The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software

R.W. Butler; G.B. Finelli

doi:10.1109/32.210303

Publication
1993
Issue No. 1 - January
Abstract - The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by R.W. Butler Articles by G.B. Finelli

The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software

January 1993 (vol. 19 no. 1)

pp. 3-12

	ASCII Text	x
	R.W. Butler, G.B. Finelli, "The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software," IEEE Transactions on Software Engineering, vol. 19, no. 1, pp. 3-12, January, 1993.

	BibTex	x
	@article{ 10.1109/32.210303, author = {R.W. Butler and G.B. Finelli}, title = {The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software}, journal ={IEEE Transactions on Software Engineering}, volume = {19}, number = {1}, issn = {0098-5589}, year = {1993}, pages = {3-12}, doi = {http://doi.ieeecomputersociety.org/10.1109/32.210303}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Software Engineering TI - The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software IS - 1 SN - 0098-5589 SP3 EP12 EPD - 3-12 A1 - R.W. Butler, A1 - G.B. Finelli, PY - 1993 KW - reliability; life-critical real-time software; statistical methods; fault-tolerant software; growth models; software fault tolerance; multiversion software experiments; fault tolerant computing; real-time systems; safety; software reliability VL - 19 JA - IEEE Transactions on Software Engineering ER -

R.W. Butler

G.B. Finelli

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/32.210303

This work affirms that the quantification of life-critical software reliability is infeasible using statistical methods, whether these methods are applied to standard software or fault-tolerant software. The classical methods of estimating reliability are shown to lead to exorbitant amounts of testing when applied to life-critical software. Reliability growth models are examined and also shown to be incapable of overcoming the need for excessive amounts of testing. The key assumption of software fault tolerance-separately programmed versions fail independently-is shown to be problematic. This assumption cannot be justified by experimentation in the ultrareliability region, and subjective arguments in its favor are not sufficiently strong to justify it as an axiom. Also, the implications of the recent multiversion software experiments support this affirmation.

[1] Leveson, N.G., "Software Safety: What, Why, and How,"ACM Computing Surveys, Vol. 18, No. 2, June 1986, pp. 125-163.
[2] I. Peterson, "A digital matter of life and death,"Science News, Mar. 1988.
[3] E. Joyce, "Software bugs: A matter of life and liability,"Datamation, May 1987.
[4] N. R. Mann, R. E. Schafer, and N. D. Singpurwalla,Methods for Statistical Analysis of Reliability and Life Data. New York: Wiley, 1974.
[5] A. A. Abdel-Ghaly, P. Y. Chan, and B. Littlewood, "Evaluation of competing software reliability predictions,"IEEE Trans. Software Eng., vol. SE-12, no. 9, Sept. 1986.
[6] B. Littlewood and P. A. Keiller, "Adaptive software reliability modeling," inProc. 14th Int. Symp. Fault-Tolerant Computing, 1984, pp. 108-113.
[7] B. Littlewood, "Stochastic reliability-growth: A model for fault-removal in computer programs and hardware designs,"IEEE Trans. Reliability, pp. 313-320, 1981.
[8] P. A. Keiller and D. R. Miller, "On the use and the performance of software reliability growth models,"Reliability Engineering and System Safety, pp. 95-117, 1991.
[9] B. Littlewood, "Predicting software reliability,"Phil. Trans. Roy. Soc. London, pp. 513-526, 1989.
[10] P. M. Nagel and J. A. Skrivan, "Software reliability: Repetitive run experimentation and modeling," NASA Contractor Rep. 165836, Feb. 1982.
[11] A. Avizienis, "The n-version approach to fault-tolerant software,"IEEE Trans. Software Eng., pp. 1491-1501, Dec. 1985.
[12] R. K. Scott, J. W. Gault and D. F. McAllisier, "Fault tolerant software reliability modeling,"IEEE Trans. Software Eng., vol. SE-13, pp. 582-592, May 1987.
[13] D. Miller, "Making statistical inferences about software reliability," NASA Contractor Rep. 4197, Nov. 1988.
[14] J. Knight and N. Leveson, "An experimental evaluation of the assumption of independence in multiversion programming,"IEEE Trans. Software Eng., vol. SE-12, no. 1, pp. 96-109, Jan. 1986.
[15] T. J. Shimeall and N. G. Leveson, "An empirical comparison of software fault-tolerance and fault elimination,"IEEE Trans. Software Eng., pp. 173-183, Feb. 1991.
[16] J. C. Knight and N. G. Leveson, "A reply to the criticisms of the Knight&Leveson experiment,"ACM SIGSOFT Software Eng. Notes, Jan. 1990.

Index Terms:

reliability; life-critical real-time software; statistical methods; fault-tolerant software; growth models; software fault tolerance; multiversion software experiments; fault tolerant computing; real-time systems; safety; software reliability

Citation:

R.W. Butler, G.B. Finelli, "The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software," IEEE Transactions on Software Engineering, vol. 19, no. 1, pp. 3-12, Jan. 1993, doi:10.1109/32.210303

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.