An experimental evaluation of the assumption of independence in multiversion programming
IEEE Transactions on Software Engineering
Probabilistic reasoning in intelligent systems: networks of plausible inference
Probabilistic reasoning in intelligent systems: networks of plausible inference
Conceptual Modeling of Coincident Failures in Multiversion Software
IEEE Transactions on Software Engineering
Some Conservative Stopping Rules for the Operational Testing of Safety-Critical Software
IEEE Transactions on Software Engineering
Probabilistic Networks and Expert Systems
Probabilistic Networks and Expert Systems
A Theoretical Basis for the Analysis of Multiversion Software Subject to Coincident Errors
IEEE Transactions on Software Engineering
A graphical characterization of the largest chain graphs
International Journal of Approximate Reasoning
Automated Test Generation and Verified Software
Verified Software: Theories, Tools, Experiments
IT and infrastructure's lost dependability
SE '08 Proceedings of the IASTED International Conference on Software Engineering
Software assurance for systems of systems
Proceedings of the FSE/SDP workshop on Future of software engineering research
Deriving safety cases for hierarchical structure in model-based development
SAFECOMP'10 Proceedings of the 29th international conference on Computer safety, reliability, and security
Argument-based approach to computer system safety engineering
International Journal of Critical Computer-Based Systems
A new approach to assessment of confidence in assurance cases
SAFECOMP'12 Proceedings of the 2012 international conference on Computer Safety, Reliability, and Security
| Hi-index | 0.00 |
The work described here concerns the use of so-called multilegged arguments to support dependability claims about software-based systems. The informal justification for the use of multilegged arguments is similar to that used to support the use of multiversion software in pursuit of high reliability or safety. Just as a diverse 1-out-of-2 system might be expected to be more reliable than each of its two component versions, so might a two-legged argument be expected to give greater confidence in the correctness of a dependability claim (for example, a safety claim) than would either of the argument legs alone. Our intention here is to treat these argument structures formally, in particular, by presenting a formal probabilistic treatment of "confidence,” which will be used as a measure of efficacy. This will enable claims for the efficacy of the multilegged approach to be made quantitatively, answering questions such as, "How much extra confidence about a system's safety will I have if I add a verification argument leg to an argument leg based upon statistical testing?” For this initial study, we concentrate on a simplified and idealized example of a safety system in which interest centers upon a claim about the probability of failure on demand. Our approach is to build a "Bayesian Belief Network” (BBN) model of a two-legged argument and manipulate this analytically via parameters that define its node probability tables. The aim here is to obtain greater insight than what is afforded by the more usual BBN treatment, which involves merely numerical manipulation. We show that the addition of a diverse second argument leg can indeed increase confidence in a dependability claim; in a reasonably plausible example, the doubt in the claim is reduced to one-third of the doubt present in the original single leg. However, we also show that there can be some unexpected and counterintuitive subtleties here; for example, an entirely supportive second leg can sometimes undermine an original argument, resulting, overall, in less confidence than what came from this original argument. Our results are neutral on the issue of whether such difficulties will arise in real life—that is, when real experts judge real systems.