A. Avizienis, J.P.J. Kelly, "Fault tolerance by design diversity: concepts and experiments", Computer, vol. 17, no. 8, Aug. 1984, pp. 67-80.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....failures that may be due to external (such as EMI, power supply disturbances and radiation) or internal causes. Common mode failures in redundant VLSI systems are surveyed in [Mitra 00a] Design diversity has been proposed in the past to protect redundant systems against common mode failures. In [Avizienis 84] design diversity was defined as the independent generation of two or more software or hardware elements (e.g. program modules, VLSI circuit masks, etc. to satisfy a given requirement. Design diversity has been applied to both software and hardware systems [Avizienis 77, Lyu 91, Briere 93, ....

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, Aug. 1984.

....the above architecture, we plan to use design diversity while incorporating redundancy in the applications running on the multi threaded processor and the designs mapped to the configurable coprocessor. Design diversity has long been used to protect redundant systems against common mode failures [Avizienis 84] Lala 94] Common mode failures result from failures that affect more than one module of a redundant system at the same time, generally due to a common cause. The conventional notion of diversity relies on independent generation of different implementations. For the configurable coprocessor, ....

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, Aug., 1984.

....[Lala 94] These include operational failures due to external (such as EMI, powersupply disturbances, radiation) or internal causes and design mistakes. CMFs are surveyed in [Mitra 00a] Design diversity was proposed and used in the past to protect redundant systems against common mode failures [Avizienis 84, Briere 93, Riter 95] In [Avizienis 84] design diversity was defined as the independent generation of two or more software or hardware elements (e.g. program modules, VLSI circuit masks, etc. to satisfy a given requirement. The basic idea is that, with different implementations, common ....

....due to external (such as EMI, powersupply disturbances, radiation) or internal causes and design mistakes. CMFs are surveyed in [Mitra 00a] Design diversity was proposed and used in the past to protect redundant systems against common mode failures [Avizienis 84, Briere 93, Riter 95] In [Avizienis 84] design diversity was defined as the independent generation of two or more software or hardware elements (e.g. program modules, VLSI circuit masks, etc. to satisfy a given requirement. The basic idea is that, with different implementations, common failure modes will cause different error ....

Avizienis, A. and J.P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," 1EEE Computer, pp. 67-80, August 1984.

....presented in Sec 8. 2. Previous Work Design diversity has been proposed in the fault tolerance literature to increase the reliability of the system. Design diversity is defined as the independent generation of two or more different software or hardware elements to satisfy a given requirement [Avizienis 84] The main objective of design diversity is to protect redundant system from common mode failures, which are failures that affect more than one module at the same time [Lala 94] Design diversity also has been applied to software systems [Lyu 91] N version programming (NVP) Avizienis 77] Chen ....

Avizienis, A. and J.P.J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, Aug. 1984.

....be due to external (such as EMI, power supply disturbances and radiation) or internal causes and design faults. Commonmode failures in redundant VLSI systems are surveyed in [Mitra 00a] Design diversity has been proposed in the past to protect redundant systems against common mode failures. In [Avizienis 84] design diversity was defined as the independent generation of two or more software or hardware elements (e.g. program modules, VLSI circuit masks, etc. to satisfy a given requirement. Design diversity has been applied to both software and hardware systems [Lyu 91, Briere 93, Riter 95] ....

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, August 1984.

....community to model real faults since it closely matches real faulty behavior. Several approaches to SIHFT have been proposed in the past. Some of them rely on the concept of design diversity, i.e. the independent generation of two or more different software modules to satisfy a given requirement [3]. An example of design diversity is the N Version Programming [4] where different designers develop independent versions of the same program in order to avoid common design errors, and the outputs coming from the different programs are compared to identify un safe behavior. Other approaches to ....

A. Avizienis, J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments", IEEE Computer, Aug. 1984, pp. 67-80.

....mechanisms. For example, in an NVP project, it was proposed to let the decision algorithm employ a gold version (i.e. a version that deserves higher confidence relative to other versions of the same program) as a reference for detecting erroneous voting results caused by related faults [23]. In [13] it was suggested that the secondary (backup) routine in the RB or DRB scheme could use a version that is not as efficient as, but is more reliable than, the primary (active) routine. In contrast with those proposed mechanisms, the MDCD approach enables us to adjust our confidence in a ....

A. Avizienis and J.P.J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," Computer, vol. 17, pp. 67-80, Aug. 1984.

....often correspond to highly elaborate input scenarios. This makes it particularly hard to devise tests for these situations and particularly expensive to run the tests which are devised. The fundamental law of faults. It is useful to make a distinction between faults, errors, and failures (see [1]) A failure is an externally visible incorrect behavior of a system. An error is an incorrect internal state which may or may not be externally detectable as a failure. A fault is a mistake in a program which causes one or more errors and failures. On the surface, the goal of testing is the ....

A. Aviienis & J. Kelly, "Fault-Tolerance by Design Diversity: Concepts and Experiments", IEEE Computer, 17(8):67-80, August 1984.

....issues. For example, in an NVP project, it was proposed that the decision algorithm could employ a gold version (i.e. a version that deserves higher confidence relative to other versions of the same program) as a reference for detecting erroneous voting results caused by related faults [11]. In [12] it was suggested that the secondary (backup) routine in the RB (recovery block) or DRB (distributed recovery block) scheme could use a version that is less efficient, but more reliable, than the primary (active) routine. In contrast with those proposed techniques, the MDCD approach ....

A. Avizienis and J. P. J. Kelly, "Fault tolerance by design diversity: Concepts and experiments," IEEE Computer, vol. 17, pp. 67--80, Aug. 1984.

....provide considerable insight into how reliability is affected by both versions characteristics and the operational environment. 1. Introduction Software fault tolerance relies on the application of design diversity: program versions are independently designed to meet the same system requirements [3], 14] In this paper we analyze the software fault tolerance technique based on N version programming (NVP) first proposed in [2] A consistent set of inputs is supplied to all versions and all N versions are executed in parallel. A decision mechanism must gather the available results from the N ....

....that design diversity will result in software versions that have sufficiently different failure characteristics such that fault tolerant system can provide continued service in the presence of failures of the component versions. Diversity has been introduced in the form of different specifications [3], 4] 14] different programming languages [4] and for different input space distributions [4] All versions were developed independently by different teams, in some studies even by geographical distinct participants [4] 6] 15] 17] Examining the results obtained by the previous ....

A. Avizienis and J. Kelly. Fault tolerance by design diversity: Concepts and experiments. IEEE Computers, pages 67--80, August 1984.

....on the NVP effectiveness. 1 Introduction In this paper we analyze the software fault tolerance technique based on N version programming, first proposed in [2] It relies on the application of design diversity: program versions are independently designed to meet the same system requirements [3], 16] A consistent set of inputs is supplied to all versions and all N versions are executed in parallel. A decision mechanism must gather the available results from the N versions and determine the result to be delivered to the user. If a decision mechanism requires all N versions to produce a ....

....the groundwork for future research directions. The several experimental studies investigated the key assumption that design diversity will result in software versions that have sufficiently different failure characteristics. Diversity has been introduced in the form of different specifications [3], 4] 10] 16] different programming languages [4] 10] and for different distributions of test values over the input space [4] All versions were developed independently by different teams, in some studies even by geographical distinct participants [4] 7] 17] 20] Examining the ....

A.Avizienis, J.Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments", IEEE Computers, Aug 1984, pp. 67 -- 80.

....N versions and determine the result to be delivered to the user. A number of papers devoted to experimental and modeling based analysis of the software fault tolerance have appeared in literature. In the experimental studies diversity has been introduced in the form of different specifications [2], 3] 4] different programming languages [3] and for different distributions of test values over the input space [3] All versions were developed independently by different teams, in some studies even by geographically distinct participants [3] 5] 6] 7] Examining the results obtained by ....

A.Avizienis, J.Kelly, Fault Tolerance by Design Diversity: Concepts and Experiments, IEEE Computers, Aug 1984, 67 -- 80.

....for detecting transient hardware faults. It is of limited use for detecting permanent hardware faults or software faults, though some interesting attempts have been made to extend this technique for these types of faults as well. The next technique that we discuss is N version programming [7][8][25] Here, a specification for a problem is developed, and given to N independent programming teams. Each programming team writes a separate program for the problem. When we want the solution to some instance of the problem, we run each program on the input, and then check that all of the outputs ....

Avizienis, A., and Kelly, J., "Fault Tolerance by Design Diversity: Concepts and Experiments," Computer, vol. 17, pp. 67-80, Aug., 1984.

....over a mission period. 1. Introduction In this paper we analyze the software fault tolerance technique based on N version programming, first proposed in [2] It relies on the application of design diversity: program versions are independently designed to meet the same system requirements [1], 21] A consistent set of inputs is supplied to all N versions that are executed in parallel. A decision mechanism must gather the available results from the versions and determine the result to be delivered to the user. If a decision mechanism requires all N versions to produce a result, a slow ....

....stop version will delay this process indefinitely. In a real time environment such a delay is unacceptable, so a timing constraint is used to ensure that results are delivered in a timely manner. The experimental studies of NVP have introduced diversity in the form of different specifications [1], 26] 21] different programming languages [26] and for different distributions of test values over the input space [26] All versions were developed independently, by different teams, in some studies even by geographically distinct participants [26] 7] 17] 24] These experiments reveal ....

A.Avizienis and J.Kelly. Fault tolerance by design diversity: Concepts and experiments. IEEE Computers, pages 67--80, August 1984.

No context found.

A. Avizienis, J.P.J. Kelly, "Fault tolerance by design diversity: concepts and experiments", Computer, vol. 17, no. 8, Aug. 1984, pp. 67-80.

....The Contribution: Useful Concepts The Call for Participation of ISW 2000 defines information survivability as the ability of a system to continue to fulfill its mission in the presence of attacks, accidents, or failures . This position paper presents two concepts: the design diversity technique [1, 2] and the immune system paradigm [3] that already have been found to be useful in assuring the dependability of mission critical information systems. The above concepts as well as the concept of fault tolerance [3, 4] have originated in the research that the author and his associates have conducted ....

....not offer an advantage. Finally, attacks are not deterred by distribution alone, as long as the nodes are alike. For design faults and attacks we need design diversity in order to prevent node crashes or intrusions of epidemic proportions. 3. The Application of Design Diversity Design diversity [1, 2] is a fundamental approach to the tolerance of design faults. It is applicable to all elements of an information system: hardware, software, communication links, man machine interfaces, design tools, etc. Design diversity is implemented by performing a function in two, three, or more ....

A. Avizienis and J. P. J. Kelly. Fault tolerance by design diversity: concepts and experiments. Computer, 17(8):67--80, August 1984.

No context found.

A. Avizienis and J. P. J. Kelly. Fault-tolerance by design diversity: Concepts and experiments. Computer, 17(8):67--80, August 1984.

No context found.

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, Aug. 1984.

No context found.

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, August 1984.

No context found.

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, August, 1984.

No context found.

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, August 1984.

No context found.

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, August, 1984.

No context found.

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, August, 1984.

No context found.

Avizienis, A. and J. P. J. Kelly, "Fault Tolerance by Design Diversity: Concepts and Experiments," IEEE Computer, pp. 67-80, August, 1984.

No context found.

Avizienis, A. and Kelly, P. J., "Fault Tolerance by Design Diversity: Concepts and Experiments," Computer, 17(8), August 1984, pp. 67--80.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC