- Project Dates: From December 1996 to November 1999
- Sponsors: EPSRC
There is a need to achieve and assure higher and higher levels of reliability and safety in software-based systems. Techniques which are adequate for more modest levels, such as operational testing of a single program to measure its reliability, can be shown to be impractical at these higher levels. Software fault tolerance, based upon design diversity, looks a promising approach, but there remain gaps in our understanding. We plan to address two main questions: how to organise the diverse versions and their development processes in order to best achieve reliability, and how to evaluate the reliability that has been achieved in a particular system. The objective of this research is to give systems designers advice on how to exploit design diversity optimally, and to assist those with responsibilities for the evaluation of systems (e.g. licensing authorities in safety-critical industries). Several industries are already using systems based upon software diversity, and others are planning to do so. This research will assist he early decision-making here, by providing a basis for judging the realism of the reliability goals of proposed designs. It will provide design guidance to maximise the reliability of the resulting systems, and to facilitate the eventual evaluation of system reliability. It will provide means for conducting this evaluation of the final system reliability, taking account of evidence from disparate sources. The potential social and economic benefits will be two-fold. Better means of designing fault-tolerant systems will make these less expensive in production, and will lessen the uncertainty about the fitness for purpose of the eventual product. Better means of evaluation will allow us to place greater confidence in the reliability and safety of systems, and thus better control the societal risk of critical systems.