Tool-supported invariant-based programming

The development of correct programs is a core problem in computer science. Although formal verification methods for establishing correctness with mathematical rigor are available, programmers often find these difficult to put into practice. One hurdle is deriving the loop invariants and proving that the code maintains them. So called correct-by-construction methods aim to alleviate this issue by integrating verification into the programming workflow. Invariant-based programming is a practical correct-by-construction method in which the programmer first establishes the invariant structure, and then incrementally extends the program in steps of adding code and proving after each addition that the code is consistent with the invariants. In this way, the program is kept internally consistent throughout its development, and the construction of the correctness arguments (proofs) becomes an integral part of the programming workflow. A characteristic of the approach is that programs are described as invariant diagrams, a graphical notation similar to the state charts familiar to programmers. Invariant-based programming is a new method that has not been evaluated in large scale studies yet. The most important prerequisite for feasibility on a larger scale is a high degree of automation. The goal of the Socos project has been to build tools to assist the construction and verification of programs using the method. This thesis describes the implementation and evaluation of a prototype tool in the context of the Socos project. The tool supports the drawing of the diagrams, automatic derivation and discharging of verification conditions, and interactive proofs. It is used to develop programs that are correct by construction. The tool consists of a diagrammatic environment connected to a verification condition generator and an existing state-of-the-art theorem prover. Its core is a semantics for translating diagrams into verification conditions, which are sent to the underlying theorem prover. We describe a concrete method for 1) deriving sufficient conditions for total correctness of an invariant diagram; 2) sending the conditions to the theorem prover for simplification; and 3) reporting the results of the simplification to the programmer in a way that is consistent with the invariantbased programming workflow and that allows errors in the program specification to be efficiently detected. The tool uses an efficient automatic proof strategy to prove as many conditions as possible automatically and lets the remaining conditions be proved interactively. The tool is based on the verification system PVS and i uses the SMT (Satisfiability Modulo Theories) solver Yices as a catch-all decision procedure. Conditions that were not discharged automatically may be proved interactively using the PVS proof assistant. The programming workflow is very similar to the process by which a mathematical theory is developed inside a computer supported theorem prover environment such as PVS. The programmer reduces a large verification problem with the aid of the tool into a set of smaller problems (lemmas), and he can substantially improve the degree of proof automation by developing specialized background theories and proof strategies to support the specification and verification of a specific class of programs. We demonstrate this workflow by describing in detail the construction of a verified sorting algorithm. Tool-supported verification often has little to no presence in computer science (CS) curricula. Furthermore, program verification is frequently introduced as an advanced and purely theoretical topic that is not connected to the workflow taught in the early and practically oriented programming courses. Our hypothesis is that verification could be introduced early in the CS education, and that verification tools could be used in the classroom to support the teaching of formal methods. A prototype of Socos has been used in a course at Åbo Akademi University targeted at first and second year undergraduate students. We evaluate the use of Socos in the course as part of a case study carried out in 2007.

Kognitiiviset kartat operatiivisen ketjuliiketoimintajohtamisen taustalla

Tutkimuksen tavoitteena oli selvittää, millaiset ajattelumallit korostuvat menestyksekkäässä ketjuliiketoimintajohtamisessa tasapainotetun tuloskortin eri näkökulmien osalta. Tutkimuskohteena olivat kuusi päivittäistavarakaupan ketjuliiketoiminnan asiakasrajapinnassa työskentelevää Osuuskauppa Keskimaan S-marketpäällikköä. Ajattelua tutkittiin kognitiivisesta näkökulmasta. Tutkimus toteutettiin laadullista tutkimusmenetelmää, kognitiivista kartoitusta hyödyntäen. Karttojen rakentamiseen käytetty tutkimusaineisto hankittiin puolistrukturoitujen teemahaastattelujen avulla. Tutkimuksen teoreettinen viitekehys rakennettiin mielen sisäisten skeemojen ja kognitiivisten karttojen kautta päätöksenteonteorioihin. Tutkimuksen tulosten perusteella asiakasnäkökulmassa menestyminen edellyttää liikeideaa kunnioittavaa ja konseptin tinkimättömään toteuttamiseen keskittyvää johtamisajattelua. Henkilöstönäkökulmassa menestyminen korostaa kokonaisvaltaisen esimiestyön ja moniulotteisten vuorovaikutussuhteiden merkitystä, joiden ilmeneminen on kognitiivisia rakenteita ja prosesseja monimuotoisempi kokonaisuus. Prosessinäkökulmassa menestyminen edellyttää selkeiden ohjeiden vaalimiseen ja niiden johtamiseen keskittyvää ajattelutapaa. Menestys talousnäkökulmassa kokoaa tuloskortin eri näkökulmat yhteen, korostaen kokonaisuuden hahmottamisen tärkeyttä sekä toimialan ja ketjuliiketoiminnan business-logiikan ymmärtämisen merkitystä osana operatiivista ketjuliiketoimintajohtamista. Lisäksi tutkimus vahvistaa aiempien tutkimustulosten mukaisesti, että kognitiivisen kartan rikkaudella, yhtenäisyydellä, johdonmukaisuudella, kartan sisältämien suorituskykymittareihin viittaavien mainintojen määrällä sekä esimiehen kokemalla vaikutusmahdollisuudella on yhteys liiketoimintamenestyksen kanssa. Kokonaisuutena päivittäistavarakaupan ketjuliiketoiminnan menestyksekkäässä johtamisessa näyttää korostuvan rationaalisuutta ja loogisuutta korostava ajattelutapa, joka tukeutuu vahvasti ketjuliiketoiminnan perusprosesseihin.

Fraud detection in the banking sector : a multi-agent approach

Fraud is an increasing phenomenon as shown in many surveys carried out by leading international consulting companies in the last years. Despite the evolution of electronic payments and hacking techniques there is still a strong human component in fraud schemes. Conflict of interest in particular is the main contributing factor to the success of internal fraud. In such cases anomaly detection tools are not always the best instruments, since the fraud schemes are based on faking documents in a context dominated by lack of controls, and the perpetrators are those ones who should control possible irregularities. In the banking sector audit team experts can count only on their experience, whistle blowing and the reports sent by their inspectors. The Fraud Interactive Decision Expert System (FIDES), which is the core of this research, is a multi-agent system built to support auditors in evaluating suspicious behaviours and to speed up the evaluation process in order to detect or prevent fraud schemes. The system combines Think-map, Delphi method and Attack trees and it has been built around audit team experts and their needs. The output of FIDES is an attack tree, a tree-based diagram to ”systematically categorize the different ways in which a system can be attacked”. Once the attack tree is built, auditors can choose the path they perceive as more suitable and decide whether or not to start the investigation. The system is meant for use in the future to retrieve old cases in order to match them with new ones and find similarities. The retrieving features of the system will be useful to simplify the risk management phase, since similar countermeasures adopted for past cases might be useful for present ones. Even though FIDES has been built with the banking sector in mind, it can be applied in all those organisations, like insurance companies or public organizations, where anti-fraud activity is based on a central anti-fraud unit and a reporting system.

Feasibility of replacing multiple ADSL connections with Multi-Dwelling Access

This final project was made for the Broadband/Implementation department of TeliaSonera Finland. The question to be examined is if the operator should replace multiple ADSL connections implemented over a leased line with Multi-Dwelling access based on an Ethernet/Optical Fibre access network. The project starts with describing the technology related to these access network solu-tions and presents the technology that is used in TeliaSonera Finland's access network. It continues from the technology to describe the problem with some of the ADSL implemen-tations of TeliaSonera. The problem is the implementations done over a leased line that can cost TeliaSonera over years as much as a possible investment to extend network when there is several lines leased to the same building. The project proposes a Multi-Dwelling access as a solution to this problem and defines the circumstances when to use it. After a satisfactory solution has found the project takes a view how implementation of the solution might alter the network and a new problem is found. When used commonly to replace need of ADSL implementation Multi-Dwelling access would significantly increase optical cable congestion near operators POP. As a final deed this project also proposes a technical change to existing way to implement multi-dwelling access with EPON technology.

Optimizing the supply chain strategy of a multi-unit Finnish nursery company

Abstract

Multi-site -sertifikaatin vaatimukset ympäristöjohtamisjärjestelmän rakentamisessa

Diplomityö muodostuu kahdesta kokonaisuudesta. Työn teoriaosa kertoo mitä ympäristöjohtaminen on, millaisia ovat multi-site -organisaatio ja multi-site -johtamisjärjestelmä sekä mitä vaatimuksia nämä asettavat yritykselle. Työssä esitetään malli, jota käyttämällä kansainvälisten johtamisjärjestelmästandardien mukaan rakennetut laatu-, ympäristö-, terveys- ja turvallisuusjärjestelmät voidaan yhdistää yhdeksi kokonaisuudeksi, multi-site - johtamisjärjestelmäksi. Malli rakentuu kolmesta tasosta, joita ovat paikallinen, maakohtainen ja konsernitaso. Esimerkkien avulla kerrotaan miteneri lähtökohdista voidaan näiden tasojen kautta edetä kohti yhtä johtamiskokonaisuutta. Esille tuodaan myös multi-site -johtamisjärjestelmän käyttöönottoa puoltavat ja vastustavat näkökohdat. Työn konkreettinen osa on johtamisjärjestelmämallin paikallisen tason toteuttaminen. Ympäristöjohtamisjärjestelmän rakentaminen standardin EN ISO 14001:2004 vaatimusten mukaiseksi Kvaerner Power Oy:n Suomen toimipaikoille sekä tämän järjestelmän yhdistäminen sertifioituun EN ISO 9001 -standardin mukaiseen laatujärjestelmään. Työssä kerrotaan miten ympäristöjohtamisjärjestelmä on rakennettu ja miten laatu- ja ympäristöjärjestelmät on liitetty yhdeksi kokonaisuudeksi. Työn tuloksena syntyi malli johtamisjärjestelmien yhdistämisestä sekä sertifioitu ympäristöjohtamisjärjestelmä, jonka yhdistäminen laatujärjestelmään toteutettiin tavoitteiden mukaisesti.

Ranking-Dominance Relation for (Evolutionary) Multi-Objective Optimization

An alternative relation to Pareto-dominance relation is proposed. The new relation is based on ranking a set of solutions according to each separate objective and an aggregation function to calculate a scalar fitness value for each solution. The relation is called as ranking-dominance and it tries to tackle the curse of dimensionality commonly observedin evolutionary multi-objective optimization. Ranking-dominance can beused to sort a set of solutions even for a large number of objectives when Pareto-dominance relation cannot distinguish solutions from one another anymore. This permits search to advance even with a large number of objectives. It is also shown that ranking-dominance does not violate Pareto-dominance. Results indicate that selection based on ranking-dominance is able to advance search towards the Pareto-front in some cases, where selection based on Pareto-dominance stagnates. However, in some cases it is also possible that search does not proceed into direction of Pareto-front because the ranking-dominance relation permits deterioration of individual objectives. Results also show that when the number of objectives increases, selection based on just Pareto-dominance without diversity maintenance is able to advance search better than with diversity maintenance. Therefore, diversity maintenance is connive at the curse of dimensionality.

Field Sales Management Control: Towards a Multi-Level Theory

The purpose of this dissertation is to increase the understanding and knowledge of field sales management control systems (i.e. sales managers monitoring, directing, evaluating and rewarding activities) and their potential consequences on salespeople. This topic is important because research conducted in the past has indicated that the choice of control system type can on the other hand have desirable consequences, such as high levels of motivation and performance, and on the other hand leadto harmful unintended consequences, such as opportunistic or unethical behaviors. Despite the fact that marketing and sales management control systems have been under rigorous research for over two decades, it still is at a very early stage of development, and several inconsistencies can be found in the research results. This dissertation argues that these inconsistencies are mainly derived from misspecification of the level of analysis in the past research. These different levels of analysis (i.e. strategic, tactical, and operational levels) involve very different decision-making situations regarding the control and motivation of sales force, which should be taken into consideration when conceptualizing the control. Moreover, the study of salesperson consequences of a field sales management control system is actually a cross-level phenomenon, which means that at least two levels of analysis are simultaneously involved. The results of this dissertation confirm the need to re-conceptualize the field sales management control system concept. It provides empirical evidence for the assertion that control should be conceptualized with more details atthe tactical/operational level of analysis than at the strategic levelof analysis. Moreover, the results show that some controls are more efficiently communicated to field salespeople than others. It is proposed that this difference is due to different purposes of control; some controls aredesigned for influencing salespersons' behavior (aim at motivating) whereas some controls are designed to aid decision-making (aim at providing information). According to the empirical results of this dissertation, the both types of controls have an impact to the sales force, but this impactis not as strong as expected. The results obtained in this dissertation shed some light to the nature of field sales management control systems, and their consequences on salespeopl