The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.04 - July-Aug. (2013 vol.11)
pp: 38-45
Domenico Cotroneo , Università degli Studi di Napoli Federico II
Roberto Natella , Università degli Studi di Napoli Federico II
ABSTRACT
As software becomes more pervasive and complex, it's increasingly important to ensure that a system will be safe even in the presence of residual software faults (or bugs). Software fault injection consists of the deliberate introduction of software faults for assessing the impact of faulty software on a system and improving its fault tolerance. SFI has been included as a recommended practice in recent safety standards and has therefore gained interest among practitioners, but it's still unclear how it can be effectively used for certification purposes. In this article, the authors discuss the adoption of SFI in the context of safety certification, present a tool for the injection of realistic software faults, and show the usage of that tool in evaluating and improving the robustness of an operating system used in the avionic domain.
INDEX TERMS
Safety, Fault tolerance, Software safety, Certification, Software reliability, Security, SAFE tool, safety-critical systems, software fault tolerance, fault injection, software dependability assessment, software faults, safety certification, SW-FMEA, software RAMS
CITATION
Domenico Cotroneo, Roberto Natella, "Fault Injection for Software Certification", IEEE Security & Privacy, vol.11, no. 4, pp. 38-45, July-Aug. 2013, doi:10.1109/MSP.2013.54
REFERENCES
1. N. Leveson, “Role of Software in Spacecraft Accidents,” J. Spacecraft and Rockets, vol. 41, no. 4, 2004, pp. 564-575.
2. J. Arlat et al., “Fault Injection for Dependability Validation: A Methodology and Some Applications,” IEEE Trans. Software Eng., vol. 16, no. 2, 1990, pp. 166-182.
3. J.M. Voas and G. McGraw, Software Fault Injection: Inoculating Programs against Errors, John Wiley & Sons, 1998.
4. J. Christmansson and R. Chillarege, “Generation of an Error Set that Emulates Software Faults based on Field Data,” Proc. IEEE Int'l Symp. Fault-Tolerant Computing, IEEE, 1996, pp. 304-313.
5. J.-C. Laprie et al., “Definition and Analysis of Hardware-and Software-Fault-Tolerant Architectures,” Computer, vol. 23, no. 7, 1990, pp. 39-51.
6. J.-C. Avizienis et al., “Basic Concepts and Taxonomy of Dependable and Secure Computing,” IEEE Trans. Dependable and Secure Computing, vol. 1, no. 1, 2004, pp. 11-33.
7. M. Hiller, A. Jhumka, and N. Suri, “EPIC: Profiling the Propagation and Effect of Data Errors in Software,” IEEE Trans. Computers, vol. 53, no. 5, 2004, pp. 512-530.
8. P. Goddard, “Software FMEA Techniques,” Proc. Annual Reliability and Maintainability Symp., IEEE, 2000, pp. 118-123.
9. M. Hsueh, T. Tsai, and R. Iyer, “Fault Injection Techniques and Tools,” Computer, vol. 30, no. 4, 1997, pp. 75-82.
10. P. Koopman and J. DeVale, “The Exception Handling Effectiveness of POSIX Operating Systems,” IEEE Trans. Software Eng., vol. 26, no. 9, 2000, pp. 837-848.
11. J. Albinet, J. Arlat, and J.-C. Fabre, “Characterization of the Impact of Faulty Drivers on the Robustness of the Linux Kernel,” Proc. IEEE/IFIP Int'l Conf. Dependable Systems and Networks, IEEE, 2004, pp. 867-876.
12. M. Daran and P. Thevenod-Fosse, “Software Error Analysis: A Real Case Study Involving Real Faults and Mutations,” ACM Soft. Eng. Notes, vol. 21, no. 3, 1996, pp. 158-171.
13. J. Duraes and H. Madeira, “Emulation of Software Faults: A Field Data Study and a Practical Approach,” IEEE Trans. Software Eng., vol. 32, no. 11, 2006, pp. 849-867.
14. R. Natella et al., “On Fault Representativeness of Software Fault Injection,” IEEE Trans. Software Eng., vol. 39, no. 1, 2013, pp. 80-96.
15. D. Cotroneo et al., “Experimental Analysis of Binary-Level Software Fault Injection in Complex Software,” Proc. IEEE European Dependable Computing Conf., IEEE, 2012, pp. 162-172.
35 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool