487 research outputs found
Formalism and judgement in assurance cases
This position paper deals with the tension between the desire for sound and auditable assurance cases and the current ubiquitous reliance on expert judgement. I believe that the use of expert judgement, though inevitable, needs to be much more cautious and disciplined than it usually is. The idea of assurance “cases ” owes its appeal to an awareness that all too often critical decisions are made in ways that are difficult to justify or even to explain, leaving the doubt (for the decision makers as well as other interested parties) that the decision may be unsound. By building a well-structured “case ” we would wish to allow proper scrutiny of the evidence and assumptions used, and of the arguments that link them to support a decision. A
Recommended from our members
Enhancing Fault / Intrusion Tolerance through Design and Configuration Diversity
Fault/intrusion tolerance is usually the only viable way of improving the system dependability and security in the presence of continuously evolving threats. Many of the solutions in the literature concern a specific snapshot in the production or deployment of a fault-tolerant system and no immediate considerations are made about how the system should evolve to deal with novel threats. In this paper we outline and evaluate a set of operating systems’ and applications’ reconfiguration rules which can be used to modify the state of a system replica prior to deployment or in between recoveries, and hence increase the replicas chance of a longer intrusion-free operation
Fault Injection based Failure Analysis of three CentOS-like Operating Systems
The reliability of operating system (OS) has always been a major concern in
the academia and industry. This paper studies how to perform OS failure
analysis by fault injection based on the fault mode library. Firstly, we use
the fault mode generation method based on Linux abstract hierarchy structure
analysis to systematically define the Linux-like fault modes, construct a Linux
fault mode library and develop a fault injection tool based on the fault mode
library (FIFML). Then, fault injection experiments are carried out on three
commercial Linux distributions, CentOS, Anolis OS and openEuler, to identify
their reliability problems and give improvement suggestions. We also use the
virtual file systems of these three OSs as experimental objects, to perform
fault injection at levels of Light and Normal, measure the performance of 13
common file operations before and after fault injection.Comment: 9 pages, 8 figure
Recommended from our members
Fault tolerance via diversity for off-the-shelf products: A study with SQL database servers
If an off-the-shelf software product exhibits poor dependability due to design faults, then software fault tolerance is often the only way available to users and system integrators to alleviate the problem. Thanks to low acquisition costs, even using multiple versions of software in a parallel architecture, which is a scheme formerly reserved for few and highly critical applications, may become viable for many applications. We have studied the potential dependability gains from these solutions for off-the-shelf database servers. We based the study on the bug reports available for four off-the-shelf SQL servers plus later releases of two of them. We found that many of these faults cause systematic noncrash failures, which is a category ignored by most studies and standard implementations of fault tolerance for databases. Our observations suggest that diverse redundancy would be effective for tolerating design faults in this category of products. Only in very few cases would demands that triggered a bug in one server cause failures in another one, and there were no coincident failures in more than two of the servers. Use of different releases of the same product would also tolerate a significant fraction of the faults. We report our results and discuss their implications, the architectural options available for exploiting them, and the difficulties that they may present
Movement-Efficient Sensor Deployment in Wireless Sensor Networks With Limited Communication Range.
We study a mobile wireless sensor network (MWSN) consisting of multiple
mobile sensors or robots. Three key factors in MWSNs, sensing quality, energy
consumption, and connectivity, have attracted plenty of attention, but the
interaction of these factors is not well studied. To take all the three factors
into consideration, we model the sensor deployment problem as a constrained
source coding problem. %, which can be applied to different coverage tasks,
such as area coverage, target coverage, and barrier coverage. Our goal is to
find an optimal sensor deployment (or relocation) to optimize the sensing
quality with a limited communication range and a specific network lifetime
constraint. We derive necessary conditions for the optimal sensor deployment in
both homogeneous and heterogeneous MWSNs. According to our derivation, some
sensors are idle in the optimal deployment of heterogeneous MWSNs. Using these
necessary conditions, we design both centralized and distributed algorithms to
provide a flexible and explicit trade-off between sensing uncertainty and
network lifetime. The proposed algorithms are successfully extended to more
applications, such as area coverage and target coverage, via properly selected
density functions. Simulation results show that our algorithms outperform the
existing relocation algorithms
Recommended from our members
The effect of testing on reliability of fault-tolerant software
Previous models have investigated the impact upondiversity - and hence upon the reliability of fault-tolerantsoftware built from 'diverse' versions - of the variation in'difficulty' of demands over the demand space. Thesemodels are essentially static, taking a single snapshotview of the system. In this paper we consider ageneralisation in which the individual versions areallowed to evolve - and their reliability to grow - throughdebugging. In particular, we examine the trade-off thatoccurs in testing between, on the one hand, the increasingreliability of individual versions, and on the other handthe possible diminution of diversity
- …