Dagstuhl Seminar 00131
Validation of Dependable Behavior of Safety- and Mission-Critical Computing Systems
( Mar 26 – Mar 31, 2000 )
Permalink
Organizers
- A. Bondavalli (Pisa)
- E. Maehle (Lübeck)
- K. Echtle (Essem)
- M. Dal Cin (Erlangen)
Contact
Many application areas of computing systems from vehicle automation to communication control and special transaction processing require increased reliability, availability, safety, robustness, etc. of the computing platform, because humans rely on the correct and permanent provision of particular functions. Hardware and software failures may cause severe financial losses, damages or even injury or death of people.
During the last decades a variety of solutions to this dependability problem have been developed and successfully applied. However, it is still a challenge to prove or at least demonstrate that a design exhibits in fact the desired dependable behavior in the presence of any of the specified faults. Usual testing is not sufficient because fault events are rare, but may result in an extremely high number of errors, which affect a system in an unexpected way at an arbitrary location. Many fault tolerance techniques have been implemented for distributed systems whose complexity adds to the difficulties of validating dependable behavior.
The proposed seminar focuses on validation methods to prove formally or show by heuristics or experiments that a system behaves dependably. Since error detection and processing must be considered from the beginning of the system design phase, the seminar is mainly on model-based validation methods. Other topics like fault injection into implemented systems will also be included to trigger a comparative discussion on the applicability and usefulness of the validation methods for dependability.
Known models are able to express large state spaces in different ways. Some are exact and complete, others approximative. Some are qualitative and express all possible transitions, others underlay a stochastic model to quantify transition possibilities. All these models benefit from adequate modeling of faults, errors and fault-tolerance properties to obtain a tractable yet sufficiently accurate degree of abstraction. Fault modeling and the validation of fault models will be central themes of the seminar. Currently, a variety of models and fault assumptions, each tailored to special analysis procedures, co-exist. It is, therefore, desirable to clarify their potential in treating more and more complex systems with more and more complex error scenarios.
Topics are
- Fault modeling
- Formal verification
- Static cause effect analysis by low level models
- Static cause effect analysis by high level models
- Non-formal or semi-formal analysis (like FMEA)
- Simulative approaches
- Analytical modeling and analysis of dependability attributes
- Non-Markovian modeling
- Fault injection for quantitative evaluation
- Fault injection for testing (dynamic cause effect analysis)
- Certification techniques
The seminar intends to bring together people from universities, research institutes, development departments in the industry and certification institutes, and will provide to them an international forum for the exchange of ideas and experience.
- A. Bondavalli (Pisa)
- E. Maehle (Lübeck)
- K. Echtle (Essem)
- M. Dal Cin (Erlangen)