This report considers the use of `software of uncertain pedigree' (SOUP) in safety-related applications. In the proposed approach, the safety assurance of SOUP is based on a documented, five-phase safety justification (or safety case) that sets out the safety claims for the system

increase slowly as a function of the number of nodes (like O(log n) orO(log(log n)). Existing graph generation models do not exhibit these types of behavior, even at a qualitative level. We provide a new graph generator, based on a “forest fire” spreading process, that has a simple, intuitive justification

not impair the symbolic verification of "implementable" real-time programs---those whose safety...

This paper gives the main definitions relating to dependability, a generic concept including as special case such attributes as reliability, availability, safety, integrity, maintainability, etc. Security brings in concerns for confidentiality, in addition to availability and integrity. Basic

Abstract not found

This paper presents a methodology for agent-oriented analysis and design. The methodology is general, in that it is applicable to a wide range of multi-agent systems, and comprehensive, in that it deals with both the macro-level (societal) and the micro-level (agent) aspects of systems. The methodology is founded on the view of a system as a computational organisation consisting of various interacting roles. We illustrate the methodology through a case study (an agent-based business process management system).

Trust is a judgement of unquestionable utility — as humans we use it every day of our lives. However, trust has suffered from an imperfect understanding, a plethora of definitions, and informal use in the literature and in everyday life. It is common to say “I trust you, ” but what does that mean? This thesis provides a clarification of trust. We present a formalism for trust which provides us with a tool for precise discussion. The formalism is implementable: it can be embedded in an artificial agent, enabling the agent to make trust-based decisions. Its applicability in the domain of Distributed Artificial Intelligence (DAI) is raised. The thesis presents a testbed populated by simple trusting agents which substantiates the utility of the formalism. The formalism provides a step in the direction of a proper understanding and definition of human trust. A contribution of the thesis is its detailed exploration of the possibilities of future work in the area. Summary 1. Overview This thesis presents an overview of trust as a social phenomenon and discusses it formally. It argues that trust is: • A means for understanding and adapting to the complexity of the environment. • A means of providing added robustness to independent agents. • A useful judgement in the light of experience of the behaviour of others. • Applicable to inanimate others. The thesis argues these points from the point of view of artificial agents. Trust in an artificial agent is a means of providing an additional tool for the consideration of other agents and the environment in which it exists. Moreover, a formalisation of trust enables the embedding of the concept into an artificial agent. This has been done, and is documented in the thesis. 2. Exposition There are places in the thesis where it is necessary to give a broad outline before going deeper. In consequence it may seem that the subject is not receiving a thorough treatment, or that too much is being discussed at one time! (This is particularly apparent in the first and second chapters.) To present a thorough understanding of trust, we have proceeded breadth first in the introductory chapters. Chapter 3 expands, depth first, presenting critical views of established researchers.

Software architectures shift the focus of developers from lines-of-code to coarser-grained architectural elements and their overall interconnection structure. Architecture description languages (ADLs) have been proposed as modeling notations to support architecture-based development. There is, however, little consensus in the research community on what is an ADL, what aspects of an architecture should be modeled in an ADL, and which of several possible ADLs is best suited for a particular problem. Furthermore, the distinction is rarely made between ADLs on one hand and formal specification, module interconnection, simulation, and programming languages on the other. This paper attempts to provide an answer to these questions. It motivates and presents a definition and a classification framework for ADLs. The utility of the definition is demonstrated by using it to differentiate ADLs from other modeling notations. The framework is used to classify and compare several existing ADLs, enabling us in the process to identify key properties of ADLs. The comparison highlights areas where existing ADLs provide extensive support and those in which they are deficient, suggesting a research agenda for the future.

Distributed computing systems are being built and used more and more frequently. This distributod computing revolution makes the reliability of distributed systems an important concern. It is fairly well-understood how to connect hardware so that most components can continue to work when others are broken, and thus increase the reliability of a system as a whole. This report addressos the issue of providing software for reliable distributed systems. In particular, we examine how to program a system so that the software continues to work in tho face of a variety of failures of parts of the system. The design presented

Abstract not found