A system and method for providing ontology objects for use in a metamodeling environment is disclosed herein. The method comprises (a) providing a framework for creating a metamodel, wherein the metamodel comprises one or more entities, relationships, and semantics and the framework accepts input from a user to create the entities, relationships, and semantics, (b) generating ontology objects, wherein the ontology objects comprise source code for one or more classes, and wherein each class corresponds to one of the entities; and (c) compiling the source code. Further, the method may comprise detecting that a change has been made to the metamodel, updating the ontology objects to reflect the change to the metamodel, wherein updating the ontology objects comprises generating new source code for one or more classes; and compiling the new source code.

US Patent Number 2005/0091036 A1
A natural language parser creates parsed commands or output for an external system from user commands entered on a user interface. The parser utilizes symbols arranged in an object-oriented hierarchical manner, and a grammar information and state table to constrain language inputs so that they conform to requirements of the external system. The parser provides feedback to the user via the user interface to assist in the formation of valid output to the external system and reduce the complexity for the user. The parser may be applied to the field of control systems in general, as well as a flight control system for an aircraft.

US Patent Number 2005/0091601 A1
An interaction design system (12) may be used by a designer to design a user interface. The designer supplies the interaction design system with a domain model (22) that contains information characterizing an application in a domain, a user model (24) that contains information characterizing the users of the user interface, a task model (26) that contains task primitives to be performed between the user and the user interface and the type of information required by the task primitives, and a device model (28) that contains information characterizing the interaction delivery devices that are available to deliver the user interface. The interaction design system (10) then matches the interaction delivery devices in the device model (28) to the type of information required by the task primitives and to the information characterizing the users, matches presentation objects (30) to the task primitives and to the information of the domain model (22), and generates the user interface based on the matches (32).

Coordinating multiple overlapping defense mechanisms, at differing levels of abstraction, is fraught with the potential for misconfiguration, so there is strong motivation to generate policies for those mechanisms from a single specification in order to avoid that risk. This paper presents our experience and the lessons learned as we developed, validated and coordinated network communication security policies for a defense-in-depth enabled system that withstood sustained red team attack. Network communication was mediated by host-based firewalls, process domain mechanisms and application-level security policies enforced by the Java virtual machine. We coordinated the policies across the layers using a variety of tools, but we discovered that, at least for defense-in-depth enabled systems, constructing a single specification from which to derive all policies is probably neither practical nor even desirable.

We report on the results of applying classical planning techniques to the problem of analyzing computer network vulnerabilities. Specifically, we are concerned with the generation of Adversary Courses of Action, which are extended sequences of exploits leading from some initial state to an attacker’s goal. In this application, we have demonstrated the generation of attack plans for a simple but realistic web-based document control system, with excellent performance com- pared to the prevailing state of the art in this area. In addition to the new capabilities gained in the area of vulnerability analysis, this implementation provided some insights into performance and modeling issues for classical planning systems, both specifically with regard to METRIC-FF and other forward heuristic planners, and more generally for classical planning. To facilitate additional work in this area, the domain model on which this work was done will be made freely available. See the paper’s Conclusion for details.

In 2002, the Defense Advanced Research Projects Agency (DARPA) challenged the research community to design and demonstrate an unprecedented level of survivability for an existing US Department of Defense (DoD) information system by combining Commercial-Off-The-Shelf (COTS) technologies with those developed by DARPA. The development team, led by BBN Technologies, produced a solution architecture entitled Designing Protection and Adaptation into a Survivability Architecture (DPASA).

The Avionics Full Duplex Switched Ethernet (AFDX) has been developed to provide reliable data exchange with strong data transmission time guarantees in internal communication of the aircraft. The AFDX design is based on the principle of a switched network with physically redundant links to support availability and be tolerant to transmission and link failures in the network. In this work, we develop a formal model of the AFDX frame management to ascertain the reliability properties of the design. To capture the precise temporal semantics, we model the system as a network of timed automata and use UPPAAL to model-check for the desired properties expressed in CTL. Our analysis indicates that the design of the AFDX frame management is vulnerable to faults such as network babbling which can trigger unwarranted system resets. We show that these problems can be alleviated by modifying the original design to include a priority queue at the receiver for storing the frames. We also suggest communicating redundant copies of the reset message to achieve tolerance to network babbling.

An extremely secure method for keying source contents to a source storage medium provided to prevent use of unauthorized copies at minimal cost. The host processor combines a unique, immutable and verifiable physical attribute of a hard disk drive, i.e., the drive’s defect list, with the content to be secured to write a corresponding fingerprinted encrypted content on a source medium. When a local processor wants to use the sanctioned source content, the fingerprinted content is read from a local storage medium. The local processor then decrypts and separates the defect list out of the source content and reads the local storage medium defect list. If the decrypted defect list matches the local storage medium defect list, then the local processor recognizes the local sanctioned medium and continues processing the source contents. Otherwise, a non-matching defect list indicates an unauthorized copy from the source to the local storage medium.

The annual ICAPS conference series was formed in 2003 through the merger of two pre-existing biennial conferences, the International Conference on Artificial Intelligence Planning Systems (AIPS) and the European Conference on Planning(ECP). ICAPS continues the traditional high standards of AIPS and ECP as an archival forum for new research in the field of automated planning and scheduling. In 2007 ICAPS is collocated with the Constraint Programming conference (CP). The intention behind this collocation is to encourage communication between the two communities, build on existing collaborations, and encourage the development of new opportunities for the cross-fertilization of ideas.

This paper is based on a conjecture that the more confidence one needs in a task execution time bound (the less tolerant one is of missed deadlines), the larger and more conservative that bound tends to become in practice. We assume different tasks perform functions having different criticalities and requiring different levels of assurance. We assume a task may have a set of alternative worst-case execution times, each assured to a different level of confidence. This paper presents ways to use this information to obtain more precise schedulability analysis and more efficient preemptive fixed priority scheduling. These methods are evaluated using workloads abstracted from production avionics systems.