Issue No. 01 - January (1991 vol. 2)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/71.80192
<p>A description is given of the relaxation lattice method, a new approach to specifyinggraceful degradation for a large class of programs. A relaxation lattice is a lattice ofspecifications parameterized by a set of constraints, where the stronger the set ofconstraints, the more restrictive the specification. While a program is able to satisfy itsstrongest set of constraints, it satisfies its preferred specification, but if changes to theenvironment force it to satisfy a weaker set, then it will permit additional weaklyconsistent computations which are undesired but tolerated. The use of relaxation latticesis illustrated by specifications for programs that tolerate (1) faults, such as site crashesand network partitions, (2) timing anomalies, such as attempting to read a value too soonafter it was written, (3) synchronization conflicts, such as choosing the oldest unlockeditem from a queue, and (4) security breaches, such as acquiring unauthorized capabilities.</p>
Index Termsgraceful degradation specification; relaxation lattice method; large class of programs; site crashes; network partitions; timing anomalies; synchronization conflicts; security breaches; fault tolerant computing; formal specification
J. Wing and M. Herlihy, "Specifying Graceful Degradation," in IEEE Transactions on Parallel & Distributed Systems, vol. 2, no. , pp. 93-104, 1991.