This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
The Effectiveness of Software Diversity in a Large Population of Programs
November/December 2008 (vol. 34 no. 6)
pp. 753-764
Meine J.P. van der Meulen, Det Norske Veritas, Høvik
Miguel A. Revilla, University of Valladolid, Valladolid
In this paper, we first present an exploratory analysis of the aspects of multiple-version software diversity using 36,123, programs written to the same specification. We do so within the framework of the theories of Eckhardt & Lee and Littlewood & Miller. We analyse programming faults made, explore failure regions and difficulty functions, show how effective 1-out-of-2 diversity is and how language diversity increases this effectiveness. The second part of the paper generalizes the findings about 1-out-of-2 diveristity, and its special case language diversity by performing statistical analyses of 89,402 programs written to 60 specifications. Most observations in the exploratory analysis are confirmed; however, although the benefit of language diversity can be observed, its effectiveness appears to be low.

[1] J. Kelly and A. Avizienis, “A Specification-Oriented Multi-Version Software Experiment,” Proc. 13th Int'l Symp. Fault-Tolerant Computing, June 1983.
[2] L. Gmeiner and U. Voges, “Software Diversity in Reactor Protection Systems: An Experiment,” Safety of Computer Control Systems, R. Lauber, ed., Pergamon, 1980.
[3] J. Knight and N. Leveson, “An Empirical Study of Failure Probabilities in Multi-Version Software,” Proc. 16th Int'l Symp. Fault-Tolerant Computing, pp. 165-170, 1986.
[4] P. Bishop, D. Esp, M. Barnes, P. Humphreys, G. Dahll, and J. Lahti, “PODS Project on Diverse Software,” IEEE Trans. Software Eng., vol. 12, no. 9, pp. 929-940, Sept. 1986.
[5] A. Avizienis, M. Lyu, and W. Schütz, “In Search of Effective Diversity: A Six Language Study of Fault Tolerant Flight Control Software,” Proc. 18th Int'l Symp. Fault-Tolerant Computing, pp. 15-22, June 1988.
[6] D. Eckhardt, A. Caglayan, J. Knight, L. Lee, D. McAllister, M. Vouk, and J. Kelly, “An Experimental Evaluation of Software Redundancy as a Strategy for Improving Reliability,” IEEE Trans. Software Eng., vol. 17, no. 7, pp. 692-702, July 1991.
[7] M. Lyu and Y. He, “Improving the N-Version Programming Process through the Evolution of a Design Paradigm,” IEEE Trans. Reliability, vol. 42, no. 2, pp. 179-189, June 1993.
[8] S. Skiena and M. Revilla, Programming Challenges. Springer Verlag, Mar. 2003.
[9] D. Eckhardt and L. Lee, “A Theoretical Basis for the Analysis of Multi-Version Software Subject to Coincident Errors,” IEEE Trans. Software Eng., vol. 11, no. 12, pp. 1511-1517, Dec. 1985.
[10] B. Littlewood and D. Miller, “Conceptual Modelling of Coincident Failures in Multiversion Software,” IEEE Trans. Software Eng., vol. 15, no. 12, pp. 1596-1614, Dec. 1989.
[11] M. van der Meulen, P. Bishop, and M. Revilla, “An Exploration of Software Faults and Failure Behaviour in a Large Population of Programs,” Proc. 15th IEEE Int'l Symp. Software Reliability Eng., pp.101-112, Nov. 2004.
[12] M. van der Meulen and M. Revilla, “Experiences with the Design of a Run-Time Check,” Proc. 24th Int'l Conf. Computer Safety, Reliability and Security, J. Gorski, ed., pp.302-315, 2006.

Index Terms:
Programming Techniques, Protection mechanisms, Design concepts, Quality analysis and evaluation, Software and System Safety, Reliability, Reliability, Performance measures
Citation:
Meine J.P. van der Meulen, Miguel A. Revilla, "The Effectiveness of Software Diversity in a Large Population of Programs," IEEE Transactions on Software Engineering, vol. 34, no. 6, pp. 753-764, Nov.-Dec. 2008, doi:10.1109/TSE.2008.70
Usage of this product signifies your acceptance of the Terms of Use.