Diversity against accidental and deliberate faults
نویسندگان
چکیده
T h e p a p e r i s a i m e d a t e x a m i n i n g t h e r e l a t i o n s h i p b e t w e e n t h e t h r e e t o p i c s o f t h e w o r k s h o p s t h a t g a v e r i s e t o t h i s b o o k : s e c u r i t y , f a u l t t o l e r a n c e , a n d s o f t w a r e a s s u r a n c e . T h o s e t h r e e t o p i c s c a n b e v i e w e d a s d i f f e r e n t f a c e t s o f d e p e n d a b i l i t y . T h e p a p e r f o c u s e s o n d i v e r s i t y , a s a d e s i r a b l e a p p r o a c h f o r a d d r e s s i n g t h e c l a s s e s o f f a u l t s t h a t u n d e r l a y a l l t h e s e t o p i c s , i . e . , d e s i g n f a u l t s a n d i n t r u s i o n f a u l t s . 1 . I n t r o d u c t i o n T h e p a p e r i s a i m e d a t e x a m i n i n g t h e r e l a t i o n s h i p b e t w e e n t h e t h r e e t o p i c s o f t h e w o r k s h o p s t h a t g a v e r i s e t o t h i s b o o k : s e c u r i t y , f a u l t t o l e r a n c e a n d s o f t w a r e a s s u r a n c e . T h o s e t h r e e t o p i c s c a n b e v i e w e d a s d i f f e r e n t f a c e t s o f d e p e n d a b i l i t y [ 2 9 , 3 3 ] , ( s e e a l s o t h e p a p e r b y B r i a n R a n d e l l i n t h i s v o l u m e ) . T h e s e c o n d s e c t i o n i s d e v o t e d t o a f a u l t c l a s s i f i c a t i o n , w h i c h i d e n t i f i e s t h r e e m a j o r c l a s s e s o f f a u l t s : p h y s i c a l f a u l t s , d e s i g n f a u l t s , ( h u m a n m a c h i n e ) i n t e r a c t i o n f a u l t s , w h e r e t h e l a t t e r t w o c l a s s e s c a n b e e i t h e r a c c i d e n t a l o r d e l i b e r a t e . T h e c l a s s e s o f f a u l t s t h a t c o m e i n t o p l a y , w h e n c o n s i d e r i n g s i m u l t a n e o u s l y s e c u r i t y , f a u l t t o l e r a n c e a n d s o f t w a r e a s s u r a n c e a r e t h e d e s i g n f a u l t s a n d t h e i n t e r a c t i o n f a u l t s . C o n t r i b u t i o n s o f f a u l t t o l e r a n c e t o s e c u r i t y a n d s o f t w a r e a s s u r a n c e n e c e s s i t a t e d i v e r s i t y . D i v e r s i t y c a n t a k e p l a c e a t a n u m b e r o f l e v e l s i n a s y s t e m : e x e c u t i o n s u p p o r t ( h a r d w a r e p l u s o p e r a t i n g s y s t e m ) , e x e c u t i o n c o n d i t i o n s o r d e s i g n o f t h e a p p l i c a t i o n s o f t w a r e , h u m a n m a c h i n e i n t e r f a c e , a n d o p e r a t o r s . T h e t h i r d s e c t i o n i s d e v o t e d t o a c l o s e e x a m i n a t i o n o f t h e s e p o s s i b i l i t i e s , w i t h i n d i c a t i o n s o n t h e i r e f f e c t i v e n e s s w i t h r e s p e c t t o t h e c l a s s e s o f f a u l t s o f i n t e r e s t . D i v e r s i t y i s a l s o c o m m o n l y u s e d f o r t h e v a l i d a t i o n o f d e p e n d a b l e s y s t e m s a l l a l o n g i t s d e v e l o p m e n t , a s p r e s e n t e d i n t h e f o u r t h s e c t i o n . H o w e v e r , s o m e f a u l t s c a n d e f e a t f a u l t t o l e r a n c e t e c h n i q u e s ( e . g . , t h o s e f a u l t s r e s u l t i n g f r o m t r a d e o f f s b e t w e e n s e c u r i t y a n d u s a b i l i t y , o r f a u l t s g i v i n g r i s e t o c o m m o n m o d e f a i l u r e s ) . I t i s t h u s n e c e s s a r y t o m a k e a n e v a l u a t i o n o f t h e r i s k t h a t i s i n c u r r e d , w h i c h i s t h e t o p i c o f t h e f i f t h p a r t o f t h e p a p e r . 1 Y v e s D e s w a r t e i s c u r r e n t l y o n s a b b a t i c a l a t M i c r o s o f t R e s e a r c h , C a m b r i d g e , U K . 2 . F a u l t s [ 2 9 , 3 3 ] F a u l t s a r e t h e a d j u d g e d o r h y p o t h e s i z e d c a u s e s o f s y s t e m f a i l u r e s , i . e . d e v i a t i o n s f r o m d e l i v e r y o f c o r r e c t s e r v i c e t o t h e s y s t e m u s e r ( s ) . F a u l t s a n d t h e i r s o u r c e s a r e e x t r e m e l y d i v e r s e : a ) t h e i r p h e n o m e l o g i c a l c a u s e c a n b e p h y s i c a l o r h u m a n m a d e , b ) t h e y c a n b e a c c i d e n t a l o r d e l i b e r a t e , w i t h o r w i t h o u t m a l i c i o u s i n t e n t , c ) t h e y c a n b e c r e a t e d o r o c c u r d u r i n g t h e s y s t e m d e v e l o p m e n t o r d u r i n g i t s o p e r a t i o n a l l i f e , d ) t h e y c a n b e i n t e r n a l o r e x t e r n a l t o t h e s y s t e m , a n d e ) t h e y c a n b e p e r m a n e n t o r t r a n s i e n t . H o w e v e r , t h e m a n y r e s u l t i n g c l a s s e s o f f a u l t s c a n b e g r o u p e d i n t o t h r e e m a j o r c a t e g o r i e s ( F i g u r e 1 ) : p h y s i c a l f a u l t s ( a d v e r s e p h y s i c a l p h e n o m e n a ) , d e s i g n f a u l t s , i n t e r a c t i o n f a u l t s ( o p e r a t i o n a l m i s u s e s ) .
منابع مشابه
Redundancy and Diversity in Security
Redundancy and diversity are commonly applied principles for fault tolerance against accidental faults. Their use in security, which is attracting increasing interest, is less general and less of an accepted principle. In particular, redundancy without diversity is often argued to be useless against systematic attack, and diversity to be of dubious value. This paper discusses their roles and li...
متن کاملPathophysiological aspects of clinical management following toxic trauma
Introduction Exposure to toxic agents may occur as a result of accidental or deliberate release. Accidental release of industrial chemicals may produce small scale incidents or mass disasters such as that which occurred in Bhopal in 1984. Deliberate release occurs when toxic agents are deliberately used as weapons of war or by terrorists. The consequences for medical management systems, of both...
متن کاملAccidental scrotal burns from paraquat while handling a patient.
The main risk of paraquat poisoning is from deliberate ingestion. Serious accidental or occupational poisoning is comparatively rare. We report two patients who had accidental exposure to paraquat, resulting in scrotal burns in both and systemic poisoning in one, while attending to a patient who had ingested paraquat for deliberate self harm.
متن کاملOptimal Detection of Oil Contamination at Sea by the FPSO Algorithm
Leakage of oil from pipelines and oil tankers into seas and oceans is ecologically important and can have significant social and economic impacts on the environment. An early detection of deliberate or accidental oil spills can reduce serious hazards that may threaten coastal residents and help identify pollutants. Iran has been surrounded by seas from the north and the south and they provide u...
متن کاملFragmentation-Redundancy-Scattering : a means to tolerate accidental faults and intrusions in distributed systems
Many distributed systems have been designed to tolerate accidental faults because distribution enables isolation of elements so that error propagation can be prevented or limited. The same approach can be applied to tolerate not only accidental faults, but also intentional operational faults, i.e. intrusions. A distributed system is intrusion-tolerant if it is designed so that any intrusion int...
متن کاملProject Final Report
Grant Agreement number: 312631 Project acronym: SPICED Project title: Securing the spices and herbs commodity chains in Europe against deliberate, accidental or natural biological and chemical contamination Funding Scheme: Collaborative Project (CP) – Small or medium-scale focused research project (STREP) Period covered: from M1 (01 July 2013) to M36 (30 June 2016) Name of the project coordinat...
متن کامل