Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Software Fault Protection Allen Goldberg Kestrel Technology.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Software Fault Protection Allen Goldberg Kestrel Technology."— Presentation transcript:

1 1 Software Fault Protection Allen Goldberg Kestrel Technology

2 Workshop on Aviation Software, Oct. 2006 System Engineering System engineers build reliable systems from less reliable components. Redundancy is a primary means of achieving reliability. Systems are monitored for anomalies. Fault containment mechanisms (e.g. firewalls) limit damage

3 Workshop on Aviation Software, Oct. 2006 Assume perfection, little accommodation for failure even though perfection is rarely achievable Can we make reliable software systems from less reliable software components? What About software?

4 Workshop on Aviation Software, Oct. 2006 IVHM Fault Protection Systems System under control Fault Protection System model monitoring fault response

5 Workshop on Aviation Software, Oct. 2006 Software Fault Protection (SFP) SUT is software Software Fault Protection System Model of software monitoring fault response

6 Workshop on Aviation Software, Oct. 2006 Software Redundancy redundancy: different representations of software behavior code test case model … Redundancy is expensive How should you invest your “redundancy” dollars?

7 Workshop on Aviation Software, Oct. 2006 Effective Redundancy at Runtime software “model” “1.2” version programming 1 full-featured, efficient, complex version 0.2 backup version performs essential functions software Software Fault Protection System Model of software monitoring fault response

8 Workshop on Aviation Software, Oct. 2006 Software Model When software fails it is usually “obviously” wrong Simple models can detect errors interface behavior data reasonableness resource usage Our model extends ARINC 653 configuration file software Software Fault Protection System Model of software monitoring fault response

9 Workshop on Aviation Software, Oct. 2006 Failure responses safe modes: terminate non-essential activities component reset (supported by 653) transient errors lead to bad state component replacement (supported by 653) “1.2” version programming

10 Workshop on Aviation Software, Oct. 2006 Fault Containment Eliminate “non-logical” software dependencies error propagation (crash) resource contention ARINC 653 Fault containment is essential to fault isolation

11 Workshop on Aviation Software, Oct. 2006 Future Work relate SFP with multi-string flight computers, and system fault protection relate SFP to treatment of radiation induced SEU’s generate SFP models from software design artifacts generate SFP implementations from SFP models

Download ppt "1 Software Fault Protection Allen Goldberg Kestrel Technology."

Similar presentations

h Protection from cyber attacks is achieved by acting on several levels: first, at the physical and material, placing the server in a place as safe as.

h Protection from cyber attacks is achieved by acting on several levels: first, at the physical and material, placing the server in a place as safe as.
Remus: High Availability via Asynchronous Virtual Machine Replication

Remus: High Availability via Asynchronous Virtual Machine Replication
Principles of Engineering System Design Dr T Asokan

Principles of Engineering System Design Dr T Asokan
A CASE FOR REDUNDANT ARRAYS OF INEXPENSIVE DISKS (RAID) D. A. Patterson, G. A. Gibson, R. H. Katz University of California, Berkeley.

A CASE FOR REDUNDANT ARRAYS OF INEXPENSIVE DISKS (RAID) D. A. Patterson, G. A. Gibson, R. H. Katz University of California, Berkeley.
Byzantine Generals. Outline r Byzantine generals problem.

Byzantine Generals. Outline r Byzantine generals problem.
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage: www.mwftr.com/CNE.html.

EECE499 Computers and Nuclear Energy Electrical and Computer Eng Howard University Dr. Charles Kim Fall 2013 Webpage:
Firewall Query Engine and Firewall Comparison Engine Mohamed Gouda Alex X. Liu Computer Science Department The University of Texas at Austin.

Firewall Query Engine and Firewall Comparison Engine Mohamed Gouda Alex X. Liu Computer Science Department The University of Texas at Austin.
©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 20 Slide 1 Critical systems development.
REDUNDANT ARRAY OF INEXPENSIVE DISCS RAID. What is RAID ? RAID is an acronym for Redundant Array of Independent Drives (or Disks), also known as Redundant.

REDUNDANT ARRAY OF INEXPENSIVE DISCS RAID. What is RAID ? RAID is an acronym for Redundant Array of Independent Drives (or Disks), also known as Redundant.
1 Basic Definitions: Testing What is software testing? Running a program In order to find faults a.k.a. defects a.k.a. errors a.k.a. flaws a.k.a. faults.

1 Basic Definitions: Testing What is software testing? Running a program In order to find faults a.k.a. defects a.k.a. errors a.k.a. flaws a.k.a. faults.
1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.

1 Software Testing and Quality Assurance Lecture 38 – Software Quality Assurance.
DS -V - FDT - 1 HUMBOLDT-UNIVERSITÄT ZU BERLIN INSTITUT FÜR INFORMATIK Zuverlässige Systeme für Web und E-Business (Dependable Systems for Web and E-Business)

DS -V - FDT - 1 HUMBOLDT-UNIVERSITÄT ZU BERLIN INSTITUT FÜR INFORMATIK Zuverlässige Systeme für Web und E-Business (Dependable Systems for Web and E-Business)
1 Software Testing and Quality Assurance Lecture 34 – Software Quality Assurance.

1 Software Testing and Quality Assurance Lecture 34 – Software Quality Assurance.
SIGDIG – Signal Discrimination for Condition Monitoring A system for condition analysis and monitoring of industrial signals Collaborative research effort.

SIGDIG – Signal Discrimination for Condition Monitoring A system for condition analysis and monitoring of industrial signals Collaborative research effort.
Soft. Eng. II, Spr. 2002Dr Driss Kettani, from I. Sommerville1 CSC-3325: Chapter 9 Title : Reliability Reading: I. Sommerville, Chap. 16, 17 and 18.

Soft. Eng. II, Spr. 2002Dr Driss Kettani, from I. Sommerville1 CSC-3325: Chapter 9 Title : Reliability Reading: I. Sommerville, Chap. 16, 17 and 18.
Developing Dependable Systems CIS 376 Bruce R. Maxim UM-Dearborn.

Developing Dependable Systems CIS 376 Bruce R. Maxim UM-Dearborn.
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
Software faults & reliability Presented by: Presented by: Pooja Jain Pooja Jain.

Software faults & reliability Presented by: Presented by: Pooja Jain Pooja Jain.
Software Reliability Categorising and specifying the reliability of software systems.

Software Reliability Categorising and specifying the reliability of software systems.

Similar presentations

Ads by Google