City Research Online - Achieving effective diversity between redundant software-based components

Achieving effective diversity between redundant software-based components

Strigini, L. ORCID: 0000-0002-4246-2866 (2007). Achieving effective diversity between redundant software-based components. In: 6th International Conference on Control and Instrumentation in Nuclear Installations. 6th International Conference on Control and Instrumentation in Nuclear Installations, 11-13 Sep 2007, Manchester, UK.

Abstract

All empirical evidence indicates that diversity between redundant software-based components offers some defence against common-mode failure in redundant systems, i.e., it brings gains in reliability or safety. An important question is how to pursue diversity - in the selection or development of such software - so as to achieve large enough gains. Common sense suggests for instance to develop the components, or procure components that have been developed, in "truly independent" ways; and to make them "as diverse as possible", i.e. with intentional differences in their designs and development methods. This advice is unfortunately insufficient for most practical decisions, and turns out sometimes to be self-contradictory, while direct experimental evidence of "what really works" in industrial practice is scarce. This talk will summarise the state of knowledge on these issues:

- the ways diversity can be pursued, using a threat-driven approach to analysing the possible "diversity seeking decisions";

- the trade-offs that may arise given the practical constraints in an actual project, having to choose in a limited range of options; and especially the common case when the pursuit of diversity may work against that of high reliability of the individual channels, while the combined effect of these two factors on system-level reliability or safety, the true goal pursued, is difficult to estimate;

- mathematical results that in some cases are sufficient for choosing between alternative policies, even without specific experimental evidence. These are based on probabilistic models and identify scenarios under which pursuing some additional degree of either "separation" or "diversification" between the development processes of redundant components is guaranteed to yield improvements at the system level.

Publication Type:	Conference or Workshop Item (Paper)
Additional Information:	Published by the American Nuclear Society (ANS), https://www.ans.org/pubs/. All rights reserved.
Subjects:	Q Science > QA Mathematics Q Science > QA Mathematics > QA76 Computer software
Departments:	School of Science & Technology > Computer Science School of Science & Technology > Computer Science > Software Reliability

[thumbnail of inuce07_striginiDSDv06.pdf]

Preview

Text - Accepted Version
Download (306kB) | Preview

Official URL: https://www.ans.org/

Export

Downloads

Downloads per month over past year

View more statistics

Metadata

Altmetric

CORE (COnnecting REpositories)

Actions (login required)

Admin Login

Creators:	Strigini, L. ORCID: 0000-0002-4246-2866
Event Title:	6th International Conference on Control and Instrumentation in Nuclear Installations
Event Type:	Conference
Event Location:	Manchester, UK
Event Dates:	11-13 Sep 2007
Status:	Published
Refereed:	Yes
Journal or Publication Title:	6th International Conference on Control and Instrumentation in Nuclear Installations
URI:	https://openaccess.city.ac.uk/id/eprint/27642
Date available in CRO:	09 Feb 2022 10:15
Date deposited:	8 February 2022
Dates:	Date Event 2007 Published