A contribution to dependability evaluation of Fault-Tolerant, iterative-execution software

We consider the dependability of fault tolerant software executed iteratively, as e.g. in process control applications. We first recall the models usually adopted for evaluating the probability of mission survival (reliability at a certain time) and performability, and show the results obtained by applying these models to the adaptive scheme for software fault-tolerance SCOP, "Self-Configuring Optimal Programming" and to the more popular schemes, recovery blocks and multiple version programming. Then we explore the consequences on dependability figures of two characteristics of iterative software: a) system failure must be defined in terms of the behaviour of the software over successive iterations, because the controlled system can usually tolerate short bursts of errors of the control software; b) the probabilistic correlation between successive executions of the software is an important factor in determining the failure behaviour of the software. Positive correlation is to be expected for various reasons, not least the fact that the input values representing physical variables of the controlled system evolve along a "trajectory" in the input space of the software. We present models accounting for these characteristics and evaluate the effects of different distributions of the correlation between successive executions of the software and the sensitivity of the dependability figures to our model parameters.