基于自律计算的系统可信性自调节模型

保障和增强系统的可靠性、安全性和稳定性等可信性质是对系统服务的高级要求。提出了一个基于自律计算理念的系统可信性自调节模型,该模型动态分析目标系统的可信度变化趋势,参考先验可信度变化曲线的梯度升降,依序实现可信度在线评估、可信度动态预测和自调节方案选择,完成系统可信度非降的自主调节过程,采用信赖域梯度计算策略解决自调节的最优化问题。     

一种分阶处理的软件自恢复方法

任务关键系统要求高可用性,因此当系统发生故障时需要快速恢复。由于任务关键系统中的故障多与软件相关,为满足恢复时间短、对系统副作用小等任务关键系统的恢复需求,提出一种分阶处理的软件自恢复方法。在预处理过程中,采用所提出的微重启技术自动修改二进制文件使其在出现异常时重启恢复成为一种自律行为;在系统运行时,采用所提出的基于MD5监测算法及热插拔技术的软件自修复方法对系统实施监测及自动修复。该方法可恢复系统内部失效如响应超时、资源泄漏等问题;对系统受到外部攻击的情况,如病毒修改二进制文件,非授权用户非法篡改系统文件等,该方法也可有效动态恢复,同时可以兼容系统动态升级需求。     

一种面向CPS软件的可信性评估框架

信息物理融合系统(Cyber Physical System,CPS)是一种新型复杂的网络化嵌入式系统,在CPS中存在多种软件通过网络进行交互,如何确保软件及其交互可信性是开发高可信CPS的基础.针对这一问题,提出一种面向CPS软件的可信性评估框架,该框架包括两个模型:可信性指标模型和可信性评估模型.可信性指标模型通过分析用户需求得到,而可信性评估模型则利用建立的可信性指标模型评估CPS软件及其交互的可信性.最后给出的实例分析,说明了提出框架的有效性.     

嵌入式多任务软件混合自容错机制

分析安全关键应用对嵌入式系统自容错能力的需求,进而研究嵌入式系统中关键任务状态的形式化描述方法及任务故障的自监测机制。在此基础上,提出一种基于策略的嵌入式多任务软件混合自容错机制。在该机制中,软件系统在监测各任务实体运行时状态的基础上,可依据不同方法对故障任务进行自恢复处理,并尽量保证系统主要功能的可靠性与稳定性。实验结果表明,该机制有助于从嵌入式软件方面提高嵌入式系统的可靠运行能力。     

软件可信性度量模型研究进展

介绍了软件可信性认识的演变,总结了已有的软件可信性描述性概念和观点,提出了一种新的软件可信性描述结构模型;回顾了软件可信性度量模型研究的发展变化,同时进行了分析和点评,并结合已有研究成果,指出了软件可信性度量模型研究取得理论突破的关键以及拓展研究的新方向。     

基于神经网络的目标识别模型验证方法研究

针对多传感器目标识别仿真模型的验证问题,提出了一种基于多神经网络的“分层有序”的模型验证方法。该方法利用神经网络的自组织和自学习能力,通过对各种目标识别模型关键行为特性的学习,将实际系统行为归类为其中的一种模型,从而对模型的可信性做出评估。仿真结果进一步说明了该方法的可行性和有效性。     

盲环境下的数字图像可信性评估模型研究

随着各种数字图像处理软件和信息隐藏软件的涌现,数字图像正面临"信任危机".文中从可信的角度考虑数字图像的安全问题,提出盲环境下数字图像可信性评估的概念.文中提出了两类可信性评估模型:可信性判断模型和可信性度量模型.可信性判断模型在数字图像取证技术的基础上,围绕数字图像的不同生命阶段,判断数字图像是否可信.可信性度量模型分为可信性综合度量模型和可信性历史度量模型两种.文中设计了一种基于隐马尔可夫(HMM)的历史度量模型和一种基于模糊层次分析法的综合度量模型.在所设计模型的基础上,文中进一步研究了盲环境下数字图像可信性评估体系.文中最后通过实验结果验证了所提出的数字图像可信性综合度量模型的有效性.     

基于信誉机制的域间路由安全协同管理方法

如何抑制虚假路由的传播和恶意路由行为的发生,是域间路由安全管理的重要研究内容,对自治系统路由行为进行可信性评价和监督是其中的关键技术.设计了一种用于评价自治系统路由行为可信性的分布式协同信誉机制.该机制基于历史路由的有效性统计结果,采用后验概率分析的方法,由多个自治系统按照自组织协同的方式完成对目标自治系统的信誉计算,并将信誉计算结果作为度量该自治系统路由行为可信性的依据.实验结果表明,该机制能够抑制不良路由行为,有效提高域间路由系统的总体安全性,还能够为路由可信性分析和故障诊断提供依据,支持渐进式部署,     

面向服务的自律系统的自律可信性评估

从面向服务的角度分析自律系统的自律可信性,提出基于服务请求一服务过程一服务响应的层次化评估体系,该指标体系具有可拓展性和规范性。并采用层次分析法和模糊综合评佑法,实现自律评估的定量分析和计算。最后通过实例分析证实了指标体系的有效性和可行性。     

一种高可用性冗余集群的关键技术及可信性分析

介绍了高可用性冗余集群系统的一些关键技术,提出了一种基于任务表的自适应容错算法,对算法的设计思想和具体实现进行了详细阐述。最后建立了系统随机Petri-net模型,对系统进行可信性分析,经计算分析表明系统满足实际高可用性要求。     

The effect of the transient faults in dependability prediction

Markov chain models are used to evaluate the dependability properties (reliability, safety, availability, maintainability etc.) of the mission-critical systems. Dependability models are often focused only on the basic stuck-at faults. On the other hand the transient faults are present in the operational environment but not included in the dependability prediction. The aim of this paper is to show how the transient faults influence the dependability prediction using the Markov chain model. In this paper basic TMR Markov chain model using stuck-at faults is compared to our extended TMR model considering both the stuck-at and transient faults. The main focus is given on the calculation of the dependability parameter lambda (i.e. the failure rate of the system).     

A dependability model for TMR system

Much research has been done on the dependability evaluation of computer systems. However, much of this is gone no further than study of the fault coverage of such systems, with little focus on the relationship between fault coverage and overall system dependability. In this paper, a Markovian dependability model for triple-modular-redundancy (TMR) system is presented. Having fully considered the effects of fault coverage, working time, and constant failure rate of single module on the dependability of the target TMR system, the model is built based on the stepwise degradation strategy. Through the model, the relationship between the fault coverage and the dependability of the system is determined. What is more, the dependability of the system can be dynamically and precisely predicted at any given time with the fault coverage set. This will be of much benefit for the dependability evaluation and improvement, and be helpful for the system design and maintenance.     

Performance analysis of a dependable scheduling strategy based on a fault-tolerant grid model

The grid provides an integrated computer platform composed of differentiated and distributed systems. These resources are dynamic and heterogeneous. In this paper, a novel fault-tolerant grid-scheduling model is presented based on Stochastic Petri Nets (SPN) to assure the heterogeneity and dynamism of the grid system. Also, a new grid-scheduling strategy, the dependable strategy for the shortest expected accomplishing time (DSEAT), is put forward, in which the dependability factor is introduced in the task-dispatching strategy. In the end, the performance of the scheduling strategy based on the fault-tolerant grid-scheduling model is analyzed by an software package, named SPNP. The numerical results show that dynamic resources will increase the response time for all classes of tasks in differing degrees. Compared with shortest expected accomplishing time (SEAT) strategy, the DSEAT strategy can reduce the negative effects of dynamic and autonomic resources to some extent so as to guarantee a high quality of service (QoS).     

基于马尔可夫模型的可信性评估研究

研究了安全关键实时系统传统的高可信保障机制,提出了一种可支持多级关键度的新可信性保障机制。使用该机制则可根据各子系统的实际可信性需求采用相应的冗余数进行容错处理。为评估该可信性保障机制,改进了传统的多模型可信性评估方法。基于马尔可夫模型,文章建立了一种统一的可信性评估模型,使用该模型则可按不同关键度子系统的实际可信性需求进行独立的评估。同时,该文使用了大量的实例进行例证。     

An evaluation model for dependability of Internet-scale software on basis of Bayesian Networks and trustworthiness

Internet-scale software becomes more and more important as a mode to construct software systems when Internet is developing rapidly. Internet-scale software comprises a set of widely distributed software entities which are running in open, dynamic and uncontrollable Internet environment. There are several aspects impacting dependability of Internet-scale software, such as technical, organizational, decisional and human aspects. It is very important to evaluate dependability of Internet-scale software by integrating all the aspects and analyzing system architecture from the most foundational elements. However, it is lack of such an evaluation model. An evaluation model of dependability for Internet-scale software on the basis of Bayesian Networks is proposed in this paper. The structure of Internet-scale software is analyzed. An evaluating system of dependability for Internet-scale software is established. It includes static metrics, dynamic metrics, prior metrics and correction metrics. A process of trust attenuation based on assessment is proposed to integrate subjective trust factors and objective dependability factors which impact on system quality. In this paper, a Bayesian Network is build according to the structure analysis. A bottom-up method that use Bayesian reasoning to analyses and calculate entity dependability and integration dependability layer by layer is described. A unified dependability of the whole system is worked out and is corrected by objective data. The analysis of experiment in a real system proves that the model in this paper is capable of evaluating the dependability of Internet-scale software clearly and objectively. Moreover, it offers effective help to the design, development, deployment and assessment of Internet-scale software.     

Intention-oriented programming support for runtime adaptive autonomic cloud-based applications

The continuing high rate of advances in information and communication systems technology creates many new commercial opportunities but also engenders a range of new technical challenges around maximising systems’ dependability, availability, adaptability, and auditability. These challenges are under active research, with notable progress made in the support for dependable software design and management. Runtime support, however, is still in its infancy and requires further research. This paper focuses on a requirements model for the runtime execution and control of an intention-oriented Cloud-Based Application. Thus, a novel requirements modelling process referred to as Provision, Assurance and Auditing, and an associated framework are defined and developed where a given system’s non/functional requirements are modelled in terms of intentions and encoded in a standard open mark-up language. An autonomic intention-oriented programming model, using the Neptune language, then handles its deployment and execution.     

基于AADL的IoP系统可靠性评估方法

人联网（IoP）系统的架构复杂且存在海量、实时变化的数据,使得基于IoP系统的可靠性分析变得十分困难,目前仍缺乏一种健全的基于IoP系统的可靠性建模及评估方法。提出一种新型的IoP系统可靠性评估方法,利用AADL及其附件语言对IoP系统进行可靠性建模,并基于该模型从定性角度评估系统故障的根本原因和风险。此外,结合Ocarina模型转换技术提出一种基于连续时间马尔科夫链（CTMC）的定量评估算法,将AADL可靠性模型转换为CTMC模型,实现对系统动态、实时等特性的评估。在此基础上,设计一个IoP系统通用模型,并以此为案例验证所提方法的可行性。实验结果表明,该方法不仅能对IoP系统建模,而且能自动、准确地对其进行可靠性分析,具有良好的应用价值。     

基于贝叶斯网络的网构软件可信性评估模型

对于运行在开放、动态、难控的互联网环境的网构软件,其可信性评估是一个重要课题,但目前大量研究中可信性计算多是基于黑盒的,没有深入考虑系统结构,且评价指标过于单一.因此,提出了一个基于贝叶斯网络的网构软件可信性评估模型.该模型通过对网构软件进行结构分析,根据其结构模式,建立多层的网构软件可信性评估指标体系.基于贝叶斯网络采用自底向上逐层分析计算的方法,对网构软件的各组成实体及其系统整体的多方面可信性指标进行评估,形成统一的可信性结果,并使用客观数据对其进行修正.实验证明,该模型可以明确、客观地对网构软件的可信性进行评估,并能够对网构软件的设计、开发和部署提供帮助.