Kost for china-2011

ICTIS – 2011Wuhan, China, July 2, 2011

Prof. Andrey Kostogryzov, Dr. Prof. Andrey Kostogryzov, Dr. VladimirVladimir Krylov, Andrey Nistratov, Krylov, Andrey Nistratov, Dr. Dr. GeorgeGeorge Nistratov, VladimirNistratov, Vladimir Popov, Popov, Prof. Prof. Pavel StepanovPavel Stepanov

Moscow, Russia, www.mathmodels.net

Mathematical models and applicable Mathematical models and applicable technologies to forecast, analyze and technologies to forecast, analyze and

optimize quality and risks optimize quality and risks for complex systemsfor complex systems

http://www.mathmodels.net/

This Report is about:

- original methods, based on the theory for random processes, to rational analyze complex systems on the stages of concept, development, operation (utilization), support

- answer the question “How to use many-sided information for different system to rise quality and mitigate risks?”

AgendaAgenda

1. The main changes in systems development and operation (turn to system engineering)

2. Analysis of practice to provide system quality and safety (for industrial, fire, radiating, nuclear, chemical, biological, transport, ecological systems, safety of buildings and constructions, information systems)

3. The way to purposeful rise of quality and safety for systems in different applications n different applications (identical input for mathematical modeling, uniform accessible models, probability of success and risk of failure in process development as results of modeling, dozens examples for different systems, fast analytical report in 3 minutes through Internet)

4. The original mathematical models and software tools as a brain of the offered innovative approach (based on the theory of random processes, system analysis and operation research)

5. Examples of forecasting, analyzing and optimizing quality and risks, interpretations of results (for understanding acceptable probability levels of quality and risks in different spheres)

1. The main changes in 1. The main changes in systems development and

operation (turn to system engineering)(turn to system engineering)

Point 1. There are objective needs for system analysis

and optimization quality and risks

Point 2. Today processes and systems operation are Point 2. Today processes and systems operation are

the main objects for analysisthe main objects for analysis

Example from ISO/IEC 15288

What about the objects for system analysis?What about the objects for system analysis?

Method 1. The chord is longer, when its middle lays in a circle entered in a

triangle. The radius of this entered new circle is equal to half of radius of

an initial circle. Hence, the area of the entered circle is ¼ of the area of

an initial circle

Point 3. One problem can be solved by various correct probability methods, but results can essentially differ!

Let’s remember paradox of Bertrand J.L. (book “Calcul des probabilites”, 1889)

Simple problem. To find probability of that at random chord is longer than the party of the equipotential triangle entered in a circle

by area

P = ¼

by archesP = 1/3

by radiusP = 1/2

Method 3. Let's choose a random point on radius of a circle and we

take a chord which is perpendicular to this radius and passes through the

chosen point. Then the chord is longer if the point lays on that half of radius which is near to centre. P=1/2

Method 2. Triangle tops divide a circle into three equal

arches, and the casual chord is longer if it crosses this triangle, i.e. the required probability is equal 1/3

All results are correct but difference is 100%

2. Analysis of practice to 2. Analysis of practice to provide system quality and provide system quality and

safetysafety(for industrial, fire, radiating, nuclear, chemical, biological, (for industrial, fire, radiating, nuclear, chemical, biological,

transport, ecological systems, safety of buildings and transport, ecological systems, safety of buildings and constructions, information systems)constructions, information systems)

Point 4. Generally risk estimations from one sphere do not

use in other spheres because of methodologies for risk analysis are different, interpretations are not identical

As a result of analyzing practice approaches to safety (to industrial, fire, radiating, nuclear, chemical, biological, transport, ecological

systems, safety of buildings and constructions, information security)

Conclusion 1

For the spheres of industrial, fire, radiating, nuclear, aviation safety in which already there were numerous facts of tragedies - requirements to admissible risks are expressed quantitatively at probability level and qualitatively at level of necessary requirements to the initial materials, used resources, protective technologies and operation conditions

Point 5. The methods for quantitatively risk analysis are in creating stage yet. The term “Admissible risk” can not defined because of

one depend on methods. Experience from other spheres is missing

Conclusion 2

For the spheres of chemical, biological, transport, ecological safety, safety of buildings and constructions, information security, including the conditions of terrorist threats – requirements to admissible risks are set mainly at qualitative level in the form of requirements to performance. It means impossibility of risks predictions and correct decisions of synthesis problems to substantiate preventive measures against admissible risk

General situation for today Point 1 Point 2 Point 3 Point 4 Point 5

Special models of Institutes (R&D) and

Critical Systems

Models of

Universities

The existing approach (everyone solves

the problems how can)

Resume 1. All organizations need quantitative estimations, but only some part from them uses modeling complexes

2. Used models are highly specialized, input and calculated metrics are adhered strongly to specificity of systems

3. Existing modeling complexes have been created within the limits of concrete order for the systems and as a rule are very expensive

Summary 1. Analysis of quality and risks is carried out mainly at qualitative level with assessments “better or worse”. Independent quantitative estimations at probability level are carried out for specially created models 2. Admissible risks in different areas of the application are not comparable. In general case optimization of risks is not carried out by solving classical problems of synthesis 3. As consequence wide training is difficult

…

3.3. The way to The way to purposeful rise of quality and safety for for

systems in different systems in different applicationsapplications

(identical input for mathematical modeling, uniform (identical input for mathematical modeling, uniform accessible models, probability of success and risk of accessible models, probability of success and risk of failure in process development as results of modeling, failure in process development as results of modeling, dozens examples for different systems, fast analytical dozens examples for different systems, fast analytical

report in 3 minutes through Internet)report in 3 minutes through Internet)

prove the probability levels of «acceptable quality and admissible

risk» for different systems in uniform interpretation, create technics to solve different problems for quality and risk

optimization, provide access for wide use and training

What is the offered way to improve essentially this situation?

From standard processesISO/IEC 15288

consider

Generalproperties

of the processesdeveloped

in time line

create universalmathematical models

and software tools

approve the models on practice examples

optimization ofquality and risks

It is important to support system making-decisions in quality and safety and/or avoid wasted expenses in system life cycle

Expected pragmatic effect from application

Generalproperties


in time line

Example 1 of considering

general properties for Risk analysis

The illustration of system protection against dangerous influences

- time between the neighboring diagnostics;

- a required period Treq of permanent secure operation; - as minimum, there is two diagnostics during a required period Treq

(the illustration of Treq middle); - a required period Treq has ended after the last diagnostic; - a dander source has penetrated before the next diagnostic; - a dander source has not penetrated into system; - a penetrated dander source has activated before the next diagnostic; - a penetrated dander source has not activated before the next diagnostic

t

Cases: 1 2 3 4 5

… …

Industrial safety

Fire safety

Radiating, nuclear safety

Chemical, biological safety

Ecological safety

Transport safety

Safety of buildings and constructions

Information securitysecurity

etc.etc.

System processes directs on maintenance of system integrity (including risk-processes)

Generalproperties


in time line

Random processes of information gathering and processing, control and monitoring, threats development,

restoration of integrity are general

In all cases effective risk management

for any system is based on:

1) uses of materials, resources, protective

technologies with more best

characteristics from the point of view of safety, including

integrity restoration

2) rational application of situation analysis, effective ways of the

control and monitoring of conditions and operative

restoration of integrity

3) rational application of measures for risk

counteraction

Generalproperties


in time line

General properties of the processes in time line. Formalization of an

unauthorized access with due regard resources value considering period of

objective value (POV)

Example 2 of considering

general properties for analyzing information

systems operation Quality

Interacted systems

Subordinate

systems

SYSTEM

The general purpose of operation:

to meet requirements for providing reliable and timely

producing complete, valid and confidential information

for its following use

Information system

Users

Purposes

Requirements to

information system

Use conditions

Operated objects

Higher systems

Resources

Sources

Generalproperties


in time line

R e q u i r e d i n f o r m a t i o n q u a l i t y ( id e a l )

R e l ia b le , t im e ly , c o m p le te , v a l id a n dc o n f id e n t ia l in f o r m a t io n

U s e d i n f o r m a t i o n( r e f l e c t i n g t h e p o t e n t i a l th r e a t s r e a l i z a t io n )

n o n - c o n f i d e n t ia l

n o n - a c t u a l

d u e t o r a n d o m e r r o r s m is s e d d u r i n g c h e c k i n g

w i t h h i d d e n d i s t o r t io n s a s ar e s u l t o f u n a u th o r i z e d a c c e s s e s

w i t h h i d d e n v i r u s d i s t o r t i o n s

d u e t o r a n d o m fa u l t s o f s t a f f a n d u s e r sin c o m p l e t e

n o n - p r o d u c e d a s ar e s u l t o f s y s t e m 's

u n r e l i a b i l i t y

u n t im e ly

d u e t o p r o c e s s in g i n t o l e r a b lem is t a k e sd o u b t f u l

IN F O R M A T IO N S Y S T E M

H a r d w a r e / S o f t w a r e

U s e r s

S y s t e m s o p e r a t i o n s u p p o r t , i n c l u d i n g i n f o r m a t i o n a c c e s s , i n t e g r i t ya n d c o n f i d e n t i a l i t y p r o v i d i n g

O p e ra t io n s e r v ic e ,c h e c k -u p a n d c o n t r o l

C a l l s ( t ) R e s u l t s ( t + ) O t h e ri n f o r m a t i o ns y s t e m s a n d

u s e r s

O p e r a t e do b j e c t s

R e a l e v e n t s a n do b j e c t s o f s y s t e m 'sa p p l i c a t i o n d o m a in

. . .

t -

t - t - …

S o u r c e 1

S o u r c e N

t - …

t t…

t t…

D a t ac o m m u n i -

c a t i o n ,c h e c k - u p ,

p r o c e s s i n g ,s t o r a g e a n dp r o d u c t i o n

D a t ac o m m u n i -c a t i o n ,c h e c k - u p ,p r o c e s s i n g ,s t o r a g e a n dp r o d u c t i o n

D a t a b a s e

…

t - … t -

… t - t -

r e q u i r e d q u a l i t y

The general purpose for any information system

Interacted systems

Subordinate

systems

SYSTEM

The general purpose of operation:

to meet requirements for providing reliable and timely

producing complete, valid and confidential information

for its following use

Information system

Users

Purposes

Requirements to

information system

Use conditions

Operated objects

Higher systems

Resources

Sources

Reliable, timely, complete, valid and confidential information

Abstract idea of the approach is implementedAbstract idea of the approach is implemented

in the in the Russian standard Russian standard “GOST RV 51987-2002. Information technology. Set of standards for automated system. The typical requirements and metrics of

information systems operation quality. General principles” and used widely in and used widely in practice.practice. Offered Offered mathematical models and software tools Complex for mathematical models and software tools Complex for

Evaluation of Information Systems Operation Quality (CEISOQ+) supports this Evaluation of Information Systems Operation Quality (CEISOQ+) supports this and others standardsand others standards very very effectivelyeffectively

The role in system life cycleThe role in system life cycle

4.4.The original mathematical The original mathematical models and software tools models and software tools as a brain of the offered as a brain of the offered

innovative approachinnovative approach

(based on the probability theory,(based on the probability theory, theory of random processes, theory of random processes,

system analysis and operation research)system analysis and operation research)

Some mathematical models and their proofsSome mathematical models and their proofs-1-1from the book “APPLICABLE METHODS TO ANALYZE AND OPTIMIZE SYSTEM PROCESSES” —

Moscow: “Armament. Policy. Conversion”, 2007, 328 p. – www.mathmodels.net

basic

You can receive it on www.mathmodels.net





basic





basic

basic




basic

basic

basic




basic




etc.

basic

basic

basic


The methodology to The methodology to support an assessment of support an assessment of standard system processes standard system processes according according

to ISO/IEC 15288 is implemented in software toolsto ISO/IEC 15288 is implemented in software tools

The offered 100 mathematical models supported by software toolsThe offered 100 mathematical models supported by software tools

5.5. Examples of Examples of forecasting, analyzing and optimizing

quality and risks, interpretations of results

(for understanding acceptable probability levels of quality and risks in different spheres)

Some examples concerning transportation information

and safety

Анализ рисков в опасном производствеАнализ рисков в опасном производстве

Input: a frequency of essential events - to 100 conditional events at 1h, there are no more 1 % of potentially dangerous events. Speed of semantic interpretation of event makes about 30 sec. Frequency of errors of the dispatching personnel and failures of software of SCADA-system is 1 error in a year

Example 1. Estimation of data gathering and processing in control station. What about the risk of inadequate interpretation of events by the dispatcher for 1 hour, 8 hours (one shift), 1 month, 1 year

and 10 years of operation of SCADA-system?

Such levels of risks for SCADA-systems can be recognized as acceptable

Анализ рисков в опасном производствеАнализ рисков в опасном производстве

Input: a frequency of critical situations is 3 events per year, the mean time of situation evolution before damaging is 1 hour. The railroad tracks integrity is confirmed on the central control station once in a day while the dispatcher shifts are changed. Duration of integrity control is 1 hour on average, the mean time between mistakes for the shift of monitoring to be 1 week or more.

Example 2. Estimation of control and monitoring for railroad tracks. What about the risk of uncontrolling situation for a

time period of 1 month, 1 year, and 10 years

To decrease risks the mean time between mistakes for the dispatcher personnel should be increased, the time of carrying out control and repairing damages should be shorten to several days or even hours

Risk during 1 month (columns 1, 4), 1 year (columns 2, 5), 10 Risk during 1 month (columns 1, 4), 1 year (columns 2, 5), 10 years (columns 3, 6); integrity control and recovery time 1 hour years (columns 3, 6); integrity control and recovery time 1 hour

(columns 1-3) and 10 days (columns 4-6)(columns 1-3) and 10 days (columns 4-6)

Dependency of the risk for 1 year as input data varying in the range of -50% +100% (variant 5: period of integrity control and recovery =10days)

Example 3. The estimations of flights safety before and after

09/11

Results of system analysis:

owing to active opposing measures

undertaking on board an airliner

risk may be essentially

decreased from 0.47 to 0.01

Example 4. The estimations of complex safety. Model of threats, barriers against unauthorized access

Example 4. The results of forecasting and analysis

The offered approach to mathematical

modelling standard processes

through Internet

Improvement 1. Input (different characteristics of time, frequency and expenses for standard processes) are identical. Models are based on the theory for random processes. As consequence – metrics are understandable, these are probabilities of successful development of processes or risks of failure 2. Services through Internet are more cheaper, than calculations by existing way

1. All organizations receive access to quality and risks analysis on uniform mathematical models according to requirements of system standards and taking into account experience and admissible risks for systems in different spheres2. Training is accessible to all connected to Internet

Service through

Detail analytical

report (50-70 pages) in 3 minutes

Differences

-focus on requirements to system standard processes;-universality of initial data, metrics and the mathematical models, allowing an estimations and forecasts for given time;-support of decision-making process through Internet

Objective needs and preconditions for perfection of quality and risk management (1)

Methodology and supporting software tools (2)

Examples for different spheres of applications (3)Modeling through Internet (4)

From a pragmatical filtration of information to generation of the proved ideas and effective decisions

INNOVATIVE APPROACH TO ANALYZE INNOVATIVE APPROACH TO ANALYZE QUALITY AND RISKSQUALITY AND RISKS

2005

2008 2010

2007

The models and software tools have been presented at symposiums, conferences and exhibitions since 1989 in Russia, Australia, Canada, France, Finland, Germany, Kuwait, Serbia, the USA

Author’s booksAuthor’s books

Author’s papersAuthor’s papers

AwardsAwardsThe offered mThe offered mathematical models and athematical models and applicable technologiesapplicable technologies are used in are used in

Russian practice for forecasting quality Russian practice for forecasting quality and risks as applied to newly developed and risks as applied to newly developed

and currently operated manufacture, and currently operated manufacture, power generation, transport, engineering, power generation, transport, engineering,

information, control and measurement, information, control and measurement, insurance, social, quality assurance, and insurance, social, quality assurance, and

security systemssecurity systems

ICTIS – 2011Wuhan, China, July 2, 2011

Prof. Andrey Kostogryzov, Dr. Prof. Andrey Kostogryzov, Dr. VladimirVladimir Krylov, Andrey Nistratov, Krylov, Andrey Nistratov, Dr. Dr. GeorgeGeorge Nistratov, VladimirNistratov, Vladimir Popov, Popov, Prof. Prof. Pavel StepanovPavel Stepanov

Moscow, Russia, www.mathmodels.net www.mathmodels.net

Mathematical models and applicable Mathematical models and applicable technologies to forecast, analyze and technologies to forecast, analyze and

optimize quality and risks optimize quality and risks for complex systemsfor complex systems

Kost for china-2011

Business

Transcript of Kost for china-2011