Results 1 - 10
of
37
Automatic Detection and Masking of Non-Atomic Exception Handling
- IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
, 2004
"... Developing robust applications is a challenging task. Although modern programming languages like C++ and Java provide sophisticated exception handling mechanisms to detect and correct runtime error conditions, exception handling code must still be programmed with care to preserve application consist ..."
Abstract
-
Cited by 18 (1 self)
- Add to MetaCart
Developing robust applications is a challenging task. Although modern programming languages like C++ and Java provide sophisticated exception handling mechanisms to detect and correct runtime error conditions, exception handling code must still be programmed with care to preserve application consistency. In particular, exception handling is only effective if the premature termination of a method due to an exception does not leave an object in an inconsistent state. We address this issue by introducing the notion of failure atomicity in the context of exceptions and novel techniques to automatically detect and mask non-atomic exception handling. These techniques can be applied to applications written in several different programming languages, and can be used even when the application's source code is not available. We perform experimental evaluation on both C++ and Java applications to demonstrate the effectiveness of our techniques and measure the overhead that they introduce.
Reducing critical failures for control algorithms using executable assertions and best effort recovery
- Proceedings International Conference on Dependable Systems and Networks, DSN 2001, Gothenburg
, 2001
"... Systems that use f+1 computer nodes to tolerate f node failures ordinarily require that the computer nodes have strong failure semantics, i.e. a node should either produce correct results, or no results at all. We show that this requirement can be relaxed for control applications, as control algorit ..."
Abstract
-
Cited by 10 (2 self)
- Add to MetaCart
(Show Context)
Systems that use f+1 computer nodes to tolerate f node failures ordinarily require that the computer nodes have strong failure semantics, i.e. a node should either produce correct results, or no results at all. We show that this requirement can be relaxed for control applications, as control algorithms inherently compensate for a class of value failures. Value failures occur when an error escapes the error detection mechanisms in the computer node and an erroneous value is sent to the actuators of the control system. Fault injection experiments show that 89 % of the value failures caused by bit-flips in a CPU had no or minor impact on the controlled object. However, the experiments also show that 11 % of the value failures had severe consequences. These failures were caused by bit-flips affecting the state variables of the control algorithm. Another set of fault injection experiments show that the percentage of the value failures with severe consequences was reduced to 3 % when the state variables were protected with executable assertions and best effort recovery mechanisms. 1.
Rapid crash testing for continuously evolving GUI-based software applications
- In Proceedings of The International Conference on Software Maintenance 2005 (ICSM’05
, 2005
"... Several rapid-feedback-based quality assurance mechanisms are used to manage the quality of continuously evolving software. Even though graphical user interfaces (GUIs) are one of the most important parts of software, there are currently no mechanisms to quickly retest evolving GUI software. We leve ..."
Abstract
-
Cited by 9 (2 self)
- Add to MetaCart
(Show Context)
Several rapid-feedback-based quality assurance mechanisms are used to manage the quality of continuously evolving software. Even though graphical user interfaces (GUIs) are one of the most important parts of software, there are currently no mechanisms to quickly retest evolving GUI software. We leverage our previous work on GUI testing to define a new automatic GUI re-testing process called “crash testing ” that is integrated with GUI evolution. We describe two levels of crash testing: (1) immediate feedback-based in which a developer indicates that a GUI bug was fixed in response to a previously reported crash; only select crash test cases are rerun and the developer is notified of the results in a matter of seconds, and (2) between code changes in which new crash test cases are generated on-the-fly and executed on the GUI. Since the code may be changed by another developer before all the crash tests have been executed, hence requiring restarting of the process, we use a simple rotation-based scheme to ensure that all crash tests are executed over a series of code changes. We show, via empirical studies, that our crash tests are effective at revealing serious problems in the GUI. 1
A Survey on Fault Injection Techniques
, 2003
"... Abstract: Fault tolerant circuits are currently required in several major application sectors. Besides and in complement to other possible approaches such as proving or analytical modeling whose applicability and accuracy are significantly restricted in the case of complex fault tolerant systems, fa ..."
Abstract
-
Cited by 7 (0 self)
- Add to MetaCart
Abstract: Fault tolerant circuits are currently required in several major application sectors. Besides and in complement to other possible approaches such as proving or analytical modeling whose applicability and accuracy are significantly restricted in the case of complex fault tolerant systems, fault-injection has been recognized to be particularly attractive and valuable. Fault injection provides a method of assessing the dependability of a system under test. It involves inserting faults into a system and monitoring the system to determine its behavior in response to a fault. Several fault injection techniques have been proposed and practically experimented. They can be grouped into hardware-based fault injection, software-based fault injection, simulation-based fault injection, emulation-based fault injection and hybrid fault injection. This paper presents a survey on fault injection techniques with comparison of the different injection techniques and an overview on the different tools.
Experimental analysis of binary-level software fault injection in complex software
"... Abstract—The injection of software faults (i.e., bugs) by mutating the binary executable code of a program enables the experimental dependability evaluation of systems for which the source code is not available. This approach requires that programming constructs used in the source code should be ide ..."
Abstract
-
Cited by 6 (1 self)
- Add to MetaCart
(Show Context)
Abstract—The injection of software faults (i.e., bugs) by mutating the binary executable code of a program enables the experimental dependability evaluation of systems for which the source code is not available. This approach requires that programming constructs used in the source code should be identified by looking only at the binary code, since the injection is performed at this level. Unfortunately, it is a difficult task to inject faults in the binary code that correctly emulate software defects in the source code. The accuracy of binary-level software fault injection techniques is therefore a major concern for their adoption in real-world scenarios. In this work, we propose a method for assessing the accuracy of binary-level fault injection, and provide an extensive experimental evaluation of a binary-level technique, G-SWFIT, in order to assess its limitations in a real-world complex software system. We injected more than 12 thousand binary-level faults in the OS and application code of the system, and we compared them with faults injected in the source code by using the same fault types of G-SWFIT. The method was effective at highlighting the pitfalls that can occur in the implementation of G-SWFIT. Our analysis shows that G-SWFIT can achieve an improved degree of accuracy if these pitfalls are avoided.
A Data Mining Approach to Identify Key Factors
- in Dependability Experiments,” in Proc. EDCC-5
, 2005
"... Abstract. Our paper presents a novel approach for identifying the key infrastructural factors determining the behavior of systems in the presence of faults by the application of intelligent data processing methods on data sets obtained from dependability benchmarking experiments. Our approach does n ..."
Abstract
-
Cited by 6 (4 self)
- Add to MetaCart
Abstract. Our paper presents a novel approach for identifying the key infrastructural factors determining the behavior of systems in the presence of faults by the application of intelligent data processing methods on data sets obtained from dependability benchmarking experiments. Our approach does not rely on a-priori assumptions or human intuition about the dominant aspects enabling this way the investigation of highly complex COTS-based systems. The proposed approach is demonstrated using a commercial data mining tool from IBM on the data obtained from experiments conducted using the DBench-OLTP dependability benchmark. Results obtained with the proposed technique identified important key factors impacting performance and dependability that could not have been revealed by the dependability benchmark measures. 1
1 FAIL*: Towards a Versatile Fault-Injection Experiment Framework
"... Abstract—Many years of research on dependable, faulttolerant software systems yielded many tool implementations for vulnerability analysis and experimental validation of resilience measures. We identify two disjoint classes of fault-injection (FI) experiment tools in the field, and argue that both a ..."
Abstract
-
Cited by 5 (3 self)
- Add to MetaCart
(Show Context)
Abstract—Many years of research on dependable, faulttolerant software systems yielded many tool implementations for vulnerability analysis and experimental validation of resilience measures. We identify two disjoint classes of fault-injection (FI) experiment tools in the field, and argue that both are plagued by inherent deficiencies, such as insufficient target state access, little or no means to switch to another target system, and non-reusable experiment code. In this article, we present a novel design approach for a FI infrastructure that aims at combining the strengths of both classes. Our FAIL * experiment framework provides carefullychosen abstractions simplifying both the implementation of different simulator/hardware target backends and the reuse of experiment code, while retaining the ability for deep targetstate access for specialized FI experiments. An exemplary report
Fuzzing Wi-Fi Drivers to Locate Security Vulnerabilities
"... Wireless LANs (WLAN) are becoming ubiquitous, as more and more consumer electronic equipments start to support them. This creates new security concerns, since hackers no longer need physical connection to the networks linking the devices, but only need to be in their proximity, to send malicious dat ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
Wireless LANs (WLAN) are becoming ubiquitous, as more and more consumer electronic equipments start to support them. This creates new security concerns, since hackers no longer need physical connection to the networks linking the devices, but only need to be in their proximity, to send malicious data to exploit some vulnerability. In this paper we present a fuzzer, called Wdev-Fuzzer, which can be utilized to locate security vulnerabilities in Wi-Fi device drivers. Our experiments with a Windows Mobile 5 device indicate that Wdev-Fuzzer can be quite effective in confirming known issues and discovering previously unknown problems.
Experimental dependability evaluation of a fail-bounded jet engine control system for unmanned aerial vehicles
- In Proceedings of the 2005 International Conference on Dependable Systems and Networks
, 2005
"... This paper presents an experimental evaluation of a prototype jet engine controller intended for Unmanned Aerial Vehicles (UAVs). The controller is implemented with commercial off-the-shelf (COTS) hardware based on the Motorola MPC565 microcontroller. We investigate the impact of single event upsets ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
(Show Context)
This paper presents an experimental evaluation of a prototype jet engine controller intended for Unmanned Aerial Vehicles (UAVs). The controller is implemented with commercial off-the-shelf (COTS) hardware based on the Motorola MPC565 microcontroller. We investigate the impact of single event upsets (SEUs) by injecting single bit-flip faults into main memory and CPU registers via the Nexus on-chip debug interface of the MPC565. To avoid the injection of non-effective faults, automated pre-injection analysis of the assembly code was utilized. Due to the inherent robustness of the software, most injected faults were still non-effective (69.4%) or caused bounded failures having only minor effect on the jet engine (7.0%), while 20.1 % of the errors were detected by hardware exceptions and 1.9 % were detected by executable assertions in the software. The remaining 1.6 % is classified as critical failures. A majority of the critical failures were caused by erroneous booleans or type conversions involving booleans. 1.
A NEW APPROACH AND A RELATED TOOL FOR DEPENDABILITY MEASUREMENTS ON DISTRIBUTED SYSTEMS
, 2010
"... In the recent years, experts in the field of dependability are recognizing experimental measurements as an attractive option for assessing distributed systems; contrary to simulation, measurement allows monitoring the real execution of a system in its real usage environment. However, the results of ..."
Abstract
-
Cited by 3 (2 self)
- Add to MetaCart
In the recent years, experts in the field of dependability are recognizing experimental measurements as an attractive option for assessing distributed systems; contrary to simulation, measurement allows monitoring the real execution of a system in its real usage environment. However, the results of a recent survey have highlighted that the way measurements are carried out and measurement results are expressed is far from being in line with the approach commonly adopted by metrology. The scope of the paper is two-fold. The first goal is to extend the discussion on the increasing role that measurements play in dependability and on the importance of cross-fertilization between the Dependability and the Instrumentation and Measurement communities. The second objective is to present a different approach to dependability measurements, in line with the common practices in metrology. With regard to this, the paper presents a tool for dependability measurements in distributed systems allowing to evaluate the uncertainty of measurement results. The tool is an enhancement of NekoStat, a powerful highly portable Java framework that allows analyzing distributed systems and algorithms. Together with the description of the tool