2 POISSON PROCESSES 2.1 Introduction A Poisson rocess is a simle and widely used stochastic rocess for modeling the times at which arrivals enter a system. It is in many ways the continuous-time

More information

An Associative Memory Readout in ESN for Neural Action Potential Detection

An Associative Memory Readout in ESN for Neural Action Potential Detection g An Associative Memory Readout in ESN for Neural Action Potential Detection Nicolas J. Dedual, Mustafa C. Ozturk, Justin C. Sanchez and José C. Princie Abstract This aer describes how Echo State Networks

More information

4 Perceptron Learning Rule

4 Perceptron Learning Rule Percetron Learning Rule Objectives Objectives - Theory and Examles - Learning Rules - Percetron Architecture -3 Single-Neuron Percetron -5 Multile-Neuron Percetron -8 Percetron Learning Rule -8 Test Problem

More information

COST CALCULATION IN COMPLEX TRANSPORT SYSTEMS

COST CALCULATION IN COMPLEX TRANSPORT SYSTEMS OST ALULATION IN OMLEX TRANSORT SYSTEMS Zoltán BOKOR 1 Introduction Determining the real oeration and service costs is essential if transort systems are to be lanned and controlled effectively. ost information

More information

The Fundamental Incompatibility of Scalable Hamiltonian Monte Carlo and Naive Data Subsampling

The Fundamental Incompatibility of Scalable Hamiltonian Monte Carlo and Naive Data Subsampling The Fundamental Incomatibility of Scalable Hamiltonian Monte Carlo and Naive Data Subsamling Michael Betancourt Deartment of Statistics, University of Warwick, Coventry, UK CV4 7A BETANAPHA@GMAI.COM Abstract

More information

Re-Dispatch Approach for Congestion Relief in Deregulated Power Systems

Re-Dispatch Approach for Congestion Relief in Deregulated Power Systems Re-Disatch Aroach for Congestion Relief in Deregulated ower Systems Ch. Naga Raja Kumari #1, M. Anitha 2 #1, 2 Assistant rofessor, Det. of Electrical Engineering RVR & JC College of Engineering, Guntur-522019,

More information

From Simulation to Experiment: A Case Study on Multiprocessor Task Scheduling

From Simulation to Experiment: A Case Study on Multiprocessor Task Scheduling From to Exeriment: A Case Study on Multirocessor Task Scheduling Sascha Hunold CNRS / LIG Laboratory Grenoble, France sascha.hunold@imag.fr Henri Casanova Det. of Information and Comuter Sciences University

More information

Point Location. Preprocess a planar, polygonal subdivision for point location queries. p = (18, 11)

Point Location. Preprocess a planar, polygonal subdivision for point location queries. p = (18, 11) Point Location Prerocess a lanar, olygonal subdivision for oint location ueries. = (18, 11) Inut is a subdivision S of comlexity n, say, number of edges. uild a data structure on S so that for a uery oint

More information

X How to Schedule a Cascade in an Arbitrary Graph

X How to Schedule a Cascade in an Arbitrary Graph X How to Schedule a Cascade in an Arbitrary Grah Flavio Chierichetti, Cornell University Jon Kleinberg, Cornell University Alessandro Panconesi, Saienza University When individuals in a social network

More information

Moving Objects Tracking in Video by Graph Cuts and Parameter Motion Model

Moving Objects Tracking in Video by Graph Cuts and Parameter Motion Model International Journal of Comuter Alications (0975 8887) Moving Objects Tracking in Video by Grah Cuts and Parameter Motion Model Khalid Housni, Driss Mammass IRF SIC laboratory, Faculty of sciences Agadir

More information

Overview of Lecture 3. Model Checking with SPIN. First attempt (revisited) Linear Temporal Logic (LTL) CDP #3

Overview of Lecture 3. Model Checking with SPIN. First attempt (revisited) Linear Temporal Logic (LTL) CDP #3 Concurrent and Distributed Programming htt://fmt.cs.utwente.nl/courses/cd/ Mel Checking with SPIN CDP #3 Overview of Lecture 3 Ch. 4 - Verification of Concurrent Programs linear temoral logic (LTL) deductive

More information

MODELLING AND SIMULATION OF A DISH STIRLING SOLAR ENGINE. Sergio Bittanti Antonio De Marco Marcello Farina Silvano Spelta

MODELLING AND SIMULATION OF A DISH STIRLING SOLAR ENGINE. Sergio Bittanti Antonio De Marco Marcello Farina Silvano Spelta MODELLING AND SIMULATION OF A DISH STIRLING SOLAR ENGINE Sergio Bittanti Antonio De Marco Marcello Farina Silvano Selta Diartimento di Elettronica e Informazione, Politecnico di Milano, Via Ponzio 34,

More information

17609: Continuous Data Protection Transforms the Game

17609: Continuous Data Protection Transforms the Game 17609: Continuous Data Protection Transforms the Game Wednesday, August 12, 2015: 8:30 AM-9:30 AM Southern Hemishere 5 (Walt Disney World Dolhin) Tony Negro - EMC Rebecca Levesque 21 st Century Software

More information

Learning Human Behavior from Analyzing Activities in Virtual Environments

Learning Human Behavior from Analyzing Activities in Virtual Environments Learning Human Behavior from Analyzing Activities in Virtual Environments C. BAUCKHAGE 1, B. GORMAN 2, C. THURAU 3 & M. HUMPHRYS 2 1) Deutsche Telekom Laboratories, Berlin, Germany 2) Dublin City University,

More information

The Magnus-Derek Game

The Magnus-Derek Game The Magnus-Derek Game Z. Nedev S. Muthukrishnan Abstract We introduce a new combinatorial game between two layers: Magnus and Derek. Initially, a token is laced at osition 0 on a round table with n ositions.

More information

Software Model Checking: Theory and Practice

Software Model Checking: Theory and Practice Software Model Checking: Theory and Practice Lecture: Secification Checking - Temoral Logic Coyright 2004, Matt Dwyer, John Hatcliff, and Robby. The syllabus and all lectures for this course are coyrighted

More information

An Analysis of Reliable Classifiers through ROC Isometrics

An Analysis of Reliable Classifiers through ROC Isometrics An Analysis of Reliable Classifiers through ROC Isometrics Stijn Vanderlooy s.vanderlooy@cs.unimaas.nl Ida G. Srinkhuizen-Kuyer kuyer@cs.unimaas.nl Evgueni N. Smirnov smirnov@cs.unimaas.nl MICC-IKAT, Universiteit

More information

Branch-and-Price for Service Network Design with Asset Management Constraints

Branch-and-Price for Service Network Design with Asset Management Constraints Branch-and-Price for Servicee Network Design with Asset Management Constraints Jardar Andersen Roar Grønhaug Mariellee Christiansen Teodor Gabriel Crainic December 2007 CIRRELT-2007-55 Branch-and-Price

More information

START Selected Topics in Assurance

START Selected Topics in Assurance START Selected Toics in Assurance Related Technologies Table of Contents Understanding Binomial Sequential Testing Introduction Double Samling (Two Stage) Testing Procedures The Sequential Probability

More information

Drinking water systems are vulnerable to

Drinking water systems are vulnerable to 34 UNIVERSITIES COUNCIL ON WATER RESOURCES ISSUE 129 PAGES 34-4 OCTOBER 24 Use of Systems Analysis to Assess and Minimize Water Security Risks James Uber Regan Murray and Robert Janke U. S. Environmental

More information

Simulink Implementation of a CDMA Smart Antenna System

Simulink Implementation of a CDMA Smart Antenna System Simulink Imlementation of a CDMA Smart Antenna System MOSTAFA HEFNAWI Deartment of Electrical and Comuter Engineering Royal Military College of Canada Kingston, Ontario, K7K 7B4 CANADA Abstract: - The

More information

The Graphical Method. Lecture 1

The Graphical Method. Lecture 1 References: Anderson, Sweeney, Williams: An Introduction to Management Science - quantitative aroaches to decision maing 7 th ed Hamdy A Taha: Oerations Research, An Introduction 5 th ed Daellenbach, George,

More information

Softmax Model as Generalization upon Logistic Discrimination Suffers from Overfitting

Softmax Model as Generalization upon Logistic Discrimination Suffers from Overfitting Journal of Data Science 12(2014),563-574 Softmax Model as Generalization uon Logistic Discrimination Suffers from Overfitting F. Mohammadi Basatini 1 and Rahim Chiniardaz 2 1 Deartment of Statistics, Shoushtar

More information

Variations on the Gambler s Ruin Problem

Variations on the Gambler s Ruin Problem Variations on the Gambler s Ruin Problem Mat Willmott December 6, 2002 Abstract. This aer covers the history and solution to the Gambler s Ruin Problem, and then exlores the odds for each layer to win

More information

The impact of metadata implementation on webpage visibility in search engine results (Part II) q

The impact of metadata implementation on webpage visibility in search engine results (Part II) q Information Processing and Management 41 (2005) 691 715 www.elsevier.com/locate/inforoman The imact of metadata imlementation on webage visibility in search engine results (Part II) q Jin Zhang *, Alexandra

More information

Shunt Active Power Filter with Dynamic Output Current Limitation

Shunt Active Power Filter with Dynamic Output Current Limitation Shunt Active Power Filter with Dynamic Outut Current Limitation R. Pregitzer, J. G. Pinto, Luís F.C. Monteiro, João L. Afonso Industrial Electronics Deartment University of Minho Guimarães, Portugal Email:

More information

Interaction Expressions A Powerful Formalism for Describing Inter-Workflow Dependencies

Interaction Expressions A Powerful Formalism for Describing Inter-Workflow Dependencies Interaction Exressions A Powerful Formalism for Describing Inter-Workflow Deendencies Christian Heinlein, Peter Dadam Det. Databases and Information Systems University of Ulm, Germany {heinlein,dadam}@informatik.uni-ulm.de

More information

A Study of Active Queue Management for Congestion Control

A Study of Active Queue Management for Congestion Control In IEEE INFOCOM 2 A Study of Active Queue Management for Congestion Control Victor Firoiu Marty Borden 1 vfiroiu@nortelnetworks.com mborden@tollbridgetech.com Nortel Networks TollBridge Technologies 6

More information

Stochastic Derivation of an Integral Equation for Probability Generating Functions

Stochastic Derivation of an Integral Equation for Probability Generating Functions Journal of Informatics and Mathematical Sciences Volume 5 (2013), Number 3,. 157 163 RGN Publications htt://www.rgnublications.com Stochastic Derivation of an Integral Equation for Probability Generating

More information

IEEM 101: Inventory control

IEEM 101: Inventory control IEEM 101: Inventory control Outline of this series of lectures: 1. Definition of inventory. Examles of where inventory can imrove things in a system 3. Deterministic Inventory Models 3.1. Continuous review:

More information

A Framework to Schedule Parametric Dataflow Applications on Many-Core Platforms

A Framework to Schedule Parametric Dataflow Applications on Many-Core Platforms A Framework to Schedule Parametric Dataflow Alications on Many-Core Platforms Vagelis ebelis Pascal Fradet Alain Girault INRIA Univ. Grenoble Ales, F-38000, Grenoble, France STMicroelectronics first.last@inria.fr

More information

Computational Finance The Martingale Measure and Pricing of Derivatives

Computational Finance The Martingale Measure and Pricing of Derivatives 1 The Martingale Measure 1 Comutational Finance The Martingale Measure and Pricing of Derivatives 1 The Martingale Measure The Martingale measure or the Risk Neutral robabilities are a fundamental concet

More information

Provable Ownership of File in De-duplication Cloud Storage

Provable Ownership of File in De-duplication Cloud Storage 1 Provable Ownershi of File in De-dulication Cloud Storage Chao Yang, Jian Ren and Jianfeng Ma School of CS, Xidian University Xi an, Shaanxi, 710071. Email: {chaoyang, jfma}@mail.xidian.edu.cn Deartment

More information

Migration to Object Oriented Platforms: A State Transformation Approach

Migration to Object Oriented Platforms: A State Transformation Approach Migration to Object Oriented Platforms: A State Transformation Aroach Ying Zou, Kostas Kontogiannis Det. of Electrical & Comuter Engineering University of Waterloo Waterloo, ON, N2L 3G1, Canada {yzou,

More information

Improved Symmetric Lists

Improved Symmetric Lists Imroved Symmetric Lists Technical Reort MIP-49 October, 24 Christian Bachmaier and Marcus Raitner University of Passau, 943 Passau, Germany Fax: +49 85 59 332 {bachmaier,raitner}@fmi.uni-assau.de Abstract.

More information

Pressure Drop in Air Piping Systems Series of Technical White Papers from Ohio Medical Corporation

Pressure Drop in Air Piping Systems Series of Technical White Papers from Ohio Medical Corporation Pressure Dro in Air Piing Systems Series of Technical White Paers from Ohio Medical Cororation Ohio Medical Cororation Lakeside Drive Gurnee, IL 600 Phone: (800) 448-0770 Fax: (847) 855-604 info@ohiomedical.com

More information

NOISE ANALYSIS OF NIKON D40 DIGITAL STILL CAMERA

NOISE ANALYSIS OF NIKON D40 DIGITAL STILL CAMERA NOISE ANALYSIS OF NIKON D40 DIGITAL STILL CAMERA F. Mojžíš, J. Švihlík Detartment of Comuting and Control Engineering, ICT Prague Abstract This aer is devoted to statistical analysis of Nikon D40 digital

More information

Pinhole Optics. OBJECTIVES To study the formation of an image without use of a lens.

Pinhole Optics. OBJECTIVES To study the formation of an image without use of a lens. Pinhole Otics Science, at bottom, is really anti-intellectual. It always distrusts ure reason and demands the roduction of the objective fact. H. L. Mencken (1880-1956) OBJECTIVES To study the formation

More information

Butterfly: Privacy Preserving Publishing on Multiple Quasi-Identifiers

Butterfly: Privacy Preserving Publishing on Multiple Quasi-Identifiers Butterfly: Privacy Preserving Publishing on Multile Quasi-Identifiers Technical Reort TR 2008-18 School of Comuting Science, Simon Fraser University Jian Pei Simon Fraser University jei@cs.sfu.ca Yufei

More information

Efficiently building a parse tree from a regular expression?

Efficiently building a parse tree from a regular expression? ACTA Informatica ManuscritNr. (will be inserted by hand later) Efficiently building a arse tree from a regular exression? Danny Dubé and Marc Feeley?? Université de Montréal C.P. 6128, succ. centreville,

More information

The Advantage of Timely Intervention

The Advantage of Timely Intervention Journal of Exerimental Psychology: Learning, Memory, and Cognition 2004, Vol. 30, No. 4, 856 876 Coyright 2004 by the American Psychological Association 0278-7393/04/$12.00 DOI: 10.1037/0278-7393.30.4.856

More information