Laprie, J. C. (1989). Dependability: a unifying concept for reliable computing and fault tolerance. In Anderson, T., editor, Dependability of Resilient Computers, chapter 1, pages 1--28. Blackwell Scientific Publications, Oxford.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....for this kind of systems [24] alternative approaches have to be sought in order for obtaining trustworthy systems. One of these approaches is fault tolerance, which is associated with the ability of a system to deliver services according with its specification in spite the presence of faults [12]. In this paper, we employ the concept of idealized fault tolerant component [1] for describing fault tolerant component based systems, at the architectural level. For representing software systems at the architectural level, we have chosen the C2 architectural style for its ability to ....

J. C. Laprie. Dependability: A Unifying Concept for Reliable Computing and Fault Tolerance, chapter 1, pages 1--28. Blackwell Scientific Publications Ltd., 1989.

....and hardware are often used. However implemented, we require that safety critical systems are dependable. There are many terms associated with dependability, and considerable international effort has been expended to standardize these [83] The accepted definition of the overall concept is [82]: Dependability is that property of a computing system which allows reliance to be justifiably placed on the service it delivers. The life of a system is perceived by its users as an alternation between proper and improper service. Delivery of proper service (service which adheres to specified ....

....service. Delivery of proper service (service which adheres to specified requirements) is normally termed correctness. Therefore a correct system is not necessarily a dependable system. Dependabilityisanoverall property which has other measures such as safety, reliability and availability. Laprie [82] defines these terms as follows: Safety is a measure of the continuous delivery of service free from occurrences of catastrophic failures. Reliability is a measure of the continuous delivery of proper service (where service is delivered according to specified conditions) or equivalently of the ....

[Article contains additional citation context not shown here]

LAPRIE, J.C.: `Dependability: a unifying concept for reliable computing and fault tolerance ' in ANDERSON, T. (Ed.): `Dependability of Resilient Computers', chapter 1 (Blackwell Scientific Publications, Oxford, 1989) pp. 1--28

....and hardware are often used. However implemented, we require that safety critical systems are dependable. There are many terms associated with dependability, and considerable international effort has been expended to standardize these [75] The accepted definition of the overall concept is [74]: Dependability is that property of a computing system which allows reliance to be justifiably placed on the service it delivers. The life of a system is perceived by its users as an alternation between proper and improper service. Delivery of proper service (service which adheres to specified ....

....service. Delivery of proper service (service which adheres to specified requirements) is normally termed correctness. Therefore a correct system is not necessarily a dependable system. Dependabilityisanoverall propertywhich has other measures suchassafety, reliability and availability. Laprie [74] defines these terms as follows: Safety is a measure of the continuous delivery of service free from occurrences of catastrophic failures. Reliability is a measure of the continuous delivery of proper service (where service is delivered according to specified conditions) or equivalently of the ....

[Article contains additional citation context not shown here]

LAPRIE, J.C.: `Dependability: a unifying concept for reliable computing and fault tolerance ' in ANDERSON, T. (Ed.): `Dependability of Resilient Computers', chapter 1 (Blackwell Scientific Publications, Oxford, 1989) pp. 1--28

....to prevent covert channels which can be easily implemented by communications between workstations or by a memory channel within a workstation. II. THE DELTA 4 INTRUSION TOLERANT APPROACH An intrusion can be defined as a deliberate interaction fault. The definition of fault is given by [LAP 89] Intrusions can be treated with the same means as for other faults (fault avoidance and fault tolerance) The means used to provide security in architectures described above is intrusion avoidance. On the contrary, the means used in our approach is intrusion tolerance. It is based on the ....

LAPRIE J.C., "Dependability: A Unifying Concept for Reliable Computing and Fault Tolerance", in Dependability of Resilient Computing Systems, Blackwell Scientific Publications, T. Anderson editor, 1989, pp. 1-28.

....with imperfect repair and coverage, unstable queuing systems, and systems with fluctuating workloads. In this paper, a dependability model for evaluation of performance of a manufacturing system is presented. The meaning of dependability here is twofold: 1) system availability and reliability [10]; 2) dependence of the performance of manufacturing system on the performance 1042 296X 97 10.00 1997 IEEE 162 IEEE TRANSACTIONS ON ROBOTICS AND AUTOMATION, VOL. 13, NO. 2, APRIL 1997 of its individual physical subsystems and components. The model considers the task based availability of a ....

J. C. Laprie, and A. Costes, "Dependability: A unifying concept for reliable computing," in Proc. FTCS---12, June 1982, pp. 18--21.

....The operations are executed with an expected behavior, or semantic, and the fault model specifies the effects, if any, of predictable faults upon this behavior. 10 2. 2 Metrics Ultimately, two metrics are used to measure the dependability of computing equipment: reliability and availability [Laprie82] Reliability is the probability that a device will operate without failing for a period of time, t, and is computed as: EQ 2 1) where h(x) is the failure rate or hazard function of the system which specifies the instantaneous failure rate of the device. If a system is known to have a constant ....

....errors from a system fall into two general classes: forward error recovery and backward error recovery. Forward error recovery methods remove the effects of an error by moving the system to a new, corrected state whereas backward error recovery returns the system to a previous state [Lee90c, Laprie82] Perhaps the most popular method of forward correction is simply retrying an operation. This method can be used to correct errors due to the failure of idempotent operations which are the result of a transient fault. Idempotent operations have the property that state changes are not a function ....

Laprie, J. C. and Costes, A. "Dependability: a unifying concept for reliable computing." Proceedings of the 12th International Symposium on Fault-Tolerant Computing (FTCS-12). Los Alamitos, CA: IEEE Computer Society Press. Santa Monica, CA (June 22-24, 1982) 18-21.

....reality: protocols may be correct accordingly to the model, but fail in practice. In order to have a protocol that works correctly, it needs to be correct in the sense that it corresponds to the assumed model, and the model must be correct in the sense that it corresponds to the reality. Coverage [11, 12] is a measure of the representativity of the situations to which a system is submitted during its validation compared to the actual situations it will be confronted with during its operational life. Two different protocols built assuming the same fault model can have different coverage. They will ....

J. C. Laprie. Dependability: A Unifying Concept for Reliable Computing and Fault-Tolerance. In T. Anderson, editor, Dependability of Resilient Computers. BSP Professional Books, 1989.

....reality: protocols may be correct accordingly to the model, but fail in practice. In order to have a protocol that works correctly, it needs to be correct in the sense that it corresponds to the assumed model, and the model must be correct in the sense that it corresponds to the reality. Coverage [10, 11] is a measure of the representativity of the situations to which a system is submitted during its validation compared to the actual situations it will be confronted with during its operational life. Two different protocols built assuming the same fault model can have different coverage. They will ....

J. C. Laprie. Dependability: A Unifying Concept for Reliable Computing and Fault-Tolerance. In T. Anderson, editor, Dependability of Resilient Computers. BSP Professional Books, 1989.

....open systems. An effective design process requires an early validation of the concepts and architectural choices, without wasting time and resources before realising whether the system fulfils its objectives or needs some re design. The early evaluation of system characteristics like dependability [9], timeliness and correctness, is thus, together with other techniques, necessary to assess whether the system being developed satisfies its targets. This is the main objective of the European ESPRIT project HIDE. HIDE aims at the creation of an integrated environment where UML based design ....

J.C. Laprie, "Dependability: a Unifying Concept for Reliable Computing and Fault Tolerance," in "Dependability of Resilient Computers", T. Anderson Ed., BSP Professional Books, 1989, pp. 1-28.

....the design of a variety of systems from small control systems to large and complex open systems. An effective design process should also include an early validation of the concepts and architectural choices underlying system design. The early evaluation of system characteristics like dependability [11], timeliness and correctness, necessary to assess whether the system being developed satisfies its targets, becomes especially important for designing systems supporting critical applications. The validation of designs described using UML is the main objective of the European ESPRIT project HIDE. ....

J.C. Laprie, "Dependability: a Unifying Concept for Reliable Computing and Fault Tolerance," in "Dependability of Resilient Computers", T. Anderson Ed., BSP Professional Books, 1989, pp. 128.

....comes from having multiple sites in the system. This gives fault tolerance even in the absence of persistence. More refined fault tolerance based on persistence and transactions will be added later. 6. 1 The containment principle Fault tolerance is a property that crosses abstraction boundaries [18]. An example will make this clear. Most existing systems (we include applications) do not handle time correctly. What they do is let a lower layer make an irrevocable decision, in the form of a time out that does not let the system continue. Say there is a time out in a lower layer, for example in ....

....of its components. Resource control and security are global issues, i.e. they cross abstraction boundaries [2] just like fault tolerance. The issues must therefore be addressed at each layer. We briefly discuss what can be done in Distributed Oz. Fault tolerance and security have much in common [18], including the reliance on containment and redundancy. But they focus on very different classes of failures. For example, an important part of security is resource control because exhausting resources is a common technique to provoke intentional failures ( denial of service attacks) Resource ....

J. C. Laprie. Dependability: A unifying concept for reliable computing and fault tolerance. In 7th International Conference on Distributed Computing Systems, pages 129--146, September 1987.

....evaluation The main concern in fault tolerance is to determine the minimum amount of redundancy of the right kind required to manage faults in the fault model addressed. For this purpose several measures of fault tolerance have been proposed, the most relevant are reliability and availability [LC82]. The reliability R(t) gives a measure of the continuous operational time of a system, and it is defined as the conditional probability that a system is operational during the interval (0,t) given that it was operational at time t=0. This measure is particularly meaningful in many real time ....

Laprie, J., C. and Coste, A., "Dependability: A Unifying Concept for Reliable Computing", Proceedings of the 12 th Fault Tolerant Computing Symposium, 1982, pp. 18-21.

....to each property, and on an appropriate architecture capable of timing error processing, in order to achieve (timing )fault tolerance. We will address these issues in section 4. For now, let us suggest that it is a realistic scenario to have a bi modal distribution of a given bound, 1 Coverage [12, 15] is a measure of the representativity of the situations to which a system is submitted during its validation compared to the actual situations it will be confronted with during its operational life. where there is a known and very high probability that the system s operational envelope lies ....

J. C. Laprie. Dependability: A Unifying Concept for Reliable Computing and Fault-Tolerance. In T. Anderson, editor, Dependability of Resilient Computers. BSP Professional Books, 1989.

....Techniques from a Real Time Systems Point of View 3 2. Concepts of dependability 2. 1 Introduction Since the dawn of computing a lot of work has been carried out in attempts to produce a precise and rigorous terminology for the area of dependable computing, for example in [Avi75] And82] Kop82][Lap82]. These efforts have been compiled and refined to form the currently accepted basic concepts and terminology as described in [Lap92] The remainder of this section is based on [Lab92] and addresses the basic concepts and terminology of dependability. The subsections go more into detail on the ....

Laprie J.C., Costes A., Dependability: A Unifying Concept for Reliable Computing, Proceedings of the 12 th International Symposium on FaultTolerant Computing, pp. 18-21, 1982

.... These designs fail because: a) although time free by specification, they rely on time, often in the form of timeouts, and are thus prone to timing failures, without taking measures to counter them (because they were not 11 supposed to exist ) b) in consequence, by not ensuring error confinement[28] they sometimes let timing failures contaminate (logical) safety properties 2 . The violation of safety properties, such as having processes choose different values in consensus, because of erroneous timeout based error detection, is well exemplified in [5, 12] The contamination problem was ....

J. C. Laprie. Dependability: A Unifying Concept for Reliable Computing and Fault-Tolerance. In Resilient Computing Systems, volume 2. Collins and Wiley, 1987.

....these have lead to safety related incidents . 2. 1 Safety integrity goals and assurance In this section we discuss the objectives of techniques for producing software with a high degree of safety integrity although following Laprie we more often use the term dependable, or dependability [ Lap86] Also we present some fundamental principles which we believe facilitate the assessment of the contribution to safety of various (alternative) software development techniques. To simplify the discussion we will assume that the system to be produced is to be assessed by some agency independent ....

J-C Laprie. Dependability: A unifying concept for reliable computing and fault tolerance. Technical Report 86.357, LAAS, Toulouse, 1986. To appear in Resilient Computing Systems ed T. Anderson, Collins and Wiley.

.... errors lead to common mode failures, and distinct errors only cause independent failures; 2) all variants have the same probability of fault manifestation (or error) 3) only a single fault type, either independent or related, may appear during the execution of the scheme and no compensation [28] may occur between errors of the variants and of the adjudicator, ie, either an error is detected or it causes an incorrect output; 4) probabilities of independent and related faults are significantly low such that the probability p can be approximated to 1 (as assumed by others in similar ....

....faults are allowed to be arbitrary (descriptions about these models are provided in [17, 27] 3.2. Detailed Reliability and Safety Models We consider in this paper two different but complementary attributes of dependability: the continuity of service and the non occurrence of catastrophic failure [28]. In general, we define software reliability as a measure of the time to failure and its safety as a measure of the time to catastrophic failure [16, 28] The time (or the specified exposure period) in this definition is a relative concept and may mean a single run, a number of runs, or time ....

[Article contains additional citation context not shown here]

J.-C. Laprie, "Dependability: A unifying concept for reliable computing and fault tolerance", Dependability of Resilient Computers (T. Anderson, Ed), 1989, pp 1-28; BSP Professional Books.

....envelope lies within a smaller, normal bound, whereas it can assume, with correspondingly very low probability, a greater worst case bound, in situations of overload, for example. Then, generalizing, nothing prevents the system from being equated around a multi modal distribution. 1 Coverage [10, 11] is a measure of the representativity of the situations to which a system is submitted during its validation compared to the actual situations it will be confronted with during its operational life. Figure 2 exemplifies best what we are talking about, with several bounds for maximum message ....

J. C. Laprie. Dependability: A Unifying Concept for Reliable Computing and Fault-Tolerance. In T. Anderson, editor, Dependability of Resilient Computers. BSP Professional Books, 1989.

....Modern technology now allows the use of computer systems to perform complex control task which are no longer manageable by human operators. Moving control from humans to computers increases the computers importance and criticality. This development forces the designer to deal with dependability [Lap89] aspects and to analyse possible faults and their impact on the system behaviour. Dependability analysis deals with the estimation and analysis of failures and performs a quantitative assessment of the system. A systematic design of systems is normally characterised by close interaction and ....

J. C. Laprie. Dependability: A Unifying Concept for Reliable Computing and Fault Tolerance. In T. Anderson, Editor, Dependability of Resilient Computers, pages 1--28. BSP Professional Books, Oxford, 1989.

....of persistence. More refined fault tolerance based on persistence and transactions will be added later. 10 In the current system, a remote site is started by the Unix remote shell command (rsh) 6. 1 The containment principle Fault tolerance is a property that crosses abstraction boundaries [27]. An example will make this clear. Most existing systems (we include applications) do not handle time correctly. What they do is let a lower layer make an irrevocable decision, in the form of a time out that does not let the system continue. Say there is a time out in a lower layer, for example in ....

....of its components. Resource control and security are global issues, i.e. they cross abstraction boundaries [2] just like fault tolerance. The issues must therefore be addressed at each layer. We briefly discuss what can be done in Distributed Oz. Fault tolerance and security have much in common [27], including the reliance on containment and redundancy. But they focus on very different classes of failures. For example, a crucial part of security is resource control because Network Operating system Network interface OS interface Emulator Operating system Emulator User Oz program Bytecode ....

J. C. Laprie. Dependability: A unifying concept for reliable computing and fault tolerance. In 7th International Conference on Distributed Computing Systems, pages 129--146, September 1987.

....width of a network is the minimum number of wires that have to be removed in order to partition the network into two halves with identical (within Sigma1) number of processors. z Dependability is a generic term used to address reliability, availability, maintainability, and the related issues [2]. Fault tolerant study of mesh connected computers has been primarily focussed on the design and analysis of reconfigurable systems [6 8] Earlier work on reliability of twodimensional mesh structures (processor arrays) approaches the problem from a different perspective [9,10] It uses a ....

J. C. Laprie and A. Costes, "Dependability: A Unifying Concept for Reliable Computing, " FTCS-12, pp. 18-21, June 1982.

No context found.

Laprie, J. C. (1989). Dependability: a unifying concept for reliable computing and fault tolerance. In Anderson, T., editor, Dependability of Resilient Computers, chapter 1, pages 1--28. Blackwell Scientific Publications, Oxford.

No context found.

J.C. Laprie, editor. Dependability: A Unifying Concept for Reliable Computing and Fault Tolerance. Springer-Verlag, 1990.

No context found.

J. C. Laprie. Dependability: A Unifying Concept for Reliable Computing and Fault-Tolerance. In T. Anderson, editor, Dependability of Resilient Computers. BSP Professional Books, 1989.

No context found.

Jean-Claude Laprie. Dependability: A unifying concept for reliable computing and fault tolerance. In 7th International Conference on Distributed Computing Systems, pages 129--146, September 1987.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC