Manfred Reitenspiess

Applying MDA approach for the SA forum platform

The Application Interface Specification of the Service Availability Forum is a set of relatively new but well elaborated service specifications that facilitate the creation of highly available, fault tolerant applications. Even if not many, but there exist applications developed based on the specifications; however, a systematic way for creating those has not been published yet. This work describes a model-driven framework for the development of AIS based applications. It enables the creation and manipulation of the application models that are used for the generation of system configuration and component code skeletons, and which can be used for the automatic checking of correctness and various other non-functional requirements.

The service availability forum security service (SEC): status and future directions

The Service Availability Forum is specifying high availability interfaces for carrier grade applications. Along with the direct support for applications an implementation of these interfaces implies that it can itself be highly available. To ensure this availability an implementation must be secure, but these security mechanisms must themselves not reduce the availability of the overall system [1,2]. The security of high availability interfaces (and their middleware implementations) therefore requires a careful design to address potential cross influences. In this paper, we first discuss the general security scope for SA Forum systems, do a threat analysis and list a number of assumption of the execution environment. Then, we present a strawman architecture for the SA Forum Security service (SEC). Rather than presenting a detailed design, with this architecture we attempt to provide guidance, expose issues to be addressed and offer solution ideas for those issues.

Practical quality assurance for standards-based, high-availability middleware

Telecommunications technologies are undergoing a major paradigm shift. Standards-based, off-the-shelf components and the Internet are gaining wide acceptance. The success of this move is strongly dependent upon the quality and availability of these technologies.Practical quality assurance in this environment can take advantage of the tools and methods developed when carrier-grade systems for the telecommunications market were being deployed. Besides standard test methods, availability-related methods for redundant hardware and software components are applied. Statistics are available that prove the success of this approach. The statistical data are derived from the deployment of the commercial product RTP4 Continuous Services, a standards-based high-availability middleware.Additional momentum has been gained in the Service Availability Forum (www.saforum.org), where the interface standards are validated and certified in independent test processes.

Confidentiality and Real Errors: A Contradiction?

During industrial software development and deployment, a wealth of data is accumulated, which could be used for the evolvement and refinement of methods and tools for error analysis, statistical evaluation of errors, dynamic handling of errors, and the prediction of faults and failures. Unfortunately, this data is always classified as highly sensitive as it contains customer related information, quality and quality assurance related information and gives insights into internal development processes. There is a need for neutralization techniques to overcome these hurdles