Abstract. This paper describes the dependability modelling and evaluation of a real complex system, made of redundant replicated hardware and redundant diverse software. It takes into account all aspects of their interactions (including correlation between the diverse software variants) and of the criticality of the several components. Our approach has been to realise the system model in a structured way. This allows to cope with complexity and to focus, where interesting, on specific behaviour for a more detailed analysis. Furthermore each level may be modelled using different methodologies and its evaluation performed with different tools without the need of modifying the general structure of the model. In order to validate the most complex sub-models, we built alternatives using different tools and methodologies; this proved to be very useful since it allowed to find small bugs and imperfections and to gain more confidence that the models represented the real system behaviour. With respect to the real system taken as the example, our analyses, which could not be reported here, allowed to establish the dependability bottlenecks of the current version and to state targets for the several subcomponents such that the system targets could be reached, thus providing hints for next releases or modifications of the system and information to assign targets to the various components of the system.
We discuss the use of dataflow-like models for the "in-the-large" design of real-time applications. In these models, modules can only communicate by (asynchronously) receiving messages when activated and transmitting result messages when terminating. This rather restrictive computational rnodel allows the description of typical, cyclic control programs, with predictable, well-verifiable behaviour. In particular, important timing properties can be dealt with in the in-the-large design. We outline the case for the use of dataflow-like models, discuss the choice of appropriate notations, which implies a trade-ofJ between predictability of behaviour and expressive power, and the potential for an advanced design support environment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.