When Does "Diversity" in Development Reduce Common Failures? Insights from Probabilistic Modeling
نویسندگان
چکیده
Fault tolerance via diverse redundancy, with multiple “versions” of a system in a redundant configuration, is an attractive defence against design faults. To reduce the probability of common failures, development and procurement practices pursue “diversity” between the ways the different versions are developed. But difficult questions remain open about which practices are more effective to this aim. About these questions, probabilistic models have helped by exposing fallacies in “common sense” judgements. However, most make very restrictive assumptions. They model well scenarios in which diverse versions are developed in rigorous isolation from each other: a condition that many think desirable, but is unlikely in practice. We extend these models to cover non-independent development processes for diverse versions. This gives us a rigorous way of framing claims and open questions about how best to pursue diversity, and about the effects – negative and positive – of commonalities between developments, from specification corrections to the choice of test cases. We obtain three theorems that, under specific scenarios, identify preferences between alternative ways of seeking diversity. We also discuss non-intuitive issues, including how expected system reliability may be improved by creating intentional “negative” dependencies between the developments of different versions. Index Terms Common-mode failure, Software Diversity, Fault tolerance, Multiversion software, Probability of failure on demand, Reliability.
منابع مشابه
Determining Intermediary Effect of Auditor’s Conservatism on Relationship between Ethnicity and Interpretation of Probabilistic Propositions in Accepted Accounting Standards
Use of integrated standards in today's economy is imperative to create efficient financial markets, improve resource allocation and reduce transaction costs. In the same vein, all countries must make a lot of effort to develop common standards. However, ethnic diversity in different parts of the world results in different interpretations and judgments from accounting standards and challenges a ...
متن کاملPerformance Modeling of Power Generation System of a Thermal Plant
The present paper discusses the development of a performance model of power generation system of a thermal plant for performance evaluation using Markov technique and probabilistic approach. The study covers two areas: development of a predictive model and evaluation of performance with the help of developed model. The present system of thermal plant under study consists of four subsystems with...
متن کاملPhysics-based Common Cause Failure Modeling in Probabilistic Risk Analysis: a Mechanistic Perspective
The modeling of dependent failures, specifically Common Cause Failures (CCFs), is one of the most important topics in Probabilistic Risk Analysis (PRA). Currently, CCFs are treated using parametric modeling, which is based on historical failure events. Instead of utilizing the existing data-driven approach, this paper proposes the concept of physics-based CCF modeling, which refers to the incor...
متن کاملPresentation of Common Cause Failures in Fault Tree Structure of Krško PSA: An Historical Overview
Failure of multiple components due to a common cause represents one of the most important issues in evaluation of system reliability or unavailability. The frequency of such events has relatively low expectancy, when compared to random failures, which affect individual components. However, in many cases the consequence is a direct loss of safety system or mitigative safety function. For this re...
متن کاملModeling of a Probabilistic Re-Entrant Line Bounded by Limited Operation Utilization Time
This paper presents an analytical model based on mean value analysis (MVA) technique for a probabilistic re-entrant line. The objective is to develop a solution method to determine the total cycle time of a Reflow Screening (RS) operation in a semiconductor assembly plant. The uniqueness of this operation is that it has to be borrowed from another department in order to perform the production s...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEEE Trans. Dependable Sec. Comput.
دوره 11 شماره
صفحات -
تاریخ انتشار 2014