An experimental evaluation of the assumption of independence in multiversion programming
IEEE Transactions on Software Engineering
Conceptual Modeling of Coincident Failures in Multiversion Software
IEEE Transactions on Software Engineering
Guess and Verify --- Back to the Future
FM '09 Proceedings of the 2nd World Congress on Formal Methods
New challenges in certification for aircraft software
EMSOFT '11 Proceedings of the ninth ACM international conference on Embedded software
Hi-index | 0.00 |
The limits to the reliability that can be claimed for a design-diverse fault-tolerant system are mainly determined by the dependence that must be expected in the failure behaviours of the different versions: claims for independence between version failure processes are not believable. In this note we examine a different approach, in which a simple secondary system is used as a back-up to a more complex primary. The secondary system is sufficiently simple that claims for its perfection (with respect to design faults) are possible, but there is not complete certainty about such perfection. It is shown that assessment of the reliability of the overall fault-tolerant system in this case may take advantage of claims for independence that are more plausible than those involved in design diversity.