Error Recovery in Critical Infrastructure Systems - Computer Security, Dependability and Assurance: From Needs to Solutions, 1998. Proceedings

Criticul infrastructure applications pmvide services upon which society depends heavily; such applications require survivabiliry in the face of faults that mighr cause a loss of service. These applications are lhemselves dependent on distributed information systems for all aspects of their operation ond so survivability of rhe information systems is an important issue. Fault tolerance is U key mechanism by which survivnbiliry can be achieved in these information systems. Much of the liternrum on fault-toleranr distribicted sysrems focuses on local error recovery by masking rhe effects of faults. We describe a direction for error recovery in rheface of catastrophic faults where the effects of the faulrs cannot be masked using available resources. The god is to provide conrimed service that is either on alrer,tate or degraded service by reconfiguring the system rather than masking faults. We outline rhe requirements for a reconjgurable system archirecrure and present an error recovery system that enables sysrematic srructuring of error recovery specificarions and implementations.