Linzhi Li,Hao Wu,Yonghua Song

DOI: https://doi.org/10.1109/pesgm.2018.8586590

2018-01-01

Abstract:In order to mitigate the risks of cascading failures in power systems, the critical faults that lead the system to severe load losses should be identified. Since piles of fault data containing the failure features have been stored during system operations, it is drawing increasing attention to leverage the data for criticalness analyses in recent years. This paper proposes a Temporal Difference learning (TD-learning) based method to identify critical component faults by exploring cascading failure fault chain data. The TD-learning method can allocate the final load losses to faults at different stages so that the relevance of the faults to severe blackouts can be derived. Eventually, the faults allocated larger losses are suggested to be more relevant to severe blackouts, i.e., these faults are more critical. At the same time, the precedent faults putting the critical components in jeopardy can be easily found, which uncovered the preconditions of component criticalness. The method is validated on the IEEE 14-bus system, and a considerable decrease of blackout risks is achieved by enhancing the critical components identified by this method.

Jian Xu,W. K. Chan,Zhenyu Zhang,T. H. Tse,Shanping Li

DOI: https://doi.org/10.1109/qsic.2011.32

2011-01-01

Abstract:Existing fault localization techniques combine various program features and similarity coefficients with the aim of precisely assessing the similarities among the dynamic spectra of these program features to predict the locations of faults. Many such techniques estimate the probability of a particular program feature causing the observed failures. They ignore the noise introduced by the other features on the same set of executions that may lead to the observed failures. In this paper, we propose both the use of chains of key basic blocks as program features and an innovative similarity coefficient that has noise reduction effect. We have implemented our proposal in a technique known as MKBC. We have empirically evaluated MKBC using three real-life medium-sized programs with real faults. The results show that MKBC outperforms Tarantula, Jaccard, SBI, and Ochiai significantly.

Bo LIN,Mingwei XU,Qi LI

2012-01-01

Abstract:With the continuous increasing of end-to-end service, the reliability of the end-to-end service is becoming more and more important. Link failure is one of the most serious problems which impact the reliability. Investigations show that Link failures happen every day, while existing failure detection based on Traceroute are generally used to send probe packets to the destination periodically. With these general methods, the overhead of probe packets would be huge. This paper presents Traceroute-based failure detection algorithm with background traffic (TFD).When there is background traffic in the network, we would choose using background traffic instead of probe packets to detect the failure. We also introduce the traffic matrix of GEANT and Abilene to check and analysis the performance of the algorithm. The results show that the overhead of probe packet in our method has been significantly reduced when there is background traffic in the network.

Wei Zhang,Yuxi Hu,Bolong Tan,Xiaohai Shi,Jianhui Jiang

DOI: https://doi.org/10.48550/arXiv.2210.07486

2022-10-14

Software Engineering

Abstract:The high tracking overhead, the amount of up-front effort required to selecting the trace points, and the lack of effective data analysis model are the significant barriers to the adoption of intra-component tracking for fault diagnosis today. This paper introduces a novel method for fault diagnosis by combining adaptive function level dynamic tracking, target fault injection, and graph convolutional network. In order to implement this method, we introduce techniques for (i) selecting function level trace points, (ii) constructing approximate function call tree of program when using adaptive tracking, and (iii) constructing graph convolutional network with fault injection campaign. We evaluate our method using a web service benchmark composed of Redis, Nginx, Httpd, and SQlite. The experimental results show that this method outperforms log based method, full tracking method, and Gaussian influence method in the accuracy of fault diagnosis, overhead, and performance impact on the diagnosis target.

Yulin Si,Zheng Chen,Jili Sun,Dahai Zhang,Peng Qian

DOI: https://doi.org/10.1109/ACCESS.2020.3001379

IF: 3.9

2020-01-01

IEEE Access

Abstract:Fault detection module is one of the most important components in modern industrial systems. In this paper, we propose a novel fault detection framework which makes use of both normal and faulty measurement signals at the same time. In this framework, the multivariate time series (MTS) pieces which are extracted from measurement signals in a time interval are used as the training and testing samples, and a -nearest neighbour rule of MTS pieces is applied for fault detection. Moreover, a Mahalanobis distance based dynamic time warping method is used to measure the divergence among MTS pieces, and a one-class metric learning algorithm is proposed to learn the appropriate Mahalanobis distance. Experimental results on the Tennessee Eastman process demonstrate that the proposed method has improved fault detection performance compared with classical approaches on certain kinds of faults.

Lu,Zhengguo Xu,Wenhai Wang,Youxian Sun

DOI: https://doi.org/10.1016/j.ress.2012.12.015

IF: 7.247

2013-01-01

Reliability Engineering & System Safety

Abstract:Over the past few years, fault detection for computer networks has attracted extensive attentions for its importance in network management. Most existing fault detection methods are based on active probing techniques which can detect the occurrence of faults fast and precisely. But these methods suffer from the limitation of traffic overhead, especially in large scale networks. To relieve traffic overhead induced by active probing based methods, a new fault detection method, whose key is to divide the detection process into multiple stages, is proposed in this paper. During each stage, only a small region of the network is detected by using a small set of probes. Meanwhile, it also ensures that the entire network can be covered after multiple detection stages. This method can guarantee that the traffic used by probes during each detection stage is small sufficiently so that the network can operate without severe disturbance from probes. Several simulation results verify the effectiveness of the proposed method.

Wei Xu,Ling Huang,Armando Fox,David Patterson,Michael Jordan

DOI: https://doi.org/10.1109/icdm.2009.19

2009-01-01

Abstract:We describe a novel application of using data mining and statistical learning methods to automatically monitor and detect abnormal execution traces from console logs in an online setting. Different from existing solutions, we use a two stage detection system. The first stage uses frequent pattern mining and distribution estimation techniques to capture the dominant patterns (both frequent sequences and time duration). The second stage use principal component analysis based anomaly detection technique to identify actual problems. Using real system data from a 203-node Hadoop [1] cluster, we show that we can not only achieve highly accurate and fast problem detection, but also help operators better understand execution patterns in their system.

Dongjiang Li,Wenyuan Qiu,Jing Zhang,Kun Xue,Xianbo Zhang,Binbin Sun,Feng Lin,Li Li

DOI: https://doi.org/10.1109/ICISCAE59047.2023.10393131

2023-01-01

Abstract:With the swift implementation of cloud platforms, guaranteeing optimal service dependability is imperative. Disk failure is a common cause of service unreliability, particularly in industrial cloud platforms that house numerous disks. These approaches can forecast disk failures by analyzing disk status data before they occur. Deep neural networks have demonstrated their effectiveness in addressing time series classification problems. Our research paper introduces an innovative and efficient approach to forecasting disk failures. By incorporating Bidirectional Long Short Term Memory (BiLSTM) into deep neural networks, we enhance the ability to extract relevant features. We explore the use of very neural networks with the ResNet structure and Fully Convolutional Network. The attention mechanism is adopted to support BiLSTM in acquiring long-term dependencies within lengthy sequences. Our model’s effectiveness is evaluated on two datasets and compared to advanced approaches. The empirical findings unequivocally establish that our performance surpasses that of alternative techniques for predicting disk failures.

Chao Liu,Xiangyu Zhang,Jiawei Han

DOI: https://doi.org/10.1109/TSE.2008.66

IF: 7.4

2008-01-01

IEEE Transactions on Software Engineering

Abstract:Software end-users are the best testers, who keep revealing bugs in software that has undergone rigorous in-house testing. In order to leverage their testing efforts, failure reporting components have been widely deployed in released software. Many utilities of the collected failure data depend on an effective failure indexing technique, which, at the optimal case, would index all failures due to the same bug together. Unfortunately, the problem of failure proximity, which underpins the effectiveness of an indexing technique, has not been systematically studied. This article presents the first systematic study of failure proximity. A failure proximity consists of two components: a fingerprinting function that extracts signatures from failures, and a distance function that calculates the likelihood of two failures being due to the same bug. By considering different instantiations of the two functions, we study an array of six failure proximities (two of them are new) in this article. These proximities range from the simplest approach that checks failure points to the most sophisticated approach that utilizes fault localization algorithms to extract failure signatures. Besides presenting technical details of each proximity, we also study the properties of each proximity and tradeoffs between proximities. These altogether deliver a systematic view of failure proximity.

Chun Yuan,Ni Lao,Ji-Rong Wen,Jiwei Li,Zheng Zhang,Yi-Min Wang,Wei-Ying Ma

DOI: https://doi.org/10.1145/1217935.1217972

2006-01-01

ACM SIGOPS Operating Systems Review

Abstract:Computer problem diagnosis remains a serious challenge to users and support professionals. Traditional troubleshooting methods relying heavily on human intervention make the process inefficient and the results inaccurate even for solved problems, which contribute significantly to user's dissatisfaction. We propose to use system behavior information such as system event traces to build correlations with solved problems, instead of using only vague text descriptions as in existing practices. The goal is to enable automatic identification of the root cause of a problem if it is a known one, which would further lead to its resolution. By applying statistical learning techniques to classifying system call sequences, we show our approach can achieve considerable accuracy of root cause recognition by studying four case examples.

Lianjin Ye,Qing Li,Xudong Zuo,Jingyu Xiao,Yong Jiang,Zhuyun Qi,Chunsheng Zhu

DOI: https://doi.org/10.1109/ipccc51483.2021.9679436

2021-01-01

Abstract:The increasing amount of network devices brings significant improvement to network quality but is inevitably prone to various failures. The frequent occurrence of link failures and node failures in the real-world network, causing packet losses and delay, calls for more accurate and fast detection methods. Existing network failure detection systems focus on probes and end-to-end metrics, but are limited by overhead on bandwidth or storage. Reliance on specific deployment of monitoring systems on devices like hosts also limits the feasibility and compatibility in general network topology, ignoring the potential of transferring monitoring tasks from hosts to switches. In this paper, we propose PUFF, a passive and data-driven network failure detection system based on in-network feature collection in programmable switches and machine learning algorithms. First, PUFF explores the potential use of continuous traffic changes to detect node and link failures instead of end-to-end metrics. Second, PUFF offers a software-based prototype and compares its performance with the latest passive failure detection methods. Evaluation based on simulation on real-world topology shows that PUFF can detect nearly 90% node failures and 80% link failures with less overhead in a shorter time.

Domenico Cotroneo,Luigi De Simone,Pietro Liguori,Roberto Natella

DOI: https://doi.org/10.1016/j.jss.2023.111611

2023-01-18

Abstract:Cloud computing systems fail in complex and unforeseen ways due to unexpected combinations of events and interactions among hardware and software components. These failures are especially problematic when they are silent, i.e., not accompanied by any explicit failure notification, hindering the timely detection and recovery. In this work, we propose an approach to run-time failure detection tailored for monitoring multi-tenant and concurrent cloud computing systems. The approach uses a non-intrusive form of event tracing, without manual changes to the system's internals to propagate session identifiers (IDs), and builds a set of lightweight monitoring rules from fault-free executions. We evaluated the effectiveness of the approach in detecting failures in the context of the OpenStack cloud computing platform, a complex and "off-the-shelf" distributed system, by executing a campaign of fault injection experiments in a multi-tenant scenario. Our experiments show that the approach detects the failure with an F1 score (0.85) and accuracy (0.77) higher than the ones provided by the OpenStack failure logging mechanisms (0.53 and 0.50) and two non--session-aware run-time verification approaches (both lower than 0.15). Moreover, the approach significantly decreases the average time to detect failures at run-time (~114 seconds) compared to the OpenStack logging mechanisms.

Software Engineering,Distributed, Parallel, and Cluster Computing

Z. Fan

DOI: https://doi.org/10.1117/12.2675203

2023-05-25

Abstract:Nowadays, with the increasing diversity of Internet programs, more and more programs have launched more functions. However, many system vulnerabilities have gradually surfaced, and the process of finding and repairing vulnerabilities has become an imminent problem for developers. Code snippets related to dynamic memory allocation and resource preemption operations are a major source of operating system failures. In this paper, a new fault detection technique based on dynamic kernel tracing is proposed. The fault source and fault type are determined by collecting kernel call stack and global state transition information. The fault detection technology is implemented as a loadable kernel module in Linux system, which can effectively collect kernel information without adding hardware or modifying the original system code. The experimental results of fault injection show that the proposed method can detect faults effectively, and the detection delay is smaller than the method based on timeout time and performance index. How to deal with these vulnerabilities is the subject of this article.

Engineering,Computer Science

Jiaping Gui,Ding Li,Zhengzhang Chen,Junghwan Rhee,Xusheng Xiao,Mu Zhang,Kangkook Jee,Zhichun Li,Haifeng Chen

DOI: https://doi.org/10.1109/ICDE48307.2020.00151

2020-01-01

Abstract:While backtracking analysis has been successful in assisting the investigation of complex security attacks, it faces a critical dependency explosion problem. To address this problem, security analysts currently need to tune backtracking analysis manually with different case-specific heuristics. However, existing systems fail to fulfill two important system requirements to achieve effective backtracking analysis. First, there need flexible abstractions to express various types of heuristics. Second, the system needs to be responsive in providing updates so that the progress of backtracking analysis can be frequently inspected, which typically involves multiple rounds of manual tuning. In this paper, we propose a novel system, APTrace, to meet both of the above requirements. As we demonstrate in the evaluation, security analysts can effectively express heuristics to reduce more than 99.5% of irrelevant events in the backtracking analysis of real-world attack cases. To improve the responsiveness of backtracking analysis, we present a novel execution-window partitioning algorithm that significantly reduces the waiting time between two consecutive updates (especially, 57 times reduction for the top 1% waiting time).

Yanghua Peng,Ji Yang,Chuan Wu,Chuanxiong Guo,Chengchen Hu,Zongpeng Li

2017-01-01

Abstract:Troubleshooting network performance issues is a challenging task especially in large-scale data center networks. This paper presents deTector, a network monitoring system that is able to detect and localize network failures (manifested mainly by packet losses) accurately in near real time while minimizing the monitoring overhead, deTector achieves this goal by tightly coupling detection and localization and carefully selecting probe paths so that packet losses can be localized only according to end-to-end observations without the help of additional tools (e.g., tracert). In particular, we quantify the desirable properties of the matrix of probe paths, i.e., coverage and identifiability, and leverage an efficient greedy algorithm with a good approximation ratio and fast speed to select probe paths. We also propose a loss localization method according to loss patterns in a data center network. Our algorithm analysis, experimental evaluation on a Fattree testbed and supplementary large-scale simulation validate the scalability, feasibility and effectiveness of deTector.

WANG Xin-ping,GU Qing,CHEN Xiang,ZHANG Xin,CHEN Dao-xu

DOI: https://doi.org/10.3969/j.issn.1002-137X.2009.10.042

2009-01-01

Computer Science

Abstract:Software reliability is directly relevant to the count of faults in software.Fault localization is the key to detect and eliminate the faults.Execution trace-based fault localization is of great significance because it can be integrated well with automatic software testing.Proposed the framework of execution trace-based fault localization FLOC,which can be divided into four components:organization of execution trace,selection of execution trace,computation of suspiciousness,and evaluation of the output.The typical current execution trace-based approaches were described and compared in FLOC.Finally some improvements were proposed according to FLOC.The purpose of this paper is to compare the advantages and disadvantages of those localization approaches in a unified framework,and provide some improvements on those approaches.

Edward Chen,Han Bao,Tate Shorthill,Carl Elks,Nam Dinh

DOI: https://doi.org/10.48550/arXiv.2205.12075

2022-05-24

Software Engineering

Abstract:In recent years, there has been considerable effort to modernize existing and new nuclear power plants with digital instrumentation and control systems. However, there has also been considerable concern both by industry and regulatory bodies for the risk and consequence analysis of these systems. Of concern are digital common cause failures specifically due to software defects. These failures by the software can occur in both the control and monitoring of a system. While many methods have been proposed to identify software failure modes, such as Systems Theoretic Process Analysis, Hazard and Consequence Analysis for Digital Systems, etc., these methods are focused primarily on the control action pathway of a system. In contrast, the information feedback pathway lacks Unsafe Control Actions, which are typically related to software basic events; thus, assessment of software basic events in such systems is unclear. In this work, we present the idea of intermediate processors and Unsafe Information Flow (UIF) to help safety analysts trace failure mechanisms in the feedback pathway and how they can be integrated into a fault tree for improved assessment capability. The concepts presented are demonstrated in two comprehensive case studies, a smart sensor integrated platform for unmanned autonomous vehicles and another on a representative advanced human system interface for safety critical plant monitoring. The qualitative software basic events are identified, and a fault tree analysis is conducted based on a modified Redundancy guided Systems theoretic Hazard Analysis methodology. The case studies demonstrate the use of UIFs and intermediate processors in the fault tree to improve traceability of software failures in highly complex digital instrumentation feedback. The improved method clarifies fault tree construction when multiple component dependencies are present in the system.

Xinrong Liu,Jun Xia,Zongyi Xing,Limin Jia,Yong Qin

DOI: https://doi.org/10.1007/978-3-662-49370-0_19

2016-01-01

Abstract:Door system is a key subsystem of metro train, and its reliability is related to the maintenance strategy of Metro Corporation and the safety of passengers. On the basis of failure mode effects criticality analysis (FMECA) and fault tree analysis (FTA), t reverse FTA-FMECA (FTF) was proposed for the reliability analysis of metro door. Firstly, the qualitative analysis of FTA was applied to door failure to obtain bottom events. Then, based on the historical failure data and criticality matrix, the quantitative analysis of FMECA was conducted on the bottom events and, as a result, the hazard degree of each bottom event was determined. At last, the failure modes which have great damage on door system were found out according to the hazard degree. The result shows that the proposed method can provide reference and technical support for designing door system and improving its reliability.

Hao-Dong Zhang,Xue Yuan,Dan-Yong Li,Jia You,Bing Liu,Xiao-Ming Zhao,Wen-Ming Cai,Shan Ju

DOI: https://doi.org/10.1007/s10489-021-02981-4

IF: 5.3

2022-01-11

Applied Intelligence

Abstract:Under long-term high-speed movement, the precision components of trains are extremely prone to defects, which could potentially endanger the safe operation of the train. However, there are many types of precision train components prone to defects; they are small in size and difficult to locate accurately. The defects themselves are also highly uncertain and diverse, making it impossible to establish an effective defect database. Meanwhile, a detection algorithm should have a high processing speed to ensure timely maintenance. Within the above context, in this paper an effective framework for multi-type train component defect detection based on an identification and image reconstruction algorithm is proposed. The framework is composed of a component identification stage and a defect diagnosis stage. The component identification method based on a component pre-location algorithm focuses attention on key areas of the train and ensures the visual integrity of the detected components. The component defect diagnosis method is based on an image-similarity generative adversarial network, which allows unsupervised reconstruction of template images to participate in defect diagnosis, thus coping with the diversity of component types and defect conditions effectively. The evaluation results on a CR400BF electric multiple unit series image dataset show that the framework has good robustness in complex environments and better performance in defect detection of train components.

computer science, artificial intelligence

Stephen Frank,Guanjing Lin,Xin Jin,Rupam Singla,Amanda Farthing,Jessica Granderson

DOI: https://doi.org/10.1016/j.enbuild.2019.03.024

IF: 7.201

2019-06-01

Energy and Buildings

Abstract:Fault detection and diagnosis (FDD) algorithms for building systems and equipment represent one of the most active areas of research and commercial product development in the buildings industry. However, far more effort has gone into developing these algorithms than into assessing their performance. As a result, considerable uncertainties remain regarding the accuracy and effectiveness of both research-grade FDD algorithms and commercial products—a state of affairs that has hindered the broad adoption of FDD tools. This article presents a general, systematic framework for evaluating the performance of FDD algorithms. The article focuses on understanding the possible answers to two key questions: in the context of FDD algorithm evaluation, what defines a fault and what defines an evaluation input sample? The answers to these questions, together with appropriate performance metrics, may be used to fully specify evaluation procedures for FDD algorithms.

energy & fuels,construction & building technology,engineering, civil