For many computer-based systems, the most important system property is the depen
dability of the system.
Availability - The probability that the system will be up and running and able t
o deliver useful services to users.
Reliability - The probability that the system will correctly deliver services as
expected by users.
Safety - A judgment of how likely it is that the system will cause damage to peo
ple or its environment.
Security - A judgment of how likely it is that the system can resist accidental
or deliberate intrusions.
Denial of service - The system is forced into a state where normal services are
unavailable or where service provision is significantly degraded
Chapter 12
Functional - requirements to define error checking and recovery facilities and p
rotection against system failures.
Non-functional - requirements defining the required reliability and availability
of the system.
Safety Specification - Goal is to identify protection requirements that ensure t
hat system failures do not cause injury or death or environmental damage.
Hazard Assessment - The process is concerned with understanding the likelihood t
hat a risk will arise and the potential consequences if an accident or incident
should occur.
Risk identification - Identify the types of system failure that may lead to econ
omic losses.
Risk reduction - Generate reliability specifications, including quantitative req
uirements defining the acceptable levels of failure.
Chapter 13
Fault detection - Verification and validation techniques are used to discover an
d remove faults in a system before it is deployed.
Fault tolerance - The system is designed so that faults in the delivered softwar
e do not result in system failure.
Redundancy - Keep more than 1 version of a critical component available so that
if one fails then a backup is available.
Diversity - Provide the same functionality in different ways so that they will n
ot fail in the same way.
However, adding diversity and redundancy adds complexity and this can increase t
he chances of error.
Diversity - To provide resilience against external attacks, different servers ma
y be implemented using different operating systems (e.g. Windows and Linux)
Validation Activities :
Requirements reviews.
Requirements management.
Formal specification.
System modeling
Design and code inspection.
Static analysis.
Test planning and management.
Change management
Protection System - A specialized system that is associated with some other cont
rol system, which can take emergency action if a failure occurs.
Exception handling - is a mechanism to provide some fault tolerance
Chapter 14
Chapter 15
Operational profile - is a set of test data whose frequency matches the actual f
requency of these inputs from normal usage of the system. A close match with actua
l usage is necessary otherwise the measured reliability will not be reflected in
the actual usage of the system.
Model checking - is a formal approach to static analysis that exhaustively check
s all states in a system for potential errors.
Experience-based validation - The system is reviewed and analysed against the ty
pes of attack that are known to the validation team.
Tiger teams - A team is established whose goal is to breach the security of the
system by simulating attacks on the system.
Tool-based validation - Various security tools such as password checkers are use
d to analyse the system in operation.
Formal verification - The system is verified against a formal security specifica
tion.
Chapter 16
Application system reuse - The whole of an application system may be reused eith
er by incorporating it without change into other systems (COTS reuse) or by deve
loping application families.
Component reuse - Components of an application from sub-systems to single object
s may be reused.
Object and function reuse - Software components that implement a single well-def
ined object or function may be reused.
Benefits of Software Reuse
Increased dependability
Reduced process risk
Effective use of specialists
Standards compliance
Accelerated development
Problems with software reuse
Increased maintenance costs
Lack of tool support
Not-invented-here syndrome
Creating, maintaining, and using a component library
Finding, understanding, and adapting reusable components
Application frameworks - are collections of concrete and abstract objects that a
re designed for reuse through specialization and the addition of new objects.
Platform specialization - Different versions of the application are developed fo
r different platforms.
Environment specialization - Different versions of the application are created t
o handle different operating environments e.g. different types of communication
equipment.
Functional specialization - Different versions of the application are created fo
r customers with different requirements.
Process specialization - Different versions of the application are created to su
pport different business processes.
An Enterprise Resource Planning (ERP) - system is a generic system that supports
common business processes such as ordering and invoicing, manufacturing, etc.
Chapter 17
Testing - is intended to find defects and demonstrate that a system meets its fu
nctional and non-functional requirements.
Chapter 20
A real-time system - is a software system where the correct functioning of the s
ystem depends on the results produced by the system and the time at which these
results are produced.
A soft real-time system - is a system whose operation is degraded if results are
not produced according to the specified timing requirements.
A hard real-time system - is a system whose operation is incorrect if results ar
e not produced according to the timing specification.
Periodic stimuli. Stimuli which occur at predictable time intervals
Aperiodic stimuli. Stimuli which occur at unpredictable times
Operating System Components
Real-time clock - Provides information for process scheduling.
Interrupt handler - Manages aperiodic requests for service.
Scheduler - Chooses the next process to be run.
Resource manager - Allocates memory and processor resources.
Dispatcher - Starts process execution.
Scheduling Strategies
Non pre-emptive scheduling runs to completion or until
).
Pre-emptive scheduling - The
if a higher priority process
Scheduling algorithms
Round-robin;
Rate monotonic;
Shortest deadline first.