Engineered systems are increasingly integrating sensor techniques to trace their specific degradation behaviors, so as to facilitate their dynamic reliability assessment. Due to the hierarchical structure of these systems, sensing data can be collected at multiple physical levels, including the entire system, subsystems, and components. The quality of collected multilevel sensing data, however, decreases inevitably with the degradation of sensors mounted within each system, leading to a declining trustworthiness of dynamic reliability assessment for each specific individual system. This article develops a new dynamic reliability assessment framework of hierarchical multistate systems suffering from sensors’ degradation. The proposed framework mainly contains three steps: 1) utilizing discrete-state and continuous-state stochastic processes to, respectively, model the degradation behaviors of two types of sensors; 2) integrating these two types of sensors’ degradation models to update the joint state probability distribution of both the monitored objects and sensors by fusing multilevel sensing data; 3) deriving the marginal state probability distribution of the entire system to dynamically assess system reliability. A three-component system and an electromechanical actuator system in landing gear systems are exemplified to illustrate the performance of the proposed method.
{"title":"Dynamic Reliability Assessment of Hierarchical Multistate Systems With Sensors’ Degradation","authors":"Boyuan Zhang;Yu Liu;Yi-Xuan Zheng","doi":"10.1109/TR.2024.3524098","DOIUrl":"https://doi.org/10.1109/TR.2024.3524098","url":null,"abstract":"Engineered systems are increasingly integrating sensor techniques to trace their specific degradation behaviors, so as to facilitate their dynamic reliability assessment. Due to the hierarchical structure of these systems, sensing data can be collected at multiple physical levels, including the entire system, subsystems, and components. The quality of collected multilevel sensing data, however, decreases inevitably with the degradation of sensors mounted within each system, leading to a declining trustworthiness of dynamic reliability assessment for each specific individual system. This article develops a new dynamic reliability assessment framework of hierarchical multistate systems suffering from sensors’ degradation. The proposed framework mainly contains three steps: 1) utilizing discrete-state and continuous-state stochastic processes to, respectively, model the degradation behaviors of two types of sensors; 2) integrating these two types of sensors’ degradation models to update the joint state probability distribution of both the monitored objects and sensors by fusing multilevel sensing data; 3) deriving the marginal state probability distribution of the entire system to dynamically assess system reliability. A three-component system and an electromechanical actuator system in landing gear systems are exemplified to illustrate the performance of the proposed method.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"3784-3798"},"PeriodicalIF":5.7,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144996098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Software defect prediction technology can discover potential errors or hidden defects by establishing prediction models before the use of products in the field of software engineering, so as to reduce subsequent problems and improve software quality and security. However, building predictive models requires enough software defect dataset support, especially defect samples. Due to the involvement of confidential information from various organizations or enterprises, software defect data cannot be shared and effectively utilized. Therefore, to achieve collaborative training of multiparty shared software defect prediction models while keeping the data local to various organizations, we made the federated learning framework for the issue of software defect prediction. Meanwhile, the nondefect and defect instances in software defect datasets are usually imbalanced, which can seriously affect the software defect prediction performance of the model. Therefore, this study designs a novel federated oversampling learning framework Fed-OLF. First, the TabDiT method based on deep generative model is proposed in Fed-OLF to expand and rebalance the local imbalanced software defect dataset of each client with a certain degree of privacy protection. Second, a parameter aggregation strategy based on local information entropy is proposed in Fed-OLF to further optimize the parameter aggregation effect of the global shared model, thereby achieving better model performance. We conduct extensive experiments on the PROMISE dataset and the NASA Promise repository, and experimental results on the PROMISE dataset and the NASA Promise repository show that, the proposed Fed-OLF exhibits better predictive performance under the F1-score, G-mean, and AUC metrics when compared with the advanced baseline methods. In addition, we verify that both the TabDiT method and the parameter aggregation strategy based on local information entropy in Fed-OLF are useful, and the combination of them can more effectively improve model performance.
{"title":"Fed-OLF: Federated Oversampling Learning Framework for Imbalanced Software Defect Prediction Under Privacy Protection","authors":"Xiaowen Hu;Ming Zheng;Rui Zhu;Xuan Zhang;Zhi Jin","doi":"10.1109/TR.2024.3524064","DOIUrl":"https://doi.org/10.1109/TR.2024.3524064","url":null,"abstract":"Software defect prediction technology can discover potential errors or hidden defects by establishing prediction models before the use of products in the field of software engineering, so as to reduce subsequent problems and improve software quality and security. However, building predictive models requires enough software defect dataset support, especially defect samples. Due to the involvement of confidential information from various organizations or enterprises, software defect data cannot be shared and effectively utilized. Therefore, to achieve collaborative training of multiparty shared software defect prediction models while keeping the data local to various organizations, we made the federated learning framework for the issue of software defect prediction. Meanwhile, the nondefect and defect instances in software defect datasets are usually imbalanced, which can seriously affect the software defect prediction performance of the model. Therefore, this study designs a novel federated oversampling learning framework Fed-OLF. First, the TabDiT method based on deep generative model is proposed in Fed-OLF to expand and rebalance the local imbalanced software defect dataset of each client with a certain degree of privacy protection. Second, a parameter aggregation strategy based on local information entropy is proposed in Fed-OLF to further optimize the parameter aggregation effect of the global shared model, thereby achieving better model performance. We conduct extensive experiments on the PROMISE dataset and the NASA Promise repository, and experimental results on the PROMISE dataset and the NASA Promise repository show that, the proposed Fed-OLF exhibits better predictive performance under the F1-score, G-mean, and AUC metrics when compared with the advanced baseline methods. In addition, we verify that both the TabDiT method and the parameter aggregation strategy based on local information entropy in Fed-OLF are useful, and the combination of them can more effectively improve model performance.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"3266-3280"},"PeriodicalIF":5.7,"publicationDate":"2025-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144997978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
During battery reliability tests, quality characteristic (QC) values like capacitance, voltage, or current are repeatedly observed during the cyclic charge-discharge processes. The battery's lifetime is determined by the first cycle where QC values drop below a specific threshold. Despite the recurrent nature of this cyclic data, performance declines with each charge-discharge cycle. The trend renewal process (TRP) transforms this periodic data through a trend function to ensure independent and stationary increments in the transformed data. However, combining the trend function with the renewal distribution complicates the resulting likelihood function. In typical battery reliability tests, sample sizes are small, and batteries exhibit heterogeneous differences. This article examines the inverse Gaussian accelerated trend-renewal process (ATRP) model for analyzing discharge-capacity battery data under various discharge currents, with model parameters being log-linear in discharge current. A hierarchical Bayesian approach is employed for three ATRP random-effects models, introducing latent variables to capture unit-to-unit variation among batteries. By selecting the most appropriate model based on the largest log marginal likelihood, predictive lifetime inference under normal discharging current is derived using the Markov chain Monte Carlo procedure. Monte-Carlo simulations validate the numerical calculations, and the proposed method is successfully applied to lithium-ion battery accelerated degradation test data.
{"title":"Bayesian Analysis of Accelerated Trend Renewal Processes With Application to Lithium-Ion Battery Data","authors":"Tsai-Hung Fan;Yi-Fu Wang;Chun-Kai Wu","doi":"10.1109/TR.2024.3523180","DOIUrl":"https://doi.org/10.1109/TR.2024.3523180","url":null,"abstract":"During battery reliability tests, quality characteristic (QC) values like capacitance, voltage, or current are repeatedly observed during the cyclic charge-discharge processes. The battery's lifetime is determined by the first cycle where QC values drop below a specific threshold. Despite the recurrent nature of this cyclic data, performance declines with each charge-discharge cycle. The trend renewal process (TRP) transforms this periodic data through a trend function to ensure independent and stationary increments in the transformed data. However, combining the trend function with the renewal distribution complicates the resulting likelihood function. In typical battery reliability tests, sample sizes are small, and batteries exhibit heterogeneous differences. This article examines the inverse Gaussian accelerated trend-renewal process (ATRP) model for analyzing discharge-capacity battery data under various discharge currents, with model parameters being log-linear in discharge current. A hierarchical Bayesian approach is employed for three ATRP random-effects models, introducing latent variables to capture unit-to-unit variation among batteries. By selecting the most appropriate model based on the largest log marginal likelihood, predictive lifetime inference under normal discharging current is derived using the Markov chain Monte Carlo procedure. Monte-Carlo simulations validate the numerical calculations, and the proposed method is successfully applied to lithium-ion battery accelerated degradation test data.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"3083-3097"},"PeriodicalIF":5.7,"publicationDate":"2025-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144997993","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This article presents a collaborative cloud-based control and defense framework designed to address scheduling challenges and interlayer false data injection (FDI) attacks in a low carbon economy. The proposed framework integrates the principles of low carbon economy strategy and new energy (wind turbine, photovoltaic) modeling to coordinate active and reactive power of distributed generation (DG) using a layered control approach. The framework consists of two main layers: a lower layer and an upper layer. The lower layer combines control and attack defense strategies. State feedback control is utilized to regulate the dynamics of the DG and defense strategies are employed to defend against potential controller FDI attacks. The upper layer, on the other hand, consists of interlayer defense strategies and cloud computing. The FDI defense from the lower control layer to the upper cloud computing layer obtains the actual operating state of the DG. And these data are used for cloud computing to get the next reference power. Cloud computing focuses on multiobjective optimization with the aim of minimizing generation cost, line loss, and bus voltage deviation under low carbon conditions. In order to verify the effectiveness of the proposed control strategy, simulations are conducted on a computer and StarSim hardware-in-the-loop experimental platform. The results show that the framework can effectively manage energy consumption in a low-carbon economy.
{"title":"Collaborative Cloud-Controlled Defense Mechanism for Low-Carbon Economic Dispatch in Active Distribution Networks Under Interlayer Attack","authors":"Cong Cai;Yunfeng Wang;Qingyu Su;Jian Li","doi":"10.1109/TR.2024.3523894","DOIUrl":"https://doi.org/10.1109/TR.2024.3523894","url":null,"abstract":"This article presents a collaborative cloud-based control and defense framework designed to address scheduling challenges and interlayer false data injection (FDI) attacks in a low carbon economy. The proposed framework integrates the principles of low carbon economy strategy and new energy (wind turbine, photovoltaic) modeling to coordinate active and reactive power of distributed generation (DG) using a layered control approach. The framework consists of two main layers: a lower layer and an upper layer. The lower layer combines control and attack defense strategies. State feedback control is utilized to regulate the dynamics of the DG and defense strategies are employed to defend against potential controller FDI attacks. The upper layer, on the other hand, consists of interlayer defense strategies and cloud computing. The FDI defense from the lower control layer to the upper cloud computing layer obtains the actual operating state of the DG. And these data are used for cloud computing to get the next reference power. Cloud computing focuses on multiobjective optimization with the aim of minimizing generation cost, line loss, and bus voltage deviation under low carbon conditions. In order to verify the effectiveness of the proposed control strategy, simulations are conducted on a computer and StarSim hardware-in-the-loop experimental platform. The results show that the framework can effectively manage energy consumption in a low-carbon economy.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 2","pages":"2655-2667"},"PeriodicalIF":5.0,"publicationDate":"2025-01-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144205854","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To satisfy the developmental requirements of applications, such as autonomous driving, high-performance computing, and the Internet of Things (IoT), the integration density, performance, and reliability tradeoff of electronic systems are posing numerous challenges. Prognostics and health management (PHM) using multiple types of sensors can address reliability problems and enhance the functional safety of electronic systems. However, the limited integration density of conventional electronic packaging indicates that functional chips can only replace sensor chips for physical quantity monitoring, without simultaneous functional degradation monitoring and fault identification. This study proposed an integration method that is compatible with front and rear processes to integrate temperature and stress sensors into the power-driven module, that is, fan-out wafer-level packaging technology. First, the temperature and stress sensors are calibrated using a microloading platform and sensitivity consistency is ensured. Second, the temperature inside the module under various working conditions is evaluated using the data obtained by temperature sensors. The stress data inside the micromodule under mechanical loading are obtained through stress sensors. The proposed method can realize in situ monitoring inside advanced packaging and provide considerable data for PHM research.
{"title":"Integrated Temperature and Stress Sensors in Fan-Out Wafer-Level Packaging to Better Achieve the Third-Generation Reliability of Electronic Systems","authors":"Linwei Cao;Yuexing Wang;Kun Liu;Xiangou Zhang;Shuairong Deng;Quanfeng Zhou;Xiangyu Sun;Wanli Zhang","doi":"10.1109/TR.2024.3523892","DOIUrl":"https://doi.org/10.1109/TR.2024.3523892","url":null,"abstract":"To satisfy the developmental requirements of applications, such as autonomous driving, high-performance computing, and the Internet of Things (IoT), the integration density, performance, and reliability tradeoff of electronic systems are posing numerous challenges. Prognostics and health management (PHM) using multiple types of sensors can address reliability problems and enhance the functional safety of electronic systems. However, the limited integration density of conventional electronic packaging indicates that functional chips can only replace sensor chips for physical quantity monitoring, without simultaneous functional degradation monitoring and fault identification. This study proposed an integration method that is compatible with front and rear processes to integrate temperature and stress sensors into the power-driven module, that is, fan-out wafer-level packaging technology. First, the temperature and stress sensors are calibrated using a microloading platform and sensitivity consistency is ensured. Second, the temperature inside the module under various working conditions is evaluated using the data obtained by temperature sensors. The stress data inside the micromodule under mechanical loading are obtained through stress sensors. The proposed method can realize <italic>in situ</i> monitoring inside advanced packaging and provide considerable data for PHM research.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"4020-4031"},"PeriodicalIF":5.7,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144997930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In many industrial environments, some components fail and cannot be repaired immediately. We propose a novel repair policy for addressing component failure issues in a circular consecutive-$k$-out-of-$n$:F (abbreviated as Cir/Con/k/n:F) system. This repair policy assigns preemptive priority for repair to the component whose breakdown results in system failure (called emergency repair), while renders an ordinary repair to the failed components without causing failure of the system. The ordinary repairs are recorded by the repairman in the order of their failure, which is said that the broken components are stored in “orbit.” When the repairman becomes idle, he makes the orbital search for failed ones according to the first-failed-first-repair discipline, which can be interrupted by an emergency repair. We carry on an extensive investigation on reliability and queueing indices of the considered model. Specifically, we present a Cir/Con/2/6:F system as an example to give sensitivity analysis for the reliability performance. Numerical inversion of Laplace transform–Stehfest method is adopted to obtain approximate solutions for reliability function. Furthermore, the minimization problem of the CBR is addressed by adopting sequential quadratic programming algorithm. This study offers new insights into balancing the expected total repair cost and associated benefits in the Cir/Con/k/n:F system.
{"title":"Reliability Evaluation for a Circular Con/k/n:F System With a Novel Differential Repair Policy","authors":"Shan Gao;Jinting Wang;Qin Chen","doi":"10.1109/TR.2024.3524329","DOIUrl":"https://doi.org/10.1109/TR.2024.3524329","url":null,"abstract":"In many industrial environments, some components fail and cannot be repaired immediately. We propose a novel repair policy for addressing component failure issues in a circular consecutive-<inline-formula><tex-math>$k$</tex-math></inline-formula>-out-of-<inline-formula><tex-math>$n$</tex-math></inline-formula>:F (abbreviated as Cir/Con/k/n:F) system. This repair policy assigns preemptive priority for repair to the component whose breakdown results in system failure (called <italic>emergency repair</i>), while renders an <italic>ordinary repair</i> to the failed components without causing failure of the system. The ordinary repairs are recorded by the repairman in the order of their failure, which is said that the broken components are stored in “orbit.” When the repairman becomes idle, he makes the orbital search for failed ones according to the first-failed-first-repair discipline, which can be interrupted by an emergency repair. We carry on an extensive investigation on reliability and queueing indices of the considered model. Specifically, we present a Cir/Con/2/6:F system as an example to give sensitivity analysis for the reliability performance. Numerical inversion of Laplace transform–Stehfest method is adopted to obtain approximate solutions for reliability function. Furthermore, the minimization problem of the CBR is addressed by adopting sequential quadratic programming algorithm. This study offers new insights into balancing the expected total repair cost and associated benefits in the Cir/Con/k/n:F system.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"3098-3111"},"PeriodicalIF":5.7,"publicationDate":"2025-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144998380","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Chang-ai Sun;Jian Mu;Mingjun Xiao;Huai Liu;Pinjia He
In recent years, deep neural networks have been applied in machine translation systems, resulting in the so-called neural machine translation (NMT) models that can improve translation quality significantly. However, due to the brittleness of deep neural network, machine translation systems could return erroneous translations that lead to misunderstandings or even cause serious losses. To detect translation errors, various testing techniques have been proposed. As a popularly used technique, metamorphic testing mainly relies on text or syntactic structure of translations while ignoring the meaning of sentences (i.e., semantic information). Compared with text and syntactic information, semantic information of sentences is more stable when dealing with languages that have rich vocabulary and flexible word order. Motivated by this observation, we propose semantic structure invariance-based metamorphic testing (SSIMT) for machine translation systems. The key insight is that contextually similar sentences should typically have translations of similar semantic structures. Experiments have been conducted to evaluate SSIMT on two widely used machine translation systems, Microsoft Bing Translator and Google Translate with 600 seed sentences crawled from well-known news websites covering six different corpus topics. The experimental results show that SSIMT is able to find thousands of erroneous translations in both translation systems with high accuracy (over 70%). Translation errors reported by SSIMT covers a wide variety of common error types.
{"title":"Semantic Structure Invariance-Based Metamorphic Testing for Machine Translation Systems","authors":"Chang-ai Sun;Jian Mu;Mingjun Xiao;Huai Liu;Pinjia He","doi":"10.1109/TR.2024.3521029","DOIUrl":"https://doi.org/10.1109/TR.2024.3521029","url":null,"abstract":"In recent years, deep neural networks have been applied in machine translation systems, resulting in the so-called neural machine translation (NMT) models that can improve translation quality significantly. However, due to the brittleness of deep neural network, machine translation systems could return erroneous translations that lead to misunderstandings or even cause serious losses. To detect translation errors, various testing techniques have been proposed. As a popularly used technique, metamorphic testing mainly relies on text or syntactic structure of translations while ignoring the meaning of sentences (i.e., semantic information). Compared with text and syntactic information, semantic information of sentences is more stable when dealing with languages that have rich vocabulary and flexible word order. Motivated by this observation, we propose semantic structure invariance-based metamorphic testing (SSIMT) for machine translation systems. The key insight is that contextually similar sentences should typically have translations of similar semantic structures. Experiments have been conducted to evaluate SSIMT on two widely used machine translation systems, Microsoft Bing Translator and Google Translate with 600 seed sentences crawled from well-known news websites covering six different corpus topics. The experimental results show that SSIMT is able to find thousands of erroneous translations in both translation systems with high accuracy (over 70%). Translation errors reported by SSIMT covers a wide variety of common error types.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"3251-3265"},"PeriodicalIF":5.7,"publicationDate":"2025-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144998325","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Injection attacks exploit vulnerabilities in how applications handle user input, allowing malicious code to infiltrate the execution environment of web applications, leading to severe consequences, such as data leaks and system crashes. Traditional dynamic and static detection methods suffer from limitations in manual rule or pattern design and intraprocedural analysis, lacking the capability to automatically learn complex features. Meanwhile, deep learning models encounter challenges, such as feature redundancy and inefficiency, in processing long code sequences. Here, we propose a prototype for detecting Injection Vulnerabilities in Java web applications based on Interprocedural analysis and the bidirectional encoder representations from transformers BERT-BiLSTM-CRF model (IVIB), effectively transforming vulnerability detection into text sequence annotation. IVIB employs interprocedural analysis to trace complete program data flow, control flow, method and class dependencies, reducing redundancy through a system dependency graph. Then, we develop intermediate language representation rules and conversion mechanisms specifically for Java programs, symbolically representing code snippets and annotating them to construct a corpus. IVIB achieves remarkable results, with over 96% accuracy, precision, recall, and F1-score in binary classification, surpassing other state-of-the-art models in multiclassification performance. Evaluation on real-world projects demonstrates IVIB's effectiveness, detecting 28 vulnerabilities out of 30 vulnerable slices with low false positives and no false negatives.
{"title":"Enhancing Java Web Application Security: Injection Vulnerability Detection via Interprocedural Analysis and Deep Learning","authors":"Bing Zhang;Xu Zhi;Meng Wang;Rong Ren;Jun Dong","doi":"10.1109/TR.2024.3521381","DOIUrl":"https://doi.org/10.1109/TR.2024.3521381","url":null,"abstract":"Injection attacks exploit vulnerabilities in how applications handle user input, allowing malicious code to infiltrate the execution environment of web applications, leading to severe consequences, such as data leaks and system crashes. Traditional dynamic and static detection methods suffer from limitations in manual rule or pattern design and intraprocedural analysis, lacking the capability to automatically learn complex features. Meanwhile, deep learning models encounter challenges, such as feature redundancy and inefficiency, in processing long code sequences. Here, we propose a prototype for detecting <underline>I</u>njection <underline>V</u>ulnerabilities in Java web applications based on <underline>I</u>nterprocedural analysis and the bidirectional encoder representations from transformers <underline>B</u>ERT-BiLSTM-CRF model (IVIB), effectively transforming vulnerability detection into text sequence annotation. IVIB employs interprocedural analysis to trace complete program data flow, control flow, method and class dependencies, reducing redundancy through a system dependency graph. Then, we develop intermediate language representation rules and conversion mechanisms specifically for Java programs, symbolically representing code snippets and annotating them to construct a corpus. IVIB achieves remarkable results, with over 96% accuracy, precision, recall, and F1-score in binary classification, surpassing other state-of-the-art models in multiclassification performance. Evaluation on real-world projects demonstrates IVIB's effectiveness, detecting 28 vulnerabilities out of 30 vulnerable slices with low false positives and no false negatives.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"3642-3656"},"PeriodicalIF":5.7,"publicationDate":"2025-01-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144998326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The k-out-of-n system with functional dependency (FDEP), as a typical structure, has widespread applications in a diversity of engineered system. These systems are characterized by components that perform distinct functions, and are connected through flexible intercomponential support relations. This flexibility allows for dynamic adjustment of the support strategy in response to component failures, achieved through connections between components’ interfaces or controlled by additional components, such as valves and switches. Even though previous article has demonstrated effectiveness in assessing reliability of k-out-of-n systems with FDEP, it often overlooks the essential investigation of flexible support relations among components, resulting in inaccurate system reliability assessment. To fill this research gap, this article introduces a novel framework that integrates a parameter time-varying discrete dynamic Bayesian network (PTVDDBN) and a tailored Hungarian algorithm with a depth-first search (DFS) strategy, namely the PTVDDBN–HDFS method, to advance reliability assessment of k-out-of-n systems with flexible support relations. Specifically, the PTVDDBN-based architecture captures the system's stochastic degradation over time, and its components’ lifetime could follow an arbitrary probability distribution. From a graph set-based perspective, the support strategy designated in the system is dynamically adjusted via the DFS strategy. The optimal system performance under various component state combinations is further converted to conditional probability table parameters within the PTVDDBN model. A practical case study of a kerosene filling system at a space launch site is showcased to illustrate the application and effectiveness of the PTVDDBN–HDFS method.
{"title":"Reliability Assessment of Reconfigurable k-out-of-n Systems With Functional Dependency","authors":"Yi-Xuan Zheng;Boyuan Zhang;Yu Liu","doi":"10.1109/TR.2024.3507363","DOIUrl":"https://doi.org/10.1109/TR.2024.3507363","url":null,"abstract":"The <italic>k</i>-out-of-<italic>n</i> system with functional dependency (FDEP), as a typical structure, has widespread applications in a diversity of engineered system. These systems are characterized by components that perform distinct functions, and are connected through flexible intercomponential support relations. This flexibility allows for dynamic adjustment of the support strategy in response to component failures, achieved through connections between components’ interfaces or controlled by additional components, such as valves and switches. Even though previous article has demonstrated effectiveness in assessing reliability of <italic>k</i>-out-of-<italic>n</i> systems with FDEP, it often overlooks the essential investigation of flexible support relations among components, resulting in inaccurate system reliability assessment. To fill this research gap, this article introduces a novel framework that integrates a parameter time-varying discrete dynamic Bayesian network (PTVDDBN) and a tailored Hungarian algorithm with a depth-first search (DFS) strategy, namely the PTVDDBN–HDFS method, to advance reliability assessment of <italic>k</i>-out-of-<italic>n</i> systems with flexible support relations. Specifically, the PTVDDBN-based architecture captures the system's stochastic degradation over time, and its components’ lifetime could follow an arbitrary probability distribution. From a graph set-based perspective, the support strategy designated in the system is dynamically adjusted via the DFS strategy. The optimal system performance under various component state combinations is further converted to conditional probability table parameters within the PTVDDBN model. A practical case study of a kerosene filling system at a space launch site is showcased to illustrate the application and effectiveness of the PTVDDBN–HDFS method.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"3745-3759"},"PeriodicalIF":5.7,"publicationDate":"2024-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144998328","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Crafting a dynamic and accurate resilience assessment method for urban transportation, marked by complex road networks and frequent disturbances, poses a significant challenge. Existing work mainly focuses on statically assessing historical traffic resilience and cannot dynamically divide spatial regions according to disturbance scales. In this article, we propose a predictive and multigranularity assessment method. First, we develop an attention-based spatial-temporal hypergraph neural controlled differential equation model, which can accurately predict traffic conditions under disturbances. Second, we construct a multigranularity disturbance propagation model that adaptively divides a traffic network into multiple granularities according to disturbance scales. Then, we design a real-time resilience assessment algorithm capable of quantifying spatial-temporal dynamic resilience indicators for each granularity area. Extensive experiments on urban transportation in California during heavy rainfall reveal an inverse relationship between California's resilience and rainfall intensity. In addition, its downtown exhibits strong resilience, while coastal and interior areas show relatively weaker resilience, with some interior areas experiencing prolonged recovery times.
{"title":"Predictive and Multigranularity Resilience Assessment of Urban Transportation Based on Neural Controlled Differential Equation","authors":"Zhe Cui;Di Zang;Hong Zhu;Keshuang Tang","doi":"10.1109/TR.2024.3514712","DOIUrl":"https://doi.org/10.1109/TR.2024.3514712","url":null,"abstract":"Crafting a dynamic and accurate resilience assessment method for urban transportation, marked by complex road networks and frequent disturbances, poses a significant challenge. Existing work mainly focuses on statically assessing historical traffic resilience and cannot dynamically divide spatial regions according to disturbance scales. In this article, we propose a predictive and multigranularity assessment method. First, we develop an attention-based spatial-temporal hypergraph neural controlled differential equation model, which can accurately predict traffic conditions under disturbances. Second, we construct a multigranularity disturbance propagation model that adaptively divides a traffic network into multiple granularities according to disturbance scales. Then, we design a real-time resilience assessment algorithm capable of quantifying spatial-temporal dynamic resilience indicators for each granularity area. Extensive experiments on urban transportation in California during heavy rainfall reveal an inverse relationship between California's resilience and rainfall intensity. In addition, its downtown exhibits strong resilience, while coastal and interior areas show relatively weaker resilience, with some interior areas experiencing prolonged recovery times.","PeriodicalId":56305,"journal":{"name":"IEEE Transactions on Reliability","volume":"74 3","pages":"4230-4244"},"PeriodicalIF":5.7,"publicationDate":"2024-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144998081","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}