Jean-Claude Laprie

Basic concepts and taxonomy of dependable and secure computing

This paper gives the main definitions relating to dependability, a generic concept including a special case of such attributes as reliability, availability, safety, integrity, maintainability, etc. Security brings in concerns for confidentiality, in addition to availability and integrity. Basic definitions are given first. They are then commented upon, and supplemented by additional definitions, which address the threats to dependability and security (faults, errors, failures), their attributes, and the means for their achievement (fault prevention, fault tolerance, fault removal, fault forecasting). The aim is to explicate a set of general concepts, of relevance across a wide range of situations and, therefore, helping communication and cooperation among a number of scientific and technical communities, including ones that are concentrating on particular types of system, of system failures, or of causes of system failures.

Dependability: Basic Concepts and Terminology

This document is aimed at giving informal but precise definitions characterizing the various attributes of computing systems dependability. It is a contribution to the work undertaken within the “Reliable and Fault Tolerant Computing” scientific and technical community [Avi 67, Jes 77, Mel 77, Avi 78, Ran 78, Car 79, And 81, FTC 82, Sie 82, Cri 85a, Lap 85, Avi 86, Lap 89] in order to propose clear and widely acceptable definitions for some basic concepts.

Fault injection for dependability validation: a methodology and some applications

The authors address the problem of validating the dependability of fault-tolerant computing systems, in particular, the validation of the fault-tolerance mechanisms. The proposed approach is based on the use of fault injection at the physical level on a hardware/software prototype of the system considered. The place of this approach in a validation-directed design process and with respect to related work on fault injection is clearly identified. The major requirements and problems related to the development and application of a validation methodology based on fault injection are presented and discussed. Emphasis is put on the definition, analysis, and use of the experimental dependability measures that can be obtained. The proposed methodology has been implemented through the realization of a general pin-level fault injection tool (MESSALINE), and its usefulness is demonstrated by the application of MESSALINE to the experimental validation of two systems: a subsystem of a centralized computerized interlocking system for railway control applications and a distributed system corresponding to the current implementation of the dependable communication system of the ESPRIT Delta-4 Project. >

Definition and analysis of hardware- and software-fault-tolerant architectures

A structured definition of hardware- and software-fault-tolerant architectures is presented. Software-fault-tolerance methods are discussed, resulting in definitions for soft and solid faults. A soft software fault has a negligible likelihood or recurrence and is recoverable, whereas a solid software fault is recurrent under normal operations or cannot be recovered. A set of hardware- and software-fault-tolerant architectures is presented, and three of them are analyzed and evaluated. Architectures tolerating a single fault and architectures tolerating two consecutive faults are discussed separately. A sidebar addresses the cost issues related to software fault tolerance. The approach taken throughout is as general as possible, dealing with specific classes of faults or techniques only when necessary.<<ETX>>

Dependable computing: From concepts to design diversity

This paper is composed of two sections. The first provides a conceptual framework for expressing the attributes of what constitutes dependable and reliable computing: a) the impairments to dependability (faults, errors, and failures), b) the means for dependability (fault avoidance, tolerance, removal, and forecasting), and c) the measures of dependability (reliability, availability, safety). The second section focuses on one of the most challenging problems for dependable computing: coping with design faults.

Fault injection and dependability evaluation of fault-tolerant systems

The authors describe a dependability evaluation method based on fault injection that establishes the link between the experimental evaluation of the fault tolerance process and the fault occurrence process. The main characteristics of a fault injection test sequence aimed at evaluating the coverage of the fault tolerance process are presented. Emphasis is given to the derivation of experimental measures. The various steps by which the fault occurrence and fault tolerance processes are combined to evaluate dependability measures are identified and their interactions are analyzed. The method is illustrated by an application to the dependability evaluation of the distributed fault-tolerant architecture of the Esprit Delta-4 Project. >

Dependability and Its Threats: A Taxonomy

This paper gives the main definitions relating to dependability, a generic concept including as special case such attributes as reliability, availability, safety, confidentiality, integrity, maintainability, etc. Basic definitions are given first. They are then commented upon, and supplemented by additional definitions, which address the threats to dependability (faults, errors, failures), and the attributes of dependability. The discussion on the attributes encompasses the relationship of dependability with security, survivability and trustworthiness.

Dependability Evaluation of Software Systems in Operation

This paper deals with evaluation of the dependability (considered as a generic term, whose main measures are reliability, availability, and maintainability) of software systems during their operational life, in contrast to most of the work performed up to now, devoted mainly to development and validation phases. The failure process due to design faults, and the behavior of a software system up to the first failure and during its life cycle are successively examined. An approximate model is derived which enables one to account for the failures due to the design faults in a simple way when evaluating a systems dependability. This model is then used for evaluating the dependability of 1) a software system tolerating design faults, and 2) a computing system with respect to physical and design faults.

Fault injection for dependability validation of fault-tolerant computing systems

The authors address the dependability validation of fault-tolerant computing systems and more specifically the validation of the fault-tolerance mechanisms. Their approach is based on the use of fault injection at the physical level on a hardware/software prototype of the system considered. The place of this approach in a validation-directed design process as well as its place with respect to related works on fault injection are identified. The major requirements and problems related to the development and application of a validation methodology based on fault injection are presented and discussed. The proposed methodology has been implemented through the realization of a general physical-fault injection tool (MESSALINE) whose usefulness is demonstrated by its application to the experimental validation of a subsystem of a computerized interlocking system for railway control applications.<<ETX>>

Dependability — Its Attributes, Impairments and Means

This paper gives the main definitions relating to dependability, a generic concept including as special cases such atributes as reliability, availability, safety, security, maintainability. The various impairments to dependability (faults, errors, failures) and means for dependability (especially fault tolerance, fault removal, fault forecasting) are emphasized.