Learn More
This paper gives the main definitions relating to dependability, a generic concept including a special case of such attributes as reliability, availability, safety, integrity, maintainability, etc. Security brings in concerns for confidentiality, in addition to availability and integrity. Basic definitions are given first. They are then commented upon, and(More)
The paper presents, and discusses the rationale behind, a method for structuring complex computing systems by the use of what we term “recovery blocks”, “conversations” and “fault-tolerant interfaces”. The aim is to facilitate the provision of dependable error detection and recovery facilities which can cope with errors(More)
A framework for the provision of fault tolerance in asynchronous systems is introduced. The proposal generalizes the form of simple recovery facilities supported by nested atomic actions in which the exception mechanisms only permit backward error recovery. It allows the construction of systems using both forward and backward error recovery and thus allows(More)
This paper surveys the various problems involved in achieving very high rehability from complex computing systems, and discusses the relatmnship between system structurmg techniques and techniques of fault tolerance. Topics covered mclude: 1) protective redundancy in hardware and software; 2) the use of atomic actmns to structure the activity of a system to(More)
Dependability: ability to deliver service that can justifiably be trusted Service delivered by a system: its behavior as it is perceived by its user(s) User: another system that interacts with the former Function of a system: what the system is intended to do (Functional) Specification: description of the system function Correct service: when the delivered(More)
We describe the design of a distributed general-purpose computing system that enforces a multilevel security policy. The system is composed of standard UNIX systems and small trustworthy security mechanisms linked together in such a way as to provide a total system which, is not only demonstrably secure, but also highly efficient and cost effective. Despite(More)