I published several papers and theses which are provided below. For the theses I used the wiss doc package by Roland Bless.

My assignment at TOCSYC at the MDH in Västerås under guidance of Prof. Dr. Paul Pettersson starts in November 2015.

Before that,

My current Erdös number is 4. My research papers might be easier to view on Research Gate or on the university website. I know that this website is ugly and promise I will make it nice and neat as soon as I find the time :-)

abstract:
Autonomously driving vehicles appeared on the canvas of science in the middle of the twentieth century and have since then been the subject of many generations of researchers. One application of autonomous driving is platooning, where cars autonomously follow each other in very close distance. This application is motivated by fuel savings, labor decrease, increase in road capacity and higher safety. To achieve platooning capability, vehicles require sensors, intelligent processing systems, and communication devices. This paper provides a study in which cars communicate to measure the system performance in terms of successful message transmission probability, also referred to as the integrity of wireless communication. The communication is one crucial part of the chain of the safety functionality of an orchestrated braking maneuver in a platoon, located between the car initiating the braking and all other members of the platoon. The numerical results target the influence of parameters like transmission power, channel gain, interference noise, and total number of involved vehicles.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The bibtex is available here.

abstract:
Vehicular ad-hoc networks (VANETs) offer a diverse set of applications and therefore gain more and more attention from both academic and industrial communities. However, the deployment of VANETs is not very straight-forward. One challenge is highlighted by an uphill task of establishing and subsequently sustaining a robust communication. The need to obviate extra relay infrastructure in dynamically fluctuating topologies plus concurring shielding obstacles only magnifies this arduous task. In this context, information about traffic-density and about its estimated progress are valuable assets to tackle this issue. This paper proposes a novel routing protocol called Traffic Aware Segment-based Routing (TASR) protocol. The proposed protocol comprises two major parts: 1) Real-time vehicular traffic information for route selection allows for calculating the Expected Connectivity Degree (ECD) on different segments, and 2) a new forwarding method based on geographical information transfers packets from source to destination node. The new metric ECD takes vehicle densities into account, estimating the connectivity on each segment and thus the connectivity of nodes and data delivery ratio for transmitting packets. Furthermore, extensive simulations help analyzing the efficiency of TASR, indicating that it outperforms competing routing protocols.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The bibtex is available here.

abstract:
This paper presents an adapter to link the Matlab/Simulink model of a custom braking system into an open-source road traffic simulator, namely SUMO. The traditional braking models in SUMO work on a coarser level, generally modeling the deceleration of the vehicle based on a single equation. Substituting this model with a detailed system allows adjustments on a very low level, including delays between components, the traction of individual tires, and controllers for the anti-locking system by simulating those in Simulink. Besides introducing the novel adapter linked into SUMO and discussing parameter fitting to mimic the behavior of the traditional braking system, this paper discusses the amount of performance deterioration as the price for simulating a more sophisticated braking system.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The bibtex is available here.

abstract:
One common challenge when partners from industry and academia collaborate to determine safety properties of systems, is that terms have different meanings in different domains. This paper provides a collection of relevant terms and explains it in the context of (but not limited to) testing for non-functional properties. The selected terms are connected in a taxonomy, painting the bigger picture, providing relevant references, and connecting the selected terms.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The slides from my talk are also available.
The bibtex is available here.

abstract:
Mechanical systems in cars are being replaced by electronic equivalents. To be authorized for the road, validation is required that the replacements are at least as good as the old systems. For braking systems, this goodness translates to safety in terms of maintaining timing constraints. This paper presents work-in-progress in the light of discusses the state-of-the-art. The goal is to motivate the connection of a Simulink model of a brake-by-wire system in a traffic simulator for conducting the required validation. The validation focuses on non-functional safety impacted by timing and environmental influences. This can be exploited for instance to justify more expensive real world experimentation or to determine the boundaries to which sufficient safety can be guaranteed.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The slides from my talk are also available.
The bibtex is available here.

abstract:
Driven by road safety requirements and intelligent traffic control, Vehicular Ad-hoc Networks (VANETs) have been attracting significant interest in both academia and industry. One key goal of VANETs is to provide sufficient Quality-of-Service (QoS) for real-time safety applications. The MAC protocol for VANETs is crucial to provide for an efficient and reliable medium access. The challenge is to design it to be able to cope with rapid topology changes, high node mobility [1] and different QoS requirements. Safety applications require a high reliability and a bounded delay while non-critical applications are rather throughput sensitive [2]. These applications facilitate wireless broadcast warning messages between neighboring vehicles to inform drivers on time about dangerous situations like accidents. The IEEE 1609.4 standard defines a MAC layer implementation for multichannel operations in VANETs for such broadcasts. In this poster paper, we present a distributed hybrid MAC scheme for emergency systems. The proposed scheme improves the Control Channel (CCH) utilization and uniformly distributes the load on Service Channels (SCHs). In the proposed scheme, the network switches its mode from general to emergency in order to effectively utilize common service channels thus increase the probability for timely reception of messages. In addition, the proposed scheme reduces the rate of transmission collisions and latency, thus resulting in high probability of message delivery. The proposed MAC scheme is simulated and compared with the existing competitors. The obtained results depict that the proposed hybrid scheme outperforms its competitors and thus validates its performance.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The bibtex is available here.

abstract:
In the last decade, cooperative communication and network coding techniques gained rising attention. Based on these techniques, this paper introduces a novel protocol called cooperation and network coding based MAC (CNCMAC) for vehicular ad-hoc networks (VANETs). It employs cooperative automatic repeat request (ARQ) and network coding techniques to enhance throughput. The CNC-MAC protocol works in two phases. In the first phase - cooperation - data is sent to relay nodes. The second phase - network coding - minimizes received packets. The performance of the CNC-MAC protocol is compared with cooperative ARQ-MAC, another common protocol in this domain. The simulation results indicate that CNC-MAC outperforms ARQ-MAC.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The bibtex is available here.

abstract:
Traffic flow simulation is exploited for estimating the probability that a message - a hazard warning in this case - is correctly transmitted to an approaching car in time, that is, before overstepping a safety threshold. The results derived by simulation provide valuable insights in the functional relation between the numerous authoritative parameters and the reliability of timely message reception.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The slides from my talk are also available.
The bibtex is available here.

abstract:
The present book focuses on distributed Systems operating under probabilistic influences like faults. How well can such systems provide their service under the effects of faults? How well can they recover from faults? The present thesis introduces with limiting window availability a suitable measure to answer such questions, and presents a method for its computation. For the computation, the transition models of the systems are constructed, which are exponential in the size of the constituting system models. This is known as state space explosion. Combining decomposition and lumping - methods for state space reduction from the domain of model checking - allows to dampen the state space explosion.

sources:
Please contact me if you would like a copy or buy it here. I can send a copy from either Sweden or Germany.
For teaching purposes you can get it here. Please not that the online thesis differs slightly in pagenumber from the final offline book.
The bibtex is available here.
The slides from my disputation are also available here.

abstract:
Determining performance and fault tolerance properties of distributed systems is a challenging task. One common approach to quantify such properties is to construct the state space and a transition model of the distributed system that is to be evaluated. The challenge lies in the state space being exponentially large in the size of the system. One popular approach to tackle this challenge is to combine decomposition and lumping. The system is decomposed, transition models of the subsystems are constructed and minimized by lumping bisimilar states under an equivalence relation, and the intermediate marginal transition systems are composed to construct the minimal aggregate transition model. The approach allows to circumvent the necessity to construct a full transition model while preserving the ability to compute precise measures. The decomposition yet hinges on the structure of the communication within the system. When processes do not influence each other, decomposition is trivial as it is arbitrary. On the contrary, when all processes are influenced by all other processes - known as heterarchical structure - systems cannot be decomposed at all. Between systems of independent and heterarchical processes are i) hierarchically structured systems and ii) systems that are globally hierarchical, but contain locally heterarchical subsystems. The hierarchical type has been addressed elsewhere. This paper targets the second type - referred to as semi-hierarchically structured -, thus expanding the frontier from decomposing purely hierarchically structured systems to decomposing semi-hierarchically structured systems. Furthermore, this paper points out the role of different types of execution semantics regarding the decomposition.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The slides from my talk are also available.
The bibtex is available here.

abstract:
Power grids are parallel systems in which consumers demand a shared resource independent of each other. A blackout occurs when the total demand increases or decreases too rapidly. This paper combines methods and concepts from three domains. The first one stems from estimating the power consumption based on thermostatically controlled loads via Markov chains. The second domain provides the composition of parallel systems enriched by intermediate lumping to construct a minimal aggregate transition model, in this case of a community of housings. The third domain provides reasoning about fault tolerance properties by introducing limiting window reliability as measure, suitable to account for the continuous risk of blackouts. Combined, the three methods and concepts allow to determine the risk of blackout of a community over time.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The slides from my talk are also available.
The bibtex is available here.

abstract:
Residential thermostatically controlled loads (TCLs) have potential for electricity market participation. This is because we can control a large group of these loads to achieve aggregate system behavior such as following variable wind energy output while ensuring the control actions are non-disruptive to the end users. A main challenge in controlling aggregate behavior of TCLs is developing dynamical system models that are simple enough for optimization and control, but rich enough to capture the behavior of the aggregate loads. In this work, we propose three classes of models, which approximate aggregate TCL dynamics. We analyze these models in terms of their accuracy and computational tractability. The three model classes we propose demonstrate a progression from analysis and prediction of TCL population behavior towards large-scale automatic control of the power consumption of the population. In the process we demonstrate how formal methods from computer science and optimal control can be deployed to this complex problem, leading to improved theoretically sound analysis results and control performance. The results of our investigation address derivation of bounds on modeling error, trajectory tracking guarantees and the potential of TCLs for arbitrage. For all classes of models proposed, the analytic results decrease as model heterogeneity is introduced. Thus, we motivate further development of analytical tools and modeling approaches to best investigate TCL potential in electricity market.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The bibtex is available here.

abstract:
Fault tolerance measures of distributed systems can be calculated precisely by state space analysis of the Markov chain corresponding to the product of the system components. The power of such an approach is inherently confined by the state space explosion, i.e. the exponential growth of the Markov chain in the size of the underlying system. We propose a decompositional method to alleviate this limitation. Lumping is a well-known reduction technique facilitating computation of the relevant measures on the quotient of the Markov chain under lumping equivalence. In order to avoid computation of lumping equivalences on intractably large Markov chains, we propose a system decomposition supporting local lumping on the considerably smaller Markov chains of the subsystems. Recomposing the lumped Markov chains of the subsystems constructs a lumped transition model of the whole system, thus avoiding the construction of the full product chain. An example demonstrates how the limiting window availability (i.e. a particular fault tolerance measure) can be computed for a self-stabilizing system exploiting lumping and decomposition.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The bibtex is available here.

abstract:
In september 2012 I attended the Joint Workshop on Compositional Modelling and Analysis of Quantitative Systems in Edinburgh, contributing the following poster.

sources:
The poster is not copyright protected and accesible here.

abstract:
Verifying fault tolerance properties of a distributed system can be achieved by state space analysis via Markov chains. Yet, the power of such exact analytic methods is confined by exponential growth of the chain's state space in the size of the system modeled. We propose a method that alleviates this limit. Lumping is a well known reduction technique that can be applied to a Markov chain to prune redundant information. We propose a system decomposition to employ lumping piecewise on the considerably smaller Markov chains of the subsystems which are much more likely to be tractable. Recomposing the lumped Markov chains of the subsystems results in a state space that is likely to be considerably smaller. An example demonstrates how the limiting window availability (i.e. a fault tolerance property) can be computed for a system while exploiting the combination of lumping and decomposition.

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it here.
The slides from my talk are also available.
The paper was selected for the best paper award here.
The bibtex is available here.

abstract:
Self-stabilizing systems, intended to run for a long time, commonly have to cope with transient faults during their mission. We model the behavior of a distributed self-stabilizing system under such a fault model as a Markov chain. Adding fault detection to a self-correcting non-masking fault tolerant system is required to progress from non-masking systems towards their masking fault tolerant functional equivalents. We introduce a novel measure, called limiting window availability (LWA) and apply it on self-stabilizing systems in order to quantify the probability of (masked) stabilization against the time that is needed for stabilization. We show how to calculate LWA based on Markov chains: first, by a straightforward Markov chain modeling and second, by using a suitable abstraction resulting in a space-reduced Markov chain. The proposed abstraction can in particular be applied to spot fault tolerance bottlenecks in the system design.

sources:
Please contact me if you would like a copy.
For teaching purposes you can get it also get it here.
The bibtex is available here.

Please note that the assumption coverage in the original paper contains an error. An erratum correcting this error is available here.
The bibtex is available here.

abstract:
The internal colloquium is, in the process of becoming a PhD, the last step before writing up. It is open for everyone and destined to discuss the quality of the contribution to the state of the art. Besides numerous colleague PhD candidates, Profs. Theel, Olderog, Fränzle, Winter and Hahn attended the audition.

sources:
The slides from my talk are available.

abstract:
For mutual fertilization, the TUM invited me along with Sven Linker, Tino Teige and Mani Swaminathan under guidance of Prof. Dr. Ernst-Rüdiger Olderog.

sources:
The slides from my talk are available.

abstract:
What to do if at a given time a service dearly required is unavailable? Is it a good strategy to simply invoke the service again (and again)? How many times should one retry in such a situation in order to get a the service delivered with a reasonably high probability but without "losing too much time?" In this paper, we explore the relation between time redundancy that a system can utilize to cope with faults and the increase of system availability. We propose a generalization of instantaneous availability called instantaneous window availability to systematize our approach. We then present two methods for deriving trade-off solutions in terms of average instantaneous window availability, namely Markov model analysis and discrete-time simulation. We apply these methods to two instances of a self-stabilizing system and discuss the outcome.

sources:
Please contact me if you would like a copy...
For teaching purposes you can get it also get it here.
The slides from my talk are also available.
The bibtex is available here.
The slides from my presentation at the QUT can be found here.

abstract:
In August i was giving a lecture at the University of Helsinki about writing simulation tools in Erlang for the derivation of fault tolerance measures. The intent was to give students that learn the functional language scala a different point of view and to motivate them by showing the possibilities one gets using functional programming style.

sources:
Lecture Slides

abstract:
Fault tolerance measures can be used to distinguish between different self-stabilizing solutions to the same problem. However, derivation of these measures via analysis suffers from limitations with respect to scalability of and applicability to a wide class of self-stabilizing distributed algorithms. We describe a simulation framework to derive fault tolerance measures for self-stabilizing algorithms which can deal with the complete class of self-stabilizing algorithms. We show the advantages of the simulation framework in contrast to the analytical approach not only by means of accuracy of results, range of applicable scenarios and performance, but also for investigation of the influence of schedulers on a meta level and the possibility to simulate large scale systems featuring dynamic fault probabilities. Keywords: Fault Tolerance, Self-Stabilization, Simulation, Reliability, Availability

sources:
Please contact me if you would like a copy or buy it here.
For teaching purposes you can get it also get it here.
The slides from my talk are also available.
The bibtex is available here.

abstract:
Fault tolerance measures such as reliability and availability are employed to select the most suitable fault tolerant system to be deployed under a given environment. Although such measures have been defined for masking fault tolerant systems, until recently they were not defined for non-masking fault tolerant systems. In [War06], a procedure has been outlined to determine the reliability, instantaneous availability and limiting availability for self-stabilizing distributed algorithms[Dol00] using Markov-chains. The procedure utilizes a method similar to predicate abstraction to reduce the state space of a self-stabilizing system and derives the Markov-chain representing the abstracted system. However, assumption about fault-propagation and approximations introduced by the abstraction technique hinder the accuracy of the measures obtained. Simulation of the distributed algorithms can be used to determine more accurate transition probabilities and hence can be used to fine tune the Markov-chains representing the abstraction technique. Such a simulator can also facilitate the study of the variation of reliability and availability due to fault profile of the environment.
This work is concerned with the development of a simulator which can simulate a selfstabilizing distributed algorithm’s behavior under transient faults. It also provides a mechanism for fault injection along with facility to vary the error probability distribution. The simulator is written in the purely functional concurrent language Erlang and provides the possibility to record measures which can be fed to external tools for further analysis. Erlang was chosen for its abilities in distributed concurrent computing. The simulation results are used to verify the metrics obtained from the analysis procedure described in [War06]. This work provides insights as to how to improve the fault tolerance metrics of a given self-stabilizing algorithm based on the results from the simulations. Also the fine tuning of the analysis procedure based on feedback from the simulator is available. A complete user manual of the simulator is enclosed with this thesis.

note:
This thesis was submitted as Diplomarbeit, coinciding formally with a Master thesis according to today's standards.

sources:
master thesis
enclosed manual
original source code (Windows)
original source code (Linux)
optimized source code (Linux) The bibtex is available here.

abstract:
What this work is: This work gives an insight into the small field of logical functional languages. While ALF, Curry, Erlang, Leda, Mercury and Oz/Mozart are mentioned, only Curry, Erlang and Mercury are eyed more precisely, by comparing the effort to learn a language (Section 4.1), the presumable future perspective (Section 4.2) and the field of application (Section 4.3). What this work is not: This work is not detailed on all logical functional languages. It focuses Curry, Erlang and Mercury. The implementation used in Section 4.4 does not work in real life. It is currently impossible to break an AES-128-CBC-Cipher by using brute-force-algorithms. The algorithms used in this work are used to measure computing-times. This work is divided into four parts. Chapter 1 contains the motivation. Chapter 2 gives an orientation what the paradigms logical and functional mean and why I focus on three languages. In Chapter 3 the technologies used for this work will be in the focus. Because none of the languages is commonly known, characteristic features are discussed, which would otherwise be kept barred if one is not in touch with the applied technology. In Chapter 4 the comparison takes place with the criteria mentioned above. Also, a benchmark has been implemented in Erlang and Java to compare the performance of the promising logical-functional sector against one standard language which is widespreaded and well known. It has not been implemented in Curry and Mercury for reasons which will be discussed in this thesis.

note:
This thesis was submitted as individuelles Projekt, coinciding formally with a Bachelor thesis according to today's standards.

sources:
bachelor thesis
java source code
erlang source code

webdesign originally by tri-star web design
site hosted by University of Oldenburg