System Architecture and Interoperability Architecture is a critical

System Architecture and Interoperability - Architecture is a critical element of the solution - Luca Simoncini PDCC, Pisa and University of Pisa, Italy Pisa, 25 -27/11/02, Workshops on &

Pros and cons of present architectural designs • Most of large-scale infrastructures have been developed connecting stand-alone proprietary systems with ad-hoc solutions and independently developed components – – Pros: • Ad-hoc components make easier system validation • Limitation of third-party components • Re-design and updating do not depend on third parties Cons: • Components and implementation technologies evolution and obsolescence • Upgrading of components • Unflexibility and difficult adaptability • Needed re-validation for new systems or major revisions Cons on interaction and interoperability • Systems with slightly different requirements and specs cannot reuse components from previous designs: – – • Complete re-design Lack of experience from older systems Interoperability is hard to achieve: – – Different project specifications • Different dependability properties • Different communication protocols or media • ……. Difficult integration 2 Pisa, 25 -27/11/02, Workshops on &

What is needed • Definition and construction of an architectural framework such: – To reduce the design and development costs – To reduce the number of components used in the several subsystems – To simplify the evolution process of the products and reduce the associated costs – To simplify the validation (and certification) of the products through an incremental approach based on reuse • Infrastructure characteristics: – Use of generic components: • COTS and open source SW components – Dependability properties associated to architecture and not only to components: • Techniques for error detection, diagnosis and recovery independent from specific components (both HW or SW) – Hierarchical approach for functional and non functional properties: • To make validation easier – Openness of the system: • Adaptability to different kinds of architecture for interaction. 3 Pisa, 25 -27/11/02, Workshops on &

Trends, new problems and keywords • • Increasing number of (maybe non-trained) users: – New fault types – New threats (i. e. to privacy and security) Ubiquity and mobility: – New threats to security Evolution, growing complexity, layering of services: – Vital services and system survivability Keywords: Genericity, Openness, Adaptability, Re-use for: – Integration Ø Design of dependable components and – Composition architectures – Recursion: • fault error failure – Usability Ø Designing architectures for dependability ØDependable infrastructures from user perspective 4 Pisa, 25 -27/11/02, Workshops on &

Design of dependable components and architectures v. Architecture is a critical element of the solution Rigorous design (i. e. fault prevention) Verification and validation (i. e. fault removal) Fault Tolerance (accidental and malicious faults) System evaluation (i. e. fault forecasting) ØEarly prototyping ØAdaptable compon. Requirements ØComposable compon. ØSecure components ØSeparation of concern ØInvariance ØTestable components ØCoverage evaluation Enabling Technologies ØFormal methods ØDesign for V&V ØState observability ØTesting ØSupports to validation and verification ØFormal methods ØRedundancy ØFunctional diversity ØMiddleware ØAnalytical modeling ØFault injection ØSpecs languages ØModeling ØTools ØFunction placement ØTools Instruments Ø Generic, composable, open source, reusable components 5 Pisa, 25 -27/11/02, Workshops on &

Designing architectures for dependability v. Multiple facets of dependability raise many issues Rigorous design (i. e. fault prevention) ØHow to compose: Interfaces Legacy systems ØHow to guarantee integrity ØHow to guarantee security ØHow to guarantee survivability ØHow to guarantee predictable timing Verification and validation (i. e. fault removal) ØTrusting the tools ØTesting ØSymbolic execution Fault Tolerance (accidental and malicious faults) System evaluation (i. e fault forecasting) ØHow to assess risks ØHow to cope with new fault types ØHow to reach survivability ØHow to coordinate adaptability ØHow to get good usability ØUncertainty ØMeaningful models ØMeaningful simulations ØEvaluating coverage ØExperimental verification ØTesting Ø Abstraction, recursion, incremental verification 6 Pisa, 25 -27/11/02, Workshops on &

Dependable infrastructures from user perspective v. The user has the final word on system dependability Rigorous design (i. e. fault prevention) ØIs the system compliant with specifications ? Verification and validation (i. e. fault removal) ØDo I have the knowledge of possible residual faults ? Fault Tolerance (accidental and malicious faults) System evaluation (i. e. fault forecasting) ØIs the system able to provide meaningful service in presence of accidental and malicious faults ? ØHas the system sufficient performance to satisfy my needs ? ØIs system usability sufficiently good to reduce the probability of human errors ? ØDoes the system protect my privacy, integrity of my data and security ? ØIs the cost/dependability ratio optimal for my needs ? Ø I think the system/service has (optimal/good/sufficient/insufficient) cost/dependability ! 7 Pisa, 25 -27/11/02, Workshops on &

System architecture in Application studies | Tools and Components | Aerospace Dependability Case Support Healthcare e-business Infrastruct. Interdepend. Support Measures Modelling and simulation Intrusion management Training Bestpractice Fault Prevention Fault Removal Fault Tolerance Fault Forecasting 8 Pisa, 25 -27/11/02, Workshops on & Policy Issues