Enumerating Software Failures to Build Dependable Distributed Applications

Abstract: We are proposing a systematic approach to building reliable distributed applications. The main objective of this approach is to consider reliability from application inception to completion, adding reliability patterns along the lifecycle and in all architectural layers. We start by enumerating the possible failures of the application, considering every activity in the use cases of the application. The identified failures are then handled by applying reliability policies. We evaluate the benefits of this appro… Show more

“…One approach to assess a web service is with the use of security and reliability certificates [60] as outlined in the next sub-section. Moreover, software testing tools such as Eclipse, JUnit and Maven allow for detail unit, component, system level testing [65], and test coverage for each security test case to further allow for verification of the expected security requirements. These tools provide useful information that includes: the time it takes for a threat to be handled and the type of failure that occurs if the threat is not mitigated as expected.…”

“…There are many degrees to which redundancy can be implemented in the certificates described in Figure 21, whether by N-modular, dual-modular redundancy, triple-modular redundancy or N-Version programming [65]. Similarly, additional security controls can be added to the reference monitor such as a secure communication channel to further increase the security of the enhanced SOA certificates, however this decision must be made by the developer, to decide what degree of security and reliability is feasible depending on the nature of system being designed.…”

A Framework for Measuring Security as a System Property in Cyberphysical Systems

“…One approach to assess a web service is with the use of security and reliability certificates [60] as outlined in the next sub-section. Moreover, software testing tools such as Eclipse, JUnit and Maven allow for detail unit, component, system level testing [65], and test coverage for each security test case to further allow for verification of the expected security requirements. These tools provide useful information that includes: the time it takes for a threat to be handled and the type of failure that occurs if the threat is not mitigated as expected.…”

“…There are many degrees to which redundancy can be implemented in the certificates described in Figure 21, whether by N-modular, dual-modular redundancy, triple-modular redundancy or N-Version programming [65]. Similarly, additional security controls can be added to the reference monitor such as a secure communication channel to further increase the security of the enhanced SOA certificates, however this decision must be made by the developer, to decide what degree of security and reliability is feasible depending on the nature of system being designed.…”

A Framework for Measuring Security as a System Property in Cyberphysical Systems

“…It is helpful to capture this expertise in the form of patterns [7]. There are several books [10,13] on security patterns and academic institutions that write and share security patterns. An attacker can attack a system from all levels.…”

“… Redundancy [13,14] -The replication of critical components in a system or of a complete system with the intention of increasing the reliability of the system.…”

“… Monitoring [13,14] -The constant checking of the state of a system to ensure that specifications are being met. This is a fundamental step because a security breach cannot be addressed if it is not detected.…”

Security Policies for Securing Cloud Databases