Software Fault Tolerance

Achievement and Assessment Strategies
Herausgeber: Kersken, Manfred, Saglietti, Francesca

• Broschiertes Buch

Produktbeschreibung

This volume summarizes the results obtained by the group working on softwarefault tolerance within the REQUEST (Reliability and Quality of European Software Technology) project of the ESPRIT programme of the European Communities.

It should be read by anyone with a professional interest in safety-critical and fault-tolerant computing.

A generic model is developed for evaluating the reliability of fault-tolerant software systems.Emphasis is put on identification of problem areas in the development and assessment of fault-tolerant software systems and in the components.Examples of crucial failures are those of diverse versions due to a common cause, or failures in the adjudicator which acts on outputs of diverse versions. The causes for common failures of versions are similarities in the solutions of specified problems. Methods were developed to determine similarity among versions by means of well-known software engineering methods. Concerning adjudicators, the influences of several factors on failure detection capability are discussed and guidelines are given for optimal design. A methodology is developed to determine dissimilarity on the level of diverse specifications.

Cost-based support is given for deciding whether diversity should be used in a software system or a single program shouldbe enhanced by additional verification effort.

---

The first ESPRIT programme contained several ambitious projects. of which REQUEST. with its wide brief covering all issues of assessment of quality and reliability of software process and product. was one. Within REQUEST. the research described in this volume. concerning those special problems of software that is required to have extremely high reliability. was particularly difficult and ambitious. The problems of software reliability are essentially twofold. On the one hand there is a concern with methods for achieving adequate reliability. on the other hand there is a need to evaluate what has actually been achieved in a particular case. Naturally. far more effort has been spent over the years on the former problem; indeed. there is a sense in which all of conventional software engineering can be seen as a response to this problem. However. it is becoming clearer than ever that we can only claim to have a truly sCientific approach. and so justify the description software engineering. when we are able to measure the attributes of process and product. It is still common to find software development methods recommended to users on purely anecdotal grounds. This is not good enough. Rational choices between rival approaches can only be made on the basis of quantified costs and benefits. Even more worrying is the tendency to argue that a software product can be depended upon merely because it has been developed by honest men using such anecdotal 'good practice'.

Produktdetails

• Research Reports Esprit 1
• Verlag: Springer / Springer Berlin Heidelberg / Springer, Berlin
• Artikelnr. des Verlages: 978-3-540-55212-3
• 1992.
• Seitenzahl: 260
• Erscheinungstermin: 25. März 1992
• Englisch
• Abmessung: 242mm x 170mm x 15mm
• Gewicht: 445g
• ISBN-13: 9783540552123
• ISBN-10: 354055212X
• Artikelnr.: 26020630

Inhaltsangabe

1 Introduction.- 2 Overview.- 2.1 The Concept of Software Fault-tolerance.- 2.2 Failure Dependence.- 2.3 Evaluation of Reliability of Fault Tolerant Software.- 2.4 Adjudication Mechanisms.- 2.5 Conclusion.- References.- 3 Considerations on Software Diversity on the Basis of Experimental and Theoretical Work.- 3.1 The Different Failure Sets of a Two-fold Diverse System.- 3.2 Experimental Approach.- 3.3 Theoretical Approach.- 3.4 Additional Requirements.- 3.5 Comparison Between Single and Diverse Use of Programs.- 3.6 Conclusion.- References.- 4 The Impact of Forced Diversity on the Failure Behaviour of Multiversion Software.- 4.1 Introduction.- 4.2 Common Failure Behaviour of Forced and Unforced Diverse Systems w. r. t. the Voter Majority.- 4.3 Common Failure Behaviour of Forced and Unforced Diverse Systems w. r. t. the Voter Granularity.- 4.4 Conclusion.- References.- 5 Functional Diversity.- 5.1 Introduction.- 5.2 Limitations of Normal Diversity.- 5.3 Description of Functional Diversity Methodology.- 5.4 Advantages of Functional with respect to Normal Diversity.- 5.5 Disadvantages of Functional Diversity.- 5.6 Application Fields.- 5.7 Choice of the Modelling Approach for Functional Diversity.- 5.8 Classical Semantic Approach.- 5.9 Functional Semantics.- 5.10 Semantic Modelling of Functional Diversity.- 5.11 Functional Diversity Metrication.- 5.12 Definition of Functional Diversity Metrics.- 5.13 Classification of the Metrics.- 5.14 Reliability Analysis for Functionally Diverse Systems.- 5.15 Static Specification Analysis.- 5.16 Reliability Evaluation.- 5.17 Semantic Specification Language.- 5.18 Semantic Specification Analysis Methodology.- References.- 6 Estimation of Failure Correlation in Diverse Software Systems with Dependent Components.- 6.1 Introduction.- 6.2 Evaluation of the Inaccuracy Resulting from the Independence Assumption.- 6.3 The Case of Available Failure Observations.- 6.4 The Case of No Available Failure Observations.- 6.5 Conclusion.- References.- 7 Measurement of Diversity Degree by Quantification of Dissimilarity in the Input Partition.- 7.1 Input Partition and Coverage Diversity.- 7.2 Partition Diversity during the Testing Phase.- 7.3 Conclusion.- References.- 8 Comparison of Mnemonics for Software Diversity Assessment.- 8.1 The Initial Prototype Investigation.- 8.2 Enhancement of the Prototype.- 8.3 Further Improvements to Technique.- 8.4 Conclusions.- References.- 9 The FRIL Model Approach for Software Diversity Assessment.- 9.1 Software Attributes Affecting Diversity.- 9.2 Measuring Diversity.- 9.3 The FRIL Model for Software Diversity Assessment.- 9.4 Extension of the Work.- References.- 10 Reliability Evaluation.- 10.1 Introduction.- 10.2 State of The Art of Reliability Models for Fault Tolerant Software.- 10.3 System States of Fault Tolerant Architectures.- 10.4 Analysis of System Sub-states.- 10.5 Modelling Approach.- 10.6 Modelling Methods.- 10.7 Evaluation of the Equations.- References.- 11 The Impact of Voter Granularity in Fault-Tolerant Software on System Reliability and Availability.- 11.1 Definition of System States.- 11.2 Effect of Voter Granularity on System States.- 11.3 Examples.- 11.4 Strategic Choice of Optimal Granularity.- 11.5 Mixed Solutions.- 11.6 Conclusion.- References.- 12 A Theoretical Evaluation of the Acceptance Test in Recovery Block Programming.- 12.1 Introduction.- 12.2 General Features and Examples of Acceptance Tests.- 12.3 Formal Definition of Acceptance Test Characteristics.- 12.4 An Error Model for the Acceptance Test Behaviour.- 12.5 Conclusion.- References.- 13 Locationof Checkpoints by Considering Information Reduction.- 13.1 Introduction.- 13.2 Failure Masking.- 13.3 Function Classes Reducing Information.- 13.4 Impact of Information Reduction on Failure Dependence.- 13.5 Information Reduction for Binary Values.- 13.6 Location of Checkpoints.- 13.7 Example.- 13.8 Conclusion.- References.- 14 Conclusions.- 14.1 Hardware Failure vs. Software Failure.- 14.2 Diversity and the Design of Fault-tolerant Software Systems.- 14.3 Assessment of Software Fault-tolerance.- 14.4 Prospect.