Software Dependability

What is software dependability?

Trusting that the software will do its job.

Why is software dependability important?

1. System failures affect people.

2. Users reject unreliable systems.

3. System failures are costly.

4. Undependable systems cause information loss.

How do you measure reliablity?

1. Probability of failure on demand.

2. Rate of occurrence of failures.

3. Mean time to failure.

4. Availability.

What are attributes of dependability?

1. Availability.

2. Reliability.

3. Safety.

4. Confidentiality.

5. Integrity.

6. Maintainability.

What is the availability attribute?

The service provide is ready for use when invoked.

What is the reliability attribute?

How likely the system performs correctly over a set time.

What is the safety attribute?

Will the system blow rockets up or dial up radiation doses?!

What is the confidentiality attribute?

Prevents unauthorised access to sensitive information.

What is the integrity attribute?

Ensures information is not altered or deleted improperly.

What is the maintainability attribute?

Likelihood of repairing a system within a given time.

What are error detection and recovery methods?

1. Graceful degradation.

2. Redundancy.

3. Diversity.

What is graceful degradation?

Enable the system to operate, possibly in a reduced capacity, in the event of a failure of one of its components. e.g. "backup server or take some services offline".

What is redundancy?

Spare capacity is included in a system that can be used if part of the system fails.

What is diversity?

Redundant components of the system are of different types, so they are less likely to fail in the same way. e.g. "changing the way things work".

What are dependable system architectures?

System architectures designed to be dependable.

What is the protection system architecture?

Specialised system associated with another system that monitors the main system and performs actions should a fault be detected.

What is the self-monitoring architecture?

Computations carried out on separate channels and then compared, if outputs are different a failure is flagged. Hardware and software of each channel should be diverse.

What is the N-version programming architecture?

Multiple units made by different teams under the same specification and each version is executed with outputs compared. Impractical due to increased cost.