ebook img

Methods, Models and Tools for Fault Tolerance PDF

350 Pages·2009·7.64 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Methods, Models and Tools for Fault Tolerance

Lecture Notes in Computer Science 5454 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Alfred Kobsa University of California, Irvine, CA, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen University of Dortmund, Germany Madhu Sudan Massachusetts Institute of Technology, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max-Planck Institute of Computer Science, Saarbruecken, Germany Michael Butler Cliff Jones Alexander Romanovsky Elena Troubitsyna (Eds.) Methods, Models and Tools for Fault Tolerance 13 Volume Editors Michael Butler University of Southampton School of Electronics and Computer Science Highfield, Southampton, SO17 1BJ, UK E-mail: Preface The growing complexity of modern software systems increases the difficulty of ensuring the overall dependability of software-intensive systems. Complexity of environments, in which systems operate, high dependability requirements that systems have to meet, as well as the complexity of infrastructures on which they rely make system design a true engineering challenge. Mastering system complexity requires design techniques that support clear thinking and rigorous validation and verification. Formal design methods help to achieve this. Coping with complexity also requires architectures that are tol- erant of faults and of unpredictable changes in environment. This issue can be addressed by fault-tolerant design techniques. Therefore, there is a clear need of methods enabling rigorous modelling and development of complex fault-tolerant systems. This book addresses such acute issues in developing fault-tolerant systems as: – Verification and refinement of fault-tolerant systems – Integrated approaches to developing fault-tolerant systems – Formal foundations for error detection, error recovery, exception and fault handling – Abstractions, styles and patterns for rigorous development of fault tolerance – Fault-tolerant software architectures – Development and application of tools supporting rigorous design of depend- able systems – Integrated platforms for developing dependable systems – Rigorous approaches to specification and design of fault tolerance in novel computing systems The editors of this book were involved in the EU (FP-6) project RODIN (Rig- orous Open Development Environment for Complex Systems), which brought together researchers from the fault tolerance and formal methods communi- 1 ties. In 2007 RODIN organized the MeMoT workshop held in conjunction with the Integrated Formal Methods 2007 Conference at Oxford University. The aim of this workshop was to bring together researchers who were interested in the application of rigorous design techniques to the development of fault-tolerant software-intensive systems. We proposed to the authors of the best workshop papers to expand their work and a number of well-established researchers working in the area to write invited chapters. This book contains the refereed and revised papers that came 1 The proceedings of the Workshop on Methods, Models and Tools for Fault Tolerance are at http://rodin.cs.ncl.ac.uk/deliverables.htm VI Preface in response. Twelve of the papers are reworked from the workshop; three papers are invited. The editors would like to thank the reviewers: Elisabeth Ball, Jeremy Bryans, Joey Coleman, Alan Fekete, Michael Fisher, John Fitzgerald, Michael Harrison, Alexei Iliasov, Michael Jackson, Linas Laibinis, Qaisar Ahmad Malik, Annabelle McIver, Larissa Meinicke, Luc Moreau, Luigia Petre, Martha Plaska, Mike Pop- pleton, Brian Randell, Colin Snook and Divakar Yadav. We would particularly like to thank Louise Talbot, who has efficiently handled the collation of this book. Both in organizing MeMoT 2007 and in publishing this edited book, we are aiming to build a network of researchers from the wider community to promote the integration of dependability and formal methods research. We hope that you will find this volume interesting and encourage you to join the interest group of the EU FP-7 Deploy project (Industrial Deployment of System Engineering Methods Providing High Dependability and Productivity) that in particular aims at establishing closer collaboration between dependability and formal methods research. December 2008 Michael Butler Cliff Jones Alexander Romanovsky Elena Troubitsyna Table of Contents Part I: Formal Reasoning about Fault Tolerant Systems and Protocols Graphical Modelling for Simulation and Formal Analysis of Wireless Network Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 A. Fehnker, M. Fruth, and A.K. McIver Reasoning about System-Degradation and Fault-Recovery with Deontic Logic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Pablo F. Castro and T.S.E. Maibaum Temporal Verification of Fault-Tolerant Protocols . . . . . . . . . . . . . . . . . . . . 44 Michael Fisher, Boris Konev, and Alexei Lisitsa Design and Verification of Fault-Tolerant Components . . . . . . . . . . . . . . . . 57 Miaomiao Zhang, Zhiming Liu, Charles Morisset, and Anders P. Ravn Dynamically Detecting Faults via Integrity Constraints . . . . . . . . . . . . . . . 85 Ian J. Hayes Part II: Fault Tolerance: Modelling in B Event-B Patterns for Specifying Fault-Tolerance in Multi-agent Interaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 Elisabeth Ball and Michael Butler Formal Reasoning about Fault Tolerance and Parallelism in Communicating Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 Linas Laibinis, Elena Troubitsyna, and Sari Leppa¨nen Formal Development of a Total Order Broadcast for Distributed Transactions Using Event-B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 Divakar Yadav and Michael Butler Model-Based Testing Using Scenarios and Event-B Refinements . . . . . . . . 177 Qaisar A. Malik, Johan Lilius, and Linas Laibinis Part III: Fault Tolerance in System Development Process Recording Process Documentation in the Presence of Failures . . . . . . . . . . 196 Zheng Chen and Luc Moreau VIII Table of Contents DREP: A Requirements Engineering Process for Dependable Reactive Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 Sadaf Mustafiz and J¨org Kienzle Documenting the Progress of the System Development . . . . . . . . . . . . . . . . 251 Marta Plaska, Marina Wald´en, and Colin Snook ↪ Fault Tolerance Requirements Analysis Using Deviations in the CORRECT Development Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275 Andrey Berlizev and Nicolas Guelfi Part IV: Fault Tolerant Applications Step-Wise Development of Resilient Ambient Campus Scenarios . . . . . . . 297 Alexei Iliasov, Budi Arief, and Alexander Romanovsky Using Inherent Service Redundancy and Diversity to Ensure Web Services Dependability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324 Anatoliy Gorbenko, Vyacheslav Kharchenko, and Alexander Romanovsky Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 Graphical Modelling for Simulation and Formal Analysis of Wireless Network Protocols 1 2 3 A. Fehnker , M. Fruth , and A.K. McIver 1 ⋆ National ICT Australia, Sydney, Australia 2 A. Fehnker, M. Fruth, and A.K. McIver [9,8] incorporating some measure of random faults, however simulation in this context suffers from a number of well-documented problems [7,3] — most notable is that accurate channel models validated against physical data do not normally feature. This leads to unrealistic results of performance analyses, which can vary widely between different simulators. An alternative to simulation is formal modelling and analysis, which is nor- mally ideally suited to investigating complex protocols, and gives access to profiles of performance which exhaustively range over worst- and best-case be- haviour. Inclusion of realistic models of wireless communication implies appeal to analytical formulae to determine the effect on performance of the spatial re- lationships between nodes, such as the distance and density of near neighbours. These context-dependent details however are not easily added to textual-style formal modelling languages, and indeed they militate against a clear and mod- ular specification style. In this paper we overcome these difficulties by proposing a simple graphical style of specification. We exploit the observations that (a) the distance between and density of nodes in a network is the major factor impacting on the integrity of wireless communication (together with physical parameters such as transmission strength); that (b) this unreliability can be abstracted to a probability that packets are lost; and that (c) the simplest way to express the crucial spatial relationships is graphically, so that the details of the abstracted probabilities are suppressed, and computed automatically from the graphical representation. Besides its simplicity, the graphical style has other benefits in that it allows designers to visualise various performance indicators such as best- or worst- case signal strength between pairs of nodes, or the nodes’ individual power con- sumption. Similarly the critical events occurring in a sample experiment may be “stepped through” in a typical debugging style. Finally — unlike other graphical visualisation tools — it acts as a “bridge” between formal analysis and the more conventional simulation, providing the option to investigate performance using probabilistic model checking, or to carry out more traditional system-wide sim- ulation experiments. In both cases realistic models for wireless communication play a fundamental role. Our specific contributions are 1. CaVi a graphical user interface specialised for modelling networks compris- ing wireless nodes. The tool gives immediate access to crucial performance indicators such as signal strength between pairs of nodes; 2. A translation from a CaVi model to either a formal transition-style model suitable for model checking in the PRISM model checker [10] or as input to the recently-developed Castalia simulator [1]. Castalia is novel in that it incorporates an accurate wireless channel model. The PRISM models are the first such formal models which take network topology into account. At present both Castalia and PRISM capture only flooding and gossiping pro- tocols [5,6]. In Sec. 2 and Sec. 3 we describe the context of wireless applications, and the challenges that arise in their formal modelling. In Sec. 4 we describe a well-known

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.