Subscribe
Issue No.11 - Nov. (2013 vol.39)
pp: 1521-1530
Bev Littlewood , City University London, London
Andrey Povyakalo , City University London, London
ABSTRACT
In earlier work, (henceforth LR), an analysis was presented of a 1-out-of-2 software-based system in which one channel was "possibly perfect". It was shown that, at the aleatory level, the system pfd (probability of failure on demand) could be bounded above by the product of the pfd of channel $(A)$ and the pnp (probability of nonperfection) of channel $(B)$. This result was presented as a way of avoiding the well-known difficulty that for two certainly-fallible channels, failures of the two will be dependent, i.e., the system pfd cannot be expressed simply as a product of the channel pfds. A price paid in this new approach for avoiding the issue of failure dependence is that the result is conservative. Furthermore, a complete analysis requires that account be taken of epistemic uncertainty--here concerning the numeric values of the two parameters $(pfd_{A})$ and $(pnp_{B})$. Unfortunately this introduces a different difficult problem of dependence: estimating the dependence between an assessor's beliefs about the parameters. The work reported here avoids this problem by obtaining results that require only an assessor's marginal beliefs about the individual channels, i.e., they do not require knowledge of the dependence between these beliefs. The price paid is further conservatism in the results.
INDEX TERMS
Phase frequency detector, Uncertainty, Cognition, Software reliability, Software, Safety,multiversion software, Software reliability, fault tolerance, software perfection, probability of failure, epistemic uncertainty, software diversity
CITATION
Bev Littlewood, Andrey Povyakalo, "Conservative Reasoning about the Probability of Failure on Demand of a 1-out-of-2 Software-Based System in Which One Channel Is "Possibly Perfect"", IEEE Transactions on Software Engineering, vol.39, no. 11, pp. 1521-1530, Nov. 2013, doi:10.1109/TSE.2013.35
REFERENCES
 [1] A. Bertolino and L. Strigini, "Assessing the Risk Due to Software Faults: Estimates of Failure Rate Versus Evidence of Perfection," J. Software Testing, Verification, and Reliability, vol. 8, no. 3, pp. 155-166, 1998. [2] P. Bishop et al., "Toward a Formalism for Conservative Claims about the Dependability of Software-Based Systems," IEEE Trans. Software Eng., vol. 37, no. 5, pp. 708-717, Sept./Oct. 2011. [3] Boeing, "Statistical Summary of Commercial Airplane Accidents, Worldwide Operations, 1959-2011," Seattle, Aviation Safety, Boeing Commercial Airplanes, 2012. [4] R.W. Butler and G.B. Finelli, "The Infeasibility of Quantifying The Reliability of Life-Critical Real-Time Software," IEEE Trans. Software Eng., vol. 19, no. 1, pp. 3-12, Jan. 1993. [5] D.E. Eckhardt et al., "An Experimental Evaluation of Software Redundancy as a Strategy for Improving Reliability," IEEE Trans. Software Eng, vol. 17, no. 7, pp. 692-702, July 1991. [6] D.E. Eckhardt and L.D. Lee, "A Theoretical Basis of Multiversion Software Subject to Coincident Errors," IEEE Trans. Software Eng., vol. 11, pp. 1511-1517, Dec. 1985. [7] J.C. Knight and N.G. Leveson, "Experimental Evaluation of the Assumption of Independence in Multiversion Software," IEEE Trans Software Eng., vol. 12, no. 1, pp. 96-109, Jan. 1986. [8] W. Kruskal, "Miracles and Statistics: The Casual Assumption of Independence," J. Am. Statistical Assoc., vol. 83, no. 404, pp. 929-940, 1988. [9] B. Littlewood and D.R. Miller, "Conceptual Modelling of Coincident Failures in Multi-Version Software," IEEE Trans. Software Eng., vol. 15, no. 12, pp. 1596-1614, Dec. 1989. [10] B. Littlewood et al., "Modeling Software Design Diversity—A Review," ACM Computing Surveys, vol. 33, no. 2, pp. 177-208, 2002. [11] B. Littlewood and J. Rushby, "Reasoning about the Reliability of Diverse Two-Channel Systems in Which One Channel Is 'Possibly Perfect'," IEEE Trans. Software Eng., vol. 38, no. 5, pp. 1178-1194, Sept./Oct. 2012. [12] B. Littlewood and L. Strigini, "Validation of Ultra-High Dependability for Software-Based Systems," Comm. ACM, vol. 36, no. 11, pp. 69-80, 1993. [13] B. Littlewood and D. Wright, "The Use of Multi-Legged Arguments to Increase Confidence in Safety Claims for Software-Based Systems: A Study Based on a BBN of an Idealized Example," IEEE Trans. Software Eng., vol. 33, no. 5, pp. 347-365, May 2007. [14] J.C. Rouquet and P.J. Traverse, "Safe and Reliable Computing on Board the Airbus and ATR Aircraft," Proc. Fifth IFAC Workshop Safety of Computer Control Systems, 1986. [15] R.T. Wood et al., "Diversity Strategies for Nuclear Power Plant Instrumentation and Control Systems," Washington, DC, US Nuclear Regulatory Commission, 2010.