Robustness testing and hardening of CORBA ORB implementations

Before using CORBA (Common Object Request Broker Architecture) applications in mission-critical scenarios, it is important to understand the robustness of the Object Request Broker (ORB) being used, which forms the platform for CORBA applications. We have extended the Ballista software testing technique to test the exception-handling robustness of C++ ORB client-side application interfaces, and have tested two major versions of three ORB implementations on two operating systems, yielding robustness failure rates ranging from 26% to 42%. To improve ORB robustness, we also propose a probing method to harden object and pseudo-object related data types against exceptional inputs. Using these probes on omniORB 2.8 has proven to be effective in eliminating some cases of robustness failures found during testing. These results suggest that CORBA implementations currently have significant robustness vulnerabilities, but that some important classes of problems can be overcome with better exception-handling approaches.

[1]  A. Watson,et al.  OMG (Object Management Group) architecture and CORBA (common object request broker architecture) specification , 2002 .

[2]  Wen-mei W. Hwu,et al.  A software based approach to achieving optimal performance for signature control flow checking , 1990, [1990] Digest of Papers. Fault-Tolerant Computing: 20th International Symposium.

[3]  John Paul Shen,et al.  Processor Control Flow Monitoring Using Signatured Instruction Streams , 1987, IEEE Transactions on Computers.

[4]  Timothy Kong,et al.  Concurrent Detection of Software and Hardware Data-Access Faults , 1997, IEEE Trans. Computers.

[5]  Priya Narasimhan,et al.  A fault tolerance framework for CORBA , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[6]  Satish M. Thatte,et al.  Concurrent Checking of Program Flow in VLSI Processors , 1982, ITC.

[7]  Silvano Maffeis A fault-tolerant CORBA name server , 1996, Proceedings 15th Symposium on Reliable Distributed Systems.

[8]  Kent D. Wilken,et al.  An Optimal Graph-Construction Approach to Placing Program Signatures for Signature Monitoring , 1993, IEEE Trans. Computers.

[9]  Douglas Niehaus,et al.  Performance Patterns: Automated Scenario-Based ORB Performance Evaluation , 1999, COOTS.

[10]  John Paul Shen,et al.  Concurrent Error Detection using Signature Monitoring and Encryption , 1991 .

[11]  Philip Koopman,et al.  Robustness testing of a distributed simulation backplane , 1999, Proceedings 10th International Symposium on Software Reliability Engineering (Cat. No.PR00443).

[12]  S. H. Saib Executable Assertions - An Aid To Reliable Software , 1977 .

[13]  Massachusett Framingham,et al.  The Common Object Request Broker: Architecture and Specification Version 3 , 2003 .

[14]  Yennun Huang,et al.  A management interface for distributed fault tolerance CORBA services , 1998, Proceedings of the IEEE Third International Workshop on Systems Management.

[15]  Aniruddha S. Gokhale,et al.  Evaluating CORBA latency and scalability over high-speed ATM networks , 1997, Proceedings of 17th International Conference on Distributed Computing Systems.

[16]  Philip Koopman,et al.  Comparing the robustness of POSIX operating systems , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[17]  Philip Koopman,et al.  The Exception Handling Effectiveness of POSIX Operating Systems , 2000, IEEE Trans. Software Eng..

[18]  Edward J. McCluskey,et al.  Control-Flow Checking Using Watchdog Assists and Extended-Precision Checksums , 1990, IEEE Trans. Computers.

[19]  Adam Woei-Jyh Lee,et al.  Fault-injection experiments for distributed objects , 1999, Proceedings of the International Symposium on Distributed Objects and Applications.