1 / 16

Dependability

Dependability. How much can you trust your program? How important is it that you trust your program? Note : Usefulness and trustworthiness are not the same thing. . Dependability. Availability How likely that system will be up and running?. Reliability

shelby
Download Presentation

Dependability

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dependability • How much can you trust your program? • How important is it that you trust your program? • Note: Usefulness and trustworthiness are not the same thing. Critical Systems and Dependability

  2. Dependability • Availability • How likely that system will be up and running? • Reliability • How likely that system behaves correctly? • Safety • How likely is system to cause damage? • Security • How likely can system defend against accidental or deliberate intrusion? Critical Systems and Dependability

  3. Cost/dependability curve C o s t Dependability L o w M e d i u m H i g h V e r y U l t r a - h i g h h i g h Critical Systems and Dependability

  4. Dependability vs. Performance • High levels of dependability often achieved at expense of performance • Justification: • Undependable critical systems won’t be used • Cost of system failure very high • Data integrity/reliability very important • Dependability hard to retrofit • Possible to compensate for performance deficit Critical Systems and Dependability

  5. Critical Systems • Systems where failures can result in physical damage, threats to life, significant economic damage • Safety-critical systems • Mission-critical systems • Business-critical systems • Software only one “link in the chain” • hardware • human operator Critical Systems and Dependability

  6. Availability and Reliability • Both can be quantified as probabilities • Reliability assumes availability, but might have different requirements, owing to: • reboot time • perceptions Critical Systems and Dependability

  7. Availability and Reliability • ReliabilityThe probability of failure-free operation over a specified time in a given environment for a specific purpose • AvailabilityThe probability that a system, at a point in time, will be operational and able to deliver the requested services Critical Systems and Dependability

  8. Reliability and context • Perception of reliability influenced by: • patterns of use • human perceptions • situations where failures occur Critical Systems and Dependability

  9. Reliability Terminology • System failure • when system doesn’t deliver user-expected service • System error • when system doesn’t behave to spec • System fault • incorrect system state • Human error or mistake • source of error is human behavior Critical Systems and Dependability

  10. Improving Reliability • Fault Avoidance • Conservative programming idioms • Fault Detection and Removal • Rigorous testing • Fault Tolerance • Designing system to recover gracefully from runtime faults Critical Systems and Dependability

  11. Number of Bugs != Unreliability • Removing 60% of product defects improved reliability only 3% [Mills (1987)] • It’s how often the bugs are tickled that matters • and unfortunately, this could relate to user behavior Critical Systems and Dependability

  12. Safety and Security • Harder to quantify than reliability or availability • Process strategies • avoidance • detection and removal • limitation of influence Critical Systems and Dependability

  13. Safety How likely is system to cause damage? A system can be reliable but still not 100% safe: • incomplete specification • hardware malfunction • (human) operator error Critical Systems and Dependability

  14. SafetyProcess Strategies • Hazard Avoidance • Defending against occurrence of hazards(e.g., traffic restrictions) • Hazard Detection/Removal • Noticing/reacting to dangerous conditions(e.g., restricting/denying access) • Damage Limitation • Additional system features to minimize extent of damage (fail-safes) Critical Systems and Dependability

  15. Security • Types of damage attributed to security failures: • Denial of service • Corruption of programs or data • Disclosure of confidential info Critical Systems and Dependability

  16. SecurityProcess Strategies • Vulnerability Avoidance • Direct defense against attack(e.g., denying external access) • Attack Detection/Neutralization • Noticing/reacting to potential attacks before security is compromised(e.g., virus checker) • Exposure Limitation • Additional system features to minimize extent of damage (e.g., system backups) Critical Systems and Dependability

More Related