T.AndersonandP.A.Lee.Fault Tolerance: Principles and Practice. Prentice-Hall, 1981.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....to their dependability properties [12, 14] The work of Guerra et al.[6] presents a structuring concept for the incorporation of an exception handling mechanism in component based systems, at the architectural level. This notion is based on the concept of the Idealised FaultTolerant Component(IFTC)[1]. The IFTC separates the abnormal (fault tolerance measures) activities of a system from its normal activity. Upon the receipt of a service request, an IFTC produces three types of responses: normal responses in case the request is successfully processed, interface exceptions in case the request ....

....is the only one we know of which describes means for supporting the construction of fault tolerant C2 applications. It presents the concept of Multi Version Connector, a mechanism created to permit the reliable upgrade of software components in a configuration, by means of design diversity[1]. Our main contribution is the construction of a framework which supports an architectural level EHS. In componentbased development, source code for the components which make up a system might not be available, specially if third party components are employed. Hence, it is not possible to ....

T. Anderson and P. A. Lee. Fault Tolerance: Principles and Practice. Prentice-Hall, 2nd edition, 1990.

....activities. The usual tool employed in both research and practice to achieve this goal is atomic actions. The activity of a group of components or objects constitutes an atomic action if there are no interactions between that group and the rest of the system for the duration of the activity [LA90] An atomic action provides an abstraction that allows the programmer to group a set of operations on objects into a logical execution unit. It can also provide a way of gluing multiple execution threads together and enclosing both their normal and their recovery activities. The coordinated ....

P. A. Lee and T. Anderson. Fault Tolerance: Principles and Practice. PrenticeHall, second edition, 1990.

....because they are directly relevant to MAFTIA and its philosophy for addressing the issues of intrusion tolerance. MAFTIA, as in DELTA 4, applies the principles of fault tolerance to achieve its lines of defence against adversaries; namely, error processing [Avizienis 1967] and fault treatment [Anderson Lee 1981]. Error processing (comprising error detection, damage detection, damage confinement, and error recovery) is aimed at removing errors from the computational state, if possible, before failure occurrence. Fault treatment is aimed at preventing previous faults from being exploited, and thereby ....

T. A. Anderson and P. A. Lee, Fault Tolerance -- Principles and Practice, Prentice-Hall, 1981.

....two technologies: software fault tolerance and distributed functional languages, and we brie y locate our work within these elds. 2.1 Fault Tolerance We focus on software techniques for fault tolerance within a single application constructed in a conventional language. A fault tolerant system [LA90, Mil90, Lap99] contains mechanisms to cope with faults that remain or develop within it. These faults can be classi ed into anticipated faults and unanticipated faults. An anticipated fault is one that has a mechanism in the system to deal with it. An unanticipated fault has no such mechanism, ....

....must continue to function, dealing with references to the now defunct PE. This implies that each PE must acquire a global picture of the system. Some related areas outside the scope of this paper are as follows. Fault prevention is the process of engineering the system to avoid and remove faults [LA90] We do not consider multi component systems where the failure of one component may induce failures in another, e.g. a database failure may cause a program failure. We do not consider coarsegrain replication of hardware, software, data and computation, as for example in Tandem NonStop technology ....

[Article contains additional citation context not shown here]

P.A. Lee and T. Anderson. Fault Tolerance Principles and Practice. SpringerVerlag, 2nd edition, 1990.

....on the latter approach. Concurrent systems can be classified into cooperative systems, where individual components collaborate, share results and work for a common goal, and competitive systems, where the individual components are not aware of each other and compete for shared resources [4]. Many researchers view all object oriented systems as inherently concurrent, since objects themselves are naturally concurrent entities. In reality, concurrency adds a new dimension to system structure and design. Concurrent systems are extremely difficult to understand, design, analyze ....

P. A. Lee and T. Anderson: "Fault Tolerance - Principles and Practice". In Dependable Computing and Fault-Tolerant Systems, Springer Verlag, 2 ed., 1990.

....Section 7 concludes the paper. 2 Structuring Framework for Implementing Fault Tolerant Software We define a software system as a set of components which interact under the control of a design, and view the components themselves as systems at a lower level of abstraction in their own right [Lee Anderson 1990]. In order to ease the task of constructing a faulttolerant software system and control its complexity we believe it is crucial to separate different concerns properly. Our aim is that the users of fault tolerant components (or FTC Users) should be responsible only for developing their own ....

....difficulty, we use pattern techniques [Gamma et al. 1995] to document existing and well proven experience, including our own experience in implementing a generic scheme for software fault tolerance [Xu et al. 1995b] 2. 1 Idealized Fault Tolerant Components An idealized fault tolerant component [Lee Anderson 1990] is a (well defined) component which includes both normal and abnormal responses in the interface between interacting components, in a framework that minimizes the impact of fault tolerance (e.g. extra redundancy) on system complexity (see Figure 1) An interface exception is signalled when the ....

[Article contains additional citation context not shown here]

P.A. Lee and T. Anderson. Fault Tolerance: principles and practice, Second Edition, Springer-Verlag, 1990.

....is used whenever data values from a program execution are saved so that they can be used in a later execution. Software fault tolerance mechanisms based on backward error recovery use persistence to provide state restoration in case of computer crashes or errors caused by software design faults [1]. Transaction durability [2] is often achieved using persistence techniques. How the data is saved and what kind of storage medium is used for that purpose depends on the applications demands and can vary considerably from one application to another. Unfortunately, widely used object oriented ....

.... can be implemented in a stronger form to support fault tolerance of different sorts, including tolerating software design faults (bugs) for instance by using the recovery block scheme [15] or tolerating faults of the underlying hardware, for instance by using checkpoints or recovery points [1]. To apply persistence properly and to choose the suitable storage type, the application programmer has to identify the fault assumptions and to know the reliability of the storage devices which can be used. This is why among the different non volatile storage devices, we distinguish stable and ....

Lee, P. A.; Anderson, T.: "Fault Tolerance - Principles and Practice". In Dependable Computing and FaultTolerant Systems, volume 3, Springer Verlag, 2nd ed., 1990.

....4.1 Cooperation vs. Competition Concurrent systems can be classified into cooperative systems, where individual components collaborate, share results and work for a common goal, and competitive systems, where the individual components are not aware of each other and compete for shared resources [10, 11, 12]. Programming languages address collaboration and competition by providing means for communication and synchronization among threads. This can be done by using shared objects, also called monitors [13, 14] Typically, two forms of synchronization are considered: mutual exclusion and condition ....

Lee, P. A.; Anderson, T.: "Fault Tolerance - Principles and Practice". In Dependable Computing and Fault-Tolerant Systems, Springer Verlag, 2 ed., 1990.

....for obtaining trustworthy systems. One of these approaches is fault tolerance, which is associated with the ability of a system to deliver services according with its specification in spite the presence of faults [12] In this paper, we employ the concept of idealized fault tolerant component [1] for describing fault tolerant component based systems, at the architectural level. For representing software systems at the architectural level, we have chosen the C2 architectural style for its ability to incorporate heterogeneous off the shelf components [15] However, this ability of ....

....conditions and fault tolerance mechanisms. The aim is to structure, at the architecture level, fault tolerant component based systems that use off the shelf components. For that, we define an idealized C2 component with structure and behaviour equivalent to the idealized fault tolerant component [1]. This idealized C2 component can then be used as a building block for a system of design patterns that implement the idealized fault tolerant component for concurrent distributed systems [5] The rest of this paper is structured as follows. Section 2 gives a brief overview of fault tolerance and ....

[Article contains additional citation context not shown here]

T. Anderson, and P. A. Lee. Fault Tolerance: Principles and Practice. Prentice-Hall, 1981.

....it would make sense to transition to state R 2 in order to restrict access and protect the most valuable clients. 6. Survivability and FaultTolerance 6.1. The Role of Fault Tolerance The informal notion of an event that causes damage which we have used is referred to formally as a fault [1]. In many cases, systems are built using techniques of replication so that the effects of a fault do not affect the system s external behavior. Such faults are said to be masked. Usually for Figure 2. Survivability specification example. 2 Industry Gov t 1 Preferred 4 Gov t Bonds 5 ....

Anderson, T. and P. Lee. Fault Tolerance: Principles and Practice. Prentice Hall, Englewood Cliffs, NJ, 1981.

....The development of fault tolerant techniques was driven by the need for ultra high availability, reduced maintenance costs, and long life applications to ensure systems can continue to function in spite of faults occurring. The implementation of a fault tolerant mechanism requires four stages [3]: 1) Detection of the error, 2) Confinement of the error, to prevent propagation through the system, 3) Error recovery, to remove the error from the system, 4) Fault treatment and continued system service, to repair and return the system to normal operation. We deal with the detection of ....

P.A.Lee, T.Anderson, Fault Tolerance Principles and Practice, SpringerVerlag, 2 nd ed. 1990.

....one example. It is presumed that fault tolerance, which is one way of achieving high dependability, will be employed in such devices. Several methods of fault tolerance require that a fault be detected before bringing fault tolerance measures to bear on it. One salient example is recovery blocks [2] [3] Fault detection, therefore, is an essential first step in achieving dependability. If the detector is not reliable, the fault tolerating mechanisms will not be effective, because they will not be activated. Faults can be detected either explicitly or implicitly. When a fault is detected ....

Peter A. Lee and Tom Anderson, Fault Tolerance: Principles and Practice, Springer--Verlag, Vienna, Austria, second edition, 1990.

....an attack that cannot be completely repelled. It means that intrusion tolerance picks up where intrusion resistance leaves off. The four phases that form the basis for all fault tolerance techniques are error detection, damage assessment, error recovery, and fault treatment and continued service [11]. These can and should be the basis for the design and implementation of an intrusion tolerant system. Strategies for detecting attacks and assessment of damage include intrusion detection (i.e. anomaly based and signature based detection) logging, and auditing. If the probing that precedes the ....

P.A.Lee and T.Anderson. Fault Tolerance: Principles and Practice. Springer Verlag, 1990.

No context found.

T.AndersonandP.A.Lee.Fault Tolerance: Principles and Practice. Prentice-Hall, 1981.

No context found.

P.A. Lee, T. Anderson. Fault Tolerance: Principles and Practice. Springer-Verlag. 1991

No context found.

T. Anderson and P.A. Lee, Fault Tolerance: Principles and Practice, Prentice-Hall, Englewood Cliffs, N.J. (1981).

No context found.

T. Anderson, P. A. Lee. Fault Tolerance: Principles and Practice. Prentice-Hall, 1981.

No context found.

T. Anderson and P.A. Lee, Fault Tolerance: Principles and Practice, Prentice Hall, 1981.

No context found.

T. Anderson, P. A. Lee. Fault Tolerance: Principles and Practice. Prentice-Hall, 1981.

No context found.

T. Anderson and P.A. Lee. Fault Tolerance: Principles and Practice, Prentice Hall, 1981.

No context found.

P.A. Lee and T. Anderson. Fault Tolerance Principles and Practice. SpringerVerlag, 2nd edition, 1990.

No context found.

T. Anderson and P. A. Lee. Fault-Tolerance: Principles and Practice (Second, revised edition). Springer-Verlag, Vienna, Austria, 1990.

No context found.

T. Anderson and P. A. Lee. Fault Tolerance: Principles and Practice. Prentice-Hall, 2nd edition, 1990.

No context found.

Lee, P., and Anderson, T., 1981, Fault Tolerance: Principles and Practice, SpringerVerlag, New York.

No context found.

Anderson, T. and P. Lee. Fault Tolerance: Principles and Practice. Prentice Hall, Englewood Cliffs, NJ, 1981.

First 50 documents  Next 50

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC