Search

Your search keyword '"Leonardo Montecchi"' showing total 47 results
Start Over Author "Leonardo Montecchi" Language undetermined

Refine your results

more »

more »

more »
47 results on '"Leonardo Montecchi"'

2. Variazione del setting nella psicoterapia di gruppo dovute alla pandemia da covid19

Author

Leonardo Montecchi

Subjects
General Earth and Planetary Sciences, General Environmental Science
Abstract

Questo articolo si concentra sugli effetti prodotti dalla pandemia/ sindemia sul setting dei gruppi psicoterapeutici. Dopo avere descritto il concetto di gruppo e di gruppalita' intesa come stato di coscienza modificato e come vissuto intenzionale e non intenzionale, si sofferma sulle condizioni di passaggio dalla situazione di aggruppamento in cui la gruppalita non è cosciente di se, al gruppo in cui la gruppalita' prende coscienza. In oltre si mostrano le variabili indipendenti che favoriscono questo passaggio cioè il compito, lo spazio, il tempo e i ruoli/ funzioni. In conclusione vengono descritti gli effetti di cambiamento del setting dovuti alla pandemia, soprattutto in relazione allo spazio, in tre gruppi. Il primo si svolge nel Centro Osservazione e Diagnosi della comunità di Vallecchio, in provincia di Rimini. Il secondo è un gruppo di apprendimento. Il terzo e' un gruppo di psicoterapia.

Published
2022

5. A Template-Based Methodology for the Specification and Automated Composition of Performability Models

Author

Andrea Bondavalli, Paolo Lollini, and Leonardo Montecchi

Subjects
Class (computer programming), Computer science, Distributed computing, Scale (chemistry), Maintainability, 020207 software engineering, 02 engineering and technology, Specification language, Petri net, 020202 computer hardware & architecture, modularity, model-based evaluation, state-based, Stochastic Activity Networks, performability, template models, composition, model-driven engineering, Unified Modeling Language, 0202 electrical engineering, electronic engineering, information engineering, Task analysis, Dependability, Electrical and Electronic Engineering, Safety, Risk, Reliability and Quality, computer, computer.programming_language
Abstract

Dependability and performance analysis of modern systems is facing great challenges: their scale is growing, they are becoming massively distributed, interconnected, and evolving. Such complexity makes model-based assessment a difficult and time-consuming task. For the evaluation of large systems, reusable submodels are typically adopted as an effective way to address the complexity and to improve the maintainability of models. When using state-based models, a common approach is to define libraries of generic submodels, and then compose concrete instances by state sharing, following predefined “patterns” that depend on the class of systems being modeled. However, such composition patterns are rarely formalized, or not even documented at all. In this paper, we address this problem using a model-driven approach, which combines a language to specify reusable submodels and composition patterns, and an automated composition algorithm. Clearly defining libraries of reusable submodels, together with patterns for their composition, allows complex models to be automatically assembled, based on a high-level description of the scenario to be evaluated. This paper provides a solution to this problem focusing on: formally defining the concept of model templates, defining a specification language for model templates, defining an automated instantiation and composition algorithm, and applying the approach to a case study of a large-scale distributed system.

Published
2020

8. A proposal for organizing source code variability in the git version control system

Author

Junior Cupe Casquina and Leonardo Montecchi

Subjects
Source code, business.industry, Computer science, media_common.quotation_subject, Software development, Product (business), Software, Control system, Conditional compilation, Software system, Software engineering, business, Software versioning, media_common
Abstract

Often, either to expand the target market or to satisfy specific new requirements, software systems inside a company are cloned, refactored, and customized, generating new derived software systems. Although this is a practical solution, it is not effective in the long-term because of the high maintenance costs when maintaining each of these derived software systems. Software product lines (SPLs) were proposed to reduce these costs; however, the lack of integration between variability realization mechanisms and version control systems reduces its attractiveness in the software development industry, especially in small and medium software companies. In this paper we propose an approach to integrate the conditional compilation mechanism used to implement the SPL variabilities and the Git version control system used to manage software versions in order to increase the attractiveness of the SPLs in the industry. The proposed solution also could be seen as a method to manage software system families' evolution in space and time.

Published
2021

9. Automated Planning for Supporting Knowledge-Intensive Processes

Author

Julio Cesar dos Reis, Leonardo Montecchi, Cecília M. F. Rubira, Bradley Schmerl, and Sheila Katherine Venero

Subjects
Flexibility (engineering), Process modeling, Proof of concept, Computer science, Process (engineering), Context (language use), Markov decision process, Business process modeling, Industrial engineering, Metamodeling
Abstract

Knowledge-intensive Processes (KiPs) are processes characterized by high levels of unpredictability and dynamism. Their process structure may not be known before their execution. One way to cope with this uncertainty is to defer decisions regarding the process structure until run time. In this paper, we consider the definition of the process structure as a planning problem. Our approach uses automated planning techniques to generate plans that define process models according to the current context. The generated plan model relies on a metamodel called METAKIP that represents the basic elements of KiPs. Our solution explores Markov Decision Processes (MDP) to generate plan models. This technique allows uncertainty representation by defining state transition probabilities, which gives us more flexibility than traditional approaches. We construct an MDP model and solve it with the help of the PRISM model-checker. The solution is evaluated by means of a proof of concept in the medical domain which reveals the feasibility of our approach.

Published
2020

10. An Eclipse-Based Editor for SAN Templates

Author

Kenneth Keefe, Leonardo Montecchi, Paolo Lollini, and Federico Moncini

Subjects
021103 operations research, Mathematical model, Programming language, Computer science, 0211 other engineering and technologies, Complex system, 02 engineering and technology, computer.software_genre, Task (project management), Metamodeling, Template, stochastic activity networks, templates, Sirius, metamodel, graphical editor, computer, Eclipse
Abstract

Mathematical models are an effective tool for studying the properties of complex systems. Constructing such models is a challenging task that often uses repeated patterns or templates. The Template Models Description Language (TMDL) has been developed to clearly define model templates that are used to generate model instances from the template specification. This paper describes the tool support that is being developed for applying the TDML approach with Stochastic Activity Networks (SANs) models. In particular, this paper details a graphical editor for SAN templates, which assists users in creating template-level models based on SANs. From these specifications, it will be possible to generate by model-transformation the subsequent instance-level models, which can be studied by simulation or analytical tools.

Published
2020
Full Text
View/download PDF

11. Stochastic modeling and analysis of vapor cloud explosions domino effects in chemical plants

Author

Diego Sierra, Leonardo Montecchi, and Ivan Mura

Subjects
lcsh:Computer engineering. Computer hardware, General Computer Science, Risk analysis, Computer science, Process (engineering), Cost accounting, lcsh:TK7885-7895, Domino effect, 02 engineering and technology, lcsh:QA75.5-76.95, Domino, Vapor cloud explosion, 020401 chemical engineering, 0502 economics and business, Cost analysis, Probabilistic analysis of algorithms, 050207 economics, 0204 chemical engineering, Mathematical model, Event (computing), 05 social sciences, Preventive maintenance, Reliability engineering, Stochastic models, 13. Climate action, Vapor cloud explosion, Stochastic models, Domino effect, Risk analysis, Cost analysis, lcsh:Electronic computers. Computer science
Abstract

Because of the substances they process and the conditions of operation, chemical plants are systems prone to the occurrence of undesirable and potentially dangerous events. Major accidents may occur when a triggering event produces a cascading accident that propagates to other units, a scenario known as domino effect. Assessing the probability of experiencing a domino effect and estimating the magnitude of its consequences is a complex task, as it depends on the nature of the substances being processed, the operating conditions, the failure proneness of equipment units, the execution of preventive maintenance activities, and of course the plant layout. In this work, we propose a stochastic modeling methodology to perform a probabilistic analysis of the likelihood of domino effects caused by propagating vapor cloud explosions. Our methodology combines mathematical models of the physical characteristics of the explosion, with stochastic state-based models representing the actual propagation among equipment units and the effect of maintenance activities. Altogether, the models allow predicting the likelihood of major events occurrence and the associated costs. A case study is analyzed, where various layouts of atmospheric gasoline tanks are assessed in terms of the predicted consequences of domino effects occurrence. The results of the analyses show that our approach can provide precious insights to support decision-making for safety and cost management.

Published
2019

12. Towards trustworthy cloud service selection: monitoring and assessing data privacy

Author

Leonardo Montecchi, Regina Moraes, Breno Bernard Nicolau de França, Hebert de Oliveira Silva, and Tania Basso

Subjects
Information privacy, Trustworthiness, business.industry, Computer science, Cloud computing, business, Computer security, computer.software_genre, computer, Selection (genetic algorithm)
Abstract

Cloud services consumers deal with a major challenge in selecting services from several providers. Facilitating these choices has become critical, and an important factor is the service trustworthiness. To be trusted by users, cloud providers should explicitly communicate their capabilities to ensure important functional and non-functional requirements (such as security, privacy, dependability, fairness, among others). Thus, models and mechanisms are required to provide indicators that can be used to support clients on choosing high quality services. This paper presents a solution to support privacy measurement and analysis, which can help the computation of trustworthiness scores. The solution is composed of a reference model for trustworthiness, a privacy model instance, and a privacy monitoring and assessment component. Finally, we provide an implementation capable of monitoring privacy-related information and performing analysis based on privacy scores for eight different datasets.

Published
2019

13. Towards a metamodel for supporting decisions in knowledge-intensive processes

Author

Julio Cesar dos Reis, Cecília M. F. Rubira, Sheila Katherine Venero, and Leonardo Montecchi

Subjects
Process management, Computer science, Process (engineering), 020207 software engineering, Context (language use), 02 engineering and technology, Business process modeling, Organizational knowledge, Metamodeling, Process management (computing), Knowledge worker, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Dynamism
Abstract

Knowledge-intensive processes (KiPs) cannot be fully specified at design time because not all information about the process is available prior to its execution. At runtime, new information emerges reflecting environment changes or unexpected outcomes. The structure of this kind of processes varies from case to case and it is defined step-by-step based on knowledge worker's decisions made after analyzing the current situation. These decisions rely on the knowledge worker's experience and available information. Current process management approaches still need to adequately address the complex characteristics of knowledge-intensive processes, such as their unpredictability, emergency, non-repeatability, and dynamism. This paper proposes a metamodel for representing KiPs aiming to help knowledge workers during the decision-making process. Domain and organizational knowledge are modeled by objectives and tactics. The metamodel supports the definition of objectives, metrics, tactics, goals and strategies at runtime according to a specific situation. Also, it includes concepts related to context and environment elements, business artifacts, roles and rules. The feasibility of our model was evaluated via a proof of concept in the medical domain.

Published
2019

14. Exploiting MDE for Platform-Independent Testing of Service Orchestrations

Author

Eliane Martins, Andrea Ceccarelli, Leonardo Montecchi, and Lucas Leal

Subjects
Model-based testing, Service (systems architecture), Computer science, business.industry, computer.internet_protocol, Design pattern, Interoperability, 020207 software engineering, samba, testing, modelling, 02 engineering and technology, Service-oriented architecture, Test case, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Software verification and validation, Model-driven architecture, Software engineering, business, computer, computer.programming_language
Abstract

Service Oriented Architecture (SOA) is a common design pattern that allows building applications composed of several services. It promotes features as interoperability, scalability, and software reuse. Services composing a SOA system may evolve and change during runtime, often outside the control of the owner of the application, which makes the verification and validation processes complex. Among all the automated techniques to validate the behavior of an SOA application, is Model-Based Testing (MBT). MBT requires an accurate model of the application in order to generate suitable test cases. However, the intrinsic of a SOA application sets significant challenges to MBT effectiveness. In this paper we discuss the challenges in the testing of SOA applications, and we propose the use of Model-Driven Engineering (MDE) to improve the flexibility of testing tools. Finally, we outline our plan for realizing MDE-driven MBT within an existing online testing framework.

Published
2019

15. Towards a Structured Specification of Coding Conventions

Author

Leonardo Montecchi and Elder Rodrigues

Subjects
Domain-specific language, Coding conventions, Computer science, business.industry, 020207 software engineering, 02 engineering and technology, Static analysis, Readability, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Software system, Model-driven architecture, Software engineering, business, computer, Natural language, computer.programming_language, Coding (social sciences)
Abstract

Coding conventions are a means to improve the reliability of software systems. They can be established for many reasons, ranging from improving the readability of code to avoiding the introduction of security flaws. However, coding conventions often come in the form of textual documents in natural language, which makes them hard to manage and to enforce. Following model-driven engineering principles, in this paper we propose an approach and language for specifying coding conventions using structured models. We ran a feasibility study, in which we applied our language for specifying 215 coding rules from two popular rulesets. The obtained results are promising and suggest that the proposed approach is feasible. However, they also highlight that many challenges still need to be overcome. We conclude with an overview on the ongoing work for generating automated checkers from such models, and we discuss directions for an objective evaluation of the methodology.

Published
2019
Full Text
View/download PDF

16. Probabilistic Modeling of Failure Domino Effects in Chemical Plants

Author

Leonardo Montecchi, Juan Briceno, Diego Sierra, Brian Rozo, Hector Buitrago, and Ivan Mura

Subjects
Computer science, Stochastic process, Event (computing), 05 social sciences, Probabilistic logic, 02 engineering and technology, Petri net, Domino, Reliability engineering, Domino effect, 020401 chemical engineering, 0502 economics and business, Stochastic Petri net, Probabilistic analysis of algorithms, 050207 economics, 0204 chemical engineering
Abstract

Chemical process plants are subject to risk caused by the handling and storage of hazardous substances. Major accidents may occur, particularly in those unfortunate circumstances when a triggering event produces a cascading accident that propagates to other units, a failure propagation scenario known as domino effect. An important aspect of designing such industrial plants is to properly arrange hazardous equipment such that, in the event of failures, cascading effects are minimized. In this work, we present a modeling approach to perform a probabilistic analysis of the likelihood of domino effects caused by propagating vapor cloud explosions. The approach combines the modeling of accident propagation based on physical properties of gas clouds, such as released mass and explosion distance, with the probabilistic modeling of cascading effects based on Stochastic Petri Nets. The proposed methodology is subsequently applied to a case study where different layouts of atmospheric gasoline tanks are analyzed, in order to evaluate the likelihood of domino effect occurrence.

Published
2018

17. Refactorings for replacing dynamic instructions with static ones

Author

Leonardo Montecchi, Ricardo Terra, Raphael Winckler de Bettio, Rafael S. Durelli, and Elder Rodrigues

Subjects
Flexibility (engineering), Computer science, Programming language, business.industry, Maintainability, computer.software_genre, Readability, Software, Code refactoring, Duplicate code, Code (cryptography), Programmer, business, computer
Abstract

Dynamic features offered by programming languages provide greater flexibility to the programmer (e.g., dynamic constructions of classes and methods) and reduction of duplicate code snippets. However, the unnecessary use of dynamic features may detract from the code in many ways, such as readability, comprehension, and maintainability of software. Therefore, this paper proposes 20 refactorings that replace dynamic instructions with static ones. In an evaluation on 28 open-source Ruby systems, we could refactor 743 of 1,651 dynamic statements (45%).

Published
2018

18. A Systematic Process for Applying the CHESS Methodology in the Creation of Certifiable Evidence

Author

André Luiz de Oliveira, Barbara Gallina, Lucas Bressan, and Leonardo Montecchi

Subjects
business.industry, Computer science, Process (engineering), Automotive industry, 020207 software engineering, 02 engineering and technology, Certification, Unified Modeling Language, Life-critical system, 0202 electrical engineering, electronic engineering, information engineering, Systems design, Code generation, Systematic process, business, Software engineering, computer, computer.programming_language
Abstract

CHESS is an open source methodology and toolset for the development of safety-critical systems. More specifically, CHESS is a model-based methodology, which supports the design, dependability analysis, and code generation for critical systems. Despite its rather mature level in terms of technology readiness, systematic guidance needs to be developed to promote its usage for certification purposes. In this paper, we present a systematic process to guide designers and analysts in the usage of the CHESS toolset for model-based dependability analysis of safety-critical systems in compliance with ISO 26262 Parts 3 and 4, SAE ARP 4754A safety process, and DO-331 model-based development principles. We also have applied our process to a real world automotive hybrid braking system. The proposed process can be used to guide analysts in using CHESS methodology to support both system design and dependability analysis. Finally, we draw our conclusion and sketch future work.

Published
2018

19. The RoCS Framework to Support the Development of Autonomous Robots

Author

Guilherme Cano Lopes, Esther Luna Colombini, Leonardo Ramos, Gabriel Divino, Leonardo Montecchi, and Breno Bernard Nicolau de França

Subjects
Computer science, Process (engineering), business.industry, Robot, Robotics, Mobile robot, Reference architecture, Artificial intelligence, Software architecture, business, Software engineering, Modularity, Autonomic computing
Abstract

With the expansion of autonomous robotics and its applications (e.g. medical, competition, military), the biggest hurdle in developing mobile robots lies in endowing them with the ability to interact with the environment and to make correct decisions so that their tasks can be executed successfully. However, as the complexity of robotic systems grows, the need to organize and modularize software for their correct functioning also becomes a challenge, making the development of software for controlling robots a complex and intricate task. In the robotics domain, there is a lack of reference software architectures and, although most robot architectures available in the literature facilitate the creation process with their modularity, existing solutions do not provide development guidance on reusing existing modules. Based on the well- known IBM Autonomic Computing reference architecture (known as MAPE-K), this work defines a refined architecture following the Robotics perspective. To explore the capabilities of the proposed refinement, we implemented the RoCS (Robotics and Cognitive Systems) framework for autonomous robots. We successfully tested the framework under simulated robotics scenarios that mimic typical robotics tasks and evidence the framework reuse capability. Finally, we understand the proposed framework needs further experimental evaluation, particularly, assessments on real-world scenarios.

Published
2019

20. Model-based Evaluation of Scalability and Security Tradeoffs: a Case Study on a Multi-Service Platform

Author

Giuseppe Vella, Antonio Caruso, Andrea Ceccarelli, Nicola Nostro, Leonardo Montecchi, and Andrea Bondavalli

Subjects
performance evaluation, scalability, web-services, security evaluation, security tradeoffs, General Computer Science, Computer science, Distributed computing, media_common.quotation_subject, Computer security, computer.software_genre, Security testing, Adaptability, System model, Theoretical Computer Science, Dependability, media_common, Reusability, business.industry, Computer security model, Countermeasure, Information and Communications Technology, Scalability, Performance evaluation, The Internet, business, computer, Computer Science(all)
Abstract

Current ICT infrastructures are characterized by increasing requirements of reliability, security, performance, availability, adaptability. A relevant issue is represented by the scalability of the system with respect to the increasing number of users and applications, thus requiring a careful dimensioning of resources. Furthermore, new security issues to be faced arise from exposing applications and data to the Internet, thus requiring an attentive analysis of potential threats and the identification of stronger security mechanisms to be implemented, which may produce a negative impact on system performance and scalability properties. The paper presents a model-based evaluation of scalability and security tradeoffs of a multi-service web-based platform, by evaluating how the introduction of security mechanisms may lead to a degradation of performance properties. The evaluation focuses on the OPENNESS platform, a web-based platform providing different kind of services, to different categories of users. The evaluation aims at identifying the bottlenecks of the system, under different configurations, and assess the impact of security countermeasures which were identified by a thorough threat analysis activity previously carried out on the target system. The modeling activity has been carried out using the Stochastic Activity Networks (SANs) formalism, making full use of its characteristics of modularity and reusability. The analysis model is realized through the composition of a set of predefined template models, which facilitates the construction of the overall system model, and the evaluation of different configuration by composing them in different ways.

Published
2015
Full Text
View/download PDF

21. Assessing the Impact of Cascading Failures in Urban Electricity Networks

Author

Andrea Ceccarelli, Paolo Lollini, and Leonardo Montecchi

Subjects
Computer science, business.industry, 020209 energy, Reliability (computer networking), Distributed computing, Complex system, 02 engineering and technology, Cascading failure, Power (physics), Smart grid, 0202 electrical engineering, electronic engineering, information engineering, Dependability, Electricity, Power-system protection, business
Abstract

The shape of Critical Infrastructures (CIs) has changed drastically in recent years, leading them to become interconnected systems with complex interactions. This will be especially true for future power grids, known as "Smart Grids". In such complex systems, one of the main challenges consists in understanding the possible impact of failures on the overall system, and avoiding cascading or escalading effects. In this paper we present an extensible framework for the analysis of failures propagation in power networks, based on model templates developed using the Stochastic Activity Networks formalism. The approach is applied to a case study of a power network, derived from a real system. The obtained results demonstrate the effectiveness of the approach in assessing the impact of failures on the network, both when considering random failures and when performing what-if analyses on specific nodes.

Published
2017

22. SafeConcert: A Metamodel for a Concerted Safety Modeling of Socio-Technical Systems

Author

Leonardo Montecchi and Barbara Gallina

Subjects
Sociotechnical system, Process management, Safe operation, Computer science, Management science, 020204 information systems, Reliability (computer networking), 0202 electrical engineering, electronic engineering, information engineering, Dependability, 020207 software engineering, Context (language use), 02 engineering and technology, Metamodeling
Abstract

Socio-technical systems are characterized by the interplay of heterogeneous entities i.e., humans, organizations, and technologies. Application domains such as petroleum, e-health, and many others rely on solutions based on safety-critical socio-technical systems. To ensure a safe operation of these interacting heterogeneous entities, multifaceted and integrated modeling and analysis capabilities are needed. Currently, such capabilities are not at disposal. To contribute to the provision of such capabilities, in this paper we propose SafeConcert, a metamodel that offers constructs to model socio-technical entities and their safety-related properties. SafeConcert also represents a unified and harmonized language that supports the integrated application of qualitative as well as quantitative safety analyses techniques. To support our claims we briefly report about the evaluation that was conducted and documented in the context of the EU CONCERTO project.

Published
2017

23. Combining SAN and P-Graphs for the Analysis and Optimization of Industrial Processes

Author

Andrea Bondavalli, Paolo Lollini, Riccardo Bernini, and Leonardo Montecchi

Subjects
Mathematical optimization, 021103 operations research, Computer science, Stochastic process, Distributed computing, Probabilistic-based design optimization, 0211 other engineering and technologies, Complex system, 02 engineering and technology, Rotation formalisms in three dimensions, 020401 chemical engineering, Supply network, Dependability, 0204 chemical engineering, Network synthesis filters, Strengths and weaknesses
Abstract

Several formalisms and techniques have been introduced in the literature for the purpose of modeling and evaluation of complex systems. Each of them has its strengths and weaknesses, which also depend on the purpose of the evaluation. In this paper we propose the integration of two different formalisms in a single framework for the modeling, validation, and optimization of production-supply problems. In particular, the proposed framework combines Process Graphs (P-Graphs) as the modeling formalism, and Stochastic Activity Networks (SAN) for the analysis and optimization. The integration proposed in this paper extends the capabilities of the P-Graph formalism to include performance and dependability metrics in the optimization process, without hampering the modeling convenience of P-Graphs. The proposed approach is applied to a case study of the optimization of a power supply network.

Published
2016

24. D-MBTDD: An Approach for Reusing Test Artefacts in Evolving System

Author

Leonardo Montecchi, Thais Harumi Ussami, and Eliane Martins

Subjects
Context model, Iterative and incremental development, business.industry, Computer science, 020207 software engineering, 02 engineering and technology, Reuse, Test-driven development, Electronic mail, Reliability engineering, Test case, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Test Management Approach, Software engineering, business, Agile software development
Abstract

Agile software development methodologies use an iterative and incremental development in order to handle evolving systems. Consolidated techniques in the field of testing have been applied to these techniques with the main purpose of aiding in the test creation stage. An example is Model-Based Test Driven Development (MBTDD) which joins the concepts of Model-Based Testing (MBT) and Test Driven Development (TDD). However, when iterative and incremental processes are used, problems appear as the consequence of the evolution of the system, such as: how to reuse the test artefacts, and how to select the relevant tests for implementing the new version of the system. In this context, this work proposes a process called D-MBTDD in which the agile development of a system is guided by model-based tests, focusing on helping with the reuse of test artefacts and on the process of identifying tests relevant to development. The information about the modifications between two versions of the test model are used in this approach, which was compared to the Regenerate-All approach, which regenerates test cases along the iterations and does not reuse any of them.

Published
2016

25. A Model-Based Approach to Support Safety-Related Decisions in the Petroleum Domain

Author

Leonardo Montecchi, Atle Refsdal, Andrea Bondavalli, and Paolo Lollini

Subjects
021110 strategic, defence & security studies, Decision support system, Process (engineering), Computer science, Stochastic modelling, Work permit, 0211 other engineering and technologies, 02 engineering and technology, Reliability engineering, Domain (software engineering), Unexpected events, Risk analysis (engineering), Work (electrical), 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Dependability, safety analysis, barriers, petroleum, risk evaluation, model-based, decision support system
Abstract

Accidents on petroleum installations can have huge consequences; to mitigate the risk, a number of safety barriers are devised. Faults and unexpected events may cause barriers to temporarily deviate from their nominal state. For safety reasons, a work permit process is in place: decision makers accept or reject work permits based on the current state of barriers. However, this is difficult to estimate, as it depends on a multitude of physical, technical and human factors. Information obtained from different sources needs to be aggregated by humans, typically within a limited amount of time. In this paper we propose an approach to provide an automated decision support to the work permit system, which consists in the evaluation of quantitative measures of the risk associated with the execution of work. The approach relies on state-based stochastic models, which can be automatically composed based on the work permit to be examined.

Published
2016

27. L'efficacia simbolica dei farmaci

Author

Leonardo Montecchi

Subjects
General Engineering
Abstract

L'autore mette in evidenza gli aspetti di efficacia del farmaco nel piano del reale, immaginario e simbolico. In particolare, si focalizza su quest'ultimo basato sulla teoria di efficacia simbolica di Levi Strauss. L'importanza del livello simbolico sull'efficacia del trattamento č stata dimostrata in clinica dal lavoro etnopsichiatrico di Georges Devereux e, successivamente, dal suo allievo Tobie Nathan che descrivono l'efficacia della diagnosi ed i rimedi in relazione ai mondi simbolici di appartenenza. Cosě, quando si pensa alla efficacia simbolica di un farmaco si deve focalizzare la nostra riflessione, in primo luogo sul codice culturale che dŕ il significato. Č il codice, ad esempio, che attribuisce il significato di "farmaco" in funzione della cultura di appartenenza e di diverse rappresentazioni simboliche degli stessi. L'autore mostra le diverse rappresentazioni simboliche di farmaco attraverso dati antropologici e casi clinici. Inoltre l'autore presenta uno studio di confronto sulla efficacia dell'MDMA (Extasy) nel quale 19 soggetti, in occasione di un rave party, hanno assunto, in maniera randomizzata, Extasy o placebo. L'analisi degli effetti percepiti ha dimostrato che i due gruppi non erano distinguibili. Questo lavoro dimostra che nella valutazione dell'efficacia di un farmaco č importante considerare il setting in cui viene assunto. In relazione a questo ci sono importanti studi sull'effetto placebo di Fabrizio Benedetti. In conclusione l'autore mostra che nella valutazione di efficacia č essenziale il vincolo che si stabilisce tra terapeuta e paziente, nel contesto di un mondo simbolico specifico.

Published
2012

28. Towards a UML Profile for Privacy-Aware Applications

Author

Leonardo Montecchi, Regina Moraes, Tania Basso, Mario Jino, and Andrea Bondavalli

Subjects
Information privacy, Privacy by Design, Computer science, Privacy software, business.industry, Privacy policy, Conceptual model (computer science), Applications of UML, Computer security, computer.software_genre, Web application, business, Personally identifiable information, computer
Abstract

Personal information is continuously gathered and processed by modern web applications. Due to regulation laws and to protect the privacy of users, customers, and business partners, such information must be kept private. A recurring problem in constructing web applications and services that protect privacy is the insufficient resources for documenting them. As web applications must be developed consistently with the statements of the privacy policy in order to enforce them, a structured documentation is necessary to model privacy protection during application design. To contribute with solutions to this problem, in this paper we propose a UML profile for privacy-aware applications. This profile helps building UML models that specify and structure particular concepts of privacy and, consequently, improve privacy definition and enforcement. After introducing the main privacy concepts, we describe how they are represented in the UML language. The profile's ability to model statements of realistic privacy policies is then demonstrated on a case study.

Published
2015

29. Evolving a Software Products Line for E-commerce Systems

Author

Raphael Porreca Azzolini, Leonardo Montecchi, Felipe Nunes Gaia, Cecília M. F. Rubira, and Leonardo P. Tizzei

Subjects
Engineering, Architectural pattern, business.industry, Software sizing, Component-based software engineering, Software construction, Software development, Domain engineering, Software engineering, business, Software evolution, Feature model
Abstract

Software Product Lines engineering is a technique that explores systematic reuse of software artifacts in large scale to implement applications that share a common domain and have some customized features. For improving Product Line Architecture evolution, it is advisable to develop Software Product Lines using a modular structure. This demand can be satisfied by an aspect-oriented and component-based feature-architecture method that integrates components, aspects and variation point aspect-connectors. This approach allows minimization of feature scattering in the architectural model and supports modular modelling of crosscutting features. A case study mapping major features of significant e-commerce systems operating in Brazil and other countries was performed to evaluate this approach. The assessment of our solution was performed comparing its stability and modularity with other two approaches. Our results indicate that change impact in the architectural model is reduced when using our solution in the context of Software Product Lines evolution.

Published
2015

30. Software Faults Emulation at Model-Level: Towards Automated Software FMEA

Author

Valentina Bonfiglio, Leonardo Montecchi, Paolo Lollini, Ivano Irrera, Francesco Rossi, and Andrea Bondavalli

Subjects
Software deployment, business.industry, Computer science, Software fault tolerance, Software construction, Software development, Avionics software, Software system, Fault injection, business, Software design description, Reliability engineering
Abstract

Safety is a fundamental property for a wide class of systems, which can be assessed through safety analysis. Recent standards, as the ISO26262 for the automotive domain, recommend safety analysis processes to be performed at system, hardware, and software levels. While Failure Modes and Effects Analysis (FMEA) is a well-known technique for safety assessment at system level, its application at software level is still an open problem, especially concerning its integration into certification processes. Fault injection has been envisioned as a viable approach for performing Software-FMEA (SW-FMEA), but it typically requires an advanced development stage where code is available. The approach we propose in this paper, aims to perform software fault injection at model-level, namely onfUML-ALF models obtained from a component-based UML description through transformations proposed in a previous work. Model-level fault injection allows SW-FMEA to assess the effectiveness of safety mechanisms from the early stages of system design. The work in this paper focuses on how the software fault injection is implemented, and on the study of fault propagation through appropriate points of observation to highlight possible violations of requirements, with the identification critical paths.

Published
2015

31. Quantifying the Impact of External Attacks on a Distributed Automatic Track Warning System

Author

Andrea Bondavalli, Paolo Lollini, and Leonardo Montecchi

Subjects
Warning system, Computer science, business.industry, Reliability (computer networking), Vulnerability, Computer security, computer.software_genre, ALARP, Proprietary protocol, Dependability, The Internet, business, Mobile device, computer
Abstract

For several years, the vulnerability of Critical Infrastructures (CIs) to cyber-threats has been limited, since they were mostly isolated systems, using proprietary protocols. Nowadays, CIs are increasingly threatened by external attacks: the use of off-the-shelf components is common, they have become interconnected, and sometimes also connected to the Internet. This problem is exacerbated by the recent trend towards the adoption of wireless connectivity and mobile devices, which is gaining interest also in this domain. One of the main challenges is to quantify the impact that external attacks may have on the infrastructure, and ensure that its dependability and safety requirements can still be fulfilled. In this paper we focus on the ALARP system, which protects workers on the railway infrastructure using distributed mobile terminals, and evaluate the impact of two attacks to the communication infrastructure. In performing such analysis, we experiment with a new method, which combines a stochastic model of the system with a model of the attacker, and quantifies the impact of specific attacks on precise safety and availability metrics.

Published
2015

32. Executable Models to Support Automated Software FMEA

Author

Paolo Lollini, Leonardo Montecchi, Francesco Rossi, Valentina Bonfiglio, Andrea Bondavalli, and András Pataricza

Subjects
Computer science, business.industry, computer.file_format, Reliability engineering, Workflow, Software, Unified Modeling Language, Component (UML), Dependability, Executable, Software architecture, Software engineering, business, Failure mode and effects analysis, computer, computer.programming_language
Abstract

Safety analysis is increasingly important for a wide class of systems. In the automotive field, the recent ISO26262 standard foresees safety analysis to be performed at system, hardware, and software levels. Failure Modes and Effects Analysis (FMEA) is an important step in any safety analysis process, and its application at hardware and system levels has been extensively addressed in the literature. Conversely, its application to software architectures is still to a large extent an open problem, especially concerning its integration into a general certification process. The approach we propose in this paper aims at performing semi-automated FMEA on component-based software architectures described in UML. The foundations of our approach are model-execution and fault-injection at model-level, which allows us to compare the nominal and faulty system behaviors and thus assess the effectiveness of safety countermeasures. Besides introducing the detailed workflow for SW FMEA, the work in this paper focuses on the process for obtaining an executable model from a component-based software architecture specified in UML.

Published
2015

33. A DSL-Supported Workflow for the Automated Assembly of Large Stochastic Models

Author

Andrea Bondavalli, Leonardo Montecchi, and Paolo Lollini

Subjects
Stochastic modelling, Computer science, business.industry, Distributed computing, Reliability (computer networking), Modularity, Workflow, Digital subscriber line, Stochastic Petri net, Dependability, Model-driven architecture, Software engineering, business, computer, computer.programming_language
Abstract

Dependability and performance analysis of modern systems is facing great challenges: their scale is growing, they are becoming massively distributed, interconnected, and evolving. Such complexity makes model-based assessment a difficult and time-consuming task. For the evaluation of large systems, reusable sub models are typically adopted as an effective way to address the complexity and improve the maintanability of models. Approaches based on Stochastic Petri Nets often compose sub models by state-sharing, following predefined "patterns", depending on the scenario of interest. However, such composition patterns are typically not formalized. Clearly defining libraries of reusable sub models, together with valid patterns for their composition, would allow complex models to be automatically assembled, based on a high-level description of the scenario to be evaluated. The contribution of this paper to this problem is twofold: on one hand we describe our workflow for the automated generation of large per formability models, on the other hand we introduce the TMDL language, a DSL to concretely support the workflow. After introducing the approach and the language, we detail their implementation within the Eclipse modeling platform, and briefly show its usage through an example.

Published
2014

34. A Reusable Modular Toolchain for Automated Dependability Evaluation

Author

Leonardo Montecchi, Andrea Bondavalli, and Paolo Lollini

Subjects
Modeling language, business.industry, Computer science, Modular design, computer.software_genre, Toolchain, Embedded system, Dependability, Plug-in, State (computer science), Software engineering, business, computer, Software versioning, Reusability
Abstract

Model-transformation techniques have increasingly gained attention in the design and evaluation of high-integrity systems, with the purpose to provide (semi-)automatic tools for non-functional analysis. Analysis models are automatically derived from an architectural description of the system in a UML-like language. One of the main challenges is designing tools which can be reused: the modeling language, the analysis tools, and possibly the analysis method itself are going to evolve over time (e.g., due to different domains, new software versions, updates to standards). In this paper we describe the design and implementation of the toolchain for state-based dependability analysis developed within the CHESS project. The toolchain, which also provides back-annotation facilities, has been designed to be adapted to different modeling languages and analysis tools. The tool has been implemented as a plugin for the Eclipse platform, and it is publicly available on the CHESS website.

Published
2014

35. Meeting the challenges in the design and evaluation of a trackside real-time safety-critical system

Author

Andrea Ceccarelli, Leonardo Montecchi, Andrea Bondavalli, and Paolo Lollini

Subjects
Warning system, Computer science, business.industry, Reliability (computer networking), Global Positioning System, Mobile communication, Monitoring, Reliability, safety, security, Synchronization, ALARP, architecture, challenges, evaluation, railway, real-time, Safety-critical, Computer security, computer.software_genre, Track (rail transport), Risk analysis (engineering), Synchronization (computer science), Dependability, Train, Mobile telephony, business, computer
Abstract

Highly distributed, autonomous and self-powered systems operating in harsh, outdoors environments face several threats in terms of dependability, timeliness and security, due to the challenging operating conditions determined by the environment. Despite such difficulties, there is an increasing demand to deploy these systems to support critical services, thus calling for severe timeliness, safety, and security requirements. Several challenges need to be faced and overcome. First, the designed architecture must be able to cope with the environmental challenges and satisfy dependability, timeliness and security requirements. Second, the assessment of the system must be carried on despite potentially incomplete field-data, and complex cascading effects that small modifications in system properties and operating conditions may have on the targeted metrics. In this paper we present our experience from the EU-funded project ALARP (A railway automatic track warning system based on distributed personal mobile terminals), which aims to build and validate a distributed, real-time, safety-critical system that detects trains approaching a railway worksite and notifies their arrivals to railway trackside workers. The paper describes the challenges we faced, and the solutions we adopted, when architecting and evaluating the ALARP system.

Published
2013

36. Understanding the quality of experience in modern distributed interactive multimedia applications in presence of failures

Author

Roman Vitenberg, Hein Meling, Nicola Nostro, Leonardo Montecchi, Narasimha Raghavan Veeraragavan, and Andrea Bondavalli

Subjects
Service (systems architecture), Multimedia, business.industry, Computer science, Quality of service, Continuous delivery, computer.software_genre, Application domain, Dependability, Quality of experience, business, Software engineering, computer, Reliability (statistics), Interactive media
Abstract

Recent technological advances have made it possible to design bandwidth demanding distributed interactive multimedia applications such as the World Opera application. In this application artists from different opera houses across the globe, can participate in a single united performance and interact almost as if they were co-located.One of the main design challenges in this application domain is to determine the composition of system components necessary to satisfy the desired quality of service in presence of failures and budget constraints. This challenge is exacerbated by the fact that quality of service depends on a multitude of factors such as human perception of video and audio, the type of audience, performance elements, etc. These factors cannot be captured by traditional approaches for dependability evaluation such as reliability, i.e., continuous delivery of correct service. This calls for developing a more comprehensive "Quality of Experience" concept.In this paper, we propose a novel method to assess the quality of experience in presence of failures, based on a new metric called perceived reliability. This method can help the system designers and engineers compare architectural variants and to determine the dependability budget. We show the feasibility of our method by applying it to a World Opera performance. Our experimental results provide useful guidelines for system engineers towards improving the quality of experience of World Opera performances despite presence of failures.

Published
2013

38. Model-based analysis of a protocol for reliable communication in railway worksites

Author

Paolo Lollini, Jesper Grønbæk, Boris Malinowsky, Leonardo Montecchi, and Andrea Bondavalli

Subjects
Protocol (science), Set (abstract data type), business.industry, Computer science, Embedded system, Reliability (computer networking), Bandwidth (signal processing), Key (cryptography), Dependability, Wireless, business, ALARP, Reliability engineering
Abstract

In this paper we perform a model-based analysis of the Timed Reliable Communication (TRC) protocol, which is being used within the EU funded ALARP project for railway worksite com-munication. TRC is a group communication protocol based on IEEE 802.11 networks, targeting safety-critical applications with limited bandwidth requirements. The paper contains an in-depth analysis of the performance and reliability characteristics of the protocol using a Stochastic Activity Networks model. The results are first compared with available experimental measurements for the sake of model validation. The validated model is then used for a thorough analysis of a set of key metrics under different envi-ronment and network conditions. The obtained results allow: i) to assess that the protocol allows to satisfy the ALARP targeted performance and reliability requirements, and ii) to evaluate the existing tradeoffs and help in choosing parameter values for the final implementation.

Published
2012

39. Graphical formalisms for modelling critical infrastructures

Author

Leonardo Montecchi, Andrea Bondavalli, and Paolo Lollini

Subjects
Formalism (philosophy of mathematics), Computer science, business.industry, Systems engineering, Dependability, Software engineering, business, Rotation formalisms in three dimensions
Abstract

Modelling and simulation are well-suited approaches to analyse critical infrastructures (CIs), providing useful insights into how components’ failures might propagate along interconnected infrastructures, possibly leading to cascading or escalating failures, and to quantitatively assess the impact of these failures on the service delivered to users. This chapter focuses on the usage of graphical formalisms for modelling and simulation of CIs. It fiidentifi es and motivates the main requirements that a modelling and simulation framework for CI analysis should have. Then, it provides an overview of the available graphical formalisms, discussing how they have been used in the literature for CI analysis and assessing the extent to which they actually meet the identifi ed modelling and simulation requirements. The second part of the chapter investigates how a subset of the identifi ed requirements are actually met adopting a specifi c graphical modelling formalism, the Stochastic Activity Networks formalism, which has been extensively used by the authors of this chapter in past European FP6 projects dealing with CI analysis.

Published
2012

40. Modelling and Model-Based Assessment

Author

Paolo Lollini, Leonardo Montecchi, Andrea Bondavalli, and István Majzik

Subjects
Set (abstract data type), Open research, Unified Modeling Language, Computer science, Stochastic modelling, Process (engineering), Systems engineering, Stochastic Petri net, Dependability, computer, Rotation formalisms in three dimensions, computer.programming_language
Abstract

This chapter provides an overview of the state of knowledge related to stochastic model-based assessment approaches, which are most commonly used for resiliency evaluation of current computing systems. The chapter first introduces a set of representative surveys developed in recent European projects, and then it provides a deeper description of common techniques used in model-based assessment of resilient systems. The most widely used modelling formalisms are reviewed, with a particular focus on state-based formalisms like Stochastic Petri Nets and its extensions. Techniques used in model construction and solution are also discussed, as well as the different classes of analysis tools and frameworks. The techniques analyzed in the chapter span from largeness avoidance and largeness tolerance techniques to more comprehensive modelling approaches that are integrated in the system’s development and assessment process. Some of these techniques try to cope with system’s complexity by automatically deriving the analysis models from engineering models like UML or AADL. Other approaches attack the complexity issue combining different evaluation methods, exploiting their possible complementarities and synergies. A discussion on the open research challenges in model-based resilience assessment is finally provided in the last part of the chapter, based on the reviewed techniques and on the activities carried out within the AMBER Coordination Action.

Published
2012

41. Quantitative Security Evaluation of a Multi-biometric Authentication System

Author

Andrea Bondavalli, Paolo Lollini, Ernesto La Mattina, and Leonardo Montecchi

Subjects
Engineering, business.industry, Covert channel, Computer security model, Computer security, computer.software_genre, Security testing, Security information and event management, Security service, Distributed System Security Architecture, Network Access Control, Strong authentication, business, computer
Abstract

Biometric authentication systems verify the identity of users by relying on their distinctive traits, like fingerprint, face, iris, signature, voice, etc. Biometrics is commonly perceived as a strong authentication method; in practice several well-known vulnerabilities exist, and security aspects should be carefully considered, especially when it is adopted to secure the access to applications controlling critical systems and infrastructures. In this paper we perform a quantitative security evaluation of the CASHMA multi-biometric authentication system, assessing the security provided by different system configurations against attackers with different capabilities. The analysis is performed using the ADVISE modeling formalism, a formalism for security evaluation that extends attack graphs; it allows to combine information on the system, the attacker, and the metrics of interest to produce quantitative results. The obtained results provide useful insight on the security offered by the different system configurations, and demonstrate the feasibility of the approach to model security threats and countermeasures in real scenarios.

Published
2012

42. Towards a MDE Transformation Workflow for Dependability Analysis

Author

Leonardo Montecchi, Andrea Bondavalli, and Paolo Lollini

Subjects
Computer science, Modeling language, Programming language, Process (engineering), business.industry, computer.software_genre, Maintenance engineering, Workflow, Unified Modeling Language, Dependability, Model-driven architecture, Software engineering, business, computer, Formal verification, computer.programming_language
Abstract

In the last ten years, Model Driven Engineering (MDE) approaches have been extensively used for the analysis of extra-functional properties of complex systems, like safety, dependability, security, predictability, quality of service. To this purpose, engineering languages (like UML and AADL) have been extended with additional features to model the required non-functional attributes, and transformations have been used to automatically generate the analysis models to be solved by appropriate analysis tools. In most of the available works, however, the transformations are not inte grated into a more general development process, aimed to support both domain-specific design analysis and verification of extra-functional properties. In this paper we explore this research direction presenting a transformation work flow for dependability analysis that is part of an industrial-quality infrastructure for the specification, analysis and verification of extra-functional properties, currently under development within the ARTEMIS-JU CHESS project. Specifically, the paper provides the following major contributions: i) definition of the required transformation steps to automatically assess the system dependability properties starting from the CHESS Modeling Language, ii) definition of a new Intermediate Dependability Model (IDM) acting as a bridge between the CHESS Modeling Language and the low-level analysis models, iii) definition of transformations from the CHESS Modeling Language to IDM models.

Published
2011

43. Dependability Concerns in Model-Driven Engineering

Author

Andrea Bondavalli, Paolo Lollini, and Leonardo Montecchi

Subjects
business.industry, Computer science, Maintenance engineering, Software, Unified Modeling Language, Formal specification, Dependability, Language model, Model-driven architecture, Software engineering, business, Engineering design process, computer, computer.programming_language
Abstract

Model-Driven engineering (MDE) aims to elevate models in the engineering process to a central role in the specification, design, integration, validation, and operation of a system. MDE is becoming a widely used approach within the dependability domain: the system, together with its main dependability-related characteristics, is represented by engineering language models, while automatic transformations are used to generate the analysis models for the dependability analyses. This paper discusses the dependability concerns that should be captured by engineering languages for dependability analysis. It motivates and defines a conceptual model where the specific dependability aspects related to specific dependability analyses can be consistently and unambiguously merged, also detailing the part of the conceptual model supporting state-based dependability analysis methods. Then, it introduces a new intermediate dependability model that acts as a bridge between the high-level engineering language and the low-level dependability analysis formalism, and we discuss its features and its expressive power showing its application for the modelling of a simple but representative case-study.

Published
2011

44. QoS Perceived by Users of Ubiquitous UMTS: Compositional Models and Thorough Analysis

Author

Paolo Lollini, Leonardo Montecchi, and Andrea Bondavalli

Subjects
Computer science, business.industry, Quality of service, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Human-Computer Interaction, Formalism (philosophy of mathematics), Universal Mobile Telecommunications System, Artificial Intelligence, Dependability, QoS analysis, UMTS networks, partial outages, compositional modeling, stochastic activity networks, mobility simulator, business, Software, UMTS frequency bands, Computer network
Abstract

This paper provides a QoS analysis of a dynamic, ubiquitous UMTS network scenario in the automotive context identi_ed in the ongoing EC HIDENETS project. The scenario comprises different types of mobile users, applications, traffic conditions, and outage events reducing the available network resources. Adopting a compositional modeling approach based on Stochastic Activity Networks (SAN) formalism, we analyze the Quality of Service (QoS) both from the users' perspective and from the mobile operator's one. The classical QoS analysis is enhanced by taking into account the congestion both caused by the outage events and by the varying traffic conditions. The impact of users' mobility on the selected QoS indicators is further investigated combining the SAN modelling approach with an ad-hoc mobility simulator, which also allows to re_ne the model representing the UMTS network behavior.

Published
2009

45. Analysis of User Perceived QoS in Ubiquitous UMTS Environments Subject to Faults

Author

Leonardo Montecchi, Paolo Lollini, and Andrea Bondavalli

Subjects
business.industry, Computer science, Distributed computing, Quality of service, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Automotive industry, Mobile QoS, QoS analysis, UMTS networks,partial outages,compositional modeling,stochastic activity networks,simulation, Universal Mobile Telecommunications System, Formalism (philosophy of mathematics), Traffic conditions, Dependability, business, UMTS frequency bands, Computer network
Abstract

This paper provides a QoS analysis of a dynamic, ubiquitous UMTS network scenario in the automotive context identified in the ongoing EC HIDENETS project. The scenario comprises different types of mobile users, applications, traffic conditions, and outage events reducing the available network resources. Adopting a compositional modeling approach based on Stochastic Activity Networks formalism, we analyze the Quality of Service (QoS) both from the users' perspective and from the mobile operator's one. The classical QoS analysis is enhanced by taking into account the congestion both caused by the outage events and by the varying traffic conditions.

Published
2008

Catalog

Books, media, physical & digital resources
See catalog results