Aim. The conducted research aims to develop an analytical model of item dependability for situations of technical state monitoring with constant inspection frequency and subject to inspection errors and failures of various types. The primary purpose of the model is the calculation and prediction of dependability indicators that depend on specified conditions. Methods. The model is based on the Markovian process theory. Models of two types are used, i.e. the continuous-time discrete process model and semi-Markovian model. The mathematical operations involved in the model implementation were performed in matrix form. An items’ operation is presented in the form of recurrent cycles separated from each other by the recovery state. A continuous-time model allows obtaining state probabilities within the periods between inspections, mean active state times and state probabilities at the end of a period. The probabilities of entering states at the end of a period are a priori for the semi-Markovian model, using which the mean numbers of active states within one cycle were obtained. Results. The mean up and down time within a cycle were calculated using mean state frequency and mean time of active state. Based on those parameters, formulas were obtained for calculating the availability and non-availability coefficients. Out of the above model follows that the dependability indicators depend on the frequencies of explicit and hidden failures, inspection frequency and inspection errors. The paper sets forth the calculation data for the mean cycle duration and non-availability coefficient under various failure rates and various probabilities of inspection errors. It is shown that the mean cycle duration significantly depends on the probability of inspection errors of the I kind and practically does not depend on the probability of inspection errors of the II kind. However, the non-availability coefficient practically does not depend on the probability of inspection errors of the I kind, yet there is a strong dependence on the probability of inspection errors of the II kind. Conclusions. The presented model allows calculating and predicting dependability indicators taking into consideration explicit and hidden failures, as well as the monitoring system parameters. While designing new and improving the maintenance procedures of existing systems, the effect of various factors on the dependability level should to be taken into consideration.

The Aim of the paper is to let the reader look at dependability through the eyes of a designer who is to develop an entity with specified dependability requirements. The result of such work is not yet dependability as a property, but the ability proper to a structure, without which the required dependability cannot manifest itself. Designing highly dependable entities requires the use of formalized practices with specific operating procedures, that, on the one hand, do not contradict the provisions of the dependability theory, while, on the other hand, are to be useful, clear and easy-to-understand by any designer in order to ensure the required dependability. Methods. The paper examines the primary approaches that allow a designer, without violating the existing notions and terminology of dependability, solving problems of technical object dependability in the course of design and development based on engineering disciplines and design methods intended to ensure the dependability of products, starting with the very early life cycle stages. If such approaches to dependability research are employed, preventing failures only requires the application of the principles of physicality (causal connections) and physical necessity (consistency with the laws of nature) of the causes of failures. Results. The paper sets forth simple mathematical models that helped create a generalized parametric model of complex technical systems operation. Based on the cited models, it can be concluded that dependability calculation in terms of the known dependability indicators of components and elements can be replaced with dependability estimation in terms of the probability of performance by the components and elements of the required functions. This conclusion not only does not contradict the provisions of the dependability theory, but makes dependability an effective tool helping the designer ensure the specified dependability. The generalized parametric model of operation is solved using the method of design and process dependability analysis developed for the purpose of analyzing and assessing design solutions as part of high-dependability item design. Conclusion. The concepts, approaches, models and methods suggested in the paper allow the designer to take dependability as operability expanded in time. Such dependability is always specific and takes into consideration all the distinctive features of an entity. In this case, the process of design and assurance of dependability becomes an integral part of the entity creation activities regardless of uniqueness, series production, availability of dependability indicators of components and elements. But most importantly, such approach to dependability, on the one hand, does not contradict the foundations of the modern dependability theory, and, on the other hand, relieves the designer of the impression that dependability is something foreign, not associated with the real design.

Aim. This paper presents the development of the dependability automaton. The development is a conceptual description of the automaton as the term structure of a fixed complexity that shows non-contradictory interrelations and clear dependability state transitions of an item. The description of the state structure of the automaton implies subsequent development of a computing device for monitoring the dependability of items of any nature. Unlike in the standard, dependability is defined as a set of states, the measure of concordance with the purpose of an item. The purpose is defined as the property of an object attributed to the natural origin or designed application. In accordance with such definitions, alternative definitions of dependability states have been developed. An observation of the dependability states of an item can be described with a common algorithm. The problem is defined with the help of the automata theory. Methods. We will call a dependability automaton (DA) a deterministic, fully specified finite-state automaton. In the automata theory, the properties of items are examined in terms of being in states and transitioning between them. Dependability states change in terms of disruption and restoration of item purpose. Such changes can be represented as a directed graph, whose nodes correspond to states, while the edges correspond to transitions between states. As the dependability restoration states are deterministic, they can be represented as processes, i.e. planned, consisting of activities, measures, procedures, operations. The states of disrupted dependability are random, therefore they can be considered as events. Thus, the property of an entity’s purpose is observed when the states of dependability are observed that change in events and processes. The automation is described using terms and symbols from standards, as well as alternative definitions of states developed by the author. A review of the appropriate standards is to involve a new terminology. The operation of the dependability automaton reflects transitions and alternative transitions. Restoration is designed as a complete and partially incomplete processes: a) transition from the down state into the up state; b) transition from the down state into the faulty state; c) transition from the down state into the good state. The findings contributed to the development of theoretical and practical dependability of organization, social groups and individuals. The dependability automaton concept includes the development of the engineering design of an expert decision support system for flight operation of an airline. Conclusion. Technical standards require prior preliminarily philosophical, philological, logical review. Such research is to produce logical proof and substantiation of a set of coordinated, non-contradictory ontological terms: property, state, event, etc. The results will be used in technical standards for the purpose of construction and substantiation of special terms. The paper provides a theoretical and practical substantiation of applying individual provisions of the dependability theory of technology for the purpose of developing the dependability theory of non-digital entities.

Aim. In this paper we discuss how systems with Artificial Intelligence (AI) can undergo safety assessment. This is relevant, if AI is used in safety related applications. This holds also for railway systems, where AI is expected to take a role in railway automation. Methods. The focus of this paper is on safety assessment of AI rather than on AI itself. Taking a deeper look into AI models, we show that many models of artificial intelligence, in particular machine learning, are statistical models. Safety assessment would then have to concentrate on the model that is used in AI, besides the normal assessment procedure. Results. Part of the budget of dangerous random failures for the relevant safety integrity level needs to be used for the probabilistic faulty behavior of the AI system. We demonstrate our thoughts with a simple example and propose a research challenge that may be decisive for the use of AI in safety-related systems. Conclusion. The method of safety assessment of systems with AI is presented in this article.

The Aim of the paper is to develop a method enabling quantitative estimation of stability indicators of critical information infrastructure (CII) facilities under information technology interference (ITI) using testbed experimental research data. CII facilities include information and telecommunication networks (ITCN), information systems (IS), automated systems (AS) and telecommunication systems that are used as part of computer-based systems in transportation, energy, communications, navigation, manufacturing and other domains. For the purpose of this paper, the stability of CII operation shall be understood as the ability of CII facility elements to maintain operating parameter values within the specified limits within the specified time period when affected by intruders’ ITI. Intruders’ ITI is understood as intentional hardware and software interference that cause disruptions (blocking, distortion) of information computation processes in CII facilities within a specified period of time. The developed method is based on experimental research, accelerated testing methods and computational methods of estimation of CII facilities operational stability that were applied subject to the specificity of system analysis of the process of ITCN, IS and ACS operation under simulated intruder ITI. The method uses two primary types of indicators, i.e. the probability of faults and additional (artificial) faults in the course of data communication between CII facility elements caused by ITI, and the probability of faults and additional faults as the result of ITI in the course of information processing in CII facilities. The inclusion in the method of indicators for estimating additional faults due to ITI enables a priori analysis of rare and sudden events of CII facility operational stability disruptions. Subject to the obtained estimates, technical and organizational measures are substantiated for the purpose of neutralizing ITI against CII facilities. Applying the method requires the availability of trial sites for the purpose of estimating the stability and actual security of CII facilities that host the functional equivalents of CII facilities, ITI simulators, information security tools (IST) and computer incident recovery tools. The developed method enables estimating the values of stability indicators, i.e. probability of successful transmission of data between CII facility elements and probability of successful processing of information in CII facility elements affected by faults based on instrumental estimation of system elements’ operation processes assessment under simulated ITI.

Aim. Infrastructure facility management involves many decision-making problems that require estimating alternatives in the absence of clear criteria. Sufficiently common are problems that require the consideration of various numbers of factors. Those factors normally belong to different fields of knowledge and require the involvement of subject-area experts. Thus, for instance, the estimation of infrastructure facilities may involve economists, experts in land law, environment, logistics, design engineers and other specialists. The problem is often complicated by the existence of many alternatives. In such cases, it is difficult to organize even the initial expert evaluation in order to reduce the number of options for subsequent consideration. The paper primarily aims to develop a model of evaluation of the criteria that have an effect on the advisability of modernization of an infrastructure facility allowing to take into account factors from various fields of knowledge, as well as to elaborate a method of simplifying the process of evaluation of large numbers of alternative options. Therewith, such estimates can be expressed in various formats: both quantitatively and qualitatively. Such approaches have found application as part of the problem of ranking of airports as part of selection of candidates for inclusion into the Moscow air cluster (MAC). The specificity of this problem consists in the large set of various factors to be taken into account, as well as the great number of options, over 30 airports within 300 kilometers of Moscow. Methods. The risk synthesis model was used that relies on expert data that characterize the criteria that have an effect on the sought risk, as well as the values of damage for each facility by the given criteria. The criteria were estimated using a method based on pairwise comparisons allowing experts to define fuzzy and incomplete estimates of the preferability of the compared options. Damage estimation was done using the method of conversion of qualitative estimates into quantitative ones, as well as scaling of quantitative data into quantitative estimates of damage. Results. Implementing the ideas set forth in this paper allowed defining the contribution of eleven criteria that have an effect on the goals associated with relieving the MAC workload. Based on those criteria, specific risks for airports within 300 kilometers of Moscow were evaluated, and integral risks of modernization of each airport were obtained. The airports were then rated in terms of the integral risk of modernization. Conclusion. The suggested method is universal and can be used for decision-making under uncertainty in those domains where it is required to involve experts of various qualification and level of subject-matter knowledge, as well as accounting for many factors along with a great diversity of options.

The Aim of this paper is to develop an evaluation scheme of priority indicators for scout/attack and attack unmanned aerial vehicles (UAVs). Methods. The evaluation scheme of UAV priority indicators was developed using the mathematics of metrical analysis and known expert estimates of indicators for some UAVs. Results. Development of UAV priority indicators evaluation scheme. Conclusions. The suggested UAV priority evaluation scheme can be used for rational decision-making when creating (acquiring) UAVs.

Aim. The paper describes a research aimed at improving the reliability of stress tolerance prediction as part of aptitude screening (AS) of flight school applicants using a proprietary objectifying method of Stress Tolerance Assessment. Stress tolerance (ST) is an important psychophysiological professional quality and serves as one of the factors ensuring both successful flight training, and further professional flight work. However, the methods recommended in regulatory documents for the purpose of ST identification as part of AS are not efficient enough and are affected by subjective factors. Therefore, an objective and thus more efficient method is still required. Methods. The method was developed based on the analysis of subject-matter literature and own experience. Stress stimuli and methods of indicator recording were selected based on their empirical verification. The stress-inducing property of the stimuli was confirmed by the pulse rate increase by 40 – 100% and higher, associated behavioural manifestations and significant dynamics of mental productivity in the course of tests. Out of the methods of mathematical statistics, the authors used correlation analysis. Results. The method of ST assessment is based on the Reakor multifunctional psychophysiological system by the Medicom MTD research and development company from Taganrog, Russia, with a proprietary procedure built in the system’s software. As stress stimulus material and for performance assessment, arithmetically complicated problems were selected, whose solutions involve a larger portion (areas) of the brain than verbal tests. In order to eliminate the effect of habituation and learning, the arithmetic tests were displayed one by one on a computer screen in a random order. The 3-4-second time interval between individual problems was selected based on premises of aviation psychology and tests conducted on a group of students. The sample consisted of 1135 male applicants to the higher flight school in 2016. Correlation analysis shows that the correlations between the external criterion indicators (successful simulator training and flying practice) and the integrated ST indicator are statistically significant: the higher is the ST indicator measured in the course of AS using the respective method, the higher are the expert estimates of the simulator training and flying practice. Conclusion. Thus, the conducted research showed that the application of the developed method of ST assessment in the course of higher flight school AS ensures higher predicted stress tolerance in the selected candidates as the psychophysiological factor of professional efficiency and reliability of flight personnel.