Auflistung nach Autor:in "Warns, Timo"
1 - 3 von 3
Treffer pro Seite
Sortieroptionen
- Konferenz-AbstractBericht über die ICSE Workshops SESS and WADS 2005(Softwaretechnik-Trends Band 25, Heft 2, 2005) Warns, TimoDer Aspekt der Vertrauenswürdigkeit nimmt eine zunehmend größere Rolle bei der Entwicklung von Software ein. Um die dabei auftretenden Herausforderungen zu beältigen, ist die Zusammenarbeit der Communities der Fehlertoleranz, Sicherheit und Softwaretechnik gefragt. Dieser Bericht fasst die Ergebnisse der ICSE Workshops Software Engineering for Secure Systems (SESS) und Workshop on Architecting Dependable Systems (WADS) 2005 zusammen, in denen diese Communities zusammentrafen.
- KonferenzbeitragOn the coverage of proactive security: an addition to the taxonomy of faults(Informatk 2005. Informatik Live! Band 1, 2005) Warns, TimoIntrusion tolerance is a recent approach to deal with intentional and malicious failures. It combines the research on fault tolerance with the research on security, and relies on the means of proactive security. The development of a fault-tolerant system requires the explication of its underlying fault assumptions. In this context, we propose a viewpoint on faults that discriminates whether they are timely exploitable and, therefore, are not covered by proactive security.
- ZeitschriftenartikelStructural Failure Models for Fault-Tolerant Distributed Computing(Softwaretechnik-Trends Band 30, Heft 1, 2010) Warns, TimoThe dependability of a distributed system strongly depends on the occurrence of faults and on the ability of the system to cope with them. A fault-tolerant system is capable of providing service as expected even if some components have failed. Unfortunately, no system can tolerate arbitrary severe and arbitrary many faults. Engineering faulttolerant systems, therefore, require a fault model that describes the faults to tolerate. A good fault model must be accurate for the relevant aspects of faults, but abstract away irrelevant details. There is empirical evidence that, in particular, dependences and propagation of faults are relevant in real-world systems. In this thesis, we address the questions of how to model such faults and how to tolerate them. For a fault model, we distinguish functional from structural failure models. A functional failure model describes how a component that is failed may behave. A structural failure model describes the extent of component failures. We investigate different classes of nonprobabilistic structural failure models and, in particular, introduce two new ones: set-based models for dependent faults and sequence-based models for dependent and propagating faults. Both classes close a gap between probabilistic models that cover dependent and propagating faults and previous nonprobabilistic models that do not. The new classes and several previous ones are compared with respect to their expressiveness resulting in a comprehensive hierarchy of nonprobabilistic structural failure models. All of the considered previous classes are strictly less expressive than the new set-based class, which is strictly less expressive than the new sequence-based class. For many problems of distributed computing, there exist solutions that rely on quorums and, in particular, on highly available coteries to achieve fault tolerance. We illustrate how to solve distributed computing problems under the new model classes using highly available coteries and probing quorums. More precisely, we give characterisations of highly available coteries that show how to construct such a coterie from a set-based model if a highly-available coterie exists. Considering sequence-based models, we introduce the quality measure refined probe complexity that gives a tight bound on the number of required probes to find a quorum of noncrashed processes or to reveal that no such quorum exists. Additionally, we present a new probe strategy that is defined for all quorum sets and is more efficient in the number of required probes than previous strategies. The considerations of quorums are independent of a particular fault tolerance problem. As a concrete problem, we show how to reach consensus in the presence of faults. In particular, we demonstrate that the new model classes do not require solutions developed from scratch: Adapting and transforming previous solutions for previous model classes suffice to reach consensus. Using the new model classes turns out to be beneficial as it allows more resilient and/or more efficient solutions.