reliability revie€¦ · · 2017-09-09page 5 reliability review vol. 26, september 2006...

Reliability Review

Featured In This Issue...

A New SoftwareReliability Model

by N. F. Schneidewind, Ph.D.

Cyber SecurityPrediction Models,

Part 4by N. F. Schneidewind, Ph.D.

2006 September, Volume 26, Number 3

THE R & M ENGINEERING JOURNALTHE R & M ENGINEERING JOURNALTHE R & M ENGINEERING JOURNALTHE R & M ENGINEERING JOURNALTHE R & M ENGINEERING JOURNALPublished Quarterly (ISSN 0277-9633)Published Quarterly (ISSN 0277-9633)Published Quarterly (ISSN 0277-9633)Published Quarterly (ISSN 0277-9633)Published Quarterly (ISSN 0277-9633)

IDENTIFICATION STATEMENT: Reliability Review (ISSN 0277-9633) is published quarterly (March, June, September, December)for the Reliability Division of the American Society for Quality and mailed to dues paying members. Editorial and Advertising Offices2678 Brown Bear Court, Cool, CA 95614. Subscription rates for non-members are as follows: Within USA $40.00 yearly; Canadaand Mexico, $45.00; Outside North America, $50.00. INDIVIDUAL COPIES: $12.50 per copy plus postage. POSTMASTER:Sendaddress changes to: A S Q, P.O.Box 3005, Milwaukee, WI 53205-3005Domestic Delivery: Non- Profit Organization Postage Paid at Cool, CA and additional mailing offices;International Delivery: Periodicals Postage Paid at Cool, CA and additional mailing offices.COPYRIGHT AND REPRINT INFORMATION: Permission of the publisher is required for reprinting or copying for circulationof any article. Write to the Executive Editor, Reliability Review, (address above).All rights resrved. CAVEAT: Comments of individualsdo not necessarily have endorsement or constitute official opinion.

Copyright ©2006 by the American Society of Quality. Printed in the USA.ASQ: The Society of Professionals Dedicated to the Advancement of Quality.

Manuscript SubmittalManuscripts: Authors must submit two (2) legible copies of all written and illustrative material. Manuscripts shall

be typewritten/Word Processor format. Enclose or email an electronic file copy [saved in IBM/ MSWindows compatableformat using MS Word or Word Perfect, or ASCI Text]. Email delivery address is [email protected] Copyright: It is the policy of ASQ to own the copyright to the technical contributions it publishes. To comply withthe US Copyright Law, the Editor will supply an ASQ Copyright Form which must be signed before publication. Theform returns to authors and their employers the right to reuse their material for their own internal purposes.

Illustrations, Tables, Figures, Charts: Supply camera ready illustrations, graphics, charts and tables laser printed(600 dpi) on high quality paper. If generated using MS Excel, MS Word, Word Perfect, Corel or similar software copythe file onto the disk with the text file. As a backup enclose the hard copy originals. Most illustrations, tables, figuresand charts will be reduced to one column 3.25" wide; be sure the lettering is large enough to be legible after reduction.

Submittal: If more than one author, name each and designate corresponding author. Explicitly show addressesincluding Email for correspondence. Submit hard copy of manuscript by postal mailing to:

Reliability Review •Harold W. Williams, Editor•2678 Brown Bear Court•Cool, CA 95614 USA

Information for AuthorsWe encourage R& M professionals to submit original

writings discussing concepts, practices and improvementideas for reliability engineering and management; alsomaintainability,,and systems engineering. Our purposes: first,upgrade knowledge, tools and effectiveness; second, toimprove design of products and processes; third, to reduceor mitigate risk. Request our template for authors.

RR papers receive staff review to ascertain that factsare correctly stated and to assure that opinion and fact areclearly distinguished one from another. Technical content maybe refereed by selected specialists. The Editor reserves theright to edit any paper, and will usually exercise that right.

RR is published on the first of March, June, Septemberand December. If your publishable paper is received threemonths before a publication date, your article may be inthe next issue - subject to space and reviewing constraints.

AdvertisingSubmit draft copy to Harold Williams, Editor, with

Request for Quote. Indicate size desired or sizes of interest.Specify whether you will provide camera-ready copy ordesire that we produce final copy.

Letters to the EditorReliability Review welcomes letters from readers.

We offer the following guidelines. Letters should clearlystate whether the author is expressing opinion or presentingfacts with supporting information. Commendation,encouragement, constructive critique, suggestions andalternative approaches are accepted. Berating is notappropriate. If the content is more than 200 words, we maydelete portions to hold to that limit. We reserve the right toedit letters. Address letters to: RR Dialogue, 2678 BrownBear Court, Cool, CA 95614.

Publication StaffExecutive Editor Associate Reviewer Software Tech. EditorHarold W. Williams, Jr., P.E. X. (Bill) Tian Sam J. Keene, Ph.D.2678 Brown Bear Court 3404 E.Harmony Rd. PO Box 337Cool, CA 95614 Ft. Collins, CO. 80528 Lyons, Colorado 80540(530) 885-5322 (970) 898-6047 (720) [email protected] [email protected] [email protected]

Associate Editor Technology Editor Associate ReviewerLarry George, Ph.D. J.A. McLinn Trevor Craney1573 Roselli Drive 10644 Ginseng Lane 90 Scarlett Oak Dr.Livermore, CA 94550-5852 Hanover, MN 55341 Wilton, CT 06897(925) 447-4969 (763) 498-8814 (203) [email protected] [email protected] [email protected]

Reliability ReviewTHE R & M ENGINEERING JOURNAL

The Review PresentsVolume 26, Number Three, September 2006

ITEM SOFTWARE Advertisement ...................................................I

RELIASOFT CORPORATION Xfmea Ad ...........................................................1

ALION SYSTEM RELIABILITY CENTER Advertisement .................................................4

EDITORIAL: STRATEGIC R & M OPPORTUNITIES ....................................................................5Harold W. Williams, PE R & M profesionals today interested in applying their skills and

ingenuity to new challenges are fortunate. Many opportuntities are present today. Some very important needs await those prepared to investigate them. We discuss some of them.

A NEW SOFTWARE RELIABILITY MODEL........................................................................................................6Norman F. Schneidewind, Ph.D. Prof. Schneidewind presents a new model he has developed. It affords

the advantage of lowering the cost and effort of model development, implementation , and use whenever its use is applicable. He has tested and confirmed it can provide equal or better efficacy.

RELIASOFT CORPORATION XFRACAS Ad .................................................13

RELEX SOFTWARE CORPORATION Advertisement .......................................16,17

RELIABILITY INFORMATION ANALYSIS CENTER Advertisement...........................................20Also see, on page 32, notice concerning the change from RAC to RIAC

CYBER SECURITY PREDICTION MODELS, PART 4 .....................................................................................22Norman F. Schneidewind, Ph.D. This installment concludes our presentation of Dr. Schneidewind’s

cyber security prediction model details, intrusion risk assessment, and measures of effectiveness. We list contents of his Appends

applicable to this work. If readers desire we will publish the complete work including complete appends in a new monograph.

EVENTS CALENDAR AND DIVISION NEWS .............................................................................29 Courses, Seminars and News of interest to our members.

PUBLICATIONS ORDER FORM Use our form to order RD Pubs .....................................30

R&M MONOGRAPHS Abstracts of RD Monographs currently avaialable...................... 31

New R & M Monographs ................................................................................................32 Recently published R & M monographs

RELIABILITY DIVISION MANAGEMENT DIRECTORY ..................................................................iiiTitles of *Back To Basics* features are asterisked fore and aft

Reliability Review Vol. 26, September 2006

STRATEGIC R & M OPPORTUNITIES by Harold W.Williams

The ASQ VIP News just arrived in myE-mail. I quickly scanned the content

and then dwelled on the set of ASQ StrategyThemes presented there. I list them at theend of this editorial. After you scan them,please re-read them, replacing the wordquality with the word “reliability” in eachtheme. The message within these themesprompted my own thoughts with respect tothemes communicated by our messages inReliability Review. I am especially referringto our messages on development,implementation, and management ofReliability Engineering precepts. Mytentative conclusions follow. I will welcomecomments on them from RD members .Wehave endeavored to feature articles thatpresent to our readers content which ispotential fuel for growth. RR is reaching aninternational audience. We do disseminatethe body of knowledge through RR and ourmonograph publications. Technical librariesand universities located in many nationssubscribe. Many contact us seekinginformation on R & M methods or tacticsand resources for addressing them. Ourreaders and authors impact an increasinglygrowing spectrum of economies. Therein,we need to sharpen our focus upon provingthe economic case for reliability.

Furthermore, many opportunities areapparent as one experiences products whereproduct reliability and process reliabilityhave not been effectively addressed. Ibelieve the following areas appearespecially needy and deserve high priorityattention by interested R & M professionals.In the medicine field of prosthetics R & Mmethods are needed; especially in designand development of prosthetic limbs . Atleast half a million users of these productsdesire greater reliability and functionalitythan is now delivered. Improved reliabilityand functionality is achievable in theirdesigns and delivered products by fullimplementation of R &M / SystemsEngineering from concept through neuralbiometric limb system design developmentincorporating reliable parts, materials anddevelopment testing, followed byrequirements flow down and the completeproduct and process reliability program.The time is right for addressing thisopportunity since financial means areavailable. The Veterans Administration wasrecently funded for a new Center forRestorative and Regenerative Medicine inProvidence, RI... Also, DARPA hasallocated over $48 million for prosthetics (continued on page 22)

Reliability Review, Vol. 26, September2006 Page 6

A NEW SOFTWARE

RELIABILITY MODELby Norman F. Schneidewind

have developed a new single parametermodel that proved competitive in

prediction accuracy when compared toselected extant models. While this modelprovided surprisingly good results, no onemodel provided consistently superiorpredictions. This result reinforces the idea ofhaving multiple models at the ready in theuser’s arsenal of reliability tools. Anotherinteresting result of the prediction accuracyassessment is that simple models, like thesingle parameter and regression models,can provide reasonable accuracy at low cost– a lesson that practitioners can take to heart!I also examined the possibility of varying theparameters of the models, by using varyingquantities of failure data for parameterestimation, in order to improve modelprediction accuracy.. This is in contrast tothe traditional approach of using constantparameter values over a large range ofpredictions. This quest proved fruitful!

Objectives

Since no one has succeeded inidentifying a priori those characteristics ofsoftware that will ensure that a particularmodel can be trusted to produce accuratereliability predictions [LYU96], I was

motivated to evaluate several models bytesting them against both specified test dataand real project data.

For one thing, I was curious about thepossibility of producing a software reliabilitymodel with a single parameter. Why not? Allsuch models that I am aware of have at leasttwo parameters. In some cases, one parameterrepresents the initial failure rate and a secondparameter represents the rate of change offailure rate [SCH97]. If a single parametermodel, which I call Schneidewind SingleParameter Model (SSPM), could bedeveloped with adequate prediction accuracy,it would be beneficial because the reducedcomplexity would lower cost and effort inmodel development, implementation, anduse. Furthermore, reduced complexity wouldresult in a model that would be easier tounderstand and apply by the user, and,perhaps most important would be less costly.However, there was the question of whethera single parameter could capture the attributesof the failure data to a degree sufficient toproduce accurate predictions. To answer thisquestion, I subjected the new model tocomparative tests against two establishedmodels – the Schneidewind SoftwareReliability Model (SSRM) [SCH97] and theYamada S Shaped Model (YSSM)[Xie91].

I

Reliability Review Vol. 26, September2006

SOFTWARE RELIABILITY MODEL (CONT)A second objective, related to the first,

was to see whether varying the parametervalues of SSPM, by using increasing amountsof failure data, would improve predictionaccuracy. Conventional wisdom suggeststhat a larger sample size would result inimproved accuracy. However, this playsagainst the fact that with a fixed amount ofdata, the larger the sample size for parameterestimation, the smaller the sample size forprediction accuracy evaluation! I also variedthe parameters of SSRM and YSSM todetermine whether this technique would beadvantageous for these models.

Not part of the research plan, butduring the analysis, it occurred to me that asimple regression model based on the failuredata, might provide accurate predictions forin some situations. This experiment producedsome surprising results!

Additionally, while SSPM might showpromising results for test data sets I developedfrom random data, how would this modelfare using real project failure data from theNASA Goddard Space Flight Center satellitesystems? Indeed, how would SSRM andYSSM hold up under this comparison?

Selected Previous Work on ReliabilityModel Parameter Estimation

A 2003 Symposium paper [OKA03]focused on the estimation problem of modelparameters in software reliability modeling.They introduced the EM (expectation–maximization) algorithms for softwarereliability models and compare them withthe classical parameter estimation methods.They extensively develop the EM algorithmsfor two cases; (i) the time interval data ofsoftware fault detection, (ii) softwarereliability models based on non-homogeneous Poisson processes. Theycompare the iterative schemes based on EM

algorithms with classical methods such asthe Newton’s method and the Fisher scoringmethod and show that the EM algorithmsare attractive in terms of convergenceproperty.

While ideas in [OKA03] areinteresting, the approach is much too complexfor practical model parameter estimationwork. My objective is to improve parameterestimation efficiency based on iterativeparameter estimation that is accomplishedby using increasing larger sample of failureinput data and noting the change in predictionaccuracy. In addition, I investigated whethercontinuously varying the model parameterand adjusting it, based on its rate of changeover time, will enhance prediction accuracy.

Awork by Yashwant, Malaiya, andDenton [YAS97] concerning use of softwarereliability growth models suggests that inthe beginning of testing, the initial test datayields very unstable parameter values andsometimes the parameter values obtained donot correspond to the assumptions of themodel. Sometimes, iterative techniques areused to estimate the parameter values. For agiven data set, if they used the partial data setfrom the beginning of testing to someintermediate point, the parameter values werefound to be different from the final values.They investigated the incremental variationof the values as testing continued. In thebeginning, the values can change rapidly butlater they start settling towards the finalvalue

For the reasons stated in [YAS97], Iwas motivated to experiment with twotechniques designed to reflect the instabilityin parameter estimation: one was to vary theparameter over the range of failure intervals;the second was to adjust the parameter valuein each interval based on its rate of changebetween intervals.

Reliability Review, Vol. 26, September 2006 Page 8

Models and Data Analyzedin the Experiments

Four models are used in theexperiments: a new model – SchneidewindSingle Parameter Reliability Model (SSRM)– Schneidewind Software Reliability Model(SSRM) [SCH97], the Yamada S-ShapedModel (YSSM) [XIE91], and a regressionmodel. The first model is developed in thenext section. The second model has beenenhanced recently, as reported in [FAR04].The Schneidewind software reliabilitymodel features optimal selection of failuredata for predicting failure counts.Enhancements were made to enable clearerinterpretation of that model’s results. Theseenhancements included the addition of riskassessment measures and modifications tothe model’s optimal data selectionprocedure. An analysis of a data set from aNASA Goddard Space Flight Center projectthat was used to validate these additions.

The Yamada model has theinteresting characteristic of a mean numberof failures that initially increases at anincreasing rate, reflecting instability in thedevelopment process, followed by failuresthat increase at a decreasing rate, reflectinga maturing process, and, finally stabilizingat an asymptotic value [XIE91].

The regression model was producedby a curve fit to the cumulative NASAfailure data.

The data called “actual” that is usedin the experiments are either generatedrandom data (e.g., Poisson data with aspecified arbitrary mean) or failure datafrom a NASA project.

Development of Single ParameterReliability Model (SSPM)

Three common methods of parameter

SOFTWARE RELIABILITY MODEL (CONT)estimation exist: method of moments, leastsquares, and maximum likelihood. Each ofthese methods has useful attributes.Maximum likelihood estimation (MLE) isthe recommended approach because of itsdesirable properties [AIA06]. For example,according to [XIE91], the MLE is invariant

(i.e., if is a MLE of , it is also the MLE

of, for example, the failure rate f (i) = e- ).Also, some researchers have found thismethod to be the best choice [MUS87].Furthermore, MLE is appropriate when thefailure distribution is known [MUS87], suchas the Poisson data sets used in theexperiments. Based on these considerations,the first step in the model developmentprocess is to identify the Likelihood FunctionL for the Schneidewind Single ParameterModel (SSPM). I assume that the number offailures xi in the interval i is Poissondistributed and the time between failures isexponentially distributed. Then, I canformulate equation (2.1).


SOFTWARE RELIABILITY MODEL (CONT)Using equation (2.3) and ignoring xi!

because it does not affect the maximizationof the likelihood function, I produce equation(2.4):

Now, I take the partial derivative of log L inequation (2.10), with respect to , setting itequal to 0, and solving for , yields equation(2.11):

Using equation (2.2), the cumulativemean number of failures at interval i iscomputed as follows:

(2.12)

This equation can be used to computeeither cumulative failures at a given intervali or to find the number of failures betweentwo intervals.

Using equation (2.12) and solving fori, yields the ith interval where Mi cumulativefailures will occur:

(2.13)

Inspecting equation (2.1), you can seethat the probability of xi failures in the intervali, is equal to:

(2.14)

And, the probability of xi =0, is just thereliability, given by:

(2.15)

Using equation (2.12) and letting i , Icompute the total mean number of failuresover the life of the system:

i = - (1 / ) Log [1- (Mi )]

Pi = !

i

i

x mi

i

m e

x

R (i) = e-mi = e-(e- i)

= - (1 / E) (log (D / E n) (2.11)

Mi = 0

iie di = (1/ ) [1– e- i]

Reliability Review, Vol. 26, September2006 Page 10

SOFTWARE RELIABILITY MODEL (CONT)Mt = 1 / for > 0 (2.16)

Then, using equations (2.6) and (2.16), thenumber of remaining failures is developed:

R = Mt - 1

i

n

i

x = (1 / ) - C (2.17)

Primary Equations of the Yamada SShaped Model (YSSM) [XIE91]

In this section, I show you the majorequations of this model that are used in thecomparison of prediction accuracy with othermodels.

The mean number of failures ininterval i is:

Mi = a [1 – (1 + b i) e-bi], b > 0, (3.1)

Where parameter a denotes the number offaults to be detected and b is the failuredetection rate.

The expected mean number of failuresover the life of the software is computed byletting i in equation (3.1) yieldingequation (3.2):

M = a (3.2)

The expected number of remainingfailures at time i is then, using equations(3.1) and (3.2):

M - Mi = a (1 + b i) ebi (3.3)

Primary Equations of theSchneidewind Software Reliability

Model (SSRM) [SCH97]

In this section, I present the majorequations of this model that are used in thecomparison of prediction accuracy with othermodels.

The basic philosophy of this model isthat as testing proceeds with time, the failuredetection process changes. Furthermore,recent failure counts are usually of more usethan earlier counts in predicting the future.Therefore, in addition to the failure rateparameters a and b, there is a third parameters, defined below.Definitionss Starting interval for using observed

failure data in parameter estimation Failure rate at the beginning of interval

Negative of derivative of failure rate divided by failure rate (i.e., relative failure rate)

observed failure count in the range[ , ]s i

iX observed failure count in the range[1, ]i

After the parameters and havebeen estimated, and the optimal set of testdata has been selected, as defined by s and

,s iX , the following predictions can bemade:

Cumulative Number of Failures aftertime i

(3.4.1)

Maximum Number of Failures ( i )This failure count is obtained by letting

i in equation (3.4.1).

(3.4.2)

Maximum Number of RemainingFailures, predicted at time i, after failureshave been observed

s iX ,

For models that are nonlinear in theirparameter – such as the SSPM – the bestselection of the form of the model dependson the values of the parameters. These valuesare initially unknown. As the analysisproceeds and better estimates becomeavailable, better models can be identified. Inthe early stages of model building, there arem model forms to choose from. [BOX78]For example, you could consider the formsof the Schneidewind Software ReliabilityModel (SSRM) and the Yamada S ShapedModel (YSSM). However, these are multi-parameter models. My objective is to seewhether a single parameter model couldyield greater prediction accuracy. Theproblem then is to determine which model isbest based on the experimental evidence(i.e., which parameters provide the bestmodel prediction accuracy). Model testingagainst the actual data provides theexperimental evidence. [BOX78]

Experiment Number 1: ContinuouslyVarying Parameter for SSPM

You will see, for both SSPM andSSRM, whether varying their parametersover the range i,…, n, improves the accuracyof predictions compared to using a constantvalues.

For SSPM, I formulate the equation forvarying , substituting equations (2.7) and(2.8) in equation (2.11) to produce equation(3.5).

=

(3.5)

This version of the parameterestimation method is called “variable ”;the constant version is called “constant ”.

For SSRM, I vary the parameters

Page 11 Reliability ReviewVol. 26, September 2006

SOFTWARE RELIABILITY MODEL (CONT)Remaining failures is computed by

subtracting , the number of failures that havebeen observed, from the maximum numberof failures in equation (3.4.2).

Reliability at Time i

The reliability R (i) is based on the fact thatfor a Poisson process, with zero failures:

Experimental Model Building

R (i) = ime

- (1 / 1

n

i

i ) (log (1

i

n

i

ix / (1

n

i

i ) i))

(3.4.6)

Reliability Review,Vol. 26, September 2006 Page 12

SOFTWARE RELIABILITY MODEL (CONT)

retemaraPnoitamitsE

egnaR

noitciderPegnaR MPSS MRSS MRSS

tnatsnoC 02-1 23-12 7272.0tnatsnoC

dna 0181.0

elbairaV 02-1 23-12 4382.0 elbairaVdna

8301.0

detsujdA 02-1 23-12 9532.0


3311.0

detsujdA 12-1 23-22 1762.0


6610.0

detsujdA 22-1 23-32 9742.0


1350.0

detsujdA 32-1 23-42 2042.0


2940.0

detsujdA 42-1 23-52 7922.0


0020.0

detsujdA 52-1 23-62 5812.0

Table 1. Mean Absolute Relative Prediction Errors of Mean Number of Failures Mi(Poisson Data Set # 1: mean = 1.063)

Note: bolded values identify the model with the best prediction accuracy.

(continued on page 14)

Reliability Review Vol. 26, September 2006(continued on page 18)

SOFTWARE RELIABILITY MODEL (CONT)Results of Experiments 1 and 2

See Table 1 for the results of theparameter evaluation for predicting meannumber of failures in the interval i, Mi, thatindicates – that for SSPM - the advantage ofusing the adjusted alternative. That is, theadjusted method is superior to the otherSSPM methods in almost every case.Furthermore, the most important result is

Table 2. Mean Number of Failures Mi Variance(Poisson Data Set # 1)

Note: bolded values identify the model with the lowest variance.

retemaraPnoitamitsE

egnaR

noitciderPegnaR MPSS

MRSSelbairaV

dna

elbairaV 02-1 23-12 0198.7 0093.0

detsujdA 02-1 23-12 4448.2

elbairaV 12-1 23-22 6368.6 2032.0

detsujdA 12-1 23-22 1447.5

elbairaV 22-1 23-32 5070.6 3477.2

detsujdA 22-1 23-32 2840.5

elbairaV 32-1 23-42 4521.5 1907.0

detsujdA 32-1 23-42 3351.4

elbairaV 42-1 23-52 9203.4 7753.0

detsujdA 42-1 23-52 4514.3

elbairaV 52-1 23-62 4525.3 8306.0

detsujdA 52-1 23-62 6037.2

that the traditional SSRM has the bestprediction accuracy in every case, as Table1 and Figure 1 demonstrate. The Figure 1curves are for the minimum error case. AsTable 1 shows, the error decreases withincreasing prediction sample size.

In addition to mean absolute relativeerror as a prediction error criterion, it is alsoimportant to examine the residuals [LYU96].

Relex Reliability Studio 2006 Studio20Relex Rel

di

FMEA/FMECAA

FRACAS CorrrectiveAction

Human FactoorsRisk Analysiss

Life Cycle Cost

MaintainabilityPrediction

Markov Analysis

Optimization andSimulation

Reliability BlockDiagram

ReliabilityPrediction

Weibull Analysis

20 years in the making.Relex Reliability Studio 2006 www.relexthemovie.com

See it. Experience it. View the trailer at

excellence in reliability

Ready to learn more? Check out the Relex

trailer at and sign up at

www.relex.com/news/seminars.asp to attend a preview

showing at a location near you. Or let us personally

–

call 724.836.8800 today!

Want to see the best in action?Want to see the best in action? With inventiveWith inventivefeatures you hadn’t even imagined before, our all newRelex Reliability Studio 2006 includes floating, dockablee,and tabbed control windows, the quick configure RelexxBar, the indispensable Project Navigator, and a completelycustomizable desktop.

Want global collaboration? The Relex EnterpriseEdition supports both Oracle and SQL Server in a scalabble,robust solution with enterprise capabilities such as permission-based roles, customizable workflow, alertnotifications, audit tracking, and the new Relex iArchiteectmodule supporting a web browser interface.

Relex Software is proud to announcey

Relex Software is proud to announce

the highly anticipated release of

Relex Reliability Studio 2006. From the

company with a history of innovation

and a list of impressive firsts, Relex

Reliability Studio does it once again:

redefines reliability engineering tools

with a package of unprecedented power

and flexibility (and a little pizzazz!).

Relex is a registered trademark of Relex Software Corporation. Other brand andproduct names are trademarks or registered trademarks of their respective holders.


SOFTWARE RELIABILITY MODEL (CONT)This would be computed from the differencebetween predicted and actual quantities.For example, in Figure 1, you can see thatthe residuals for SSRM are small whereasthe ones for the other models are large. Theimplication is that SSRM would be a validmodel for this type of failure data patternand that the other models would be invalidbecause their predictions are excessivelyoptimistic.

Additional experimental results areshown in Table 2 in terms of the variance ofthe mean number of failures Mi for variousprediction ranges. You can see that theestimated values for SSPM are consistentbecause their variance tends toward zero asthe sample size increases [MUS87].However, the SSRM alternative has smallervariance. but its variance does not tendtoward zero. Interestingly, the SSRM hasthe smallest prediction error in Table 1

(0.0166); yet this error corresponds to thelargest variance (2.7743) in Table 2. Theimplication is that no one model can berelied upon to be the most accurate under allcircumstances [LYU96]. Therefore, the usershould evaluate multiple models undervarious conditions before making a selection.

While, as has been shown, predictionaccuracy improves with sample size, thisconsideration must be weighed against theadditional cost of data collection and modelimplementation imposed by handlingadditional data. This tradeoff can be made,for example, by first defining Mean RelativeError (MRE) in equation (4.1) and thenusing equation 4.2, which is showngraphically in Figure 2, to represent thetradeoff between cost and predictionaccuracy for mean number of failures, usingSSPM and SSRM as examples.

Figure 2. Mean Absolute Relative Error (MRE) of Predicted Number of Failures vs. Sample Size N

MRE = -0.0065N + 0.3613 (var iable bet a)

R2 = 0.9979

MRE = -0.0094N + 0.4325 (adjust ed bet a)

R2 = 0.9792

0.0000

0.0500

0.1000

0.1500

0.2000

0.2500

0.3000

19 20 21 22 23 24 25 26

N

M R E

SSRM




MRE =

(4.1)I assume cost is proportional to N,

where N is the sample size. Then, I assumea linear relationship between error andsample size N (i.e., cost)

( ) ( )( )

i i

i

M actual M predictionM actual

Thus, MRE = a + b N (4.2)where a and b are obtained from regressionanalysis.Once (4.2) is obtained, MRE can beestimated as a function of N, or N can beestimated as a function of MRE by usingequation (4.3):

N = (MRE -a) / b (4.3)If you want to predict the maximum samplesizeN required for MRE = 0, you can computeequation (4.4):

Nm = - a / b (4.4)

MRE = -0.0065 N + 0.3613 with R2=0.9979 (4.7)Thus, Nm = - a / b = - 0.3613 / -0.0065 = 56

(4.8)These results tell us that, starting at a samplesize of N = 20, it would be too costly interms of data collection to use an N thatwould drive MRE 0. Thus, I mustincrementally gather more data, update thepredictions, and re-evaluate the MRE – Ntradeoff.

You can recognize that by using only 6data points (i.e., N = 20,…25, equations

For SSPM with adjusted , I foundMRE = -0.0094 N + 0.4325, with R2

= 0.9792 (4.5)

Thus, Nm = - a / b = - 0.4325 / -0.0094 = 46(4.6)

For SSPM with variable , I found

Figure 3. Number of Intervals i for Mi Failures to Occur vs. Mi

0

2

4

6

8

10

12

14

0 1 2 3 4 5 6 7 8 9

M i

i

Series1Series2Series3Series4

Series 1: Actual IntervalsSeries 2: SSRMSeries 3: SSPM (constant beta)Series 4: YSSM

best

worst


NEXTG

ENERATIONRELIAB

ILITY

PREDICTION

Plus

For more information about the 217Plus™ methodology, contact the RIAC.

The Reliability Information Analysis Center6000 Flanagan Road • Suite 3 • Utica, NY 13502-1348TEL 315.351.4200 • TOLL FREE 877.363.7422 • FAX 315.351.4209 EMAIL [email protected] • http://theRIAC.orgRACRACi


(4.5) and (4.7) could not be expected toyield great MRE estimation accuracy.However, with additional data, the conceptcould be extended to produce validestimators.

Another important type of predictor isthe one developed in equation (2.13) thatallows you to predict the time period i whenthe number of mean failures Mi is expectedto occur. The graphical results are shown inFigure 3. This prediction is made for SSPM,using the constant parameter option. Inaddition, predictions are made for SSRMand YSSM, with the former tracking theactual intervals the best of the three models.However, when the residuals are considered,none of the models is a good fit because theypredict too optimistically.

Experiment Number 3: Using ConstantValues of Parameters forSSPM, SSRM, and YSSM

Two Poisson data sets were used asinput for the SSRM, SSPM, and the YSSM.The means of these datasets – arbitrarilyselected — are shown in Table 3. Usingthese means, a total of 32 failure countswere generated for each data set, using 20failure counts for parameter estimation, inorder to provide prediction samples of 12failure counts.

Note that in this experiment I analyzevarious predictors and use constantparameter values, as opposed to Experiments1 and 2, where cumulative failures andvariable parameter values were the focus of

Table 3: Predictions and Errors for Constant Value of Parameters

Mean Absolute Relative Prediction Errors (sample size = 12: prediction range = i = 21 – 32, parameter estimation range = i = 1 - 20)

Bolded items indicate best prediction accuracy for given data set.

Prediction Poisson Data Set # 1: mean = 1.063

Poisson Data Set # 2: mean =. 719

SSRM SSPM YSSM SSRM SSPM YSSM Mean Number of failures in the

interval I; m I; Error

.181 .157 .328 1.000 0.846 0.595

Number of intervals i for Mi

cumulative failures to occur

( )fT i ; Error

0.217 0.290 0.310 1.000 0.755 0.431

Reliability R (i); Error

0.739 0.723 0.962 0.916 0.623 0.920

Cumulative Failures at i =32,MI; Error

36.29

.0674

26.34

.225

45.14

.328

19.26

.163

40.57

.764

29.38

.234

Remaining Failures between i =20 and i =32,

RF (i) Error

10.29

.286

7.34

.0825

10.77

.347

.257

.936

18.88

3.720

6.48

.620

Reliability Review Vol. 26, September 2006Page 21


prediction. The results are mixed with noone model being dominant. This impliesthat the user should try various modelsagainst test data before deciding whichmodel or models to use during softwareoperation. However, it is notable that SSPMwins four of the ten contests – more than anyof the other models; this result is remarkablebecause a single parameter model is easierto implement and less costly to use andstands up well against the more sophisticatedmulti parameter models — SSRM andYSSM. In contrast, one comparison of themodels is shown in Figure 3, where the

superiority of SSRM with respect to failurecount interval iprediction accuracy is evident,again suggesting the lack of dominance byone model across the various predictors.


work (stronger more functional limbs andneurally controlled arms with sensorycapabilities). Likewise, there is dire needfor improvement of quality and reliabilitywithin the mega hospital systems. Patient“care” within some of these institutions isvery deficient in quality and timeliness.Also, I have observed conditions duringintrusive surgical procedures in the O.R.and during CAT scans that unwiselyexpose patients to infection. Over the pastseveral years I made multiple observationsat a number of hospital facilities. I viewedprocesses and equipment which fail tomeet certification specifications commonlyin place for contamination control andreliability in our high technologyindustries. No wonder infection is acommon experience following surgicalevents and in wound care. Based upondiscussions with staff members at thesefacilities, the following seems to be thecurrent situation. Over-zealous “beancounters and politicians “ have driven thesystem in the wrong direction. The qualityof patient care is being diminished;reliability and quality of the processes andoperators have deteriorated. Morale is

low. This challenge deserves our interest. Another great opportunity exists inenterprises designing and producing cruiseships, and other passenger transportationsystems. They are in need of comprehensivesystem design reliability engineeringinclusive of maintainability, system safetyengineering, and system security. We apologize for postponement ofthe fourth installment in Design forReliability. It will appear in our next issue. We desire your design or processR &M improvement story/proposaldemonstrating economic value added

EDITORIAL (CONT) EDITORIAL (CONT)

ASQ Strategy ThemesSupport quality professionals and

practitioners in their efforts to grow invalue in the workplace and community

Prove and communicate the economic casefor quality

Assure that a vital, growing body ofknowledge is accessible to everyone

Become the community of choice forquality

Grow the use and impact of quality inevery segment of the economy

Make sure the world knows theimportance and value of quality

References[BOX78] Box, Hunter, Hunter, Statistics forExperimenters, Wiley, 1978.LYU96] Michael R. Lyu, editor, Handbook of SoftwareReliability Engineering, Computer Society Press, 1996.[MUS87] John D. Musa, Anthony Iannino, and KazuhiraOkumoto, Software Reliability: Measurement,Prediction, Application, McGraw-Hill Book Company,1987.[OKA03] Hiroyuki Okamura “An Iterative Scheme forMaximum Likelihood Estimation in Software ReliabilityModeling”; Proceedings of the 14th International



CYBER SECURITY PREDICTION

MODELS, PART 4by Norman F. Schneidewind, PhD

F ig ur e 1 9 . R elat ive E f f ect iveness R Et o f T ime o f Int r usio n Pr event io n vs. T ime o f Int r usio n t

-10.00

-8.00

-6.00

-4.00

-2.00

0.00

2.00

0 5 10 15 20 25 30

T i m e o f I n t r u si o n t ( h o u r s)

REt < 0, RiskTighten Securit y

t * = 10 hours = limit on t

In this measure, for a given value of t*, we

want the ratio *tt

to be low; thus, this ratio

is subtracted from 1 to create an increasing

Intrusion Duration RelativeEffectiveness (Continued)

Equation (27) gives the relativeeffectiveness for duration of intrusions REt.

d. Note: This installment will complete our presentation of the subject work, whichbegan in our December 2005 issue. We begin this installment with a restatement

of the author’s lead-in sentences to Figure 19. The figure was inadvertently omitted fromour june issue printing of part 3.

E


CYBER SECURITY (CONT)

ledoM erugiF tnednepednIelbairaV

tnednepeDelbairaV tnioPyeK

hcraeseRnoitseuQ

ksiR 1 foytilibaborPkcattA ksiR

seifitnedIksirmumixaM

skcatta

2

2 ecneuqesnoC ksiRseifitnedI

ksirmumixaMskcatta

2

1#laitnenopxE 3 foytilibaborPkcattA

detcepxEforebmuN

skcattA

pihsnoitaleRrebycgnoma

ytirucesselbairav

1

2#laitnenopxE 4 foytilibaborPkcattA

neewtebemiTskcattA

neewtebemiTskcattAdlohserht

1

5 foytilibaborPkcattA

foetaRfoegnahC

neewtebemiTskcattA

egnahcfoetaRdlohserht

1

6detcepxE

forebmuNskcattA

foytilibaborPkcattA

foytilibaborPkcattA

dlohserht

1

ytilibarenluV 8ecniSsraeY

tsriFgnidroceR

ytilibarenluVtnuoC

tnempoleveDnoitciderPfo

noitauqE

3

9ecniSsraeY

tsriFgnidroceR

dnalautcAdetciderP

seitilibarenluVtnuoC

.svnoitciderPlautcA

seitilibarenluVstnuoC

3

noisurtnI 31 foytilibaborPnoisurtnI

forebmuNsnoisurtnI

fowalehT""stneveerar

1

41 foytilibaborPcirteM

noisurtnIcirteM

folortnoCforebmuN

snoisurtnI

1

51 forebmuNsnoisurtnI

foytilibaborPnoisurtnI

forebmuNsnoisurtnIdlohserhT

1

71 fonoitaruDsnoisurtnI

foytilibaborPnoisurtnI

fonoitaruDsnoisurtnIdlohserhT

1

81 forebmuNsnoisurtnI

evitaleRssenevitceffEforebmuNfo

snoisurtnI

forebmuNksiRsnoisurtnI

2

91 fonoitaruDsnoisurtnI

evitaleRssenevitceffE

fonoitaruDfosnoisurtnI

fonoitaruDksiRsnoisurtnI

2

Table 6. Summary of Prediction Model Plots



ytilibarenluV ksiRepyT

fokcattA

etaDdnaemiT

fokcattA

ytireveSnoitaruD

fokcattA

ecneuqesnoC -retnuoCerusaem

fotegraTkcattA

llaweriFoN esimorpmoCetiSbeW

SoDno

etavirprotces

bewetis

-/32/850

0071hgiH ruoh1

fossoLytivitcennoC

neewtebdnatenretnI,.e.i(tenartnIsinoitcennoc)elbaliavanu

llatsnIllaweriF

-tenretnItenartnI

ytivitcennoC

forebmuNseitilibarenluv

repepytybraey

-bmuNforeskcattaepytyb

repraey

rebmuNfo

skcattayb

ytirevesraeyrep

Table 7. Cyber Security Data Requirements

number, preferably as positive as possiblebeneficial, where t = t* is the “breakeven”value. This is illustrated in Figure 19, wheret* = 10 hours is the breakeven value, and t <10 and REt < 0 — the region of risk, where itis necessary to tighten security.REt: relative effectiveness of preventing

intrusions of duration t = *t1-tConclusions

As we indicated in theIntroduction,(see December 2005 issue)the following questions are to be answeredby this research:

1) can various representations andmodels of cyber security be developedthat would provide a framework forresearchers and practitioners to advancethe field?

2) can theoretical prediction modelsbe developed to assess the risk of varioustypes of cyber attacks? and

3) can an empirical model, usingCERT data, be developed to assess therisk of vulnerabilities to cyber attacks?

In answering these questions, werefer to pertinent plots, as shown in Table6, which summarizes key characteristics.For example, the Risk model, Figure 1,identifies the maximum risk attacks,probe and DoS, and responds to question2. The researcher and practitioner canuse Table 6 as a guide to determine whichmodel, plot, variables, and key point,would be applicable to analyzing a givencyber security issue (i.e., question).

Future Research

Data Requirements

The focus of future researchwill be on validation of the modelsagainst detailed empirical data, assumingit becomes available. In order to validate



our models, or any other cyber securityprediction models, the data in Table 7,with examples, is necessary. See Figure0 (on page 9 of March 2006 RR ) for agraphical portrayal of data requirements.Appendix A contains a compilation ofdata in exiting databases. While thesedata are useful, they do not fully supportcyber security modeling.

References

[AGR04] William W. Agresti, Johns HopkinsUniversity, [email protected], “Trust BaseMetadata for CV-Carrying Code”, NavalPostgraduate School, Monterey, California,Proceedings of the Center for National SoftwareStudies, Workshop on Trustworthy Software, byJames B. Michael, Jeffrey M. Voas, and RichardC. Linger, 10 May 2004.[GRA05] Bradley Graham, Washington PostStaff Writer, “Hackers Attack Via Chinese WebSites, U.S. Agencies’ Networks Are AmongTargets”, Thursday, August 25, 2005; Page A01.[IEEE90] Standard 610.12-1990, IEEE StandardGlossary of Software Engineering Terminology.[KOR 98] Alexander D. Korzyk, Sr, VirginiaCommonwealth University and J. G. VanDyke& Associates, “A Forecasting Model for InternetSecurity Attacks”, 21st NISSC Proceedings:Papers, October 6-9, 1998: Hyatt Regency —Crystal City, Virginia.[MOO01] D. Moore, G. Voelker, and S. Savage.Inferring Internet Denial of Service Activity. InUsenix Security Symposium 2001.[PIT05] Cyber Security: “A Crisis ofPrioritization”, President’s InformationTechnology Advisory Committee, February 2005.[SCH04] Norman F. Schneidewind, DevelopingSoftware for Safety Critical Systems “WhenFailure is not an Option”, Tutorial, InternationalConference on Software Maintenance, November2004.[SCH05] Glenn Schoonover, CISSP MCSE,Microsoft Security Solutions Specialist,“Enhancing Customer Security: Built-in versus

Bolt-on”, DoD Software Tech News, SecureSoftware Engineering, JULY 2005 Vol.8. No.2.[SME83] Dr. William H. Farr, A Survey ofSoftware Reliability Modeling and Estimating,Naval Surface Weapons Center, NSWC TR 82-171, September 1983, p. 4-88.[TIN02] Laura S. Tinnel, O. Sami Saydjari, andDave Farrell, “An Analysis of Cyber Goals,Strategies, Tactics, and Techniques”, Proceedingsof the 2002 IEEE Workshop on InformationAssurance, United States Military Academy, WestPoint, NY June 2002, Cyberwar Strategy andTactics.[TUR93] Wayne C. Turner, et al, “Introduction toIndustrial and Systems Engineering”, ThirdEdition, Prentice Hall, 1993.[WAN] J Wang, AA Chien - - www-csag.ucsd.edu,“Using Overlay Networks to Resist Denial-of-Service Attacks”, UCSD-CSE Tech Report.[YUR00] William Yurcik, David Loomis, IllinoisState University, wjyurci,[email protected], andAlexander D. Korzyk, Sr., University of Idaho,[email protected], “Predicting Internet Attacks:On Developing An Effective MeasurementMethodology”, Proceedings of the 18th AnnualInternational Communications ForecastingConference (ICFC-2000) Seattle WA. USA,September 2000.[YUR01] William Yurcik and David Doss,“Internet Attacks: A Policy Framework for Rulesof Engagement”, Department of AppliedComputer Science, Illinois State University,{wjyurci,dldoss}@ilstu.edu, 2001.[ZHE05] Lantian Zheng and Andrew C. Myers,“End-to-End Availability Policies andNoninterference”, Computer Science Department,Cornell University, {zlt,andru}@cs.cornell.edu18th IEEE Computer Security FoundationsWorkshop (CSFW 18)June 20 - 22, 2005, Aix-en-Provence, France.

Appendix A

Existing Cyber Security Databases

Two national cyber security databasesare summarized below. While these tools are

Reliability Review ,Vol. 26, September 2006


useful at the micro level to provide technicaldetails of the affected software and patchremedies, the data is basically historical innature and does not provide the macro levelinformation necessary for modeling that aredetailed in Table 7. For example, loss ofavailability, due to an attack, is not includedin the database. [ZHE05]

1. National Vulnerability Database(NVD) of the National Institute ofStandards and Technology (NIST)

NVD is a comprehensive cyber securityvulnerability database that integrates allpublicly available U.S. Governmentvulnerability resources and providesreferences to industry resources. NVD is aproduct of the NIST Computer SecurityDivision and is sponsored by the Departmentof Homeland Security’s National CyberSecurity Division

NVD ExampleNational Cyber-Alert SystemVulnerability Summary:

CAN-2005-2682Original release date: 8/23/2005Last revised: 8/24/2005Source: US-CERT/NISTOverview“aspell_setup.php”in the Spell

Checker plug in in DTLink Area Edit before0.4.3 allows remote attackers to executearbitrary commands via shell meta charactersin the dictionary parameter.

ImpactSeverity: HighRange: Remotely exploitableImpact Type: Provides user account

accessReferences to Advisories, Solutions,and Tools

External Source: (disclaimer)Type: Patch Information

Hyperlink:http:// www. formvista.com/otherprojects/areaedit

External Source: (disclaimer)Type: Patch InformationHyperlink:http: // www.formvista.com/forum.html?

External Source: SECUNIA (disclaimer)

Name: 16511Type: Advisory , Patch InformationHyperlink: http://secunia.com/

advisories/16511Vulnerable software and versionsDTLink, AreaEdit, 0.4.2, and

previousTechnical DetailsVulnerability Type: Input Validation

Error

2. National Cyber Alert SystemTechnical Cyber Security Alert

TA05-221Arelease date: August 09, 2005Last revised: —Source: US-CERTSystems AffectedMicrosoft WindowsMicrosoft Internet ExplorerFor more complete information, refer

to the Microsoft Security Bulletin Summaryfor August, 2005.

OverviewMicrosoft has released updates that

address critical vulnerabilities in Windowsand Internet Explorer. Exploitation of thesevulnerabilities could allow a remote,unauthenticated attacker to execute arbitrarycode or cause a denial of service on anaffected system.

I. DescriptionMicrosoft Security Bulletins for

COMP=forum&cmd=view_thread&(fvs)cs_forums_threads_ref=47


CYBER SECURITY (CONT)August, 2005 address vulnerabilities inWindows and Internet Explorer. Furtherinformation is available in the followingVulnerability Notes:

VU#965206 - Microsoft InternetExplorer JPEG rendering library vulnerable tobuffer overflow

Microsoft Internet Explorer contains aflaw related to JPEG image rendering that mayallow an attacker to remotely execute arbitrarycode.

(CAN-2005-1988)VU#959049 - Several COM objects

cause memory corruption in Internet ExplorerMicrosoft Internet Explorer allows

instantiation of non-ActiveX COM objects,which may allow an attacker to execute arbitrarycode or crash Internet Explorer.

(CAN-2005-1990)VU#998653 - Microsoft Plug and Play

contains a buffer overflow vulnerabilityMicrosoft Plug and Play contains a flaw

in the handling of message buffers that mayresult in a local or remote denial-of-servicecondition and arbitrary code execution.

(CAN-2005-1983)VU#490628 - Microsoft Remote

Desktop Protocol service contains anunspecified vulnerability

An input validation error in theMicrosoft Remote Desktop Protocol (RDP)service may allow a remote attacker to cause adenial-of-service condition.

(CAN-2005-1218)VU#220821 - Microsoft Print Spooler

service contains a buffer overflowA buffer overflow in the Microsoft

Print Spooler service may allow a remoteattacker to execute arbitrary code on a vulnerablesystem.

(CAN-2005-1984)II. Impact

Exploitation of these vulnerabilities mayallow a remote, unauthenticated attacker toexecute arbitrary code with SYSTEM privilegesor with the privileges of the user. If the user is

logged on with administrative privileges, theattacker could take complete control of anaffected system. An attacker may also be ableto cause a denial of service.

III. SolutionApply Updates:Microsoft has provided the updates

for these vulnerabilities in the SecurityBulletins and on the Microsoft Update site.

Workarounds :Please see the individual

Vulnerability Notes for workarounds.

Ed Note: The complete work by Prof.Schneidewind includes Appendix B: DoubleExponential Smoothing Models and theirinterpretation. We omittedAppendix B .Wemay publish the entire content of this fourpart series and the complete Appendix as afifty page monograph if RR readers expressinterest in purchase of same. If this interestsyou communicate your interest via e-mailor postal mail to the RR Executive Editor.

SOFTWARE RELIABILITY (CONT)Symposium on Software Reliability Engineering(ISSRE’03), 2003, IEEE.[SCH97] Norman F. Schneidewind, “ReliabilityModeling for Safety Critical Software”, IEEETransactions on Reliability, Vol. 46, No.1, March1997, pp.88-98.[XIE91] Min Xie, Software Reliability Modelling,World Scientific, 1991.[YAS97] Yashwant K. Malaiya and Jason Denton,Computer Science Department, Colorado StateUniversity, Fort Collins, CO 80523, “What Do theSoftware Reliability Growth Model ParametersRepresent? Proceedings 8th International SymposiumOn Software Reliability Engineering, 1997,Albuquerque, NM. Pages 124-135.

Ed Note: We will continue this article inour December 2006 issue. Remainingtopics to be presented are:

· Experiment #4: Evaluating Modelswith actual NASA GSFS satellite data.

· Conclusions Based Upon the Experi-ments


RELIABILITY EVENTS

CALENDAR

Sept. 18-22 ReliabilityEngineering, D o E,FMEA

Location: Las VegasContact: ASQ EducationURL: www.asg.org/educationPhone: 800-248-1946

Oct. 18-20 Fault Tree Analysis/Toolkit Workshop

Location: CaliforniaContact: Dr. Marvin RoushURL: www.itemsoft.comPhone: 714/935-2900

October 21 CRE ExaminationLocation: ASQ SectionSponsor: ASQ-RDContact: www.asq.org/certification

Oct. 23-27 Annual SystemsEngineering Conf.

Location: San Diego, CASponsor: Nat.Def.Ind.Ass’n.Contact: [email protected]

Nov.13-16 Applied ReliabilityEngineering & Mgt.

Location: Tucson, AZSponsor: Univ. ArizonaURL: www.u.arizona.edu/~dimitri

Various Reliability EducationCourses

Location: VariousSponsor: ReliaSoftURL: http://Seminars.ReliaSoft.com

December. 6 Applied ReliabilityEngineering Course

Location: CaliforniaSponsor: Item SoftwareContact: Dr. M. Roush 714/935-2900

IMPORTANT NOTICE

Reliability Review DeliveryASQ has made a change in the

Member Database which impacted theinformation we receive. We were using thedatabase information concerning memberE-mail preferences to identify RD memberswho had agreed to receive their copy of RRas a PDF ( which they accessed via the RDwebsite link). The change introduced byASQ renders the data base of no value fordisclosure of the RD member preferenceconcerning RR delivery! Now, we must setup and maintain our own database of RDmembers. One that identifies whichmembers prefer postal delivery of theircopy of RR and maintains the curremt E-Mail address of each RD member who iswilling to accept the PDF version of RR.Note: We are very appreciative of the many(over 60%) members accepting the PDF inlieu of postal delivery. The substantial costsavings in postage enables RD to operatewithin budget without a dues increase.

Nonetheless, we understand othermembers do require the hard copy.Therefore, in July we sent an E-mail noticeto all members concerning this data basematter.. Each RD member, except ForumMember, who requires postal delivery oftheir copy is to notify Linda Milanowskivia E-mail , postal mail or phone message.Linda’s contact info: phone 1-800-248-1946, ext 7239; E-mail : [email protected], or via postal mail: ASQ,Community Care, P.O. Box 3005,Milwaukee, WI 53201. Many have alreadyresponded to Linda. Those who respondedto Linda since the July E-mail notice arenow entered in our RR mailing database.We lack E-mail addresses of some.Hopefully, we are reaching them via thismessage.

NEWS OF THE DIVISION


RELIABILITY DIVISION ASQPublications Office

email: [email protected] FOLLOWING SPECIAL PUBLICATIONS ARE CURRENTLY OFFERED:

Practical Weibull AnalysisA new edition of the popular primer for R & Q Engineers

Available NOW- $26.00 per copy

Mechanical Design Reliability PrimerThe second printing is now available. - $22.00 per copy

Practical Accelerated Life TestingA 130 page monograph based upon recent RR series.- $30.00 per copy

Credible Reliability PredictionExtends prediction and use of field data for reliability growth.

$25.00 per copy

Homeland Security & Reliability-Airport ModelA new 58 page monograph.

$15.00 per copy

ORDER FORM

FOR: _______________________________________C/O_________________________

Delivery Address _______________________________________________

_________________________________________________________________

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>PUBLICATION Q T Y . P R I C E

TOTALHomeland Security & Reliability

Airport Model ______________ ______ x 15.00 = ______

Practical Weibull Analysis (4th Edition) ______ x 26.00 = ______

Mechanical Design- Reliability Primer _ ____ x 22.00 = ______

Practical Accelerated Life Testing ______ x 30.00 = ______

Object-Oriented Systems Reliability _ _ _ _ _ _ x 25.00 = ______

Credible Reliability Prediction ______ x 25.00 = ______

S U B - T O T A L $ _ _ _ _ _ _ _

S & H each book: ( U.S. $5.00; Others $10.00 ) x qty.books ____ Add $_________

PLEASE ENCLOSE U.S. CHECK FOR TOTAL $ __________

[ PREPAID OR COD ORDERS ONLY, NO CREDIT CARDS ]

SEND ORDER TO: Williams Enterprises, 2678 Brown Bear Court. Cool, CA 95614

Reliability Review Vol. 26,September 2006

R & M Monographs

Mech anical Desi gn - Reliability Prim erby Jam es A. M cLinn, Fellow, ASQ

A first edition available at $22.00 each plus postage.Use order form on p.30.Mechanical design reliabi lity has been a sparsely covered topic. This monogr aphis i nstructive t o engi neers des iring t o s et up and or gani ze bas ic m echani calengineer ing. It addresse s the concepts of stress, strain, tension , shear and fatigueas well as tim e dependenc e in sim ple models.Acce lerated life, M iner�s rule andnon-norm al strength and load distributions are modeled and illustrated.

Pract ical Weibul l Analysi sby Jam es A. M cLinn, Fellow, ASQ

Fourth Edition - Available NOW at $26.00 each, plus postage. Use order form onp.30. This monogr aph responds to the expressed desire of engineers for a practicaldiscu ssi on of t he es sential t opics o n W eibull t echniques . M ost t extbooks on t hesubject requi re extensive statist ical backg round. This book was designed to be directand to the point. It leads the reader through the basic principles employed in W eibullAnalysi s. Sim ple and useful examples illustrate appl ication of the m ethods to typicalreliabi lity and m aintainabi lity anal yse s.

Credible Reliability Predict ionby Laurence George, Ph.D., ASQ Fellow

Dr. George del ineates m ethods he has refined over two decades , extending M TBFpredict ion to complex , redundant , stand-by, and life-lim ited syst ems. The m ethodaccommodates us e of f ield dat a as r eceived f or pr edict ion updat ing, r eliabi litygrowth monitoring and continuing asse ssm ents throughout the produc t life cycl e.O rder this first edition now. $25.00 per copy, plus postage. O rder form on page 30.

PRACTICAL ACCELERATED LI FE TESTINGby James A M cLinn, CRE, Fellow ASQ

A 130 page book developed from the recen t series featured in Reliabi lity Revi ew. The author uni quelydelineates the preparatory steps and gui delines for administration of accel erated life test planni ng. The bookcontains eight sect ions: a brief history, appl icat ions of the techniques, guidelines for test envi ronment select ion,test m ethods, parameters, sample si ze deci si on, and models for Reliability Analysis. of ALT. Importantgroundr ules and gui delines to avoi d pi tfal ls are given. References for suppl emental reading are included.

Member Price $30.00 plus $5.00 S&H; $10.00 outsi de Nor th Ameri ca ORDER NOW fro m W illiams Enterp ri ses use for m on page 30

Reliability Review,Vol. 26, September2006 Page 32

RELIABILITY DIVISIONAmerican Society for Quality

www.asq.org/reliability/The RELIABILITY DIVISION is a major professional specialty association within the framework of the AmericanSociety for Quality. Its members have a particular expertise and interest in reliaiblity and related disciplines. Divisionactivities are concerned with reliability, maintainability, quality, safety, and effectiveness of products, processes, andservices and with related topics such as product liability and risk management.

AnyASQ member may choose to become a division member. Annual dues for the Reliability Division is $9.00. Membersreceive the Reliability Review and are eligible to receive other benefits as offered by the Division. Participation inDivision activities provides excellent and unique opportunities for professional growth and service.

COUNCIL OFFICERS (2006-2007)

REGIONAL COUNCILORS

Region 15 CouncilorH.M. Wadsworth, Ph.D.

660 Valley Green Dr. N.E.Atlanta, GA 30342

(404) [email protected]

Region 3 CouncilorTBD

Region 4 CouncilorTim Yaworski

Business Analyst-6SigmaDominion Exploration

Calgary, Alberta T3J 4P8(403) 650-0254

[email protected]

Region 11 CouncilorHugh Broome

3 Sweetwater Dr.Johnson City, TN 37615


Region 7 CouncilorJohn A. Miller

6202 Sonoma DriveHuntington Beach, CA 92647


Chair Chair Elect Vice Chair Regions Vice Chair MembershipL.M. (Woody) Rabon916 Leyland Drive

Florence, SC 2 9501(843) 662-9557

[email protected]

James McLinn10644 Ginseng Ln.

Hanover, MN 55341(763) [email protected]

Sailesh Kapadia2553 Glenwood Dr.Wexford, PA 15090


Region 1 CouncilorMike Malcos1008 East St.

Carlisle, MA 01741(978) 369-8868

[email protected]

Region 14 CouncilorJames Chris Deepak

HalliburtonHouston, TX 77032


Region 2 CouncilorDave Auda

42 Gorton Ave.Hilton, NY 14468


Region 10 CouncilorRajinder Kapur

Q. Mgr. Gehring Group179 Pheasant RunTroy, MI 48098(248) 427-3954

Region 6 CouncilorDawn Onalfo

SBC Services Inc.38639 Spetti Ct.

Fremont, CA 94536(925) 824-6988

Region 25 Councilor Deepak Dave

Kansas City, MO 64153(816) 270-8771

[email protected]

Region 12 CouncilorKen Schmidt

Region 8 CouncilorBrad Nelson

tbdWashington, DC(703) 480-2617

Fred Schenkelberg15559 Union Ave.

Los Gatos, CA 95030 (408)[email protected]

Secretary Treasurer Jr. Past ChairGary Wasserman

4556 Pine Village Dr.W.Bloomfield, MI 48323


R. Brad Nelsontbd

Washington, DC(703) 480-2617

[email protected]

Region 13 Councilor Deepak Dave

Harley Davidson Mtr. Co. Kansas City, MO 64153


Region 9 CouncilorGlenn Gee

7 Rosebud CourtTerre Haute, IN 47803


Region 5 CouncilorFred Smith

Tyco Electronics Corp.Dir. U.S. Engineering Assur.

Harrisburg, PA 17105(717) 810-3324

[email protected]

Postage Paid at Auburn, CA and

additional mailing offices

Reliability R

eviewT

HE

TECH

NIC

AL

FOR

UM

FOR

ENG

INEER

S,PR

OFESSIO

NA

LS

ENSU

RIN

GEX

CELLEN

CE

IND

ESIGN ,

DEV

ELOPM

ENT

AN

DPR

OD

UC

TION

OF

SYSTEM

S ,C

OM

PON

ENTS,

MATER

IALS,

SOFTW

ARE,

PROD

UCTS

AN

DSERV

ICES

ACH

IEVING

SIXSIG

MA

SYSTEMS

THRO

UG

H

STR

ATEG

ICD

EPLO

YMEN

TO

F

RELIAB

ILITY ,A

VAILA

BILITY,

DEPEN

DA

BILITY

MA

INTA

INA

BILITY,

SYSTEMS

ENG

INEERIN

G,RISK

MA

NA

GEM

ENT,

SYSTEMS

SAFETY

NO

N-PR

OFIT O

RG

.U

.S.POSTAG

E PAIDAU

BUR

N, C

A 95603PER

MIT N

O.128

POSTMASTER: Send Address Changes (PS Form

3547) to:A

merican Society for Q

uality

P.O.B

ox 3005M

ILWA

UK

EE, WI 53201-3005

PUB

LISHER

: WILLIA

MS EN

TERPR

ISESfor R

eliability Divisiom

, ASQ

reliability revie€¦ · · 2017-09-09page 5 reliability review vol. 26, september 2006...

Documents