The dependability approach to critical computing systems

  • Jean-Claude Laprie
VIII — Validation
Part of the Lecture Notes in Computer Science book series (LNCS, volume 289)


Critical computing systems are considered from the dependability viewpoint. A framework for the design and validation of critical computing systems is derived from the interpretation of the quantified objectives assigned to safety-related computing systems in terms of dependability measures (especially failure rate). This framework associates design diversity together with formal verification and reliability calculations for both hardware and software.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Arl 84.
    J. Arlat, J.P. Blanquart, J.C. Laprie, "On the certification of computing systems: the EVE project — application to a computerized interlocking", in Proc. 4th Int. Conf. on Reliability and Maintainability, Perros-Guirec, France, May 1984, pp. 650–656; in French.Google Scholar
  2. Arl 85.
    J. Arlat, J.C. Laprie, "On the dependability evaluation of high safety systems", in Proc. 15th IEEE Int. Symp. on Fault Tolerant Computing (FTCS-15), Ann Arbor, Michigan, June 1985, pp. 318–323.Google Scholar
  3. Avi 84.
    A. Avizienis, J.P.J. Kelly, "Fault tolerance by design diversity: concepts and experiments", Computer, vol. 17, no. 8, Aug. 1984, pp. 67–80.Google Scholar
  4. Avi 86.
    A. Avizienis, J.C. Laprie, "Dependable computing: from concepts to design diversity", Proceedings of the IEEE, vol. 74, no. 5, May 1986, pp. 629–638.Google Scholar
  5. Bar 84.
    H.G. Barrow, "Verify: a program for proving correctness of digital hardware designs", Artificial Intelligence", vol. 24, Dec. 1984, pp. 437–491.Google Scholar
  6. Bis 85.
    P. Bishop, D. Esp, M. Barnes, P. Humphreys, G. Dahll, J. Lahti, S. Yoshimura, "Project on diverse software — an experiment in software reliability", in Proc. 4th IFAC Workshop on Safety of Computer Control Systems (SAFECOMP'85), Como, Italy, Oct. 1985, pp. 153–158.Google Scholar
  7. Blo 86.
    R.E. Bloomfield, P.K.D. Froome, "The application of formal methods to the assessment of high integrity software", IEEE Trans. on Software Engineering, vol. SE-12, no. 9, Sept. 1986, pp. 988–993.Google Scholar
  8. Car 68.
    W.C. Carter, P.R. Schneider, "Design of dynamically checked computers", in Proc. IFIP'68 Cong., Amsterdam, 1968, pp. 878–883.Google Scholar
  9. Che 78.
    L. Chen, A. Avizienis, "N-version programming: a fault-tolerance approach to reliability of software operation", in Proc. 8th IEEE Int. Symp. on Fault Tolerant Computing (FTCS-8), Toulouse, France, June 1978, pp. 3–9.Google Scholar
  10. Che 80.
    R.C. Cheung, "A user-oriented software reliability model", IEEE Trans. on Software Engineering, vol. SE-6, March 1980, pp. 118–125.Google Scholar
  11. Cos 78.
    A. Costes, C. Landrault, J.C. Laprie, "Reliability and availability models for maintained systems featuring hardware failures and design faults", IEEE Trans. on Computers, vol. C-27, June 1978, pp. 548–560.Google Scholar
  12. Cur 86.
    P.A. Currit, M. Dyer, H.D. MIlls, "Certifying the reliability of software", IEEE Trans.on Software Engineering, vol.SE-12, no. 1, Jan. 1986, pp. 3–11.Google Scholar
  13. Eck 85.
    D.E. Eckhardt, L.E. Lee, "A theoretical basis for the analysis of multiversion software subject to coincident errors", IEEE Trans. on Software Engineering, vol. SE-11, no. 12, Dec. 1985, pp. 1511–1517.Google Scholar
  14. Elm 72.
    W.R. Elmendorf, "Fault-tolerant programming", in Proc. 2nd IEEE Int. Symp. on Fault Tolerant Computing (FTCS-2), Newton, Massachusetts, June 1972, pp. 79–83.Google Scholar
  15. Gar 81.
    J.R. Garman, "The ‘bug’ heard around the world", ACM Sigsoft Software Engineering notes, vol. 6, no. 5, Oct. 1981, pp. 3–10.Google Scholar
  16. Gol 82.
    J. Goldberg, "A time for integration", in Proc. 12h IEEE Int. Symp. on Fault Tolerant Computing (FTCS-12), Santa Monica, CA, June 1982, p. 42.Google Scholar
  17. Grn 80.
    A. Grnarov, J. Arlat, A. Avizienis, "On the performance of software fault tolerance strategies", in Proc. 10h IEEE Int. Symp. on Fault Tolerant Computing (FTCS-10), Kyoto, Oct. 1980, pp. 251–253.Google Scholar
  18. Hag 86.
    G. Hagelin, "ERICSSON safety systems for railway control", Summer'86 Meeting of the IFIP WG 10.4, Baden, Austria, June 1986; to appear in Application of Design Diversity in Computerised Control Systems, U. Voges, ed., Springer-Verlag, 1986.Google Scholar
  19. Jam 82.
    L.E. James, J.E. Angus, J.B. Bowen, J. McDaniel, "Combined hardware/software reliability models", Report RADC no. TR-82-68, April 1982.Google Scholar
  20. Lam 82.
    L. Lamport, R. Shostak, M. Pease, "The Byzantine generals problem", ACM Trans. on Programming Languages and Systems, vol. 4, no. 3, July 1982, pp. 382–401.Google Scholar
  21. Lap 84a.
    J.C. Laprie, "Dependability modeling and evaluation of hardware-and-software systems”, in Proc. 2nd GI/NTG/GMR Conf. on Fault Tolerant Computing, Bonn, Germany, Sept. 1984, pp. 202–215.Google Scholar
  22. Lap 84b.
    J.C. Laprie, "Dependability evaluation of software systems in operation", IEEE Trans. on Software Engineering, vol. SE-10, no. 6, Nov. 1984, pp. 701–714.Google Scholar
  23. Lap 85.
    J.C. Laprie, "Dependable computing and fault tolerance: concepts and terminology", in Proc. 15th IEEE Int. Symp. on Fault Tolerant Computing (FTCS-15), Ann Arbor, Michigan, June 1985, pp. 2–11.Google Scholar
  24. Lev 83a.
    N.G. Leveson, "Verification of safety", in Proc. 3rd IFAC Int. Workshop on Safety of Computer Control Systems (SAFECOMP'83), Cambridge, UK, Sept. 1983, pp. 167–174.Google Scholar
  25. Lev 83b.
    N.G. Leveson, P.R. Harvey, "Analyzing software safety", IEEE Trans. on Software Engineering, vol. SE-9, Sept. 1983, pp. 569–579.Google Scholar
  26. Lit 79.
    B. Littlewood, "Software reliability model for modular program structure", IEEE Trans. on Reliability, vol. R-30, Oct. 1981, pp. 313–320.Google Scholar
  27. Mar 82.
    D.J. Martin, "Dissimilar software in high integrity applications in flight controls", in Proceedings AGARD CP-330, Sept. 1982, pp. 36.1–36.13.Google Scholar
  28. Mel 82.
    P.M. Melliar-Smith, R.L. Schwartz, "Formal specification and mechanical verification of SIFT: a fault-tolerant flight control system", IEEE Trans. on Computers, vol. C-31, July 1982, pp. 616–630.Google Scholar
  29. Mey 79.
    J.F. Meyer, "Performability evaluation of the SIFT computer", in Proc. 9th IEEE Int. Symp. on Fault Tolerant Computing (FTCS-9), Madison, Wisconsin, June 1979, pp. 43–50.Google Scholar
  30. Min 67.
    H. Mine, Y. Koga, "Basic properties and a construction method for fail-safe logical systems", IEEE Trans. on Electron. Computers, vol. EC-16, no. 6, June 1967, pp. 282–289.Google Scholar
  31. Ohb 84.
    M. Ohba, "Software reliability analysis", IBM Journal of Research and Development, vol. 28, no. 4, July 1984, pp. 428–443.Google Scholar
  32. Ram 81.
    C.V. Ramamoorthy et al., "Application of a methodology for the development and validation of reliable process control software", IEEE Trans. on Software Engineering, vol. SE-7, Nov. 1981, pp. 537–555.Google Scholar
  33. Ram 84.
    C.V. Ramamoorthy, A. Prakash, W.T. Tsai, Y. Usuda, "Software engineering: problems and perspective", Computer, vol. 17, no. 10, Oct. 1984, pp. 191–209.Google Scholar
  34. Ran 75.
    B. Randell, "System structure for software fault tolerance", IEEE Trans. on Software Engineering, vol. SE-1, no. 2, June 1975, pp. 220–232.Google Scholar
  35. Rei 79.
    D.J. Reifer, "Software failure modes and effects analysis", IEEE Trans. on Reliability, vol. R-28, no. 3, Aug. 1979, pp. 247–249.Google Scholar
  36. Rem 82.
    L. Remus, "Methodology for software development of a digital integrated protection system", presented at the EWICS-TC7 Meeting, Brussels, Jan. 1982, 19 p.Google Scholar
  37. Ren 80.
    S. Rengt, "Fail-safe or safe-life systems, which are the safest?", Lecture notes, National School for Civil Aviation, Toulouse, France, 1980.Google Scholar
  38. Roh 72.
    W.B. Rohn, T.F. Arnold, "Design for low expected downtime control systems", in Proc. 4th Int. Conf. on Computer Communications, Philadelphia, PA, June 1972, pp. 16–25.Google Scholar
  39. Rou 86.
    J.C. Rouquet, P. Traverse, "Safe and reliable computing on board of Airbus and ATR aircraft", in Proc. 5th Int. Workshop on Safety of Computer Control Systems (SAFECOMP'86), Sarlat, France, pp. 93–97.Google Scholar
  40. Sch 83.
    R.D. Schlichting, F.B. Schneider, "Fail-stop processors: an approach to designing fault-tolerant computing systems", ACM Trans. on Computing Systems, vol. 1, no. 3, Aug. 1983, pp. 222–238.Google Scholar
  41. Sho 83.
    R.E. Shostak, "Formal verification of VLSI designs", in Proc. Compcon Spring'83, San Francisco, Feb. 1983, pp. 269–272.Google Scholar
  42. Ste 78.
    B.J. Sterner, "Computerized interlocking system — a multidimensional structure in the pursuit of safety", IMechE Railway Enginneer International, 1978, pp. 29–30.Google Scholar
  43. Wak 78.
    J. Wakerly, Error Detecting Codes, Self-Checking Circuits and Applications, New York: North Holland, 1978.Google Scholar
  44. Wen 78.
    J.H. Wensley, L. Lamport, J. Goldberg, M.W. Green, K.N. Levitt, P.M. Melliar-Smith, R.E. Shostack, C.B. Weinstock, "SIFT: the design and analysis of a fault-tolerant computer for aircraft control", Proceedings of the IEEE, vol. 66, no. 10, Oct. 1978, pp. 1255–1268.Google Scholar
  45. Win 85.
    G. Wind, "Objectives and principles of international standardisation in order to insure safety of electromedical equipments", UTE Bulletin, Oct. 1985; in French.Google Scholar
  46. You 84.
    L.J. Yount, "Architectural solutions to safety problems of digital flight-critical systems for commercial transports", in Proc. 6th Digital Avionics Systems Conf., Baltimore, MD, Dec. 1984, pp. 28–35.Google Scholar

Copyright information

© Springer-Verlag 1987

Authors and Affiliations

  • Jean-Claude Laprie
    • 1
  1. 1.Laas-CnrsToulouseFrance

Personalised recommendations