Process capability indices (PCIs) play an important role in analyzing process quality capability. However, the occurrence of data fraud events indicates that suppliers may provide false information, which may result in inappropriate choices for customers. Thus, to estimate PCIs and further check authenticity of data provided by suppliers, it is necessary to carry out process capability analysis from supplier products. The quality data of supplier products are doubly truncated based on technical requirements. Considering many quality characteristics of products from practical processes follow Weibull distributions, we propose an interval estimation method of PCIs using the truncated Weibull data. First, Monte Carlo-EM algorithm is applied to estimate unknown parameters. Then, a quantile-filling algorithm is adopted to transform Weibull truncated data into pseudo-complete data. After pseudo-complete data are obtained, we apply generalized confidence interval to calculate interval estimation of PCIs. Finally, an example is provided to illustrate the implement of the proposed method.
{"title":"Interval Estimation of Process Capability Indices Based on the Weibull Distributed Quality Data of Supplier Products","authors":"Yanhe Cui, Jun Yang","doi":"10.1109/DSA.2018.00024","DOIUrl":"https://doi.org/10.1109/DSA.2018.00024","url":null,"abstract":"Process capability indices (PCIs) play an important role in analyzing process quality capability. However, the occurrence of data fraud events indicates that suppliers may provide false information, which may result in inappropriate choices for customers. Thus, to estimate PCIs and further check authenticity of data provided by suppliers, it is necessary to carry out process capability analysis from supplier products. The quality data of supplier products are doubly truncated based on technical requirements. Considering many quality characteristics of products from practical processes follow Weibull distributions, we propose an interval estimation method of PCIs using the truncated Weibull data. First, Monte Carlo-EM algorithm is applied to estimate unknown parameters. Then, a quantile-filling algorithm is adopted to transform Weibull truncated data into pseudo-complete data. After pseudo-complete data are obtained, we apply generalized confidence interval to calculate interval estimation of PCIs. Finally, an example is provided to illustrate the implement of the proposed method.","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134535356","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
David Tian, Jiamei Deng, E. Zio, F. Maio, Fu-cheng Liao
Early detection of the failure of a nuclear system is an important topic in nuclear energy. This paper proposes three machine learning methodologies to detect the failure modes (FM) of the Lead-Bismuth Eutectic eXperimental Accelerator Driven System (LBE-XADS) nuclear system after the first 10%, 50% and 90% time periods of the 3000 seconds mission time of the LBEXADS. The first methodology detects the FM of the LBE-XADS after the first 10% time period and consists of two Gaussian mixture-based (GM-based) classifiers. The second methodology detects the FM of the LBE-XADS after the first 50% time period and consists of a GM-based classifier and a neural network MLP1. The third methodology detects the failure mode of the LBE-XADS after the first 90% time period and consists of a GM-based classifier and a neural network MLP2. The three proposed methodologies outperformed the fuzzy similarity approach of the previous work.
{"title":"Failure Modes Detection of Nuclear Systems Using Machine Learning","authors":"David Tian, Jiamei Deng, E. Zio, F. Maio, Fu-cheng Liao","doi":"10.1109/DSA.2018.00017","DOIUrl":"https://doi.org/10.1109/DSA.2018.00017","url":null,"abstract":"Early detection of the failure of a nuclear system is an important topic in nuclear energy. This paper proposes three machine learning methodologies to detect the failure modes (FM) of the Lead-Bismuth Eutectic eXperimental Accelerator Driven System (LBE-XADS) nuclear system after the first 10%, 50% and 90% time periods of the 3000 seconds mission time of the LBEXADS. The first methodology detects the FM of the LBE-XADS after the first 10% time period and consists of two Gaussian mixture-based (GM-based) classifiers. The second methodology detects the FM of the LBE-XADS after the first 50% time period and consists of a GM-based classifier and a neural network MLP1. The third methodology detects the failure mode of the LBE-XADS after the first 90% time period and consists of a GM-based classifier and a neural network MLP2. The three proposed methodologies outperformed the fuzzy similarity approach of the previous work.","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"96 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123784537","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Android permission system is important for protecting the privacy of mobile phone users. However, Android apps may not always use permissions correctly. In Android, accesses to priviledged hardware or private information are generally conducted by calling APIs protected by certain types of permissions. Thus, people can analyze the method call statistics to gain insights into the usage of permissions in the Android App code. For Android Apps whose source codes are not available, the analysis process will face two major challenges: (1) mapping permission to APIs; (2) handle the thousands of methods and method invocations. To deal with the challenges, we propose a method-level permission usage analysis, which is adopted to analyze the disassembled bytecode of an Android App. We model the behaviors of App code by its static call graph. A social ranking method is applied upon the static call graph, and generate a ranking of all the methods in the target Android App. Based on the ranking results, we further provide a configurable permission-sensitive subgraph generation algorithm to direct our analysis to high ranked method, and inspect permission-specific subgraph of that typical method to get a very clear view of the compact calling structure of permission-sensitive methods.
{"title":"Method-Level Permission Analysis Based on Static Call Graph of Android Apps","authors":"Yan Hu, W. Kong, Deng Ding, Jun Yan","doi":"10.1109/DSA.2018.00014","DOIUrl":"https://doi.org/10.1109/DSA.2018.00014","url":null,"abstract":"Android permission system is important for protecting the privacy of mobile phone users. However, Android apps may not always use permissions correctly. In Android, accesses to priviledged hardware or private information are generally conducted by calling APIs protected by certain types of permissions. Thus, people can analyze the method call statistics to gain insights into the usage of permissions in the Android App code. For Android Apps whose source codes are not available, the analysis process will face two major challenges: (1) mapping permission to APIs; (2) handle the thousands of methods and method invocations. To deal with the challenges, we propose a method-level permission usage analysis, which is adopted to analyze the disassembled bytecode of an Android App. We model the behaviors of App code by its static call graph. A social ranking method is applied upon the static call graph, and generate a ranking of all the methods in the target Android App. Based on the ranking results, we further provide a configurable permission-sensitive subgraph generation algorithm to direct our analysis to high ranked method, and inspect permission-specific subgraph of that typical method to get a very clear view of the compact calling structure of permission-sensitive methods.","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130166666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The outcomes of test play an important role in fault localization. Due to the oracle problem, there are a large number of test cases unlabelled in testing. They can not be used directly and it seriously affects the effectiveness of Spectrum-based fault localization techniques(SBFL). To utilize those test cases, various approaches have been proposed to estimate test outcomes. However, there is no guarantee that all unlabelled test cases are identified correctly. It is unknown that how these misestimated test cases will influence the performance of SBFL. In this paper, a theoretical analysis on the impacts of misestimated test cases is performed by considering two different types of misestimating. There are 24 risk evaluation formulas investigated in our study. Based on the analysis, some suggestions are provided for the labelling of unlabelled test cases to make it be beneficial to locate faults.
{"title":"A Theoretical Analysis on the Impacts of Misestimated Test Cases","authors":"Yanhong Xu, Beibei Yin, Xiaohui Wan, Chenglong Li, Zheng Zheng","doi":"10.1109/DSA.2018.00028","DOIUrl":"https://doi.org/10.1109/DSA.2018.00028","url":null,"abstract":"The outcomes of test play an important role in fault localization. Due to the oracle problem, there are a large number of test cases unlabelled in testing. They can not be used directly and it seriously affects the effectiveness of Spectrum-based fault localization techniques(SBFL). To utilize those test cases, various approaches have been proposed to estimate test outcomes. However, there is no guarantee that all unlabelled test cases are identified correctly. It is unknown that how these misestimated test cases will influence the performance of SBFL. In this paper, a theoretical analysis on the impacts of misestimated test cases is performed by considering two different types of misestimating. There are 24 risk evaluation formulas investigated in our study. Based on the analysis, some suggestions are provided for the labelling of unlabelled test cases to make it be beneficial to locate faults.","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117211402","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xin Li, Hua Vy Le Thanh, Yuxin Deng, Julian T Dolby
For access control in Java or .NET web applications, methods on the runtime stack are examined by the runtime systems for granted permissions, to prohibit from executing untrusted codes. There are quite limited research work on automatically generating security policies for configuring application components. In practice, configuring a security policy of web applications almost relies on the expertise of developers. In this work, we present an approach to automatically generating permission-based security policies for Java applications to pass the runtime authorization. Our technique is based on context-sensitive static proram analysis in the framework of conditional weighted pushdown systems. To tackle with the challenges of access rights analysis such as to statically identify permissions to be examined at stack inspection points, we propose to apply a uniform abstract interpretation of program calling contexts which are used to glue various analysis modules involved in access rights analysis including points-to analysis, string analysis and policy generation analysis. As a result, we can statically identify relevant permissions at the stack inspection sites and perform context-sensitive policy generation analysis.
对于Java或. net web应用程序中的访问控制,运行时系统检查运行时堆栈上的方法以获得授予的权限,以禁止执行不受信任的代码。关于自动生成用于配置应用程序组件的安全策略的研究工作相当有限。在实践中,配置web应用程序的安全策略几乎依赖于开发人员的专业知识。在这项工作中,我们提出了一种方法,为Java应用程序自动生成基于权限的安全策略,以通过运行时授权。我们的技术是基于条件加权下推系统框架下的上下文敏感静态程序分析。为了解决访问权限分析的难题,如在堆栈检查点静态识别要检查的权限,我们建议应用程序调用上下文的统一抽象解释,该解释用于粘合访问权限分析中涉及的各种分析模块,包括点对分析、字符串分析和策略生成分析。因此,我们可以静态地识别堆栈检查站点的相关权限,并执行上下文敏感的策略生成分析。
{"title":"Generating Permission-Based Security Policies","authors":"Xin Li, Hua Vy Le Thanh, Yuxin Deng, Julian T Dolby","doi":"10.1109/DSA.2018.00013","DOIUrl":"https://doi.org/10.1109/DSA.2018.00013","url":null,"abstract":"For access control in Java or .NET web applications, methods on the runtime stack are examined by the runtime systems for granted permissions, to prohibit from executing untrusted codes. There are quite limited research work on automatically generating security policies for configuring application components. In practice, configuring a security policy of web applications almost relies on the expertise of developers. In this work, we present an approach to automatically generating permission-based security policies for Java applications to pass the runtime authorization. Our technique is based on context-sensitive static proram analysis in the framework of conditional weighted pushdown systems. To tackle with the challenges of access rights analysis such as to statically identify permissions to be examined at stack inspection points, we propose to apply a uniform abstract interpretation of program calling contexts which are used to glue various analysis modules involved in access rights analysis including points-to analysis, string analysis and policy generation analysis. As a result, we can statically identify relevant permissions at the stack inspection sites and perform context-sensitive policy generation analysis.","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132086558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"DSA 2018 Steering and Organizing Committees","authors":"","doi":"10.1109/dsa.2018.00008","DOIUrl":"https://doi.org/10.1109/dsa.2018.00008","url":null,"abstract":"","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128473396","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Congcong Ye, Guoqiang Li, Hongming Cai, Yonggen Gu, Akira Fukuda
Recently, the global outbreak of a blackmail virus WannaCry, makes the blockchain a hot topic. The security of blockchain is always the focus of people's attention, and it is also the main reason why the blockchain has not been widely used all over the world. Many researches use mathematical derivation method to analyse the 51%- Attacks influence of blockchain, which is very stiff and difficult to understand. In this paper, we propose a method to simulate blockchain's process and discover the rule between attacking method, attacking power and security of blockchain. We take 51%-Attacks as an example and use Java to simulate the running process. By adjusting the value of attacking power, we can get most states of blockchain and analyze the probability that honest state becomes attacking state. We use various forms to analyze and show the experimental result, which verify our method is correct and feasible. This method can also be implemented as a middleware software of blockchain to detect the security of blockchain.
{"title":"Analysis of Security in Blockchain: Case Study in 51%-Attack Detecting","authors":"Congcong Ye, Guoqiang Li, Hongming Cai, Yonggen Gu, Akira Fukuda","doi":"10.1109/DSA.2018.00015","DOIUrl":"https://doi.org/10.1109/DSA.2018.00015","url":null,"abstract":"Recently, the global outbreak of a blackmail virus WannaCry, makes the blockchain a hot topic. The security of blockchain is always the focus of people's attention, and it is also the main reason why the blockchain has not been widely used all over the world. Many researches use mathematical derivation method to analyse the 51%- Attacks influence of blockchain, which is very stiff and difficult to understand. In this paper, we propose a method to simulate blockchain's process and discover the rule between attacking method, attacking power and security of blockchain. We take 51%-Attacks as an example and use Java to simulate the running process. By adjusting the value of attacking power, we can get most states of blockchain and analyze the probability that honest state becomes attacking state. We use various forms to analyze and show the experimental result, which verify our method is correct and feasible. This method can also be implemented as a middleware software of blockchain to detect the security of blockchain.","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122903102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Message from the DSA 2018 General Chair","authors":"","doi":"10.1109/dsa.2018.00006","DOIUrl":"https://doi.org/10.1109/dsa.2018.00006","url":null,"abstract":"","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"80 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124115117","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"DSA 2018 Poster Abstracts","authors":"","doi":"10.1109/dsa.2018.00011","DOIUrl":"https://doi.org/10.1109/dsa.2018.00011","url":null,"abstract":"","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127338391","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The US Federal Aviation Administration requires complete modified condition/decision coverage (MC/DC) for the most critical (level A) software. Complete MC/DC is a gold standard for thoroughness of testing. However, it is challenging to generate test cases to achieve high MC/DC as it requires testers to manually conduct complex control flow analysis. In this paper, we propose MCDC-Star, a white-box based automated test case generation technique for achieving high MC/DC coverage criterion using greedy-based symbolic execution. By analyzing the control-flow of the subject program, MCDC-Star generates test cases that can improve the MC/DC efficiently and effectively. An experiment using three industrial programs was conducted, and the results show its high effectiveness and efficiency.
{"title":"MCDC-Star: A White-Box Based Automated Test Generation for High MC/DC Coverage","authors":"Linghuan Hu, W. E. Wong, D. R. Kuhn, R. Kacker","doi":"10.1109/DSA.2018.00027","DOIUrl":"https://doi.org/10.1109/DSA.2018.00027","url":null,"abstract":"The US Federal Aviation Administration requires complete modified condition/decision coverage (MC/DC) for the most critical (level A) software. Complete MC/DC is a gold standard for thoroughness of testing. However, it is challenging to generate test cases to achieve high MC/DC as it requires testers to manually conduct complex control flow analysis. In this paper, we propose MCDC-Star, a white-box based automated test case generation technique for achieving high MC/DC coverage criterion using greedy-based symbolic execution. By analyzing the control-flow of the subject program, MCDC-Star generates test cases that can improve the MC/DC efficiently and effectively. An experiment using three industrial programs was conducted, and the results show its high effectiveness and efficiency.","PeriodicalId":117496,"journal":{"name":"2018 5th International Conference on Dependable Systems and Their Applications (DSA)","volume":"73 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114012877","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: