High Dependability Computing Program Modeling Dependability(6)

Individuals and organizations increasingly use sophisticated software systems from which they demand great reliance. “Reliance ” is contextually subjective and depends on the particular stakeholder’s needs; therefore, in different circumstances, the sta

systems. A comparison with related work is also provided. Section 3 shows how the UMD can be customized to a specific context/project to obtain a system dependability model that can be used as operational dependability definition. A case study is used for illustration. Section 4 formalizes the process for applying UMD in both a single and a multi-stakeholder scenario. Finally, Section 4 provides an outline of the future work. 2 The Unified Model of Dependability (UMD)

This Section introduces UMD, by illustrating the underlying theory, and discusses its robustness. It also provides a comparison with related works.

2.1 Identifying the building blocks of dependability

Dependability involves many different attributes, and each attribute can be defined in a variety of ways. In order to begin our analysis for identifying the building blocks of dependability, around which we build UMD, let us consider a standard sub-set of such attributes: reliability, accuracy, performance, availability, survivability, security, maintainability, and safety. It is important to note that this choice is purely arbitrary, and any other set could have been adopted, as in the following we will show that our results are independent from the selected set. For each of these attributes different definitions are available in literature. In the following we have randomly chosen some of them from

[1,4,9,13]:

o Reliability is an index of how often the system or part of it fails.

o Accuracy is the ability of the system to provide data within the desired range and with the required precision.

o Performance is a static or dynamic system’s capability (response time, throughput) defined in terms of an acceptable range.

o Availability is the degree to which a system or component is operational and accessible when required for use.

o Survivability is the ability of a system to provide essential services in the presence of adverse conditions that can occasionally happen within its operational environment (e.g., exceptional weather conditions, un-natural load peaks, etc.).

o Security is the system’s capability to resist attacks intentionally carried on against the system (e.g., logical breaches, data accesses, denial of service attacks, etc.).

o Maintainability is the ability of the system to undergo repairs and modifications.

o Safety is the absence of catastrophic consequences on the user(s) and the environment.

Based on the above definitions, we observe that dependability can be viewed as an index of the issues that the system can cause to the users. In other terms, given two similar systems, the one that causes fewer, and less severe issues is the one that is more dependable for the users. By carefully reading the above definitions, we can also recognize that an issue may derive from the misbehavior of the system (e.g., the system fails, or is not available at a given time, or is not able to survive external adverse conditions), or because the system creates a situation that could lead to catastrophic consequences for the users or the environment (see definition of safety). For this reasons, we distinguish between two kinds of issues: