This Article 
 Bibliographic References 
 Add to: 
Stress-Based and Path-Based Fault Injection
November 1999 (vol. 48 no. 11)
pp. 1183-1201

Abstract—The objective of fault injection is to mimic the existence of faults and to force the exercise of the fault tolerance mechanisms of the target system. To maximize the efficacy of each injection, the locations, timing, and conditions for faults being injected must be carefully chosen. Faults should be injected with a high probability of being accessed. This paper presents two fault injection methodologies—stress-based injection and path-based injection; both are based on resource activity analysis to ensure that injections cause fault tolerance activity and, thus, the resulting exercise of fault tolerance mechanisms. The difference between these two methods is that stress-based injection validates the system dependability by monitoring the run-time workload activity at the system level to select faults that coincide with the locations and times of greatest workload activity, while path-based injection validates the system from the application perspective by using an analysis of the program flow and resource usage at the application program level to select faults during the program execution. These two injection methodologies focus separately on the system and process viewpoints to facilitate the testing of system dependability. Details of these two injection methodologies are discussed in this paper, along with their implementations, experimental results, and advantages and disadvantages.

[1] R. Chillarege and N.S. Bowen, “Understanding Large System Failures—A Fault Injection Experiment,” Proc. IEEE Int'l Symp. Fault-Tolerant Computing, pp. 356–363, June 1989.
[2] J. Arlat et al., "Fault Injection for Dependability Validation: A Methodology and Some Applications," IEEE Trans. Software Eng., Feb. 1990, pp. 166-182.
[3] D. Tang and R.K. Iyer, "Experimental Analysis of Computer System Dependability," in Fault-Tolerant Computer System Design, D.K. Pradhan, ed., Prentice-Hall Prof. Tech. Ref., Upper Saddle River, N.J., pp. 282-392.
[4] D.R. Avresky, J. Arlat, J.-C. Laprie, and Y. Crouzet, “Fault Inection for the Formal Testing of Fault Tolerance,” Proc. 22nd Int'l Symp. Fault-Tolerant Computing (FTCS-22), pp. 345-354, Boston, June 1992.
[5] J. Arlat, A. Costes, Y. Crouzet, J.-C. Laprie, and D. Powell, Fault Injection and Dependability Evaluation of Fault-Tolerant Systems IEEE Trans. Computers, vol. 42, no. 8, pp. 913-923, Aug. 1993.
[6] G.S. Choi, R.K. Iyer, and V. Carreno, “FOCUS: An Experimental Environment for Fault Sensitivity Analysis,” IEEE Trans. Computers, vol. 41, no. 12, pp. 1,515-1,526, Dec. 1992.
[7] E. Jenn et al., “Fault Injection into VHDL Models: The MEFISTO tool,” Proc. 24th Fault-Tolerant Computer Systems Symp., pp. 66-75, 1994.
[8] U. Gunneflo, J. Karlsson, and J. Torin, "Evaluation of Error Detection Schemes Using Fault Injection by Heavy-Ion Radiation," Proc. Int'l Symp. Fault-Tolerant Computing, pp. 340-347, 1989.
[9] J.H. Barton, E.W. Czeck, Z.Z. Segall, and D.P. Siewiorek, Fault Injection Experiments Using FIAT IEEE Trans. Computers, vol. 39, no. 4, pp. 575-582, Apr. 1990.
[10] G. Kanawati, N. Kanawati, and J. Abraham, “FERRARI: A Tool for the Validation of System Dependability Properties,” Proc. IEEE Int'l Symp. Fault-Tolerant Computing, pp. 336–344, 1992.
[11] W.-L. Kao and R. Iyer, “DEFINE: A Distributed Fault Injection and Monitoring Environment,” Fault-Tolerant Parallel and Distributed Systems, D.K. Pradhan and D.R. Avresky, eds., pp. 252-259, Los Alamitos, Calif.: IEEE CS Press, 1995.
[12] S. Han, K.G. Shin, and H. Rosenberg, “DOCTOR: An IntegrateD SOftware Fault InjeCTiOn EnviRonment for Distributed Real-Time Systems,” Proc. IEEE Int'l Computer Performance and Dependability Symp., pp. 204–213, 1995.
[13] J. Carreira, H. Madeira, and J.G. Silva, “Xception: Software Fault Injection and Monitoring in Processor Functional Units,” Proc. Fifth Int'l Working conf. Dependable Computing for Critical Applications (DCCA-5), pp. 135-149, Urbana, Ill., Sept. 1995.
[14] K. Echtle and T. Chen, “Evaluation of Deterministic Fault Injection for Fault-Tolerant Protocol Testing,” Proc. 21st Int'l Symp. Fault-Tolerant Computing (FTCS-21), pp. 418-425, Montreal, June 1991.
[15] J. Christmansson and P. Santhaman, “Error Injection Aimed at Fault Removal in Fault Tolerance Mechanisms,” Proc. Seventh Int'l Symp. Software Reliability Eng. (ISSRE '96), pp. 175-184, White Plains, N.Y., Oct. 1996.
[16] W.-L. Kao, “Experimental Study of Software Dependability,” Technical Report CRHC-94-16, Center for Reliable and High-Performance Computing, Univ. of Illinois at Urbana-Champaign, PhD thesis, 1994.
[17] X. Castillo and D.P. Siewiorek, “Workload, Performance, and Reliability of Digital Computer Systems,” Proc. 11th Int'l Symp. Fault-Tolerant Computing (FTCS-11), pp. 84-89, Portland, Maine, June 1981.
[18] J. Güthoff and V. Sieh, Combining Software-Implemented and Simulation-Based Fault Injection into a Single Fault Injection Method Proc. 25th Int'l Symp. Fault-Tolerant Computing (FTCS-25), pp. 196-206, 1995.
[19] J.-C. Laprie, “Dependable Computing and Fault Tolerance: Concepts and Terminology,” Proc. 15th Int'l Symp Fault-Tolerant Computing (FTCS-15), pp. 2-11, June 1985.
[20] R. Iyer, D. Rossetti, and M. Hsueh, “Measurement and Modeling of Computing Reliability as Affected by System Activity,” ACM Trans. Computer Systems, vol. 4, pp. 214-237, Aug. 1986.
[21] D. Jewett, “Integrity S2: A Fault-Tolerant Unix Platform,” Proc. 21st Int'l Symp. Fault-Tolerant Computing (FTCS-21), pp. 512-519, Montreal, June 1991.
[22] L. Young and R. Iyer, “Error Latency Measurements in Symbolic Architectures,” Proc. AIAA Computing in Aerospace 8, pp. 786-794, Baltimore, Oct. 1992.
[23] A. Bertiolino and M. Marr'e, “Automatic Generation of Path Covers Based on the Control Flow Analysis of Computer Programs,” IEEE Trans. Software Eng., vol. 20, no. 12, pp. 885-899, Dec. 1992.
[24] D. Hedley and M.A. Hennel, “the Cause and Effects Infeasible Paths in Computer Programs,” Proc. Eighth Int'l Conf. Software Eng., pp. 259-266, London, Aug. 1985.
[25] E. Weyuker, “Translatability and Decidability Questions for Restricted Classes of Program Schemas,” SIAM J. Computing, vol. 8, no. 4, pp. 587-598, 1979.

Index Terms:
Fault injection, stress-based, path-based, workload, program flow, fault tolerance, dependability.
Timothy K. Tsai, Mei-Chen Hsueh, Hong Zhao, Zbigniew Kalbarczyk, Ravishankar K. Iyer, "Stress-Based and Path-Based Fault Injection," IEEE Transactions on Computers, vol. 48, no. 11, pp. 1183-1201, Nov. 1999, doi:10.1109/12.811108
Usage of this product signifies your acceptance of the Terms of Use.