facing up to faults facing up to faults facing up to
play

Facing Up to Faults Facing Up to Faults Facing Up to Faults - PowerPoint PPT Presentation

Jan 04, 2023 •392 likes •600 views

Facing Up to Faults Facing Up to Faults Facing Up to Faults (v.2.0.1) (v.2.0.1) (v.2.0.1) Brian Randell Brian Randell Brian Randell WADS-3, May 2004 1 The Menu The Menu The Menu On Dependability Concepts On Fault Assumptions

  1. Facing Up to Faults Facing Up to Faults Facing Up to Faults (v.2.0.1) (v.2.0.1) (v.2.0.1) Brian Randell Brian Randell Brian Randell WADS-3, May 2004 1

  2. The Menu The Menu The Menu • On Dependability Concepts • On Fault Assumptions • On System Structure WADS-3, May 2004 2

  3. On Dependability Concepts On Dependability Concepts On Dependability Concepts • A system failure occurs when the delivered service deviates from fulfilling the system function, the latter being what the system is aimed at . • An error is that part of the system state which is liable to lead to subsequent failure: an error affecting the service is an indication that a failure occurs or has occurred. The adjudged or hypothesised cause of an error is a fault. (Note: errors do not necessarily lead to failures; component failures are not necessarily faults to the surrounding system) WADS-3, May 2004 3

  4. The Failure/Fault/Error “Chain” The Failure/Fault/Error “Chain” The Failure/Fault/Error “Chain” • A failure occurs when an error “passes through” the system-user interface and affects the service delivered by the system – a system of course being composed of components which are themselves systems. Thus the manifestation of failures, faults and errors follows a “fundamental chain”: . . . → failure → fault → error → failure → fault → . . . i.e. . . . → event → cause → state → event → cause → . . . WADS-3, May 2004 4

  5. Dependability - Dependability - - Dependability the “standard” definition the “standard” definition the “standard” definition Dependability is usually defined as that property of a computer system such that reliance can justifiably be placed on the service it delivers. (The service delivered by a system is its behaviour as it is perceptible by its user(s); a user is another system (human or physical) which interacts with the former.) WADS-3, May 2004 5

  6. Dependability > Correctness Dependability > Correctness Dependability > Correctness • The four basic dependability technologies are • fault prevention (rigorous design), • fault removal (verification & validation) • fault tolerance • fault forecasting (system evaluation) • The effective combination of the first three is crucial - reliance on any one - or even two - of them is in general insufficient to achieve dependability, even just for software, leave alone systems • And the fourth, being the means of assessing progress towards achieving adequate dependability, is equally vital, in order to demonstrate this achievement WADS-3, May 2004 6

  7. The Role of Judgement The Role of Judgement The Role of Judgement A given system, operating in some particular environment (a wider system), may fail in the sense that some other system makes, or could in principle have made, a judgement that the activity or inactivity of the given system constitutes failure. The concept of dependability can then be more simply defined as: “the quality or characteristic of being dependable”, where the adjective “ dependable ” is attributed to a system whose failures are judged sufficiently rare or insignificant. WADS-3, May 2004 7

  8. Concepts & Terminology Concepts & Terminology Concepts & Terminology • Note the generality of the definitions of fault,error, failure and dependability, and their wide applicability • What matters are concepts, rather than terminology • Differing research communities (reliability, safety, survivability, security, etc.,) use differing terminology, and definitions, unfortunately • But what is critical is a fully general notion of failure, and of the three different concepts: fault, error, failure • (to deal properly with the complexities (and realities) of failure-prone components, being assembled together in possibly incorrect ways, so resulting in failure-prone systems.) WADS-3, May 2004 8

  9. On Fault Assumptions On Fault Assumptions On Fault Assumptions • Regarding the nature and likelihood of faults • and the effectiveness of fault masking - possibly obviating the need for error recovery • Regarding the ability to validate inputs and ouputs • and the practicality of various types of error recovery • All these assumptions greatly influence the system designer’s task • including that of the designer of the facilities and processes used for system design • Their careful identification is one of the most crucial aspects of system design WADS-3, May 2004 9

  10. Fault Assumptions Fault Assumptions Fault Assumptions - the possible “domino effect” - the possible “domino effect” the possible “domino effect” - T1 T2 Inter-thread communication checkpoint The possibility of this effect depends critically on validation assumptions WADS-3, May 2004 10

  11. A “solution” A “solution” A “solution” - the nested conversation structure - the nested conversation structure the nested conversation structure - T1 T2 T3 inter-thread communication checkpoint conversation boundary acceptance test But conversations deal only with co-operative, not competitive concurrency - Hence Newcastle’s work on “Coordinated Atomic Actions”: WADS-3, May 2004 11

  12. On Structure On Structure On Structure “The price of reliability is utter simplicity - and this is a price that major software manufacturers find too high to afford!” - Hoare WADS-3, May 2004 12

  13. On Structure On Structure On Structure “The price of reliability is utter simplicity - and this is a price that major software manufacturers find too high to afford!” - Hoare But “Everything should be made as simple as possible, but not simpler” - Einstein WADS-3, May 2004 13

  14. On Structure On Structure On Structure “The price of reliability is utter simplicity - and this is a price that major software manufacturers find too high to afford!” - Hoare But “Everything should be made as simple as possible, but not simpler” - Einstein • Good system structuring allows one to deal with the added complexity that result from more realistic fault assumptions - its quality is measured by its: • coupling and cohesion (for performance) • strength (for dependability) WADS-3, May 2004 14

  15. Structural Strength - Structural Strength - - Structural Strength e.g. in Triple Modular Redundancy e.g. in Triple Modular Redundancy e.g. in Triple Modular Redundancy V V V A strongly-structured system is one in which the structuring exists in the actual system, not just its description or design, and helps to limit the impact of faults WADS-3, May 2004 15

  16. Structure and Redundancy Structure and Redundancy Structure and Redundancy The basic idea underlying all techniques aimed at achieving • high dependability is that of “ consistency-checking of useful redundancy ” • It underlies all forms of validation, from program verification and code inspection to debugging, • and all forms of fault tolerance, (including in hardware, software, bureaucracies, and socio-technical systems) Equally fundamental and closely-related is the use of system (in • particular program) structuring techniques. • Important for complexity reduction (i.e. understandability), and code re-use, but also – if retained in the operational system – for error detection and for limiting error propagation. WADS-3, May 2004 16

  17. Structure for Dependability Structure for Dependability Structure for Dependability Exception Handling - in programming languages, and at higher system • levels (e.g. in workflow languages) this is a form of retained structuring that aids the provision of coherent • methods of error recovery, and the production of systems which can when necessary “degrade gracefully” Software Architecture - e.g. “design patterns”, and in particular • techniques for constructing systems out of components and stylized connectors these facilitate not just the system design and evolution, but also run-time • error detection and confinement. Multi-level Architectures - the use of multiple representations of a • system, at successively lower levels of abstraction. Ideally, such levels of abstraction are employed not just at design time, but instead are retained during operation. they aid system adaptation, and enable consistency checking at each level, • and between levels . WADS-3, May 2004 17

  18. By Way of Summary: it is vital - By Way of Summary: it is vital - - By Way of Summary: it is vital To have a concept which is associated with a fully general notion of failure - • not limited just to particular types, causes or consequences of failure To use separate terms for the three essentially different concepts: “fault”, • “error” and “failure” To understand the “fundamental chain”: • . . . → failure → fault → error → failure → fault → . . . - in order to deal with situations involving complex badly-specified systems, with uncertain boundaries, where judgements as to possible causes or consequences of failure are difficult, and provisions for preventing (possibly deliberate) faults from causing failures are likely to be fallible, i.e. with reality! And to pay careful attention to the use and retention of structure and • redundancy - for purposes of complexity control, error containment, and system evolution As a basis for a coherent and comprehensive approach to dealing with the • possibility of failure, in both system design and operation WADS-3, May 2004 18

Recommend

The UE facing territorial diversity The role of local development facing the crisis Seminar:

The UE facing territorial diversity The role of local development facing the crisis Seminar:

The UE facing territorial diversity The role of local development facing the crisis Seminar: THE EU AND ITS RURAL AREAS: A CUMBERSOME LEGACY IN THE 21ST CENTURY? Wladyslaw Piskorz Head of Unit - Competence Centre Inclusive Growth, Urban and

449 views • 12 slides
Item 7.1 Change of use of land for the erection of a chalet/mobile home at Baads Farm, Anguston

Item 7.1 Change of use of land for the erection of a chalet/mobile home at Baads Farm, Anguston

Item 7.1 Change of use of land for the erection of a chalet/mobile home at Baads Farm, Anguston Road, Peterculter 200040/DPP FACING SOUTH FACING WEST FACING NORTH FACING SOUTH-EAST FACING SOUTH-EAST Key Issues This is a stand alone

310 views • 10 slides
The educational challenges The educational challenges facing children in migrant facing children

The educational challenges The educational challenges facing children in migrant facing children

Child and Youth Migration in West Africa: Research Progress and Implications for Policy The educational challenges The educational challenges facing children in migrant facing children in migrant communities in cocoa- -growing growing

92 views • 7 slides
N Robert W. Hine Treatment Plant Facility Rio Grande Railroad Bridge entrance, facing North

N Robert W. Hine Treatment Plant Facility Rio Grande Railroad Bridge entrance, facing North

N Robert W. Hine Treatment Plant Facility Rio Grande Railroad Bridge entrance, facing North over York St, facing South 58 th Ave 58 th Ave and York St, facing Southwest N 64 th Ave 64 th Ave and York St, facing Northwest N 68 th Ave I-270

324 views • 10 slides
FACING RACE IN ASIAN AMERICA FACING RACE CONFERENCE 2016 ATLANTA, GEORGIA AGENDA 1:45

FACING RACE IN ASIAN AMERICA FACING RACE CONFERENCE 2016 ATLANTA, GEORGIA AGENDA 1:45

FACING RACE IN ASIAN AMERICA FACING RACE CONFERENCE 2016 ATLANTA, GEORGIA AGENDA 1:45 WELCOME & FRAMING 2:00 PANEL DISCUSSION 2:45 Q&A / DISCUSSION 3:15 END Our America? The critical examination of whiteness... involves the

321 views • 20 slides
1 As you have already deduced, I am neither facing you or using my normal voicethe latter being

1 As you have already deduced, I am neither facing you or using my normal voicethe latter being

[Start presentation facing the opposite direction and using an english accent to impersonate Sherlock Holmes] Its a common misconception amongst developers that they know or understand what users want or need. It is equally a misconception

943 views • 48 slides
Trends Facing Capital and Debt Markets in 2016 1 Real Estate Forum Session B4 Trends Facing

Trends Facing Capital and Debt Markets in 2016 1 Real Estate Forum Session B4 Trends Facing

Trends Facing Capital and Debt Markets in 2016 1 Real Estate Forum Session B4 Trends Facing Capital and Debt Markets in 2016 Canadian Economic Prospects Quarterly Real GDP Growth CIBC Economic Forecast 2011 2012 2013 2014E 2015E 2016E

684 views • 19 slides
Are W e Out Of the W oods Yet: W hat Are The Main I ssues Facing Our I ndustry and The Main I

Are W e Out Of the W oods Yet: W hat Are The Main I ssues Facing Our I ndustry and The Main I

Are W e Out Of the W oods Yet: W hat Are The Main I ssues Facing Our I ndustry and The Main I ssues Facing Our I ndustry and Econom y in 2 0 1 5 and Beyond? Maine Forest Products Council Septem ber 8 th, 2 0 1 4 p , Key Topics H

1.14k views • 72 slides
Facing NLP German Rigau i Claramunt http://adimen.si.ehu.es/~rigau IXA group Departamento de

Facing NLP German Rigau i Claramunt http://adimen.si.ehu.es/~rigau IXA group Departamento de

Facing NLP German Rigau i Claramunt http://adimen.si.ehu.es/~rigau IXA group Departamento de Lenguajes y Sistemas Informticos UPV/EHU AI and NLP Facing NLP From Cyc (adapted) (I) Fred saw the plane flying over Zurich. AI and NLP 2

486 views • 24 slides
Ubiquitous faults T-79.4001 Seminar on Theoretical Computer Science Tero Pietilinen 4.4.2007

Ubiquitous faults T-79.4001 Seminar on Theoretical Computer Science Tero Pietilinen 4.4.2007

Nature of ubiquitous faults Communication Faults and Agreement Limits to Number of Ubiquitous Faults for Majority Unanimity in Spite of Ubiquitous Faults Ubiquitous faults T-79.4001 Seminar on Theoretical Computer Science Tero Pietilinen

685 views • 36 slides
W HAT A BOUT P AXOS ? Paxos tolerates a minority of processing failing by crashing . What

W HAT A BOUT P AXOS ? Paxos tolerates a minority of processing failing by crashing . What

B YZANTINE F AULT T OLERANCE Ellis Michael A H IERARCHY OF F AULT M ODELS No faults Crash faults Byzantine faults People who use tabs instead of spaces B YZANTINE F AULTS Also called "general" or "arbitrary" faults.

563 views • 31 slides
CHALLENGES FACING THE WORLD METHODIST COUNCIL IN THE NEXT DECADE Presented by: Rev. Ivan

CHALLENGES FACING THE WORLD METHODIST COUNCIL IN THE NEXT DECADE Presented by: Rev. Ivan

CHALLENGES FACING THE WORLD METHODIST COUNCIL IN THE NEXT DECADE Presented by: Rev. Ivan Abrahams MCSA Conference Swaziland 20 September 2012 Brief overview of my presentation History of WMC Challenges facing the World Methodist

664 views • 29 slides
Steady Flow: Backward Facing Step This tutorial demonstrates the flow of an incompressible gas

Steady Flow: Backward Facing Step This tutorial demonstrates the flow of an incompressible gas

STAR-CCM+ User Guide 6663 Steady Flow: Backward Facing Step This tutorial demonstrates the flow of an incompressible gas over a backward facing step (with height, H = 1 m). Data from a fully developed flow will be used at the inlet. The

630 views • 31 slides
I m pact of I nterm ittent Faults on Nanocom puting Devices Cristian Constantinescu June 28th,

I m pact of I nterm ittent Faults on Nanocom puting Devices Cristian Constantinescu June 28th,

I m pact of I nterm ittent Faults on Nanocom puting Devices Cristian Constantinescu June 28th, 2007 Dependable Systems and Networks Outline Fault classes Permanent faults Transient faults Intermittent faults Field

709 views • 24 slides
q Challenges facing the sport of wrestling 1. Decreasing funding support at all levels

q Challenges facing the sport of wrestling 1. Decreasing funding support at all levels

Background Information (slide 1) Introduction to Topic Area (slide 2) Challenges Facing Sport & How to Overcome Them Benefits of Branding to Coaches (slide 3) How to Market Program Effectively (slides 4-17) Six steps

327 views • 22 slides
1 WHAT IS IS A CASE COMPETITION? 1 2 3 Ide dentify key key iss ssues fac facing a Uti

1 WHAT IS IS A CASE COMPETITION? 1 2 3 Ide dentify key key iss ssues fac facing a Uti

1 WHAT IS IS A CASE COMPETITION? 1 2 3 Ide dentify key key iss ssues fac facing a Uti tilise a range of of sk skills to to Pres esent so solutions to to indus dustry business busi de deve velop innova ovative ve so

166 views • 13 slides
Phil Thomas Across the world, we are facing a gathering

Phil Thomas Across the world, we are facing a gathering

Phil Thomas Across the world, we are facing a gathering storm arising from popula6on growth, climate change and issues of food security! Key

571 views • 18 slides
The Issues Facing CMAL Owns or old ferries,

The Issues Facing CMAL Owns or old ferries,

Port Ellen - Islay The Issues Facing CMAL Owns or old ferries, some over 40 years operates 24 harbours ageing

113 views • 7 slides
Due to the circumstances that our Planet is facing because of the COVID disease, we are

Due to the circumstances that our Planet is facing because of the COVID disease, we are

Due to the circumstances that our Planet is facing because of the COVID disease, we are constantly asking us whether we are protected against this worldwide Pandemia. First, we have to be responsible with the rules and secondly to use the correct

247 views • 7 slides
INTERACTING FAULTS By Tyler Lagasse Faults typically form as a network How do we best

INTERACTING FAULTS By Tyler Lagasse Faults typically form as a network How do we best

INTERACTING FAULTS By Tyler Lagasse Faults typically form as a network How do we best interpret interacting faults and tell between different types of fault interaction? INTRODUCTION HOW DOES A FAULT NETWORK FORM? Forms within single

549 views • 21 slides
Th The R e Roa oad d to o Tra ransparency nsparency. Creating comprehensive, public-facing

Th The R e Roa oad d to o Tra ransparency nsparency. Creating comprehensive, public-facing

Th The R e Roa oad d to o Tra ransparency nsparency. Creating comprehensive, public-facing reports on cost, utilization, condition prevalence and quality of care from the Colorado APCD. BA BACKGR GROUND OUND Background CIVHC

349 views • 11 slides
Agenda Who is the industry? Public perceptions Challenges facing product

Agenda Who is the industry? Public perceptions Challenges facing product

Considerations for Government Oversight of Nanotechnology Mark Greenwood ROPES & GRAY LLP BOSTON NEW YORK PALO ALTO SAN FRANCISCO WASHINGTON, DC Agenda Who is the industry? Public perceptions Challenges facing

575 views • 10 slides
Challenges facing all Additional challenges providers for new providers

Challenges facing all Additional challenges providers for new providers

Challenges facing all Additional challenges providers for new providers Delivering Apprenticeship Standards Systems Data End Point Assessment Claims Reports 20% off the job training Audit

809 views • 41 slides
Astro 1: Introductory Astronomy David Cohen Spring 2014 Class 21: Tuesday, April 8 facing

Astro 1: Introductory Astronomy David Cohen Spring 2014 Class 21: Tuesday, April 8 facing

Astro 1: Introductory Astronomy David Cohen Spring 2014 Class 21: Tuesday, April 8 facing east: Moon rising facing west: Moon setting Jupiter and Saturn move from night-to-night against the stars looking south East West images taken at

501 views • 23 slides

More recommend