Why ICT Fails and What CeDICT Will Do About It

1. Why ICT Fails and What CeDICT Will Do About It Boudewijn R. HaverkortUniversity of TwenteNIRICT Strategiedag, UtrechtFebruary 12, 2009 Centre for Dependable ICT Systems

2. What is a dependable ICT system? An ICT system is called dependable when reliance can justifiable be placed on the services it delivers A service delivered by an ICT system (in its role as provider) is its behavior as perceived by its users

3. But ICT systems do fail!

4. Why do ICT systems fail? Hardware/physically-induced: • decreasing feature size in hardware components • shift from wired to wireless communication Software/design-induced: • ICT systems are becoming distributed systems, in which the interaction often causes difficulties • ICT systems are more and more software-driven, and software is notoriously not error-free Human & operator induced: • ICT systems are not only used by experts anymore • some humans strive for deliberate failures (attacks) Natural & environmental disasters

5. Why are ICT failures a problem? They form a threat to humans and resources: • mission/operation-critical ICT, e.g., in space or aircraft, but also in modern cars (fly/drive/brake-by-wire), and medical systems, e.g., software-driven radiology equipment • commercially-critical ICT, e.g., e-bay, amazon, with high estimated cost of downtime:- e-bay: 225 K$/hr;- credit-card authorization company: 2.6 M$/hr • infrastructurally-critical ICT forms backbone of most of our critical infrastructures: - electrical power grid & water supply - public and freight transport systems

6. What will CeDICT do about this? The mission of CeDICT is to develop the methods, techniques and tools necessary to design and implement truly dependable ICT systems under cost and resource constraints

7. The “fab four” dependability “means” • fault avoidance: prevent the introduction of faults by improving the design process • fault tolerance: adding redundancy (time, space, information) to avoid service failures • fault removal: find faults (testing, probing, model checking) and remove them, in design and implementation, as well as under operation • fault forecasting: predict faults and future occurrences, through modeling, maintenance and rejuvenation • choice depends on many factors!

8. CeDICT activities so far • has become a partner in the JRU with ESI • core of CeDICT took part in the Smartmix proposal on Dependable Embedded Systems with ESI • workshops in Eindhoven and Utrecht (twice) • partly active in FES2009 ICT proposal • locally, new positions are being filled in • CeDICT is not a brand-name yet!

9. New CeDICT activities needed! • filling all six new chairs at the 3 TU’s • become active in the JRU with ESI • activity needed for 24x7 e-business dependability(partners needed from network and service providers and application fields) • activity needed for critical ICT-driven infrastructures(partners needed from infra-providers, infra-users and ministeries, and ESI (via JRU)) • activities needed for dependable embedded systems with ESI (and in the JRU) • partly covered in FES2009 ICT proposal

10. Conclusions • Dependability of ICT systems is a key economical and societal concern • ICT is everywhere, so chances abound! • CeDICT brings together the expertise & focus to address the design of dependable ICT systems from all necessary angles • But, it is the CeDICT people itself to fill the CeDICT skeleton with meat • Original CeDICT-means have been allocated now, although in different ways at the three TU’s • It is reasonable that OC&W expects to have concrete results out of CeDICT!

11. Actions needed to make CeDICT real! • Setting up joint research projects, really under CeDICT umbrella • Work in cooperation with 3TU partners and ESI for the JRU: research agenda, large national programs (e.g., STW Perspectief), EU-activities, etc. • Publish in key dependability venues like IEEE DSN (www.dsn.org) and IEEE TDSC • Publish, also with CeDICT affiliation, in topical conferences/journals (e.g., on verification, critical infra, embedded systems, etc.) • Increase CeDICT awareness between/at 3TU sites • Reconsideration of the groups to be associated with CeDICT

12. 3TU.CeDICT people • 3TU.NIRICT/CeDICT director: ApersNIRICT-MT: Haverkort, Corporaal, Lagendijk • University of Twente: Haverkort(Depend. Comm.), Van de Pol (Formal Meth.), Hartel (Security), Nauta (IC design), Scanlon/Bentum(SRR) • TU Eindhoven: Van der Aalst (Info. Syst.), Groote (Design. Syst.), Corporaal (Emb. Syst.), Koonen (Broadband Comm.), Etalle (Security), Liotta (Networking) • TU Delft: Van Deursen (Softw. Eng.), Lagendijk (Info. Th.), NN (Comp. Arch.), Van der Veen (Circ. & Syst.), NN (Dep. Ad hoc Netw.), NN (Dep. Multimedia)

13. CeDICT kick-off April 24, 2009, UtrechtCoordination:Jaco vd Pol, Arie van Deursen, Harold Weffers

14. 9.30-10.00 Ontvangst • 10.00-10.15 Opening: Peter Apers (NIRICT) • 10.15-11.00 Keynote: Bill Sanders (UIUC) • 11.00-11.15 Break • 11.15-11.40 CeDICT: Marielle Stoelinga (UT) • 11.40-12.05 CeDICT: Twan Basten (TUe) • 12.05-12.30 Poster pitches • 12.30-13.40 Lunch @ posters • 13.40-14.40 Three NIRICT Lab Presentations/Demos • 14.40-15.05 CeDICT: William Scanlon (UT) • 15.05-15.30 CeDICT: Andy Zaidman (TUD) • 15.30-16.00 Break • 16.00-16.10 JRU ESI-CEDICT: Boudewijn Haverkort (ESI) • 16.10-16.35 ESI: tbd • 16.35-17.20 Industrial Keynote: tbd • 17.20-18.00 Closing & drinks!