Search

Your search keyword '"Gilles Motet"' showing total 67 results
Start Over Author "Gilles Motet"
67 results on '"Gilles Motet"'

18. Quality assessment of postgraduate safety education programs, current developments with examples of ten (post)graduate safety courses in Europe

Author

José M. Carretero-Gómez, Francisco J. Forteza, Kelly Reyniers, Pedro Arezes, Paul Swuste, Carine Van Den Broeke, Gilles Motet, Wim van Wassenhove, David Wenham, Anne Bergmans, Asun Galera, Jouni Kivistö-Rahnasto, Delft University of Technology (TU Delft), Universitat Politècnica de Catalunya [Barcelona] (UPC), Centre de recherche sur les Risques et les Crises (CRC), Mines Paris - PSL (École nationale supérieure des mines de Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL), University of the Balearic Islands (UIB), Universidade do Minho = University of Minho [Braga], Tampere University of Technology [Tampere] (TUT), Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT), University of Antwerp (UA), Loughborough University, Catholic University of Leuven - Katholieke Universiteit Leuven (KU Leuven), MINES ParisTech - École nationale supérieure des mines de Paris, Universidade do Minho, Institut National des Sciences Appliquées (INSA), Universitat Politècnica de Catalunya. Departament d'Organització d'Empreses, Universitat Politècnica de Catalunya. GIOPACT - Grup de Recerca d'Igualtat d'Oportunitats per a l'Arquitectura, la Ciència i la Tecnologia, Tampere University, and Industrial Engineering and Management

Subjects
Technology, Economics, NETHERLANDS, Formación y empleo de trabajadores, Safety knowledge, Professionalization, Engineering, Sociology, ComputingMilieux_COMPUTERSANDEDUCATION, [SHS.GEST-RISQ]Humanities and Social Sciences/domain_shs.gest-risq, Safety, Risk, Reliability and Quality, PIPER ALPHA, ComputingMilieux_MISCELLANEOUS, media_common, Safety indicators, Quality assessment, 4. Education, Operations Research & Management Science, 05 social sciences, 050301 education, DELFT UNIVERSITY, 222 Other engineering and technologies, SCIENCE, Garantia de qualitat, Quality assurance, 3 MILE ISLAND, 5801.07 Métodos Pedagógicos, Psychology, Europa, Engineering sciences. Technology, Safety Research, 5802.01 Educación de Adultos, media_common.quotation_subject, Safety education, PROFESSION, Minor (academic), 6109.01 Prevención de Accidentes, Seguridad y Salud, OCCUPATIONAL-HEALTH, 0502 economics and business, Ensenyament i aprenentatge::Ensenyament universitari [Àrees temàtiques de la UPC], MANAGEMENT, Post graduate, Quality (business), Postgraduate courses, Medical education, Science & Technology, Public Health, Environmental and Occupational Health, PREVENTION, Engineering, Industrial, RANDOMIZED-CONTROLLED-TRIAL, Law, 0503 education, Evaluación de la calidad, Mathematics, 050203 business & management
Abstract

Professionalization of safety is gaining some interest in international safety literature, including (post)graduate training and education of safety experts. Different from research, there are hardly any publications and discussions on the quality of (post) graduate safety education in the academic safety literature. This article starts with a short historical picture of safety education. After this picture, a description of the ten (post) graduate safety courses involved is presented with a special reference to the assessment of the quality of these courses. It shows that an internal evaluation of quality, like reactions from trainees, and results from examinations, and tests are presently the main quality indicators. Discussions on how quality assessment can be performed has led to an overview of literature on educational objectives and educational models, and possible options for this assessment. The article concludes that the transfer of safety knowledge and skills to companies and organizations is a highly desirable elaboration of the quality concept. But it is also clear that traditional safety indicators can provide no, or only unreliable, information about the degree of this transfer. An overview of possible minor and major accident scenarios of the company or organisation concerned might be a better option, combined with the activities of the trainee to influence and prevent activation of these scenarios., (undefined)

Published
2021

20. Quality of Graduate Health and Safety Education Programs: A General Model Illustrated with Examples of Nine (post)Graduate Courses in Europe

Author

José M. Carretero-Gómez, Francisco J. Forteza, Gilles Motet, David Wenham, Kivistö-Rahnasto J, Asun Galera, Reyniers K, Paul Swuste, Van Wassenhove W, and Pedro Arezes

Subjects
Medical education, 4. Education, media_common.quotation_subject, 05 social sciences, other, 050301 education, Occupational safety and health, 03 medical and health sciences, 0302 clinical medicine, Post graduate, Quality (business), 030212 general & internal medicine, Psychology, 0503 education, media_common
Abstract

Research into professionalization in health and safety has recently gained in interest. Graduate training is one of the factors that determines or conditions the role of the safety professional, thus intervene in the professionalization process. This article is the result of a workshop and the discussions of nine academic directors of safety education programs about quality evaluation. This article introduces the issue with a historic overview of safety education, presents a synthesis of nine selected education programs, discusses quality evaluation of health and safety education programs, propose a quality evaluation frame and finally, proposes a process for designing a quality safety education program with an associated model of the learning objectives. The outcomes are interesting for everyone who is interested in health and safety education and quality evaluation and will give insights into how safety professionals are educated.

Published
2019

21. Safety Case Confidence Propagation Based on Dempster-Shafer theory

Author

Gilles Motet, Walter Schön, Jérémie Guiochet, Rui Wang, Beijing Jiaotong University (BJTU), Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique (LAAS-TSF), Laboratoire d'analyse et d'architecture des systèmes (LAAS), Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, Heuristique et Diagnostic des Systèmes Complexes [Compiègne] (Heudiasyc), Université de Technologie de Compiègne (UTC)-Centre National de la Recherche Scientifique (CNRS), Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT)-Université Toulouse Capitole (UT Capitole), and Université de Toulouse (UT)

Subjects
Computer science, Confidence assessment, 02 engineering and technology, Machine learning, computer.software_genre, Notation, Dempster-Shafer theory, Structuring, Theoretical Computer Science, Argumentation theory, confidence assessment, Artificial Intelligence, 020204 information systems, Dempster–Shafer theory, safety argumentation, 0202 electrical engineering, electronic engineering, information engineering, Safety case, [INFO]Computer Science [cs], business.industry, Applied Mathematics, evidence combination, Confidence measures, safety case, 020201 artificial intelligence & image processing, Artificial intelligence, business, computer, Software
Abstract

International audience; Safety arguments, also called safety cases, are commonly used to demonstrate that adequate efforts have been made to achieve safety goals. Assessing the confidence of such arguments and decision-making is usually done manually and is heavily dependent on subjective expertise. Therefore, there is an urgent need for an approach that can assess confidence in the arguments in order to support decision-making. We therefore propose a quantitative approach, based on Dempster-Shafer (D-S) theory, to formalize and propagate confidence in safety cases. Goal Structuring Notation is adopted. The proposed approach focuses on the following issues regarding argu-mentation assessment: 1) formal definitions of confidence measures based on belief functions from D-S theory; and 2) the development of confidence aggregation rules for structured safety arguments with the help of Dempster's rule. Definitions of confidence measures and aggregation rules are deduced for single, double, and n-node arguments. Finally, a sensitivity analysis of aggregation rules is used to preliminarily validate this approach.

Published
2019

22. Modelling Confidence in Railway Safety Case

Author

Gilles Motet, Walter Schön, Rui Wang, Jérémie Guiochet, Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique (LAAS-TSF), Laboratoire d'analyse et d'architecture des systèmes (LAAS), Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT)-Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT), Heuristique et Diagnostic des Systèmes Complexes [Compiègne] (Heudiasyc), Université de Technologie de Compiègne (UTC)-Centre National de la Recherche Scientifique (CNRS), Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), and Université Fédérale Toulouse Midi-Pyrénées

Subjects
Computer science, 02 engineering and technology, Notation, Dempster-Shafer theory, Structuring, Confidence assessment, Dempster–Shafer theory, 0202 electrical engineering, electronic engineering, information engineering, [INFO.INFO-SY]Computer Science [cs]/Systems and Control [cs.SY], Safety case, Safety, Risk, Reliability and Quality, Electronic systems, Structure (mathematical logic), Structured argumentation, Public Health, Environmental and Occupational Health, 020207 software engineering, [INFO.INFO-MO]Computer Science [cs]/Modeling and Simulation, EN50129, [MATH.MATH-PR]Mathematics [math]/Probability [math.PR], Risk analysis (engineering), Safety assurance, Railway signalling system, Safety argumentation, 020201 artificial intelligence & image processing, Safety Research
Abstract

International audience; Railway standard EN50129 clarifies the safety acceptance conditions of safety-related electronic systems for signalling. It requires using a structured argumentation, named Safety Case, to present the fulfilment of these conditions. As guidance for building the Safety Case, this standard provides the structure of high-level safety objectives and the recommendations of development techniques according to different Safety Integrity Levels (SIL). Nevertheless, the rationale connecting these techniques to the high-level safety objectives is not explicit. The proposed techniques stem from experts belief in the effectiveness and efficiency of these techniques to achieve the underlying safety objectives. So, how should one formalize and assess this belief? And as a result how much confidence can we have in the safety of railway systems when these standards are used? To deal with these questions, the paper successively addresses two aspects: 1) making explicit the safety assurance rationale by modelling the Safety Case with GSN (Goal Structuring Notation) according to EN5012x standards ; 2) proposing a quantitative framework based on Dempster-Shafer theory to formalize and assessing the confidence in the Safety Case. A survey amongst safety experts is carried out to estimate the confidence parameters. With these results, an application guidance of this framework is provided based on the Wheel Slide Protection (WSP) system.

Published
2018

23. The Illusion of Risk Control : What Does It Take to Live With Uncertainty?

Author

Gilles Motet, Corinne Bieder, Gilles Motet, and Corinne Bieder

Subjects
Industrial safety, Reliability, Welfare economics, Sustainable development, Organization, Engineering, Quality control, Planning, Economics--Sociological aspects
Abstract

This book is open access under a CC BY 4.0 license.This book explores the implications of acknowledging uncertainty and black swans for regulation of high-hazard technologies, for stakeholder acceptability of potentially hazardous activities and for risk governance. The conventional approach to risk assessment, which combines the likelihood of an event and the severity of its consequences, is poorly suited to situations where uncertainty and ambiguity are prominent features of the risk landscape. The new definition of risk used by ISO, “the effect of uncertainty on [achievement of] one's objectives”, recognizes this paradigm change. What lessons can we draw from the management of fire hazards in Edo-era Japan? Are there situations in which increasing uncertainty allows more effective safety management? How should society address the risk of potentially planet-destroying scientific experiments? This book presents insights from leading scholars in different disciplines to challenge current risk governance and safety management practice.

Published
2017

24. Confidence Assessment Framework for Safety Arguments

Author

Jérémie Guiochet, Rui Wang, Gilles Motet, Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique (LAAS-TSF), Laboratoire d'analyse et d'architecture des systèmes (LAAS), Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT)-Université Toulouse Capitole (UT Capitole), and Université de Toulouse (UT)

Subjects
Computer science, Management science, Confidence assessment, 0211 other engineering and technologies, 020207 software engineering, 02 engineering and technology, [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE], belief function theory, Quantitative model, Argumentation theory, [MATH.MATH-PR]Mathematics [math]/Probability [math.PR], confidence assessment, Life-critical system, Argument, Expert opinion, 021105 building & construction, 0202 electrical engineering, electronic engineering, information engineering, Belief function theory, safety argument
Abstract

International audience; Confidence in safety critical systems is often justified by safety arguments. The excessive complexity of systems nowadays introduces more uncertainties for the arguments reviewing. This paper proposes a framework to support the argumentation assessment based on experts' decision and confidence in the decision for the lowest level claims of the arguments. Expert opinion is extracted and converted in a quantitative model based on Dempster-Shafer theory. Several types of argument and associated formulas are proposed. A preliminary validation of this framework is realized through a survey for safety experts.

Published
2017

25. Uncertainty: New Perspectives, Questions and Proposals

Author

Gilles Motet

Subjects
Risk analysis (engineering), Computer science, Hazardous waste
Abstract

Safety is ensured when hazardous circumstances, their consequences and their controls are known. How then, in uncertain contexts can safety be defined and achieved? Uncertainty raises new questions and needs new approaches for dealing with safety. These are introduced in the first chapter and developed throughout the book.

Published
2017

26. D-S Theory for Argument Confidence Assessment

Author

Rui Wang, Gilles Motet, Walter Schön, Jérémie Guiochet, Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique (LAAS-TSF), Laboratoire d'analyse et d'architecture des systèmes (LAAS), Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, Heuristique et Diagnostic des Systèmes Complexes [Compiègne] (Heudiasyc), Université de Technologie de Compiègne (UTC)-Centre National de la Recherche Scientifique (CNRS), Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT)-Université Toulouse Capitole (UT Capitole), and Université de Toulouse (UT)

Subjects
Management science, Computer science, Confidence assessment, Inference, 020206 networking & telecommunications, 020207 software engineering, 02 engineering and technology, Notation, Structuring, assurance case, belief function theory, [INFO.INFO-MO]Computer Science [cs]/Modeling and Simulation, [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, [MATH.MATH-PR]Mathematics [math]/Probability [math.PR], confidence assessment, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Argument, safety case, 0202 electrical engineering, electronic engineering, information engineering, Safety case, Belief function theory
Abstract

International audience; Structured arguments are commonly used to communicate to stakeholders that safety, security or other attributes of a system are achieved. Due to the growing complexity of systems, more uncertainties appear and the confidence in arguments tends to be less justifiable by reviewing. In this paper, we propose a quantitative method to assess the confidence in structured arguments, like safety cases. We adopt the Goal Structuring Notation (GSN) to model the safety case and propose to add annotations to identify uncertainties in this model. Three inference types of arguments are proposed according to their impact on confidence. Definition and quantification assessment of confidence are based on the belief function theory. The proposed approach is illustrated with several GSN examples.

Published
2016

27. A Framework for Assessing Safety Argumentation Confidence

Author

Gilles Motet, Jérémie Guiochet, Rui Wang, Équipe Tolérance aux fautes et Sûreté de Fonctionnement informatique (LAAS-TSF), Laboratoire d'analyse et d'architecture des systèmes (LAAS), Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT)-Université Toulouse Capitole (UT Capitole), and Université de Toulouse (UT)

Subjects
Computer science, 0211 other engineering and technologies, Context (language use), 02 engineering and technology, Dependability, Goal Struc-turing Notation, Argumentation theory, Confidence assessment, [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], DO-178C, Dempster–Shafer theory, 0202 electrical engineering, electronic engineering, information engineering, Set (psychology), Statement (computer science), 021110 strategic, defence & security studies, Assurance case, 020207 software engineering, Avionics, [INFO.INFO-MO]Computer Science [cs]/Modeling and Simulation, Reliability engineering, [MATH.MATH-PR]Mathematics [math]/Probability [math.PR], Risk analysis (engineering), Belief function theory
Abstract

International audience; Software applications dependability is frequently assessed through degrees of constraints imposed on development activities. The statement of achieving these constraints are documented in safety arguments , often known as safety cases. However, such approach raises several questions. How ensuring that these objectives are actually effective and meet dependability expectations? How these objectives can be adapted or extended to a given development context preserving the expected safety level? In this paper, we investigate these issues and propose a quantitative approach to assess the confidence in assurance case. The features of this work are: 1) fully consistent with the Dempster Shafer theory; 2) considering different types of arguments when aggregating confidence; 3) a complete set of parameters with intuitive interpretations. This paper highlights the contribution of this approach by an experiment application on an extract of the avionics DO-178C standard.

Published
2016

28. Risks of faults intrinsic to software languages: Trade-off between design performance and application safety

Author

Gilles Motet

Subjects
Engineering, Object-oriented programming, business.industry, Emerging technologies, Public Health, Environmental and Occupational Health, Software development, Poison control, Certification, Computer security, computer.software_genre, Software, Risk analysis (engineering), Performance improvement, Safety, Risk, Reliability and Quality, business, Safety Research, computer, Risk management
Abstract

A lot of products embed software applications carrying out complex functions (e.g. cars, aircrafts, and medical equipments). More and more authority for control is placed on these applications whose failures may lead to accidental loss. Numerous methods have been developed to prevent these failures. These methods apply either to the programs developed or to the design activities. However, the programming or modelling languages used to operationalise the solutions as software applications are rarely questioned. These languages constitute the technology of realization of the program. On one hand, the language features are selected to increase the development performance and to decrease the software application costs. On the other hand, these features may be at the origin of specific types of faults which constitute the intrinsic risks of these languages. Therefore, the choice of a language or of a subset of a language, leads to a decision-making issue of how to deal making safety and performance trade-offs. The first part of the paper analyzes the evolution of the programming languages. We show that these changes were aimed at the convergence of design performance improvement with designed application safety. The introduction of the object-oriented technologies breaks this commonality. They cut the development expenditures but introduce new types of faults. The decision-makers such as the critical software application producers (e.g. the aircraft manufacturers) and the authorities (e.g. the avionics certification authorities) have to deal with this trade-off. These new technologies cannot be just rejected as they are more and more often used in certain domains (e.g. mobile phones, internet applications). The proposed constraint on using them seem to be too restrictive and are not justified. In particular, the safety levels of software programs developed applying these constraints are not assessed. The second part of the paper addresses these questions. It specifies the problem and it proposes a method to estimate the risk of faults in object-oriented programs. Thus, the decision-makers can elaborate rules for using object-oriented languages establishing a trade-off between the wished-for development performance and the required safety levels.

Published
2009

29. Resolving multiple criteria in decision-making involving risk of accidental loss

Author

Urban Kjellén, Andrew Hale, and Gilles Motet

Subjects
Engineering, Injury control, business.industry, Accident prevention, Public Health, Environmental and Occupational Health, Poison control, Computer security, computer.software_genre, Risk analysis (engineering), Accidental, Computer software, Injury prevention, Multiple criteria, Safety, Risk, Reliability and Quality, business, Risk assessment, Safety Research, computer
Published
2009

30. Separating Functional and Dependability Requirements of Embedded Systems

Author

Gilles Motet and Zhe Chen

Subjects
Model checking, Process (engineering), Computer science, business.industry, Control system, Reliability (computer networking), Embedded system, Dependability, Functional requirement, business
Abstract

This paper is motivated by the challenge to traditional development process of embedded systems from the evolution of dependability requirements, which leads to manual analysis and revision of system designs at design-time or post-implementation at a high cost, especially when the target system is complex or large. This paper proposes a complementary methodology, namely the model monitoring approach, to fill in the gap between the evolution of dependability requirements and traditional development process. The novel approach models functional and dependability requirements separately, and contains two alternative implementation techniques: model monitoring and model generating. The paper illustrates the methodology with examples and comparison with the model checking approach, to show better support of the evolution throughout the life-cycle at a lower cost.

Published
2010

31. Towards better support for the evolution of safety requirements via the model monitoring approach

Author

Gilles Motet and Zhe Chen

Subjects
Engineering, business.industry, Control system, Formal specification, Büchi automaton, Lower cost, Requirements evolution, business, Formal verification, Reliability engineering, Automaton
Abstract

The research is motivated by the challenge from the evolution of safety requirements, which leads to revision of system designs at design-time or post-implementation at a high cost. This paper proposes a complementary methodology, namely the model monitoring approach, to better support the evolution throughout the life-cycle at a lower cost.

Published
2010

32. Nevertrace Claims for Model Checking

Author

Zhe Chen and Gilles Motet

Subjects
Model checking, Theoretical computer science, Correctness, Computer science, Semantics (computer science), Assertion, State space, Büchi automaton, Construct (python library), TRACE (psycholinguistics)
Abstract

We propose the nevertrace claim, which is a new construct for specifying the correctness properties that either finite or infinite execution traces (i.e., sequences of transitions) that should never occur. In semantics, it is neither similar to never claim and trace assertion, nor a simple combination of them. Furthermore, the theoretical foundation for checking nevertrace claims, namely the Asynchronous-Composition Buchi Automaton Control System (AC-BAC System), is proposed. The major contributions of the nevertrace claim include: a powerful construct for formalizing properties related to transitions and their labels, and a way for reducing the state space at the design stage.

Published
2010

33. Débats lors du forum IFIS 2008

Author

René Amalberti, Laurent Magne, and Gilles Motet

Abstract

Ce document retranscrit les grandes lignes de trois des interventions suivies de tables rondes organisées lors de la première édition du International Forum on Industrial Safety, qui s’est tenu à Toulouse en 2008: (1) «Quel équilibre entre sécurité contrainte et sécurité gérée?», animée par René Amalberti; (2) «Introduction à l’incertitude», animée par Laurent Magne; (3) «Introduction aux notions de risque au travers d’un conte de fées», animée par Gilles Motet.

Published
2009

34. A Language-Theoretic View on Guidelines and Consistency Rules of UML

Author

Gilles Motet and Zhe Chen

Subjects
UML tool, Parsing, Grammar, Syntax (programming languages), Computer science, Programming language, media_common.quotation_subject, Consistency model, Applications of UML, computer.software_genre, Formal language, Class diagram, computer, media_common
Abstract

Guidelines and consistency rules of UML are used to control the degrees of freedom provided by the language to prevent faults. Guidelines are used in specific domains (e.g., avionics) to recommend the proper use of technologies. Consistency rules are used to deal with inconsistencies in models. However, guidelines and consistency rules use informal restrictions on the uses of languages, which makes checking difficult. In this paper, we consider these problems from a language-theoretic view. We propose the formalism of C-Systems, short for "formal language control systems". A C-System consists of a controlled grammar and a controlling grammar. Guidelines and consistency rules are formalized as controlling grammars that control the uses of UML, i.e. the derivations using the grammar of UML. This approach can be implemented as a parser, which can automatically verify the rules on a UML user model in XMI format. A comparison to related work shows our contribution: a generic top-down and syntax-based approach that checks language level constraints at compile-time.

Published
2009

35. Formalizing Safety Requirements Using Controlling Automata

Author

Zhe Chen and Gilles Motet

Subjects
Model checking, FOS: Computer and information sciences, business.industry, Interface (Java), Computer science, Formal Languages and Automata Theory (cs.FL), Computer Science - Formal Languages and Automata Theory, System safety, Automaton, Software Engineering (cs.SE), Computer Science - Software Engineering, Control system, Safety engineering, D.2, F.1.1, Dependability, Software engineering, business
Abstract

Safety is an important element of dependability. It is defined as the absence of accidents. Most accidents involving software-intensive systems have been system accidents, which are caused by unsafe inter-system or inter-component interactions. To validate the absence of system hazards concerning dysfunctional interactions, industrials call for approaches of modeling system safety requirements and interaction constraints among components. This paper proposes such a formalism, namely interface control systems (or shortly C-Systems). An interface C-System is composed of an interface automaton and a controlling automaton, which formalizes safe interactions and restricts system behavior at the meta level. This framework differs from the framework of traditional model checking. It explicitly separates the tasks of product engineers and safety engineers, and provides a top-down technique for modeling a system with safety constraints, and for automatically composing a safe system that conforms to safety requirements. The contributions of this work include formalizing safety requirements and a way of automatically ensuring system safety., Comment: 6 pages. In Proceedings of the 2nd International Conference on Dependability (DEPEND 2009), Athens, Greece. IEEE Computer Society, 2009

Published
2009
Full Text
View/download PDF

36. Modeling System Safety Requirements Using Input/Output Constraint Meta-Automata

Author

Gilles Motet and Zhe Chen

Subjects
Model checking, Input/output, FOS: Computer and information sciences, Computer science, business.industry, Formal Languages and Automata Theory (cs.FL), System safety, Computer Science - Formal Languages and Automata Theory, Automaton, Reliability engineering, Constraint (information theory), Software Engineering (cs.SE), Computer Science - Software Engineering, Software, Safety engineering, D.2, F.1.1, Product (category theory), business
Abstract

Most recent software related accidents have been system accidents. To validate the absence of system hazards concerning dysfunctional interactions, industrials call for approaches of modeling system safety requirements and interaction constraints among components and with environments (e.g., between humans and machines). This paper proposes a framework based on input/output constraint meta-automata, which restricts system behavior at the meta level. This approach can formally model safe interactions between a system and its environment or among its components. This framework differs from the framework of the traditional model checking. It explicitly separates the tasks of product engineers and safety engineers, and provides a top-down technique for modeling a system with safety constraints, and for automatically composing a safe system that conforms to safety requirements. The contributions of this work include formalizing system safety requirements and a way of automatically ensuring system safety., Comment: 6 pages. In Proceedings of the 4th International Conference on Systems (ICONS 2009), Gosier, Guadeloupe, France, pp. 228-233. IEEE Computer Society, 2009

Published
2009
Full Text
View/download PDF

37. System Safety Requirements as Control Structures

Author

Gilles Motet and Zhe Chen

Subjects
Requirements management, Functional safety, Non-functional requirement, business.industry, Computer science, Software requirements specification, System safety, System requirements specification, Functional requirement, Formal methods, Reliability engineering, Software, Formal specification, Safety engineering, Non-functional testing, business
Abstract

Along with the popularity of software-intensive systems, the interactions between system components and between humans and software applications are becoming more and more complex. This results in system accidents related to system safety issues. System accidents are different to failures related to component reliability. System safety is not well addressed, because functional requirements and safety requirements are separately handled in practice. In this paper, we consider safety requirements as control structures that restrict system behaviors at meta-model level. We propose the formalism of interface C-Systems, short for "interface control systems''. In this framework, functional requirements and safety requirements are separately formalized as interface automata and controlling automata respectively, as what we are doing in practice. The controlling automaton may guarantee safety requirements at design-time or runtime. Then the global system is a safe specification. The underlying mechanism differs from that of model checking. It explicitly separates the tasks of product engineers and safety engineers, and provides a new top-down methodology for designing and modeling a system with safety constraints, and for automatically composing a safe system that conforms to safety requirements. In practice, this methodology may be also used for safety checking, incident reporting and service restoration.

Published
2009

38. Toward a Human-Centered Uml for Risk Analysis

Author

Gilles Motet, Guy A. Boy, Claude Baron, Jérémie Guiochet, Laboratoire d'analyse et d'architecture des systèmes (LAAS), Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées, Laboratoire d'Étude des Systèmes Informatiques et Automatiques (LESIA-INSA), Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA), EURISCO International, EURISCO, In C.W. Johnson and P. Palanque, editors, Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Institut National des Sciences Appliquées - Toulouse (INSA Toulouse), Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT), and Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)-Institut National des Sciences Appliquées (INSA)-Université de Toulouse (UT)

Subjects
Risk analysis, safety, FOS: Computer and information sciences, 0209 industrial biotechnology, Computer science, risk analysis, Other Computer Science (cs.OH), Human error, [INFO.INFO-OH]Computer Science [cs]/Other [cs.OH], Applications of UML, 02 engineering and technology, human error analysis, Consistency (database systems), 020901 industrial engineering & automation, Unified Modeling Language, Computer Science - Other Computer Science, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, system modeling, IFIP Conf, computer.programming_language, medical robot, Systems modeling, UML, Expression (architecture), Risk analysis (engineering), Task analysis, task analysis, computer
Abstract

International audience; Safety is now a major concern in many complex systems such as medical robots. A way to control the complexity of such systems is to manage risk. The first and important step of this activity is risk analysis. During risk analysis, two main studies concerning human factors must be integrated: task analysis and human error analysis. This multidisciplinary analysis often leads to a work sharing between several stakeholders who use their own languages and techniques. This often produces consistency errors and understanding difficulties between them. Hence, this paper proposes to treat the risk analysis on the common expression language UML (Unified Modeling Language) and to handle human factors concepts for task analysis and human error analysis based on the features of this language. The approach is applied to the development of a medical robot for teleechography.

Published
2004
Full Text
View/download PDF

39. Structural Testing Methods

Author

Gilles Motet and Jean-Claude Geffroy

Subjects
Presentation, Test sequence, Software, Computer science, business.industry, Product (mathematics), media_common.quotation_subject, Logic gate, Structural testing, Fault model, Software engineering, business, media_common
Abstract

In the previous chapter we carried out a general presentation of the various methods, which allow the suppression of technological faults during the manufacturing and the operation stages of the lifecycle of the product. We will now magnify some of the technical aspects of structural testing, focusing on hardware and software technologies.

Published
2002

40. Conclusions

Author

Jean-Claude Geffroy and Gilles Motet

Published
2002

41. On-Line Testing

Author

Gilles Motet and Jean-Claude Geffroy

Subjects
business.industry, Computer science, Product (mathematics), Functional redundancy, Programmable logic controller, Line (text file), Error detection and correction, business, Computer hardware
Abstract

In this chapter we examine the techniques allowing the integration of error detection operations into the active life of the product, disturbing in the least possible way the operation of this product.

Published
2002

42. Avoidance of Functional Faults During Specification

Author

Gilles Motet and Jean-Claude Geffroy

Subjects
Risk analysis (engineering), Computer science, Specification document, Product (category theory), Level crossing, Fault detection and isolation
Abstract

The use of a product is fundamentally justified by the user’s needs. The user possesses the initial motivation to buy or develop a product. In certain cases, this motivation corresponds to a necessity. For example, the fact that society does not accept accidents caused by the simultaneous presence of a train and a vehicle on a railroad crossing, justifies the creation of a system that avoids such accidents. Therefore, a product’s life has to naturally start with the client’s or future user’s requirements (also called needs).

Published
2002

43. Removal of Technological Faults

Author

Jean-Claude Geffroy and Gilles Motet

Subjects
Test sequence, Computer science, Test vector, Fault coverage, Principal (computer security), Software system, Executable, computer.file_format, Fault model, Residual, computer, Reliability engineering
Abstract

We continue our exploration of the principal groups of protection methods by now considering dynamic analysis techniques, called here offline testing techniques. Test sequences are applied to an executable product during the production and operation stages. This chapter dealing with the removal of technological faults extends Chapter 11 dedicated to prevention of technological faults. However, the techniques presented here also allow the detection of certain functional faults stemming from previous specification and design stages, faults which occurred despite the protection means used during these stages. We note that these residual faults should have been detected earlier, as their detection in the production, or, even worse, in the operation phase, may question the design and technology choices. This chapter is principally concerned with hardware products. In Chapter 13, we will complete this presentation of on-line testing with the study of several simple structural test methods for hardware and software systems.

Published
2002

44. Prevention of Technological Faults

Author

Gilles Motet and Jean-Claude Geffroy

Subjects
Focus (computing), business.industry, Computer science, media_common.quotation_subject, Final product, Context (language use), Adaptability, Software, Dependability, Software engineering, business, Electronic hardware, Software technology, media_common
Abstract

Stemming from the design stage, the model called system has to be transformed into a final product with the aid of technological means which permit its execution in the context of its environment. Two technologies are used in the products studied here, hardware technology and software technology. In the majority of cases, these two technologies cohabit, their respective weight being dependent on criteria which are often nonfunctional, such as their speed performance (which favors electronic hardware) or adaptability (more easily obtained by software). We do not discuss these choices, but we focus only on the problems of dependability induced by the use of these two technologies.

Published
2002

45. Design For Testability

Author

Gilles Motet and Jean-Claude Geffroy

Subjects
Test sequence, Product design, Test vector, Computer science, Design for testing, Pattern generation, Duration (project management), Linear feedback shift register, Reliability engineering
Abstract

Faced with the ever-increasing complexity of testing, scientists have developed several methods and techniques to make test pattern generation easier, as well as to decrease the length of these sequences in order to reduce the testing duration, by acting on the product design.

Published
2002

46. Introductory Elements: Dependability Issues

Author

Gilles Motet and Jean-Claude Geffroy

Subjects
Sociology of scientific knowledge, Anti-lock braking system, Risk analysis (engineering), media_common.quotation_subject, Systems engineering, Production (economics), Dependability, Quality (business), Fault tolerance, Business, Gas consumption, Sophistication, media_common
Abstract

The growth of the technical and scientific knowledge in our society stimulates the growth of new manufactured products, reducing the costs and delays of design and production, and improving the global quality of our life. Moreover, the consumers who demand more and more services encourage this innovation. The sophistication of automobiles is a good example of this evolution: assisted braking and grip, reduced gas consumption by a better optimization of engine performance, road navigation and choice of optimal routes, etc. What is more, the knowledge and behavior of consumers is becoming increasingly demanding about prices, of course, but equally regarding the quality of services provided by the chosen products. This notion of quality associated with manufacturing goods is progressively becoming more refined and standardized. It is now imposed on all designers and manufacturers as an essential factor in the success of their products. Therefore, the ISO 8402 standard defines quality as: The totality of characteristics of an entity that bear on its ability to satisfy stated and implied needs.

Published
2002

48. Failures and Faults

Author

Jean-Claude Geffroy and Gilles Motet

Subjects
Service (systems architecture), Software, Computer science, Section (archaeology), business.industry, Dependability, Product (category theory), business, human activities, Reliability engineering
Abstract

In this chapter, we begin the study of impairments to the dependability of a product with the analysis of failures and faults From the observation of anomalies in the behavior of a product during its use, we define in section 3.1 the notion of failure relative to changes in the delivered service. In section 3.2, we identify and classify the various causes of failures, known as faults, according to several criteria. In section 3.3 we then explore the life cycle of hardware and software products, looking for the diverse faults which can appear. Some faults will be analyzed using the example of a drinks distributor in section 3.4. We conclude in section 3.5, providing a classification of faults, and assessing its interests and its limitations.

Published
2002

49. Avoidance of Functional Faults During Design

Author

Jean-Claude Geffroy and Gilles Motet

Subjects
Software, business.industry, Computer science, Dependability, Product (category theory), Fault analysis, IBM, business, Fault (power engineering), Reliability engineering
Abstract

Design is a complex stage of the creation of a product. It is potentially at the origin of numerous functional faults whose prevention and removal are quite difficult. The company IBM was the first industrial to publicly recognize the difficult nature of design faults. A fault analysis carried out on large operating systems of the 1970’s revealed that not only did a small number of non-eliminated design faults exist, but also that the efforts made to totally eliminate them did not necessarily converge: eliminating a fault meant the appearance of other faults. This knowledge encouraged people to study and to use new methods and techniques, providing an important improvement of the product’s dependability. As an example of the result of these efforts, the company Fujitsu announced in the 1990’s that their software did not possess more than 10 faults on average per million program lines at the end of the first design. Even if these figures do not come from an independent organism, they are significant and should encourage the learning and use of the techniques introduced here.

Published
2002

Catalog

Books, media, physical & digital resources
See catalog results