THIS PAGE IS NO LONGER
MAINTAINED
This page is no longer maintained.
However, it has some pointers to archival material that might be of interest to
someone, and so is kept as-is to preserve access to the links.
Current Projects:
Previous Projects and Other Topics:
- Toyota
Unintended Acceleration talk (on blogspot)
Investigations into potential causes of Unintended Acceleration (UA) for Toyota
vehicles have made news several times in the past few years. Some blame has
been placed on floor mats and sticky throttle pedals. But a jury trial verdict
found that defects in Toyota's Electronic Throttle Control System (ETCS)
software and safety architecture caused a fatal mishap. This verdict was based
in part on a wide variety of computer hardware and software issues. This talk
will outline key events in the still-ongoing Toyota UA story and pull together
the technical issues that have been discovered by NASA and other experts. The
results paint a picture that should inform not only future designers of
safety-critical software for automobiles but also all computer-based system
designers.
- Stress Tests for Autonomy Architectures (STAA)
(web
page)
This combines our experience with Ballista software robustness testing and
invariant-based embedded safety monitors to create a testing approach that will
help ensure autonomous vehicles and other robots are safe even if they
encounter unexpected or exceptional operating conditions. The follow-on is
called Robustness Inside-Out Testing (RIOT), although not a lot of public
available info on that right now.
- Invariant-Based Embedded System
Safety Monitor (Mini-poster)
Can we create a simple, generic safety shutdown building block? Ideally, what
we want is a standard component building block to ensure that a subsystem or
entire system gets shut down if it exhibits unsafe behavior, without having to
model the details of the design. Example result: these ideas have been
successfully applied to a prototype autonomous vehicles and a prototype
commercial vehicle technology demonstration platform.
- Cyclic Redundancy Checks (CRCs) and
Checksums
A lot of the folklore on checksums isn't quite right.
We spent a considerable number of CPU-years crunching on a search for optimal
polynomials. And we found them. Currently we are working with the FAA applying
that knowledge to aviation applications.
- Embedded Network Gateway
Survivability (Mini-poster)
How can you mitigate malicious and non-malicious timing fault propagation
across an embedded network gateway? Or, put another way, how can you keep your
car's radio from destabilizing you car's suspension system? Example result:
using a FIFO queue to mitigate timing clumps from an IT-style network to a
control network can be worse than just throwing clumped messages away.
Predictive filters look like a good way to go instead.
- Low Cost Embedded Network Message
Authentication (Mini-poster)
How can you get cryptographically secure multicast authentication on a real
time embedded network such as CAN or FlexRay? You only have a few bits to spend
for this in each message, as well as limited memory and CPU power. Example
result: combining truncated authenticators from multiple message packets
provides a useful engineering tradeoff among bandwidth, attack resistance, and
control latency.
- Embedded System Security
The rules of the embedded security game are likely to
differ from those of IT and desktop security. You can't just treat an embedded
computer like your desktop machine.
- Embedded System Safety
Embedded systems usually have the ability to release
energy into the environment via actuators. Any potentially uncontrolled release
of such energy is, by definition, a safety issue.
- Ballista -- Software Robustness
Testing
Some software isn't particularly robust to exceptional
inputs. We developed an automated approach to finding robustness
vulnerabilities in APIs, including the POSIX and Windows. We found some
one-line programs that crashed mature commercial operating systems.
- Graceful Degradation
Wouldn't it be nice if systems failed soft instead of
failing hard, and did so without having to resort to brute force redundancy?
- System Architecture
How to figure out the pieces and how they fit together
in systems that are bigger than just a CPU or just a computer.
- Embedded Control Networks
These differ in many ways from IT style networks, and
we have worked on a variety of aspects.
- Distributed Embedded System
Dependability
Distributed embedded systems have unique dependability
challenges, especially when theoretical ideas such as group membership and
periodic real time schedules meet the real world.
- Stack Computers
In a previous life I designed stack-based CPUs. While
they have fallen out of the mainstream, there is still quite a bit of interest,
so I maintain a page with my work in this area.
- Computer Architecture
In addition to stack computers, I've done a little bit
of work on supercomputer architecture and everyday CPU design.
- Embedded System Education
- Miscellany
Selected Presentations:
- 2019: SAE WCX, "Safety
Argument Considerations for Public Road Testing of Autonomous
Vehicles"
- 2019: SSS 2019, "Edge
Cases and Autonomous Vehicle Safety"
- 2019: SafeAI 2019, How Many
Operational Design Domains, Objects, and Events?
- 2018: TechAD, Autonomous Vehicle Testing
& Safety
- 2018: OESA Conference, Potential Autonomous Vehicle Safety
Improvement: Less Hype, More Data
- 2018: SAE WC, Toward a Framework for
Highly Automated Vehicle Safety Validation
- 2018: PA AV Summit, Ensuring the Safety of On-Road
Self-Driving Car Testing
- 2018: ICSE,
Robustness
Testing of Autonomy Software
- 2017: TechAD, Highly Autonomous Vehicle
Validation: It's More Than Just Road Testing!
- 2017: AV17, Challenges and Solutions in Autonomous
Vehicle Validation
- 2014: ASTAA project: Software robustness testing
and run-time monitoring of autonomous vehicles
- 2014: Toyota Unintended Acceleration Case
Study (YouTube)
- See also presentations & videos for
my course 18-642 which touch upon code quality, safety, and security.
Publications:
- Koopman, P., Ferrell, U., Fratrik, F. & Wagner, M., "A Safety Standard Approach for Fully
Autonomous Vehicles," WAISE 2019, Sept. 2019.
- Koopman, P., Osyk, B. & Weast, J., "Autonomous Vehicles Meet the Physical
World: RSS, Variability, Uncertainty, and Proving Safety," SAFECOMP,
Sept. 2019. (Extended version: https://arxiv.org/abs/1911.01207)
- Koopman, P., & Osyk, B., "Safety Argument
Considerations for Public Road Testing of Autonomous Vehicles," SAE
WXC, 2019-01-0123, Apr. 2019.
- Koopman, P., Kane, A. & Black, J., "Credible Autonomy
Safety Argumentation," Safety-Critical Systems Symposium, Bristol UK,
Feb. 2019.
- Koopman, P. & Fratrik, F., "How many operational design domains,
objects, and events?" SafeAI 2019, AAAI, Jan 27, 2019.
- Koopman, P., "Practical
Experience Report: Automotive Safety Practices vs. Accepted
Principles," SAFECOMP, Sept. 2018.
- Pezzementi, Z., Tabor, T., Yim, S., Chang, J., Drozd, B., Guttendorf, D.,
Wagner, M., & Koopman, P., "Putting image
manipulations in context: robustness testing for safe perception,"
IEEE International Symposium on Safety, Security, and Rescue Robotics (SSRR),
Aug. 2018. (slides)
- Koopman, P., "The
Heavy Tail Safety Ceiling," Automated and Connected Vehicle Systems
Testing Symposium, June 2018.
- Hutchison et al., "Robustness
Testing of Autonomy Software," ICSE-SEIP, 2018. (slides)
- Koopman, P. & Wagner, M., "Toward a Framework for Highly
Automated Vehicle Safety Validation," SAE World Congress, 2018.
SAE-2018-01-1071. (slides)
- Koopman, P., "Challenges in Autonomous
Vehicle Validation," SCAV 17 (keynote), April 2017.
- Koopman, P. & Wagner, M., "Autonomous Vehicle Safety: An
Interdisciplinary Challenge," IEEE Intelligent Transportation Systems
Magazine, Vol. 9 #1, Spring 2017, pp. 90-96.
- Koopman, P. and Wagner, M., "Challenges in Autonomous
Vehicle Testing and Validation," SAE Int. J. Trans. Safety 4(1):2016,
doi:10.4271/2016-01-0128. (slides)
- Vernaza, Guttendorf, Wagner & Koopman, "Learning Product Set Models of Fault Triggers in
High-Dimensional Software Interfaces," IROS 2015.
- Kane, Chowdhury, Datta & Koopman, "A Case Study on Runtime Monitoring of an
Autonomous Research Vehicle (ARV) System," RV 2015.
- Wagner & Koopman, "A Philosophy for
Developing Trust in Self-Driving Cars," In: G. Meyer & S. Beiker
(eds.) Road Vehicle Automation 2, Lecture Notes in Mobility, Springer, 2015,
pp. 163-170
- Kane, Fuhrman, Koopman, "Monitor Based Oracles for Cyber-Physical
System Testing," DSN 2014.
- Koopman, Wagner, "Transportation CPS Safety
Challenges," NSF Workshop on Transportation CyberPhysical Systems,
January 23-24, 2014
- Kane, A. & Koopman, P., "Ride-through for Autonomous
Vehicles," CARS 2013.
- Koopman, P., "Challenges in
representing CPS safety," Workshop on developing dependable and secure
automotive cyber-physical systems from components, Mar 17-18, 2011.
- Black, J. & Koopman, P., "System safety as an emergent
property in composite systems," DSN 2009, pp. 369 - 378.
- Szilagyi, C. & Koopman, P., "Flexible Multicast
Authentication for Time-Triggered Embedded Control Network
Applications," DSN 2009, pp. 165-174.
- Wagner, M., Koopman, P., Bares, J., Ostrowski, C., "Building safer UGVs with run-time safety
invariants," 2009 National Defense Industrial Association (NDIA)
Systems Engineering Conference (conference record is presentations only).
- Black, J., & Koopman, P., "Indirect control path analysis
and goal coverage strategies for elaborating system safety goals in composite
systems," PRDC 2008.
- Shelton, C. & Koopman, P., "Using Architectural Properties to
Model and Measure Graceful Degradation," In: de Lemos, R., Gacek, C.,
& Romanovsky, A., Architecting Dependable Systems, Springer-Verlag,
2003.
- Latronico, E., "Problems Facing
Group Membership Specifications for X-by-Wire Protocols," DSN
2003 student paper, June 2003.
- Shelton, C., Koopman, P. & Nace, W., "A framework for scalable analysis and design
of system-wide graceful degradation in distributed embedded systems,"
WORDS03, January 2003.
- Koopman, P., "Critical Embedded
Automotive Networks," IEEE Micro, July-August 2002.
- Bayouth, M. & Koopman, P., "Functional Evolution of an Automated Highway
System for Incremental Deployment," Transportation Research
Record, #1651, Paper #981060, pp. 80-88.
- Koopman, P. & Bayouth, M., "Orthogonal Capability Building Blocks for Flexible
AHS Deployment," Journal of Intelligent Transportation
SystemsVol. 4, pp. 1-19, 1998.
Historical Projects:
(Also see: Current Projects page)
A lot of the folklore on checksums isn't quite right. We spent a
considerable number of CPU-years crunching on a search for optimal polynomials.
And we found them.
- Koopman, Driscoll & Hall, "Selection of cyclic redundancy code and checksum
algorithms to ensure critical data integrity," final report,
DOT/FAA/TC-14/49, March 2015.
- Maxino, T., & Koopman, P. "The Effectiveness of Checksums for Embedded
Control Networks," IEEE Trans. on Dependable and Secure
Computing, Jan-Mar 2009, pp. 59-72.
- Ray, J., & Koopman, P. "Efficient High Hamming Distance CRCs for
Embedded Applications," DSN06, June 2006.
- Maxino, T., "Revisiting
Fletcher and Adler Checksums," DSN06 student paper, June 2006.
- Maxino, T., The Effectiveness of Checksums
for Embedded Networks, M.S. Thesis, CMU ECE, May 2006.
- Paulitsch, Morris, Hall, Driscoll, Koopman & Latronico, "Coverage and Use of Cyclic
Redundancy Codes in Ultra-Dependable Systems," DSN05, June 2005
- Koopman, P. & Chakravarty, T., "Cyclic Redundancy Code (CRC)
Polynomial Selection For Embedded Networks," DSN04, June 2004.
- Koopman, P., "32-bit
cyclic redundancy codes for Internet applications," International
Conference on Dependable Systems and Networks (DSN), Washington DC, July
2002
- Chakravarty, T., Performance of cyclic
redundancy codes for embedded networks, M.S. Thesis, CMU ECE, Dec. 2001
The rules of the embedded security game are likely to differ from those of
IT and desktop security.
- Szilagyi, C. & Koopman, P., "Low cost multicast
authentication via validity voting in time-triggered embedded control
networks," WESS, October 2010.
- Abdallah, A., Feron, E., Hellestrand, G., Koopman, P. & Wolf, M.,
"Hardware/Software Co-Design of Aerospace and Automotive Systems,"
Proc. IEEE, April 2010. (IEEE)
- Szilagyi, C. & Koopman, P., "A flexible approach to
embedded network authentication," DSN 2009, pp. 165-174.
- Szilagyi, C. & Koopman, P., "A
flexible approach to embedded network multicast authentication," WESS
2008.
- Koopman, P., Black, J., Maxino, T., "Position Paper:
Deeply Embedded Survivability," ARO
Planning Workshop on Embedded Systems and Network Security, Raleigh NC,
February 22-23, 2007.
- Koopman, P., Morris, J. & Narasimhan, P., "Challenges in Deeply
Networked System Survivability," Nato Advanced Research Workshop On
Security and Embedded Systems, August 2005
- Koopman, P., "Embedded System
Security," IEEE Computer, July 2004.
Embedded systems usually have the ability to release energy into the
environment via actuators. Any potentially uncontrolled release of such energy
is, by definition, a safety issue.
- Kane, Koopman, "Monitor Based
Oracles for Cyber-Physical System Testing," DSN 2014.
- Koopman, P., "Challenges in
representing CPS safety," Workshop on developing dependable and secure
automotive cyber-physical systems from components, Mar 17-18, 2011.
- Black, J., System Safety as an Emergent Property
in Composite Systems, Ph.D. Thesis, Carnegie Mellon University ECE Dept.,
May 2009.
- Black, J. & Koopman, P., "System safety as an emergent
property in composite systems," DSN 2009, pp. 369 - 378.
- Black, J., & Koopman, P., "Indirect control path analysis
and goal coverage strategies for elaborating system safety goals in composite
systems," PRDC 2008.
- Koopman, P., "Reliability,
Safety, and Security in Everyday Embedded Systems," Latin American
Dependability Conference (LADC-07), Morelia, Mexico, Sept. 26-28, 2007
- Black, J., A Fault Tolerance Analysis of
Safety-Critical Embedded Systems, M.S. Thesis, Carnegie Mellon University
ECE Dept., May 2004.
- Morris, J. & Koopman, P., "Critical Message
Integrity Over A Shared Network," FeT03, July 2003.
- Morris, J. & Koopman, P., "Software Defect Masquerade
Faults in Distributed Embedded Systems," DSN 2003 FastAbs, June
2003.
- Tran, E. & Koopman, P., Mission Failure Probability Calculations
for Critical Function Mechanizations in the Automated Highway System,
Technical Report CMU-RI-TR-97-44, Carnegie Mellon University, December
16, 1997. 34 pages.
Some software isn't particularly robust to exceptional inputs. We developed
an automated approach to finding robustness vulnerabilities in APIs, including
the POSIX and Windows. We found some one-line programs that crashed mature
commercial operating systems.
Also see: Ballista Project Home Page,
which is no longer maintained and thus may not be up to date.
- Koopman, P., DeVale, K. & DeVale, J., "Interface
robustness testing: experiences and lessons learned from the Ballista
Project," In: Kanoun, K. & Spainhower, L., Eds., Dependability
Benchmarking for Computer Systems, IEEE Press, 2008, pp. 201-226.
- DeVale, J. & Koopman, P., "Robust software - no more
excuses," International Conference on Dependable Systems and
Networks (DSN), Washington DC, July 2002
- Koopman, P. & Madeira, H., "Workshop on Dependability
Benchmarking," International Conference on Dependable Systems and
Networks (DSN), July 2002.
- Koopman, P. & Madeira, H. (eds.), Proceedings on the Workshop on Dependability
Benchmarking, section within International Conference on Dependable
Systems and Networks (DSN) SupplementWashington DC, July 2002.
- Koopman, P., "What's wrong with
fault injection as a dependability benchmark?," Workshop on
Dependability Benchmarking (in conjunction with DSN 2002), Washington DC,
July 2002.
- Raz, O., Koopman, P. & Shaw, M., "Benchmarking semantic availability of dynamic data
feeds," Workshop on Dependability Benchmarking (in conjunction with
DSN 2002), Washington DC, July 2002.
- Devale, J., High Performance Robust Computer
Systems, Ph.D. Thesis, CMU ECE, Dec. 2001
- DeVale, J. & Koopman, P., "Performance Evaluation of
Exception Handling in I/O Libraries," International Conference on
Dependable Systems and Networks (DSN), July 2001, Göteborg Sweden.
- Pan, J., Koopman, P., Siewiorek, D., Huang, Y., Gruber, R. & Jiang,
M., "Robustness testing
and hardening of CORBA ORB Implementations," International
Conference on Dependable Systems and Networks (DSN) July 2001,
Göteborg Sweden, pp. 141-150.
- Madeira, H. & Koopman, P. "Dependability benchmarking: making choices
in an n-dimensional problem space," Workshop on Evaluating and
Architecting System dependabilitY (EASY), concurrent with Dependable Systems
and Networks (DSN), July 2001, Göteborg Sweden.
- Pan, J., Robustness Testing and Hardening of
CORBA ORB Implementations, M.S. Thesis, CMU ECE, Dec. 2000.
- Koopman, P. & DeVale, J.,
The
Exception Handling Effectiveness of POSIX Operating Systems, IEEE
Transactions on Software Engineering, Vol. 26, No. 9, September 2000.
- Shelton, C. & Koopman, P., "Robustness Testing of the Microsoft Win32
API, International Conference on Dependable Systems and Networks
(DSN), New York City, June 26-28 2000.
- Koopman, P. & Madeira, H., "Dependability
Benchmarking & Prediction: A Grand Challenge Technology Problem,"
1st International Workshop on Real-Time Mission-Critical Systems: Grand
Challenge Problems, Nov. 30, 1999; Phoenix, Arizona USA. 4 pages.
- Fernsler, K. & Koopman, P., "Robustness Testing of a Distributed
Simulation Backplane," ISSRE 99, Boca Raton, FL, Nov. 2-4,
1999, pp. 189-198.
- Pan, J., Koopman, P. & Siewiorek, D., "A Dimensionality Model Approach to Testing and
Improving Software Robustness," Autotestcon99, August
30-September 2, 1999, San Antonio, TX.
- Koopman, P. & DeVale, J., "Comparing the Robustness of POSIX Operating
Systems," Fault Tolerant Computing Symposium, June 1999.
- DeVale, J., Koopman, P. & Guttendorf, D., "The Ballista Software Robustness Testing
Service," Testing Computer Software Conference, June 1999.
- Fernsler, K., Robustness Testing of A
Distributed Simulation Backplane, M.S. Thesis, CMU ECE, May 1999.
- Devale, J., Measuring Operating System
Robustness, M.S. Thesis, CMU ECE, Dec. 1998
- Koopman, P., "Toward a Scalable
Method for Quantifying Aspects of Fault Tolerance, Software Assurance, and
Computer Security," Post proceedings of the Computer Security,
Dependability, and Assurance: From Needs to Solutions (CSDA'98), 11-13
November 1998, Washington, D.C., pp. 103-131.
- Kropp, N., Koopman, P. & Siewiorek, D., "Automated Robustness Testing of Off-the-Shelf
Software Components," Fault Tolerant Computing Symposium, pp.
230-239, June 23-25, 1998.
- Kropp, N., Automatic Robustness Testing of
Off-the-Shelf Software Components, M.S. Thesis, CMU ECE, May 1998.
- Koopman, P., Sung, J., Dingman, C. & Siewiorek, D., "Comparing Operating Systems using
Robustness Benchmarks," Symposium on Reliable Distributed
Systems, Durham NC, October 22-24, 1997, pp. 72-79.
Wouldn't it be nice if systems failed soft instead of failing hard, and did
so without having to resort to brute force redundancy? This work was in part
under the umbrella of the
Amaranth
project.
- Shelton, C. & Koopman, P., "Improving System
Dependability with Alternative Functionality," DSN04, June
2004.
- Shelton, C., Scalable Graceful Degradation
for Distributed Embedded Systems Ph.D. Thesis, August 2003
- Shelton, C. & Koopman, P., "Using Architectural Properties to
Model and Measure Graceful Degradation," In: de Lemos, R., Gacek, C.,
& Romanovsky, A., Architecting Dependable Systems, Springer-Verlag,
2003.
- Koopman, P., "Elements of the
self-healing system problem space," Workshop on Architecting
Dependable Systems/WADS03, May 2003.
- Shelton, C., Koopman, P. & Nace, W., "A framework for scalable analysis and design
of system-wide graceful degradation in distributed embedded systems,"
WORDS03, January 2003.
- Raz, O., Koopman, P., & Shaw, M., "Enabling Automatic Adaptation in Systems with
Under-Specified Elements," 1st Workshop on Self-Healing Systems
(WOSS'02), affiliated with the 10th International Symposium on the
Foundations of Software Engineering (FSE-10), Charleston, South Carolina,
November 2002.
- Nace, W. Automatic Graceful Degradation for
Distributed Embedded Systems, Ph.D. Thesis, May 2002.
- Shelton, C., & Koopman, P., "Using Architectural Properties to Model and
Measure System-Wide Graceful Degradation," Workshop on Architecting
Dependable Systems (affiliated with ICSE 2002), May 25 2002 .
- Beveridge, M. & Koopman, P., "Jini Meets Embedded Control Networking: a case
study in portability failure," Seventh IEEE Workshop on
Object-Oriented Real-Time Dependable Systems: WORDS 2002, San Diego,
January 2002.
- Nace, W. & Koopman, P., "A
Graceful Degradation Framework for Distributed Embedded Systems,"
Workshop on Reliability in Embedded Systems (in conjunction with Symposium
on Reliable Distributed Systems/SRDS-2001), October 2001.
- Shelton, C. & Koopman, P., "Developing a Software Architecture for
Graceful Degradation in an Elevator Control System," Workshop on
Reliability in Embedded Systems (in conjunction with Symposium on Reliable
Distributed Systems/SRDS-2001), October 2001.
- Hoover, C., Hansen, J., Koopman, P. & Tamboli, S., "The Amaranth Framework: policy-based quality of
service management for high-assurance computing," International
Journal of Reliability, Quality, and Safety Engineering, Vol. 8, No. 4,
2001, pp. 1-28.
- Beveridge, M., Jini on the Control Area
Network (CAN): a case study in portability failure, M.S. Thesis, CMU
ECE, March 2001.
- Nace, W. & Koopman, P., "A
product family based approach to graceful degradation," DIPES 2000,
8-19 October 2000, Paderborn, Germany.
- Tamboli, S., Evaluation of Admission
Policies for Probabilistic Quality of Service (QoS), M.S. Thesis, CMU
ECE, Aug. 2000.
- Hoover, C., Hansen, J., Koopman, P. & Tamboli, S.,"The Amaranth Framework: Probabilistic,
Utility-Based Quality of Service Management for High-Assurance
Computing", IEEE Fourth International High-Assurance Systems
Engineering Symposium (HASE99), IEEE Computer Society Press, Los
Alamitos, CA, Nov. 17-19, 1999, pp. 207-216.
How to figure out the pieces and how they fit together in systems that are
bigger than just a CPU or just a computer. Related is system architecting,
which is how you figure out the right architecture.
- Morris, J. & Koopman, P., "Representing Design
Tradeoffs in Safety-Critical Systems," ICSE 2005 Workshop on
Architecting Dependable Systems, May 2005
- Martin, C. & Koopman, P., "Representing User
Workarounds As A Component Of System Dependability," PRDC 2004:
10th IEEE Pacific Rim International Symposium on Dependable Computing,
March 3-5, 2004.
- Koopman, P. & Hoffman, R., "Work-arounds, make-work, and
kludges," IEEE Intelligent Systems, November/December 2003.
- Latronico, E. & Koopman, P., "Representing Embedded System Sequence
Diagrams As A Formal Language," UML 2001, Toronto Ontario, 3-5
Oct. 2001, pp. 302-316.
- Latronico, B., Martin, C. & Koopman, P., "Analyzing Dependability of Embedded
Systems from the User Perspective," Workshop on Reliability in
Embedded Systems (in conjunction with Symposium on Reliable Distributed
Systems/SRDS-2001), October 2001.
- Bayouth, M. & Koopman, P., "Functional Evolution of an Automated Highway
System for Incremental Deployment," Transportation Research
Record, #1651, Paper #981060, pp. 80-88.
- Koopman, P. & Bayouth, M., "Orthogonal Capability Building Blocks for Flexible
AHS Deployment," Journal of Intelligent Transportation
SystemsVol. 4, pp. 1-19, 1998.
- Koopman, P., "Using CAD Tools for
Embedded System Design: Obstacles Encountered in an Automotive Case
Study," Integrated Computer Aided Engineering, 5(1)
85-94, 1998. (Also,
Tech Report EDRC
05 103 96)
- Koopman, P., "Embedded System Design
Issues -- The Rest of the Story", Proceedings of the 1996
International Conference on Computer Design, Austin, October 7-9 1996.
- Koopman, P., "A taxonomy of
decomposition strategies based on structures, behaviors, and goals",
1995 Conference on Design Theory and Methodology, Boston, September
1995.
- Koopman, P. "Design Constraints on
Embedded Real Time Control Systems," System Design and Network
Architecture Conference, pp. 71-77, May 8-10, 1990.
These differ in many ways from IT style networks, and we have worked on a
variety of aspects.
- Koopman, P. & Szilagyi, C., "Integrity in Embedded Control
Networks," IEEE Security & Privacy, 2013.
- Driscoll, K., Hall, B., Koopman, P., Ray, J., DeWalt, M., Data Network
Evaluation Criteria Handbook, AR-09/24, FAA, 2009.
- Koopman, P., "Critical Embedded
Automotive Networks," IEEE Micro, July-August 2002.
- Koopman, P. (ed.), Special Issue on Critical Embedded Automotive
Networks, IEEE Micro, July-August 2002. (Issue is available from:
IEEE Micro
Archives; IEEE Xplore Archives
- Koopman, P. & Chakravarty, T., "Analysis of the Train Communication Network
Protocol Error Detection Capabilities," http://www.tsd.org/papers/, February
25, 2001.
- Cholkar, A. & Koopman, P., "A
Widely Deployable Web-based Distributed Network Simulation Framework using
CORBA IDL-based APIs," Winter Simulation Conference 2000,
December 5-8 1999, Phoenix, AZ, pp. 1587-1594.
- Hendrey, G., Standard Ethernet as an
Embedded Communication Network, M.S. Thesis, CMU ECE, May 1999.
- Tran, E., Multi-Bit Error Vulnerabilities in
the Controller Area Network Protocol, M.S. Thesis, CMU ECE, May 1999.
- Koopman, P., Tran, E. & Hendrey, G. "Toward Middleware Fault Injection for
Automotive Networks," Fault Tolerant Computing Symposium, pp.
78-79, June 23-25, 1998.
- Tracking down Lost Messages and System
Failures Embedded Systems Programming, 9(11), October 1996,
pp. 38-52
- Koopman, P. & Upender, B., Time Division Multiple Access without a Bus
Master, Technical Report 9500470, United Technologies Research Center,
1995.
- Upender, B. & Koopman, P., "Communication protocols for embedded
systems", Embedded Systems Programming, 7(11) 46-58,
November 1994.
- Upender, B. & Koopman, P., "Embedded Communication Protocol
Options," Proceedings of Embedded Systems Conference 1993,
Santa Clara, pp. 469-480, October 1993; repeated in Proceedings of Embedded
Systems Conference East 1994, Boston, April 1994.
Distributed embedded systems have unique dependability challenges,
especially when theoretical ideas such as group membership and periodic real
time schedules meet the real world.
- Koopman, P. & Ray, J., "Mitigating the Effects
of Internet Timing Faults Across Embedded Network Gateways," MMB/DFT
2010, p. 1, March 2010.
- Ray, J. & Koopman, P., "Queue management
mechanisms for embedded gateways," DSN 2009, pp. 175-184.
- Latronico, E. & Koopman, P., "Design Time Reliability
Analysis of Distributed Fault Tolerance Algorithms," DSN05,
June 2005, pp. 57-64.
- Latronico, E., Reliability Validation of
Group Membership Services for X-by-Wire Protocols, Ph.D. Thesis, CMU
ECE, May 2005
- Latronico, E., Miner, P. & Koopman, P., "Quantifying the
Reliability of Proven SPIDER Group Membership Service Guarantees,"
DSN04, June 2004.
- Morris, J., Kroening, D. & Koopman, P., "Fault Tolerance
Tradeoffs in Moving from Decentralized to Centralized Embedded
Systems," DSN04, June 2004.
- Latronico, E. & Koopman, P., "A Period-Based Group
Membership Strategy for Nodes of TDMA Networks," FeT03, July
2003.
- Latronico, E., "Problems Facing
Group Membership Specifications for X-by-Wire Protocols," DSN
2003 student paper, June 2003.
- Martin, C., Functional fault simulation for
distributed embedded systems, M.S. Thesis, CMU ECE, December 2001
- Cholkar, A., A Web-based Distributed
Network Simulation Framework using CORBA IDL-based APIs, M.S. Thesis,
CMU ECE, May 1999.
- D'Anniballe, J. & Koopman, P., "Towards execution models of distributed
systems: a case study of elevator design", ICCD Workshop on
Hardware/Software Codesign, Boston, October 1993.
In a previous life I designed stack-based CPUs. While they have fallen out
of the mainstream, there is still quite a bit of interest, so I maintain a page
with my work in this area.
Also see my historical page on: stack computers
(which is no longer maintained)
- Koopman, P., "A preliminary
exploration of optimized stack code generation", Journal of Forth
Applications and Research, 6(4), 1994.
- Koopman, P., "A Brief Introduction to
Forth," ACM SIGplan Notices, vol. 28, no. 3, pp. 357-358, March
1993, (History of Programming Languages HOPL-II preprints issue.)
- Koopman, P., "Stack
Machines," In: Thorson, M. (ed.), "Usenet Nuggets,"
SIGARCH Computer Architecture News, 21(1), pp. 36-37, March 1993.
- Keown, W., Koopman, P. & Collins, A., "Performance of the Harris RTX 2000 stack
architecture versus the Sun 4 Sparc and the Sun 3 M68020
architectures", Computer Architecture News, 20(3) 45-52,
June 1992.
- Keown, W., Koopman, P. & Collins, A., "Real-Time Performance of the Harris RTX 2000 Stack
Architecture versus the Sun 4 SPARC and the Sun 3 M68020 Architectures with a
Proposed Real-Time Performance Benchmark," Performance Evaluation
Review, May 1992, vol. 19, no. 4, pp. 40-48.
- Koopman, P., Lee, P. & Siewiorek, D., "Cache Behavior of Combinator Graph
Reduction", Transactions on Programming Languages and Systems,
14(2) 265-297, April 1992.
- Koopman, P., Lee, P. & Siewiorek, D., "Architectural Considerations for Combinator
Graph Reduction," Lee, P. (ed.) Topics In Advanced Language
Implementation, MIT Press, 1991, pp. 369-95.
- Koopman, P. "Some Ideas for Stack
Computer Design," 1991 Rochester Forth Conference, pg. 58, June 1991.
- Koopman, P. (ed), SIGForth '90 and SIGForth '91 Conference
Proceedings, ACM Press, 1991.
- Koopman, P., An Architecture for Combinator
Graph Reduction, Academic Press, 1990.
- Koopman, P., "Testing
Toolkit," Forth Dimensions, vol. 12, no. 3 , pp. 31-32; 41,
September 1990.
- Koopman, P., "Heavyweight Tasking,"
Embedded Systems Programming, vol. 3, no. 4, pp. 42-52, April 1990.
- Koopman, P. "TIGRE: Combinator
Graph Reduction on the RTX 2000," 1990 Rochester Forth
Conference, pp. 82-86, June 1990.
- Koopman, P. "Architectural
Opportunities for Future Stack Engines," 1990 Rochester Forth
Conference, pp. 79-81, June 1990.
- Koopman, P. & VanNorman, R. "Adding a Third Stack to a Forth
Engine," 1990 Rochester Forth Conference, pp. 150-151, June
1990.
- Koopman, P. "Modern Stack Computer
Architecture," System Design and Network Architecture
Conference, pp. 153-164, May 8-10, 1990.
- Koopman, P., Lee, P. & Siewiorek, D., "Cache Performance of Combinator Graph
Reduction", 1990 Int. Conf. on Computer Languages, March 12-15,
1990.
- Koopman, P., "Design Tradeoffs in
Stack Computers," Forth Dimensions, vol. 11, no. 6, pp. 5-9,
March 1990.
- Koopman, P., Stack
Computers, Ellis Horwood, 1989.
- Koopman, P. & Lee, P., "A Fresh
Look at Combinator Graph Reduction", Proc. of the 1989 SIGPLAN
Conf. on Programming Language Design and Implementation, June 21-23, 1989.
- Koopman, P. & VanNorman, R., "RTX 4000," 1989 Rochester Forth
Conference, pp. 84-86, June 6-10, 1989.
- Lee, P. & Koopman, P., Compiling for
Direct Execution of Combinator Graphs, Ergo report, Carnegie Mellon
University, Pittsburgh, 1989.
- Koopman, P. "32 Bit RTX Chip
Prototype," Journal of Forth Application and Research
(Rochester Forth Conference Proceedings), vol. 5, no. 2, pp. 331-335, 1988.
- Koopman, P., "Writable Instruction
Set Stack Oriented Computers: The WISC Concept," Journal of Forth
Application and Research (Rochester Forth Conference Proceedings), vol. 5,
no. 1, pp. 49-71, 1987.
- Koopman, P., "The WISC Concept,"
BYTE, vol. 12, no. 4, pp. 187-194, April 1987.
- Haydon, G., & Koopman, P., "MVP
Microcoded CPU/16: History," Journal of Forth Application and
Research (Rochester Forth Conference Proceedings), vol. 4, no. 2 , pp.
273-276, 1986.
- Koopman, P., & Haydon, G., "MVP
Microcoded CPU/16: Architecture," Journal of Forth Application and
Research (Rochester Forth Conference Proceedings), vol. 4, no. 2, pp.
277-280 1986.
In addition to stack computers, I've done a little bit of work on
supercomputer architecture and everyday CPU design.
- Gupta, R., Koopman, P. & Wolfe, A.,
"Tutorial on CAD for Digital Embedded Systems", Design
Automation Conference, June 1995.
- Koopman, P., "Perils of the PC
Cache", Embedded Systems Programming, 6(5) 26-34, May
1993.
- Siewiorek, D. & Koopman, P., The
Architecture of Supercomputers: Titan, a case study, Academic Press,
1991.
- Koopman, P. & Siewiorek, D., "The
Impact of Rent's Rule on Massive Parallelism", Frontiers of
Massively Parallel Computation, 1988.
- Koopman, P., "Microcoded vs. Hard-Wired
Control," BYTE, vol. 12, no. 1, pp. 235-242, January 1987.
- Koopman, P., "Lessons
Learned in Teaching a Complex Distributed Embedded System Project
Course," CPS-Ed 2013, April 8, 2013.
- Koopman, P., "Risk Areas In Embedded
Software Industry Projects", Workshop on Embedded System Education,
Oct 28, 2010.
- Koopman, P., Better Embedded
System Software, Drumnadrochit Press, 2010, ISBN-13: 978-0-9844490-0-2.
(Also see accompanying Blog)
- Koopman, P., H. Choset, R. Gandhi, B. Krogh, D. Marculescu, P. Narasimhan,
J. Paul, R. Rajkumar, D. Siewiorek, A. Smailagic, P. Steenkiste, D. Thomas, C.
Wang, "Undergraduate
Embedded System Education at Carnegie Mellon," ACM Journal
Transactions on Embedded Computing Systems, Vol 4, No. 3, September 2005.
Things that don't fit into the other bins.
- Koopman, P. & Kaner, C., "The
problem of embedded software in UCITA and drafts of revised Article
2," UCC Bulletin, 3 parts: February 2001; March 2001; April
2001.
- Koopman, P., "On Being the Bearer of
Bad News" (engineering ethics), The Institute, IEEE, vol. 20,
no. 6, pg. 15, June 1996. Reprinted in Engineering Dimensions,
Professional Engineers of Ontario, January 2000 pp. 25-26.
- Essay: How to Write an Abstract
Philip Koopman Phone:
+1.412.268.5225 US Eastern Time More Contact Info