Conceptual Models for the Reliability of
Diverse
Systems - New Results
by Peter Popov and Lorenzo Strigini presented at the 28-th annual
Symposium
on Fault-Tolerant Computing (FTCS'28), Munich, Germany, June 1998. The
full text of the paper is available for download in .pdf
format. The abstract is given below.
Abstract
We address problems in modelling the reliability of multiple-version
software,
and present models intended to improve the understanding of the various
ways failure dependence between versions can arise. The previous
models,
by Eckhardt and Lee and by Littlewood and Miller, described what
behaviour
could be expected "on average" from a randomly chosen pair of
"independently
generated" versions. Instead, we address the problem of predicting the
reliability of a specific pair of versions. The concept of "variation
of
difficulty" between situations to which software may be subject is
central
to the previous models cited. We show that it has even more
far-reaching
implications than previously found. In particular, we consider the
practical
implications of two phenomena: varying probabilities of failure over
input
sub-domains or operating regimes; and positive correlation between
successive
executions of control software. Our analysis provides some practical
advice
for regulators, and useful insight into non-intuitive aspects of the
failure
process of diverse software.
Estimating Bounds on the Reliability of
Diverse Systems
by Peter Popov, Lorenzo Strigini, John May and Silke Kuball is a
substantially enhanced version of the FTCS-98 paper, "Estimating
Bounds on the Reliability of Diverse Systems". It has been accepted
for publication in IEEE Transactions on Software Engineering. The full
text in .pdf is accessible provided the
IEEE copyright retrictions are respected. The abstract is given below.
Abstract
We address the problems of estimating the reliability of
multiple-version
software, and improve the understanding of the various ways failure
dependence
between versions can arise. Specifically, we step from the previous
conceptual
models, which described what behaviour could be expected "on average"
from
a randomly chosen pair of "independently generated" versions to
predictions
using specific information about a given pair of versions. The concept
of "variation of difficulty" between situations to which software may
be
subject is central to the previous models cited. We show that it has
more
far-reaching implications than previously found.
We show the practical implications of varying probabilities of failure
over input subdomains or operating regimes. A direct practical gain for
designers, users and regulators is the possibility of estimating upper
and lower bounds on the reliability of a two-versions system. In
certain
circumstances these will be narrower than could be estimated with other
methods.
Page maintained by: Peter
Popov
Last modified 3 July 2002.