Dependability of Software-Based Critical Systems

Software, and thus design faults, are recognized as the current bottleneck for dependability of computing systems. This paper, which elaborates on [Laprie 96], is aimed at giving recommendations and directions in order to undertake the design of software-based critical systems in an effective and cohesive way.

[1]  Jim Gray,et al.  Why Do Computers Stop and What Can Be Done About It? , 1986, Symposium on Reliability in Distributed Software and Database Systems.

[2]  Yves Deswarte,et al.  Supporting multiple levels of criticality , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[3]  Dan Craigen,et al.  An International Survey of Industrial Applications of Formal Methods , 1992, Z User Workshop.

[4]  Mark Schlack,et al.  Digital Equipment Corp. , 1993 .

[5]  Tullio Vardanega,et al.  On the development of fault-tolerant on-board control software and its evaluation by fault injection , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[6]  Ravishankar K. Iyer,et al.  Experimental evaluation , 1995 .

[7]  Pascal Traverse AIRBUS and ATR System Architecture and Specification , 1988 .

[8]  Martín Abadi,et al.  Composing specifications , 1989, TOPL.

[9]  Martin L. Shooman Avionics software problem occurrence rates , 1996, Proceedings of ISSRE '96: 7th International Symposium on Software Reliability Engineering.

[10]  R. A. Maxion,et al.  Toward Fault-Tolerant User Interfaces , 1986 .

[11]  Nancy G. Leveson,et al.  Safeware: System Safety and Computers , 1995 .

[12]  Daniel F. Ford,et al.  The Button: The Pentagon's Strategic Command and Control System , 1985 .

[13]  Yves Crouzet,et al.  Human Error Tolerant Design for Air Traffic Control Systems , 1996 .

[14]  Thomas F. Arnold,et al.  The Concept of Coverage and Its Effect on the Reliability Model of a Repairable System , 1973, IEEE Transactions on Computers.

[15]  P. K. Giloth,et al.  NO. 4 ESS: performance objectives and service experience , 1981, The Bell System Technical Journal.

[16]  John McLean,et al.  A general theory of composition for trace sets closed under selective interleaving functions , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[17]  Peter Essens,et al.  Improving Function Allocation for Integrated Systems Design , 1996 .

[18]  Algirdas Avižienis,et al.  Building dependable systems: how to keep up with complexity , 1995 .

[19]  Jean Arlat,et al.  Fault Injection for Dependability Validation: A Methodology and Some Applications , 1990, IEEE Trans. Software Eng..

[20]  Michael O. Rabin,et al.  Efficient dispersal of information for security, load balancing, and fault tolerance , 1989, JACM.

[21]  Clifford Stoll,et al.  Stalking the wily hacker , 1988, CACM.

[22]  A. Avizienis,et al.  Dependable computing: From concepts to design diversity , 1986, Proceedings of the IEEE.

[23]  W.N. Toy,et al.  Fault-tolerant design of local ESS processors , 1978, Proceedings of the IEEE.

[24]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[25]  G. B. Finelli,et al.  The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software , 1993, IEEE Trans. Software Eng..

[26]  Kishor S. Trivedi,et al.  Coverage Modeling for Dependability Analysis of Fault-Tolerant Systems , 1989, IEEE Trans. Computers.

[27]  David Powell Failure mode assumptions and assumption coverage , 1992 .

[28]  Algirdas Avizienis,et al.  A fault tolerance approach to computer viruses , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[29]  Jan Noyes,et al.  Human Error in the Cockpit , 1991 .

[30]  Donald A. Norman,et al.  Design rules based on analyses of human error , 1983, CACM.

[31]  Jim Gray,et al.  A census of Tandem system availability between 1985 and 1990 , 1990 .

[32]  William B. Rouse,et al.  Conceptual design of a human error tolerant interface for complex engineering systems , 1987, Autom..

[33]  Marc Dacier,et al.  Models and tools for quantitative assessment of operational security , 1996, SEC.

[34]  Daniel P. Siewiorek,et al.  Automated robustness testing of off-the-shelf software components , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[35]  Nancy G. Leveson,et al.  An investigation of the Therac-25 accidents , 1993, Computer.

[36]  Edward J. McCluskey,et al.  Executable assertions and flight software , 1984 .

[37]  David Chenho Kung,et al.  Developing an object-oriented software testing and maintenance environment , 1995, CACM.

[38]  Paul Williams,et al.  London ambulance service inquiry , 1993 .

[39]  Gunnar Hagelin ERICSSON Safety System for Railway Control , 1988 .

[40]  Robert S. Swarz,et al.  Reliable Computer Systems: Design and Evaluation , 1992 .

[41]  Eugene H. Spafford,et al.  Crisis and aftermath , 1989, Commun. ACM.

[42]  Hermann Kopetz,et al.  Dependability: Basic Concepts and Terminology , 1992 .

[43]  Jean-Pierre Queille,et al.  Executable assertions and timed traces for on-line software error detection , 1996, Proceedings of Annual Symposium on Fault Tolerant Computing.

[44]  Mladen A. Vouk,et al.  On operational availability of a large software-based telecommunications system , 1992, [1992] Proceedings Third International Symposium on Software Reliability Engineering.

[45]  Corinne Mazet,et al.  Dependable Systems: Error Tolerance and Man-Machine Cooperation , 1996 .

[46]  Jean-Claude Laprie,et al.  Software-based critical systems , 1996, SAFECOMP.

[47]  Bernard Courtois,et al.  A generalized theory of fail-safe systems , 1989, [1989] The Nineteenth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[48]  W. C. Carter,et al.  Reliability modeling techniques for self-repairing computer systems , 1969, ACM '69.

[49]  John R. Garman,et al.  The "BUG" heard 'round the world: discussion of the software problem which delayed the first shuttle orbital flight , 1981, SOEN.