Untitled Document

Research
Software is being increasingly used for a variety of critical applications. These range from on-line transaction processing systems, such as banking systems and airline reservation systems, to embedded computer systems, such as manufacturing systems, automobiles, air traffic and space vehicle control systems, nuclear power plant safety control systems, medical and military applications. The driving force behind the use of computers in these applications is the delivery of vastly sophisticated control algorithms or system features via software. The existence of software faults in safety critical systems is not tolerable. The potential for catastrophic loss of life and property makes it imperative to develop "perfect software". Yet, it is a cruel reality that the goal of producing "perfect software" remains elusive. As a consequence of several disastrous (or potentially disastrous) failures of safety critical systems in the past, the consciousness to our vulnerability to computer failures is developing. When software is part of a critical system, it is necessary to estimate the risk associated with its use. My research addresseMy research addresses, in broad terms, the estimation and minimization of the above risks through the advances of verification and validation methods for high-assurance systems. What distinguishes my research path from the "mainstream" is the search for better solutions through the synthesis of known methodologies, which address only part of the problem. The examples of the syntheses include the interplay of software testing and formal verification, the investigation of the role of computational intelligence methods in software assurance, the combination of virtual reality modeling and model checking for requirements validation, novel component based and Bayesian approaches to early lifecycle prediction of software reliability, etc. All these approaches are highly innovative and open fresh directions in software dependability research. The constant themes guiding my work are statistical and logical substantiation, convincing scientific argumentation and the demonstration of applicability to real world ccomplex systems. iption of a few of my past and current research projects. Bayesian Frameworks for Software Reliability Assessment Project is developing theoretical frameworks for software reliability assessment based on Bayesian Hypothesis Testing. These frameworks are especially suitable for reliability assessment in situations where extensive qualitative software V&V activities are being performed, but their results are not easily quantifiable. The true novelty of these frameworks is their versatility, i.e., the ability to apply them early in the software development life cycle, or within software product lines and component based development environments, or even following system deployment. Innovation is due to the integration of formal and informal approaches to software verification, followed by the sound statistical analysis. The model uses software artifacts (requirements, design, data and control flow diagrams, etc.), the results of the qualitative and quantitative verification activities and expert opinions to recommend appropriate random testing effort at the tail end of the development lifecycle, leading to a methodology for practical software reliability assessment. This work, performed in collaboration with Profs. Singh and Gunel (WVU Statistics), and Prof. Smidts (U. Maryland) is sponsored by NASA Office of Safety and Mission Assurance (NASA IV&V University Initiatives) and by the CAREER grant from the National Science Foundation. Verification and Validation of Adaptive Systems Adaptive Systems are systems whose function evolves over time, as they improve their performance through learning. The advantage of adaptive systems is that they can react to situations that were never individually identified and analyzed by the designer. If learning and adaptation are allowed to occur after the control system if deployed, the system is called online adaptive system. Online adaptive systems are attracting increasing attention in application domains where autonomy is an important feature, or where it is virtually impossible to analyze ahead of time all the possible combinations of environmental conditions that may arise. An archetype of the former are long term space missions where communication delays to ground stations are prohibitively long, and we have to depend on the systems' local capabilities to deal with unforseen circumstances. An archetype of the latter are flight control systems, which deal with a wide range of parameters, and a wide range of environmental factors. In collaboration with Prof. Marcello Napolitano (Aerospace Engineering, WVU), and Prof. Ali Mili (New Jersey Institute of Technology) we are investigating verification and validation issues for adaptive, fault-tolerant flight control systems. Our approach is based on the combination of novelty detection techniques and Lyapunov stability analysis. Our methodology is being used in the flight assurance procedures of the F-15A - IFCS aircraft. This project is sponsored by NASA Dryden Flight Research Center and by NASA Office of Safety and Mission Assurance. Increasing Fault Detection Probability in Software Testing Software testing is the most commonly used software verification technique. It is widely acknowledged that it is also one of the costliest activities in the software development lifecycle. Significant advances have been made in software test automation, including automated test generation from specifications, generation of oracles, test coverage measures, etc. However, the central question pertinent to the efficacy of software testing, addressing the repetitive ability of the test method to identify software failures, remains open. In the context of debugging, partition and random testing strategies have been frequently compared with respect to their ability to detect at least a single fault in the program's input space. In principle, many practical testing methods (branch testing, specification-based testing, feature-based testing, etc.) can be abstracted by input domain partitioning paradigm. In collaboration with Prof. Phillip Boland (National University of Ireland - Dublin) and Prof. Harshinder Singh (WVU Statistics), we are developing truly innovative statistical frameworks for reasoning about comparative advantages of different forms of partition and random test strategies. We evaluate these strategies in terms of suitable stochastic majorization and precedence orderings. The additional factors considered include failure/fault severity classifications, practicality of the domain construction, assumption validation through industrial size case studies and the availability and/or the development of tool support. Current results have been published by IEEE Transactions on Software Engineering and Applied Probability Journal. The derived theories will assist in identifying testing strategies with the highest probability of fault detection, thus facilitating improved reliability prediction and/or cost reduction. Multifractal Analysis of Software Aging Software aging is the side effect of the complexity of modern software applications and operating systems. Accumulation of unreleased file locks, memory leaks, data corruption effects cause the exhaustion of operating system resources. As a result of aging, systems can crash or experience substantial performance degradation problems. This project investigates the applicability of fractal theory in the analysis of software aging phenomenon and is expected to develop algorithms for the prediction of system performance problems due to memory exhaustion. We demonstrated that fractal analysis can be used to predict the occurrence of a crash, making the deployment of a preventive maintenance action a viable option. This work is sponsored by NASA Office of Safety and Mission Assurance (NASA IV&V University Initiatives). Statistical Assessment and Evaluation of Biometric Systems This line of research represents a departure from the traditional software engineering scope of problems. Biometric devices offer substantial advantages over the traditional user authentication approaches. But very limited knowledge is available to assess the performance of biometric systems in isolation and/or as a part of larger applications. In 2001, we initiated a study of information assurance aspects of the use of biometric devices in large-scale computer networks. Research emphasis was on the study of system-wide reliability impacts of biometric authentication devices. Currently, in collaboration with Prof. Singh (WVU, Statistics), we investigate the identification of statistical parameters for the improved performance of multi-modal biometric identification systems. We plan to develop an optimal algorithm for the adjustment of thresholds of individual biometrics working in a multimodal authentication framework. The final result of this research should provide design guidelines for multimodal miometric systems that provide provably optimal False Acceptance and False Rejection rates. The work has been funded through the NSF-IUCRC (Industry-University Collaborative Research Center) called CITeR (Center for Research in Identification Technologies).

Research

Software is being increasingly used for a variety of critical applications. These range from on-line transaction processing systems, such as banking systems and airline reservation systems, to embedded computer systems, such as manufacturing systems, automobiles, air traffic and space vehicle control systems, nuclear power plant safety control systems, medical and military applications. The driving force behind the use of computers in these applications is the delivery of vastly sophisticated control algorithms or system features via software. The existence of software faults in safety critical systems is not tolerable. The potential for catastrophic loss of life and property makes it imperative to develop "perfect software".
Yet, it is a cruel reality that the goal of producing "perfect software" remains elusive. As a consequence of several disastrous (or potentially disastrous) failures of safety critical systems in the past, the consciousness to our vulnerability to computer failures is developing. When software is part of a critical system, it is necessary to estimate the risk associated with its use. My research addresseMy research addresses, in broad terms, the estimation and minimization of the above risks through the advances of verification and validation methods for high-assurance systems. What distinguishes my research path from the "mainstream" is the search for better solutions through the synthesis of known methodologies, which address only part of the problem. The examples of the syntheses include the interplay of software testing and formal verification, the investigation of the role of computational intelligence methods in software assurance, the combination of virtual reality modeling and model checking for requirements validation, novel component based and Bayesian approaches to early lifecycle prediction of software reliability, etc. All these approaches are highly innovative and open fresh directions in software dependability research. The constant themes guiding my work are statistical and logical substantiation, convincing scientific argumentation and the demonstration of applicability to real world ccomplex systems.
iption of a few of my past and current research projects.

Bayesian Frameworks for Software Reliability Assessment
Verification and Validation of Adaptive Systems
Increasing Fault Detection Probability in Software Testing
Multifractal Analysis of Software Aging
Statistical Assessment and Evaluation of Biometric Systems