Kost for china-2011

ICTIS – 2011
Wuhan, China, July 2, 2011
Prof. Andrey Kostogryzov, Dr.Prof. Andrey Kostogryzov, Dr. VladimirVladimir Krylov, Andrey Nistratov,Krylov, Andrey Nistratov,
Dr.Dr. GeorgeGeorge Nistratov, VladimirNistratov, Vladimir Popov,Popov, Prof.Prof. Pavel StepanovPavel Stepanov
Moscow, Russia, www.mathmodels.netwww.mathmodels.net
Mathematical models and applicableMathematical models and applicable
technologies to forecast, analyze andtechnologies to forecast, analyze and
optimize quality and risksoptimize quality and risks
for complex systemsfor complex systems

This Report is about:
- original methods, based on the theory for
random processes, to rational analyze
complex systems on the stages of concept,
development, operation (utilization),
support
- answer the question “How to use many-
sided information for different system to
rise quality and mitigate risks?”

AgendaAgenda
1. The main changes in systems development and operation
(turn to system engineering)
2. Analysis of practice to provide system quality and safety
(for industrial, fire, radiating, nuclear, chemical, biological, transport,
ecological systems, safety of buildings and constructions, information
systems)
3. The way to purposeful rise of quality and safety for
systems in different applicationsn different applications (identical input for mathematical
modeling, uniform accessible models, probability of success and risk of
failure in process development as results of modeling, dozens examples for
different systems, fast analytical report in 3 minutes through Internet)
4. The original mathematical models and software tools as a
brain of the offered innovative approach (based on the theory
of random processes, system analysis and operation research)
5. Examples of forecasting, analyzing and optimizing
quality and risks, interpretations of results (for understanding
acceptable probability levels of quality and risks in different spheres)

1. The main changes in1. The main changes in
systems development and
operation
(turn to system engineering)(turn to system engineering)

Point 1. There are objective needs for system analysis
and optimization quality and risks

Point 2. Today processes and systems operation arePoint 2. Today processes and systems operation are
the main objects for analysisthe main objects for analysis
Example from
ISO/IEC 15288
What about the objects for system analysis?What about the objects for system analysis?

Method 1. The chord is longer, when
its middle lays in a circle entered in a
triangle. The radius of this entered
new circle is equal to half of radius of
an initial circle. Hence, the area of
the entered circle is ¼ of the area of
an initial circle
Point 3. One problem can be solved by various correct
probability methods, but results can essentially differ!
Let’s remember paradox of Bertrand J.L.
(book “Calcul des probabilites”, 1889)
Simple problem. To find probability of that at random chord is longer than the party
of the equipotential triangle entered in a circle
by area
P = ¼
by arches
P = 1/3
by radius
P = 1/2
Method 3. Let's choose a random
point on radius of a circle and we
take a chord which is perpendicular
to this radius and passes through the
chosen point. Then the chord is
longer if the point lays on that half of
radius which is near to centre. P=1/2
Method 2. Triangle tops divide
a circle into three equal
arches, and the casual chord
is longer if it crosses this
triangle, i.e. the required
probability is equal 1/3
All results are correct but difference is 100%

2. Analysis of practice to2. Analysis of practice to
provide system quality andprovide system quality and
safetysafety
(for industrial, fire, radiating, nuclear, chemical, biological,(for industrial, fire, radiating, nuclear, chemical, biological,
transport, ecological systems, safety of buildings andtransport, ecological systems, safety of buildings and
constructions, information systems)constructions, information systems)

Point 4. Generally risk estimations from one sphere do not
use in other spheres because of methodologies for risk
analysis are different, interpretations are not identical
As a result of analyzing practice approaches to safety
(to industrial, fire, radiating, nuclear, chemical, biological, transport, ecological
systems, safety of buildings and constructions, information security)
Conclusion 1
For the spheres of industrial, fire, radiating, nuclear, aviation safety in
which already there were numerous facts of tragedies - requirements to
admissible risks are expressed quantitatively at probability level and
qualitatively at level of necessary requirements to the initial materials, used
resources, protective technologies and operation conditions

Point 5. The methods for quantitatively risk analysis are in creating
stage yet. The term “Admissible risk” can not defined because of
one depend on methods. Experience from other spheres is missing
Conclusion 2
For the spheres of chemical, biological, transport, ecological safety,
safety of buildings and constructions, information security, including
the conditions of terrorist threats – requirements to admissible risks are
set mainly at qualitative level in the form of requirements to performance.
It means impossibility of risks predictions and correct decisions of synthesis
problems to substantiate preventive measures against admissible risk

General situation for today
Point 1 Point 2 Point 3 Point 4 Point 5
Special models
of Institutes
(R&D) and
Critical Systems
Models
of
Universities
The existing approach
(everyone solves
the problems how can)
Resume
1. All organizations need
quantitative estimations,
but only some part from them
uses modeling complexes
2. Used models are highly
specialized, input and calculated
metrics are adhered strongly to
specificity of systems
3. Existing modeling complexes
have been created within the limits
of concrete order for the systems
and as a rule are very expensive
Summary
1. Analysis of quality and risks is carried out mainly at qualitative level with
assessments “better or worse”. Independent quantitative estimations at
probability level are carried out for specially created models
2. Admissible risks in different areas of the application are not comparable.
In general case optimization of risks is not carried out by solving classical
problems of synthesis
3. As consequence wide training is difficult
…

3.3. The way toThe way to purposeful rise
of quality and safety forfor
systems in differentsystems in different
applicationsapplications
(identical input for mathematical modeling, uniform(identical input for mathematical modeling, uniform
accessible models, probability of success and risk ofaccessible models, probability of success and risk of
failure in process development as results of modeling,failure in process development as results of modeling,
dozens examples for different systems, fast analyticaldozens examples for different systems, fast analytical
report in 3 minutes through Internet)report in 3 minutes through Internet)

prove the probability levels of «acceptable quality and admissible
risk» for different systems in uniform interpretation,
create technics to solve different problems for quality and risk
optimization, provide access for wide use and training
What is the offered way
to improve essentially this situation?
From standard processes
ISO/IEC 15288
consider
General
properties
of the
processes
developed
in time line
create universal
mathematical models
and software tools
approve the models
on practice examples
optimization of
quality and risks
It is important to support system making-decisions in quality
and safety and/or avoid wasted expenses in system life cycle
Expected pragmatic
effect from application

General
properties
of the
processes
developed
in time line
Example 1 of
considering
general
properties for
Risk analysis
The illustration of system
protection against dangerous influences
- time between the neighboring diagnostics;
- a required period Treq of permanent secure operation;
- as minimum, there is two diagnostics during a required period Treq
(the illustration of Treq middle);
- a required period Treq has ended after the last diagnostic;
- a dander source has penetrated before the next diagnostic;
- a dander source has not penetrated into system;
- a penetrated dander source has activated before the next diagnostic;
- a penetrated dander source has not activated before the next diagnostic
t
Cases: 1 2 3 4 5
… …

Industrial safety
Fire safety
Radiating, nuclear safety
Chemical, biological
safety
Ecological safety
Transport safety
Safety of buildings and
constructions
Information securitysecurity
etc.etc.
System processes directs on maintenance of
system integrity (including risk-processes)
General
properties
of the
processes
developed
in time line

Random processes of information gathering and
processing, control and monitoring, threats development,
restoration of integrity are general
In all cases
effective risk management
for any system
is based on:
1) uses of materials,
resources, protective
technologies with
more best
characteristics from
the point of view of
safety, including
integrity restoration
2) rational application of
situation analysis,
effective ways of the
control and monitoring
of conditions and operative
restoration of integrity
3) rational application
of measures for risk
counteraction
General
properties
of the
processes
developed
in time line

General properties of the processes in
time line. Formalization of an
unauthorized access with due regard
resources value considering period of
objective value (POV)
Example 2 of
considering
general properties
for analyzing
information
systems operation
Quality
Interacted
systems
Subordinate
systems
SYSTEM
The general purpose of
operation:
to meet requirements for
providing reliable and timely
producing complete, valid
and confidential information
for its following use
Information system
Users
Purposes
Requirements to
information
system
Use
conditions
Operated
objects
Higher
systems
Resources
Sources
General
properties
of the
processes
developed
in time line

Required information quality (ideal)
Reliable, timely, complete, valid and
confidential information
Used information
(reflecting the potential threats realization)
non-confidential
non-actual
due to random errors missed during checking
with hidden distortions as a
result of unauthorized accesses
with hidden virus distortions
due to random faults of staff and usersincomplete
non-produced as a
result of system's
unreliability
untimely
due to processing intolerable
mistakesdoubtful
INFORMATION SYSTEM
Hardware / Software
Users
Systems operation support, including information access, integrity
and confidentiality providing
Operation service,
check-up and control
Calls (t) Results (t+δ) Other
information
systems and
users
Operated
objects
Real events and
objects of system's
application domain
. . .
t-∆
t-∆ t-∆…
Source 1
Source N
t-∆…
t t…
t t…
Data
communi-
cation,
check-up,
processing,
storage and
production
Data
communi-
cation,
check-up,
processing,
storage and
production
Data base
…
t-∆ … t-∆
… t-∆t-∆
required quality
The general purpose
for any information system
Interacted
systems
Subordinate
systems
SYSTEM
The general purpose of
operation:
to meet requirements for
providing reliable and timely
producing complete, valid
and confidential information
for its following use
Information system
Users
Purposes
Requirements to
information
system
Use
conditions
Operated
objects
Higher
systems
Resources
Sources
Reliable, timely, complete, valid and
confidential information

Abstract idea of the approach is implementedAbstract idea of the approach is implemented
in thein the Russian standardRussian standard “GOST RV 51987-2002. Information technology. Set of
standards for automated system. The typical requirements and metrics of
information systems operation quality. General principles” and used widely inand used widely in
practice.practice. OfferedOffered mathematical models and software tools Complex formathematical models and software tools Complex for
Evaluation of Information Systems Operation Quality (CEISOQ+) supports thisEvaluation of Information Systems Operation Quality (CEISOQ+) supports this
and others standardsand others standards veryvery effectivelyeffectively

The role in system life cycleThe role in system life cycle

4.4.The original mathematicalThe original mathematical
models and software toolsmodels and software tools
as a brain of the offeredas a brain of the offered
innovative approachinnovative approach
(based on the probability theory,(based on the probability theory,
theory of random processes,theory of random processes,
system analysis and operation research)system analysis and operation research)

Some mathematical models and their proofsSome mathematical models and their proofs-1-1
from the book “APPLICABLE METHODS TO ANALYZE AND OPTIMIZE SYSTEM PROCESSES” —
Moscow: “Armament. Policy. Conversion”, 2007, 328 p. – www.mathmodels.net
basic
You can receive it on www.mathmodels.net

basic

basic
basic

basic
basic
basic

basic

etc.
basic
basic
basic

The methodology toThe methodology to support an assessment ofsupport an assessment of
standard system processesstandard system processes accordingaccording
to ISO/IEC 15288 is implemented in software toolsto ISO/IEC 15288 is implemented in software tools

The offered 100 mathematical models supported by software toolsThe offered 100 mathematical models supported by software tools

5.5. Examples ofExamples of forecasting,
analyzing and optimizing
quality and risks,
interpretations of results
(for understanding acceptable probability levels of quality and risks
in different spheres)

Some examples concerning
transportation information
and safety

Анализ рисков в опасном производствеАнализ рисков в опасном производстве
Input: a frequency of essential events - to 100 conditional events at 1h, there are no more 1 % of
potentially dangerous events. Speed of semantic interpretation of event makes about 30 sec.
Frequency of errors of the dispatching personnel and failures of software of SCADA-system is 1
error in a year
Example 1. Estimation of data gathering and processing in control
station. What about the risk of inadequate interpretation of events
by the dispatcher for 1 hour, 8 hours (one shift), 1 month, 1 year
and 10 years of operation of SCADA-system?
Such levels of risks for SCADA-systems can be
recognized as acceptable

Анализ рисков в опасном производствеАнализ рисков в опасном производстве
Input: a frequency of critical situations is 3 events per year, the mean time of situation evolution
before damaging is 1 hour. The railroad tracks integrity is confirmed on the central control station
once in a day while the dispatcher shifts are changed. Duration of integrity control is 1 hour on
average, the mean time between mistakes for the shift of monitoring to be 1 week or more.
Example 2. Estimation of control and monitoring for railroad
tracks. What about the risk of uncontrolling situation for a
time period of 1 month, 1 year, and 10 years
To decrease risks the mean time between mistakes for the dispatcher
personnel should be increased, the time of carrying out control and
repairing damages should be shorten to several days or even hours
Risk during 1 month (columns 1, 4), 1 year (columns 2, 5), 10Risk during 1 month (columns 1, 4), 1 year (columns 2, 5), 10
years (columns 3, 6); integrity control and recovery time 1 houryears (columns 3, 6); integrity control and recovery time 1 hour
(columns 1-3) and 10 days (columns 4-6)(columns 1-3) and 10 days (columns 4-6)
Dependency of the risk for 1 year as input data varying in the range of -50% +100% (variant 5: period of integrity control and recovery =10days)

Example 3.
The estimations
of flights safety
before and after
09/11
Results of
system analysis:
owing to active
opposing measures
undertaking on
board an airliner
risk may be
essentially
decreased from
0.47 to 0.01

Example 4. The estimations of complex safety.
Model of threats, barriers against unauthorized access

Example 4. The results of forecasting and analysis

The offered
approach to
mathematical
modelling
standard processes
through Internet
Improvement
1. Input (different
characteristics of time,
frequency and expenses for
standard processes) are
identical. Models are based
on the theory for random
processes. As consequence –
metrics are understandable,
these are probabilities of
successful development of
processes or risks of failure
2. Services through Internet
are more cheaper, than
calculations by existing way
1. All organizations receive access to quality and risks analysis on uniform
mathematical models according to requirements of system standards and taking
into account experience and admissible risks for systems in different spheres
2. Training is accessible to all connected to Internet
Service through
Detail
analytical
report
(50-70 pages)
in 3 minutes
Differences
-focus on requirements to system standard
processes;
-universality of initial data, metrics and the
mathematical models, allowing an estimations and
forecasts for given time;
-support of decision-making process through
Internet

Objective needs and preconditions for perfection of quality and risk management (1)
Methodology and supporting software tools (2)
Examples for different spheres of applications (3)
Modeling through Internet (4)
From a pragmatical filtration of information to generation of the proved ideas and effective decisions
INNOVATIVE APPROACH TO ANALYZEINNOVATIVE APPROACH TO ANALYZE
QUALITY AND RISKSQUALITY AND RISKS

The models and software tools have been presented at symposiums, conferences and exhibitions
since 1989 in Russia, Australia, Canada, France, Finland, Germany, Kuwait, Serbia, the USA
Author’s booksAuthor’s books
Author’s papersAuthor’s papers
AwardsAwards
The offered mThe offered mathematical models andathematical models and
applicable technologiesapplicable technologies are used inare used in
Russian practice for forecasting qualityRussian practice for forecasting quality
and risks as applied to newly developedand risks as applied to newly developed
and currently operated manufacture,and currently operated manufacture,
power generation, transport, engineering,power generation, transport, engineering,
information, control and measurement,information, control and measurement,
insurance, social, quality assurance, andinsurance, social, quality assurance, and
security systemssecurity systems

Kost for china-2011

Recommended

Recommended

More Related Content

What's hot

What's hot (18)

Similar to Kost for china-2011

Similar to Kost for china-2011 (20)

More from Mathmodels Net

More from Mathmodels Net (9)

Recently uploaded

Recently uploaded (20)

Kost for china-2011