State of the Art Survey

Introductory Remarks This report provides a state of the art survey related to the work package on architecture and design, and to the work package on validation. The report is organised into 5 chapters, the first 3 relate to DSoS work on architecture and design, and the last 2 to work on validation. These chapters may be read independently, and corresponding bibliographical references are given separately at the end of the report. The 5 chapters address the following areas: 1. Architecture and Design: This chapter focuses on work in the field of architecture-based development of software systems. It discusses proposed notations for the rigorous description of software architectures, together with associated methods and tools for the design, analysis and building (construction) of software systems from their architectural description. 2. Mechanisms for Enforcing Dependability of Services: This chapter addresses both the essential mechanisms for enforcing dependability of services, and the architectural concepts for the design and implementation of dependable systems of systems. 3. Wrapping Technology: This chapter summarises the work done in the area of wrapping technology with respect to both solving architectural mismatch issues, and protecting components against erroneous interacting components. 4. Validation Techniques: This chapter provides an overview of work in the field of validation, addressing related methods based on testing, fault injection, and model checking. 5. Dependability Evaluation of Large Systems: This chapter surveys the two complementary approaches that can be undertaken for the dependability evaluation of systems of systems, i.e., analytical modelling and measurement-based assessment.

[1]  Brian Randell,et al.  An application of fault tolerance patterns and coordinated atomic actions to a problem in railway scheduling , 2000, OPSR.

[2]  Ian Welch,et al.  Kava - A Reflective Java Based on Bytecode Rewriting , 1999, Reflection and Software Engineering.

[3]  Masahiro Fujita,et al.  Symbolic model checking using SAT procedures instead of BDDs , 1999, DAC '99.

[4]  Johan Karlsson,et al.  Fault injection into VHDL models: the MEFISTO tool , 1994 .

[5]  E. B. Moss,et al.  Nested Transactions: An Approach to Reliable Distributed Computing , 1985 .

[6]  Urs Hölzle,et al.  Binary Component Adaptation , 1997, ECOOP.

[7]  Juan A. Carrasco,et al.  METFAC: design and implementation of a software tool for modeling and evaluation of complex fault-tolerant computing systems , 1986 .

[8]  Ifip,et al.  Middleware 2000 : IFIP/ACM International Conference on Distributed Systems Platforms and Open Distributed Processing, New York, NY, USA, April 4-7, 2000 : proceedings , 2000 .

[9]  Yves Crouzet,et al.  Software Statistical Testing , 1995 .

[10]  Dan Harkey,et al.  The Essential Client/Server Survival Guide, 2nd Edition , 1996 .

[11]  Bruno Marre,et al.  Test sequences generation from LUSTRE descriptions: GATEL , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[12]  Richard N. Taylor,et al.  A Classification and Comparison Framework for Software Architecture Description Languages , 2000, IEEE Trans. Software Eng..

[13]  François Laroussinie,et al.  Model-Checking for Hybrid Systems by Quotienting and Constraints Solving , 2000, CAV.

[14]  Jean Arlat,et al.  Fault Injection and Dependability Evaluation of Fault-Tolerant Systems , 1993, IEEE Trans. Computers.

[15]  Ravishankar K. Iyer,et al.  Recognition of Error Symptoms in Large Systems , 1986, FJCC.

[16]  Gianfranco Ciardo,et al.  SMART: simulation and Markovian analyzer for reliability and timing , 1996, Proceedings of IEEE International Computer Performance and Dependability Symposium.

[17]  Shigeru Chiba,et al.  Load-Time Structural Reflection in Java , 2000, ECOOP.

[18]  P. Reynier,et al.  Active replication in Delta-4 , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[19]  Jim Gray,et al.  Why Do Computers Stop and What Can Be Done About It? , 1986, Symposium on Reliability in Distributed Software and Database Systems.

[20]  Scott M. Lewandowski,et al.  Frameworks for component-based client/server computing , 1998, CSUR.

[21]  M. Condon,et al.  System availability monitoring , 1990 .

[22]  Vern Paxson,et al.  An architecture for large-scale Internet measurement , 1998, IEEE Commun. Mag..

[23]  Úlfar Erlingsson,et al.  SASI enforcement of security policies: a retrospective , 1999, NSPW '99.

[24]  K. Sriram A study of the reliability of hosts on the Internet , 1993 .

[25]  R. Fisher The Advanced Theory of Statistics , 1943, Nature.

[26]  Robert P. Kurshan,et al.  A structural induction theorem for processes , 1989, PODC.

[27]  Daniel P. Siewiorek,et al.  A Methodology for the Rapid Injection of Transient Hardware Errors , 1996, IEEE Trans. Computers.

[28]  C. A. R. Hoare,et al.  Parallel Programming: An Axiomatic Approach , 1975, Comput. Lang..

[29]  Valérie Issarny,et al.  Characterizing coordination architectures according to their non-functional execution properties , 1998, Proceedings of the Thirty-First Hawaii International Conference on System Sciences.

[30]  Urs Hölzle,et al.  Integrating Independently-Developed Components in Object-Oriented Languages , 1993, ECOOP.

[31]  J. J. Serrano,et al.  Experimental validation of high-speed fault-tolerant systems using physical fault injection , 1999, Dependable Computing for Critical Applications 7.

[32]  Edgar Nett,et al.  How to commit concurrent, non-isolated computations , 1995, Proceedings of the Fifth IEEE Computer Society Workshop on Future Trends of Distributed Computing Systems.

[33]  J. Karlsson,et al.  Application of Three Physical Fault Injection Techniques to the Experimental Assessment of the MARS Architecture , 1995 .

[34]  Karama Kanoun,et al.  Software dependability of a telephone switching system. , 1987 .

[35]  Mladen A. Vouk,et al.  Measuring the field quality of wide-distribution commercial software , 1992, [1992] Proceedings Third International Symposium on Software Reliability Engineering.

[36]  Ravishankar K. Iyer,et al.  FINE: A Fault Injection and Monitoring Environment for Tracing the UNIX System Behavior under Faults , 1993, IEEE Trans. Software Eng..

[37]  Karama Kanoun,et al.  Software Reliability Analysis of Three Successive Generations of a Switching System , 1994, EDCC.

[38]  Karama Kanoun,et al.  Dependability Evaluation of an Air Traffic Control Computing System , 1999, Perform. Evaluation.

[39]  Jean-Charles Fabre,et al.  A Metaobject Architecture for Fault-Tolerant Distributed Systems: The FRIENDS Approach , 1998, IEEE Trans. Computers.

[40]  Marco Vieira,et al.  On the emulation of software faults by software fault injection , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[41]  Diamantino Costa,et al.  Fault injection spot-checks computer system dependability , 1999 .

[42]  Adam A. Porter,et al.  Specification-based Testing of Reactive Software: Tools and Experiments Experience Report , 1997, Proceedings of the (19th) International Conference on Software Engineering.

[43]  Ytzhak H. Levendel Reliability Analysis of Large Software Systems: Defect Data Modeling , 1990, IEEE Trans. Software Eng..

[44]  Jean Arlat,et al.  Definition and analysis of hardware- and software-fault-tolerant architectures , 1990, Computer.

[45]  David Garlan,et al.  Specifying Dynamism in Software Architectures , 1997 .

[46]  Ravishankar K. Iyer,et al.  Experimental analysis of computer system dependability , 1996 .

[47]  Jean Arlat,et al.  Estimators for fault tolerance coverage evaluation , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[48]  Karama Kanoun,et al.  Dependability of fault-tolerant systems-explicit modeling of the interactions between hardware and software components , 1996, Proceedings of IEEE International Computer Performance and Dependability Symposium.

[49]  David Powell,et al.  Distributed fault tolerance: lessons from Delta-4 , 1994, IEEE Micro.

[50]  Per Runeson,et al.  Architecture Design Recovery of a Family of Embedded Software Systems , 1999, WICSA.

[51]  Jim Gray,et al.  A census of Tandem system availability between 1985 and 1990 , 1990 .

[52]  Daniel P. Siewiorek,et al.  Comparing operating systems using robustness benchmarks , 1997, Proceedings of SRDS'97: 16th IEEE Symposium on Reliable Distributed Systems.

[53]  Paola Velardi,et al.  Hardware-Related Software Errors: Measurement and Analysis , 1985, IEEE Transactions on Software Engineering.

[54]  Karama Kanoun,et al.  Incremental Approach for Building Stochastic Petri Nets for Dependability Modeling , 1999 .

[55]  Ravishankar K. Iyer,et al.  Failure data analysis of a LAN of Windows NT based computers , 1999, Proceedings of the 18th IEEE Symposium on Reliable Distributed Systems.

[56]  Dragos Manolescu,et al.  Production workflow: concepts and techniques , 2001, SOEN.

[57]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[58]  Kishor S. Trivedi,et al.  An Aggregation Technique for the Transient Analysis of Stiff Markov Chains , 1986, IEEE Transactions on Computers.

[59]  A. W. Roscoe,et al.  Data Independent Induction over Structured Networks , 2000, PDPTA.

[60]  Gregory D. Abowd,et al.  Formalizing style to understand descriptions of software architecture , 1995, TSEM.

[61]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[62]  Takeo Kanade,et al.  Unifying Theories of Programming , 2010, Lecture Notes in Computer Science.

[63]  Isabel Rojas Compositional Construction of SWN models , 1995, Comput. J..

[64]  Kishor S. Trivedi,et al.  Techniques and Tools for Reliability and Performance Evaluation: Problems and Perspectives , 1994, Computer Performance Evaluation.

[65]  Ravishankar K. Iyer,et al.  Effect of System Workload on Operating System Reliability: A Study on IBM 3081 , 1985, IEEE Transactions on Software Engineering.

[66]  Karama Kanoun,et al.  Modeling the dependability of CAUTRA, a subset of the French air traffic control system , 1996, Proceedings of Annual Symposium on Fault Tolerant Computing.

[67]  Kishor S. Trivedi,et al.  Dependability modeling of a heterogeneous VAX-cluster system using stochastic reward nets , 1992 .

[68]  Kishor S. Trivedi,et al.  Dependability Modelling and Sensitivity Analysis of Scheduled Maintenance Systems , 1999, EDCC.

[69]  Danny Dolev,et al.  On the minimal synchronism needed for distributed consensus , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[70]  Daniel P. Siewiorek,et al.  A comparative analysis of event tupling schemes , 1996, Proceedings of Annual Symposium on Fault Tolerant Computing.

[71]  Shing-Chi Cheung,et al.  Verification of liveness properties using compositional reachability analysis , 1997, ESEC '97/FSE-5.

[72]  Marie-Claude Gaudel,et al.  Testing Algebraic Data Types and Processes: A Unifying Theory , 1998, Formal Aspects of Computing.

[73]  Ravishankar K. Iyer,et al.  Error/failure analysis using event logs from fault tolerant systems , 1991, [1991] Digest of Papers. Fault-Tolerant Computing: The Twenty-First International Symposium.

[74]  Kedar S. Namjoshi,et al.  On the completeness of compositional reasoning , 2000 .

[75]  David Garlan,et al.  A Formal Approach to Software Architectures , 1992, IFIP Congress.

[76]  Daniel P. Siewiorek,et al.  Models for time coalescence in event logs , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[77]  Jacob A. Abraham,et al.  FERRARI: A Flexible Software-Based Fault and Error Injection System , 1995, IEEE Trans. Computers.

[78]  David Lee,et al.  Testing Finite-State Machines: State Identification and Verification , 1994, IEEE Trans. Computers.

[79]  Lydie du Bousquet,et al.  Lutess: a specification-driven testing environment for synchronous software , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[80]  Paulo Veríssimo,et al.  The Delta-4 extra performance architecture (XPA) , 1990, [1990] Digest of Papers. Fault-Tolerant Computing: 20th International Symposium.

[81]  Pascal Felber,et al.  THE CORBA OBJECT GROUP SERVICE: A SERVICE APPROACH TO OBJECT GROUPS IN CORBA , 1998 .

[82]  Paola Inverardi,et al.  Formal Specification and Analysis of Software Architectures Using the Chemical Abstract Machine Model , 1995, IEEE Trans. Software Eng..

[83]  Jean Arlat,et al.  Fault injection for formal testing of fault tolerance , 1996, IEEE Trans. Reliab..

[84]  Naranker Dulay,et al.  Specifying Distributed Software Architectures , 1995, ESEC.

[85]  Brian Randell System structure for software fault tolerance , 1975 .

[86]  Ravishankar K. Iyer,et al.  A hierarchical approach for dependability analysis of a commercial cache-based RAID storage architecture , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[87]  Brian Randell,et al.  Error recovery in asynchronous systems , 1986, IEEE Transactions on Software Engineering.

[88]  Darrell D. E. Long,et al.  A longitudinal survey of Internet host reliability , 1995, Proceedings. 14th Symposium on Reliable Distributed Systems.

[89]  Daniel P. Siewiorek,et al.  VAX/VMS event monitoring and analysis , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[90]  Stavros Tripakis,et al.  Kronos: A Model-Checking Tool for Real-Time Systems , 1998, CAV.

[91]  Christel Baier,et al.  Symbolic Model Checking for Probabilistic Processes , 1997, ICALP.

[92]  Jeremy Dick,et al.  Automating the Generation and Sequencing of Test Cases from Model-Based Specifications , 1993, FME.

[93]  André Schiper,et al.  Consensus: The Big Misunderstanding , 1997 .

[94]  Sean Landis,et al.  Building Reliable Distributed Systems with CORBA , 1997, Theory Pract. Object Syst..

[95]  M. Nussbaum Database Transaction Models for Advanced Applications , 1992 .

[96]  Gianfranco Ciardo,et al.  A data structure for the efficient Kronecker solution of GSPNs , 1999, Proceedings 8th International Workshop on Petri Nets and Performance Models (Cat. No.PR00331).

[97]  Sam Toueg,et al.  Unreliable failure detectors for reliable distributed systems , 1996, JACM.

[98]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[99]  Hélène Waeselynck,et al.  Test Criteria Definition for B Models , 1999, World Congress on Formal Methods.

[100]  Farnam Jahanian,et al.  Experimental study of Internet stability and backbone failures , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[101]  Tsun S. Chow,et al.  Testing Software Design Modeled by Finite-State Machines , 1978, IEEE Transactions on Software Engineering.

[102]  Ram Chillarege,et al.  Measurement of failure rate in widely distributed software , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[103]  David Garlan,et al.  A formal basis for architectural connection , 1997, TSEM.

[104]  Charles P. Shelton,et al.  Robustness testing of the Microsoft Win32 API , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[105]  Ravishankar K. Iyer,et al.  Failure analysis and modeling of a VAXcluster system , 1990, [1990] Digest of Papers. Fault-Tolerant Computing: 20th International Symposium.

[106]  Ravishankar K. Iyer,et al.  Reliability of Internet Hosts: A Case Study from the End User's Perspective , 1999, Comput. Networks.

[107]  Ferhat Khendek,et al.  Test Selection Based on Finite State Models , 1991, IEEE Trans. Software Eng..

[108]  Santosh K. Shrivastava,et al.  The Design and Implementation of Arjuna , 1995, Comput. Syst..

[109]  William H. Sanders,et al.  Specification and construction of performability models , 1993 .

[110]  Richard R. Muntz,et al.  A Methodology for the Specification and Generation of Markov Models* , 2021 .

[111]  Rick Kazman,et al.  A Software Architecture Reconstruction Method , 1999, WICSA.

[112]  Karama Kanoun,et al.  Dependability Evaluation of a Distributed Shared Memory Multiprocessor System , 1999, EDCC.

[113]  D.P. Siewiorek,et al.  A case study of C.mmp, Cm*, and C.vmp: Part I—Experiences with fault tolerance in multiprocessor systems , 1978, Proceedings of the IEEE.

[114]  K. Mani Chandy,et al.  Parallel program design - a foundation , 1988 .

[115]  Kenneth P. Birman,et al.  Replication and fault-tolerance in the ISIS system , 1985, SOSP '85.

[116]  K. Miller,et al.  Interface robustness for COTS-based systems , 1997 .

[117]  Hélène Waeselynck,et al.  STATEMATE applied to statistical software testing , 1993, ISSTA '93.

[118]  Jeff Magee,et al.  Composing distributed objects in CORBA , 1997, Proceedings of the Third International Symposium on Autonomous Decentralized Systems. ISADS 97.

[119]  Barbara Liskov,et al.  Distributed programming in Argus , 1988, CACM.

[120]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[121]  Andreas Reuter,et al.  Transaction Processing: Concepts and Techniques , 1992 .

[122]  Ravishankar K. Iyer,et al.  DEFINE: a distributed fault injection and monitoring environment , 1994, Proceedings of IEEE Workshop on Fault-Tolerant Parallel and Distributed Systems.

[123]  Priya Narasimhan,et al.  The Interception Approach to Reliable Distributed CORBA Objects , 1997, COOTS.

[124]  C LuckhamDavid,et al.  Specification and Analysis of System Architecture Using Rapide , 1995 .

[125]  Nicolas Halbwachs,et al.  Automatic testing of reactive systems , 1998, Proceedings 19th IEEE Real-Time Systems Symposium (Cat. No.98CB36279).

[126]  Barry W. Johnson,et al.  A Fault Injection Technique for VHDL Behavioral-Level Models , 1996, IEEE Des. Test Comput..

[127]  Jeffrey M. Voas,et al.  Certifying Off-the-Shelf Software Components , 1998, Computer.

[128]  Juha Kuusela Architectural Evolution , 1999, WICSA.

[129]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[130]  Michael D. Ernst,et al.  Computer Aided Verification , 2016, Lecture Notes in Computer Science.

[131]  Valérie Issarny,et al.  The Role of Software Architecture in Constraining Adaptation in Component-Based Middleware Platforms , 2000, Middleware.

[132]  Pattie Maes,et al.  Concepts and experiments in computational reflection , 1987, OOPSLA '87.

[133]  Jean-Claude Laprie,et al.  Qualitative and Quantitative Reliability Assessment , 1997, IEEE Softw..

[134]  Mladen A. Vouk,et al.  On operational availability of a large software-based telecommunications system , 1992, [1992] Proceedings Third International Symposium on Software Reliability Engineering.

[135]  Timothy Fraser,et al.  Hardening COTS software with generic software wrappers , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[136]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1983, PODS '83.

[137]  Shigeru Chiba,et al.  A metaobject protocol for fault-tolerant CORBA applications , 1998, Proceedings Seventeenth IEEE Symposium on Reliable Distributed Systems (Cat. No.98CB36281).

[138]  Kishor S. Trivedi,et al.  THE SYSTEM AVAILABILITY ESTIMATOR , 1996 .

[139]  Malathi Veeraraghavan,et al.  Reliability modeling: an overview for system designers , 1991, Computer.

[140]  Jan Tretmans,et al.  A Formal Approach to Conformance Testing , 1993, Protocol Test Systems.

[141]  Flaviu Cristian,et al.  Exception Handling and Tolerance of Software Faults , 1995 .

[142]  Somesh Jha,et al.  Model checking algorithms for the µ-calculus , 2000, Proof, Language, and Interaction.

[143]  Daniel Jackson Automating first-order relational logic , 2000, SIGSOFT '00/FSE-8.

[144]  Daniel P. Siewiorek,et al.  Automated robustness testing of off-the-shelf software components , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[145]  Jean Arlat,et al.  Fault Injection for Dependability Validation: A Methodology and Some Applications , 1990, IEEE Trans. Software Eng..

[146]  Daniel Le Métayer,et al.  CASTING: a formally based software test generation method , 1997, First IEEE International Conference on Formal Engineering Methods.

[147]  Mary Jean Harrold,et al.  Testing: a roadmap , 2000, ICSE '00.

[148]  Navjot Singh,et al.  Reliability testing of applications on Windows NT , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[149]  Philippe Krutchen,et al.  Architectural blueprints--the '4+1' view model of software architecture , 1995 .

[150]  Hélène Waeselynck,et al.  A Case Study in Statistical Testing of Reusable Concurrent Objects , 1999, EDCC.

[151]  Daniel Le Métayer,et al.  Software architecture styles as graph grammars , 1996, SIGSOFT '96.

[152]  Brian Randell,et al.  Process Structuring , 1973, CSUR.

[153]  Rocco De Nicola,et al.  Testing Equivalences for Processes , 1984, Theor. Comput. Sci..

[154]  Kishor S. Trivedi,et al.  A Decomposition Approach for Stochastic Reward Net Models , 1993, Perform. Evaluation.

[155]  Richard N. Taylor,et al.  A language and environment for architecture-based software development and evolution , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[156]  D. A. Rennels,et al.  Fault-tolerance experiments with the JPL STAR computer. , 1972 .

[157]  Marie-Claude Gaudel,et al.  Software testing based on formal specifications: a theory and a tool , 1991, Softw. Eng. J..

[158]  Gustavo Alonso,et al.  Flexible exception handling in the OPERA process support system , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[159]  Robert L. Nord,et al.  Describing Software Architecture with UML , 1999, WICSA.

[160]  Douglas C. Schmidt,et al.  Constructing reliable distributed communication systems with CORBA , 1997, IEEE Commun. Mag..

[161]  David Nowak,et al.  A Unifying Approach to Data-Independence , 2000, CONCUR.

[162]  Daniel P. Siewiorek,et al.  Workload, Performance, and Reliability of Digital Computing Systems. , 1980 .

[163]  Jean-Bernard Stefani,et al.  Jonathan: an open distributed processing environment in Java , 1999, Distributed Syst. Eng..

[164]  Shing-Chi Cheung,et al.  Checking subsystem safety properties in compositional reachability analysis , 1996, Proceedings of IEEE 18th International Conference on Software Engineering.

[165]  Shigeru Chiba,et al.  A metaobject protocol for C++ , 1995, OOPSLA.

[166]  Kang G. Shin,et al.  Fault Injection Techniques and Tools , 1997, Computer.

[167]  Jean-Claude Laprie,et al.  Trend Analysis , 1996, The SAGE Encyclopedia of Research Design.

[168]  Martin Peschke,et al.  Design and Validation of Computer Protocols , 2003 .

[169]  Jean Arlat,et al.  Validation-based development of dependable systems , 1999, IEEE Micro.

[170]  Irfan Zakiuddin Current Limits for Exploiting Automated Verification , 1999, PDPTA.

[171]  Javier Campos,et al.  On state space decomposition for the numerical analysis of stochastic Petri nets , 1999, Proceedings 8th International Workshop on Petri Nets and Performance Models (Cat. No.PR00331).

[172]  David H. Pitt,et al.  The Derivation of Conformance Tests from LOTOS Specifications , 1990, IEEE Trans. Software Eng..

[173]  Kishor S. Trivedi,et al.  Componentwise decomposition for an efficient reliability computation of systems with repairable components , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[174]  Jean-Charles Fabre,et al.  Implementing a reflective fault-tolerant CORBA system , 2000, Proceedings 19th IEEE Symposium on Reliable Distributed Systems SRDS-2000.

[175]  Pierre Wolper,et al.  Verifying Systems with Infinite but Regular State Spaces , 1998, CAV.

[176]  Marc Bouissou The FIGARO dependability evaluation workbench in use: Case studies for fault-tolerant computer systems , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[177]  I. Bey,et al.  Delta-4: A Generic Architecture for Dependable Distributed Computing , 1991, Research Reports ESPRIT.

[178]  Jean Arlat,et al.  MAFALDA: Microkernel Assessment by Fault Injection and Design Aid , 1999, EDCC.

[179]  Frank Feather,et al.  A case study of Ethernet anomalies in a distributed computing environment , 1990 .

[180]  Michael R. Lyu,et al.  Handbook of software reliability engineering , 1996 .

[181]  Frances Paulisch,et al.  Software Architecture at Siemens: The challenges, our approaches, and some open issues , 1999, WICSA.

[182]  Matt Bishop,et al.  Property-based testing: a new approach to testing for assurance , 1997, SOEN.

[183]  Sean J. Harnedy Total SNMP: Exploring the Simple Network Management Protocol , 1994 .

[184]  Phyllis G. Frankl,et al.  The ASTOOT approach to testing object-oriented programs , 1994, TSEM.

[185]  Michael Goldsmith,et al.  Hierarchical Compression for Model-Checking CSP or How to Check 1020 Dining Philosophers for Deadlock , 1995, TACAS.

[186]  Alan Wood,et al.  Predicting Client/Server Availability , 1995, Computer.

[187]  Ravishankar K. Iyer,et al.  Analyze-NOW-an environment for collection and analysis of failures in a network of workstations , 1996, Proceedings of ISSRE '96: 7th International Symposium on Software Reliability Engineering.

[188]  Daniel P. Siewiorek,et al.  Measuring Software Dependability by Robustness Benchmarking , 1997, IEEE Trans. Software Eng..

[189]  Jean Arlat,et al.  Formal specification for building robust real-time microkernels , 2000, Proceedings 21st IEEE Real-Time Systems Symposium.

[190]  Daniel G. Bobrow,et al.  Book review: The Art of the MetaObject Protocol By Gregor Kiczales, Jim des Rivieres, Daniel G. and Bobrow(MIT Press, 1991) , 1991, SGAR.

[191]  Mark Sullivan,et al.  A comparison of software defects in database management systems and operating systems , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[192]  José M. Troya,et al.  Specification and Refinement of Dynamic Software Architectures , 1999, WICSA.

[193]  Leonard J. Bass,et al.  SAAM: a method for analyzing the properties of software architectures , 1994, Proceedings of 16th International Conference on Software Engineering.

[194]  Aniruddha S. Gokhale,et al.  DOORS: towards high-performance fault tolerant CORBA , 2000, Proceedings DOA'00. International Symposium on Distributed Objects and Applications.

[195]  J. Arlat,et al.  Assessment of COTS microkernels by fault injection , 1999, Dependable Computing for Critical Applications 7.

[196]  John A. Clark,et al.  Automated program flaw finding using simulated annealing , 1998, ISSTA '98.

[197]  Jean Arlat,et al.  Building dependable COTS microkernel-based systems using MAFALDA , 2000, Proceedings. 2000 Pacific Rim International Symposium on Dependable Computing.

[198]  José de Oliveira Guimarães,et al.  Reflection for Statically Typed Languages , 1998, ECOOP.

[199]  F. Jones,et al.  Qualitative and Quantitative , 2014 .

[200]  H. Garcia-Molina,et al.  Sagas , 1987, SIGMOD Conference.

[201]  Rachid Guerraoui,et al.  Implementation of the GARF replicated objects platform , 1995, Distributed Syst. Eng..

[202]  Henrique Madeira,et al.  Xception: A Technique for the Experimental Evaluation of Dependability in Modern Computers , 1998, IEEE Trans. Software Eng..

[203]  P. Krutchen,et al.  The Rational Unified Process: An Introduction , 2000 .

[204]  Les Cottrell,et al.  The PingER project: active Internet performance monitoring for the HENP community , 2000, IEEE Commun. Mag..

[205]  D. Powell Failure mode assumptions and assumption coverage , 1992, [1992] Digest of Papers. FTCS-22: The Twenty-Second International Symposium on Fault-Tolerant Computing.

[206]  David Garlan,et al.  Formal modeling and analysis of the HLA component integration standard , 1998, SIGSOFT '98/FSE-6.

[207]  Jean Arlat,et al.  MetaKernels and fault containment wrappers , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).