Home

Summary

Introduction

DeSIRE & DeFINE

DeSIRE

DeFINE

Initial Steps

Events

Related Projects

Links

Literature

Introduction

The present global information infrastructure of interconnected computers and complex networked application systems is already suffering what can be termed a 'dependability gap' between (legitimate) expectations and reality. Moreover, the majority of large computer system development projects overrun budgets and timescales and many fail to deliver the required functionality and dependability.

However, the plans that the EU Member States have for an "e-Europe" involve the widespread use by 2010 of computer systems for many highly demanding and complex new tasks and constitute yet greater dependability challenges. Indeed, an ISTAG Report predicts a huge expansion in Europe's dynamically evolving information infrastructure, involved in ever-growing numbers of often unintended interdependencies with other major infrastructures, and suffering many challenging problems arising from system mobility, ubiquity, invisibility and heterogeneity, from very large numbers of untrained users, etc. Thus concern regarding the impact of the closely-related topics of computer system dependability and infrastructure interdependencies on the plans for a future Information Society figures large in the various EU IST planning documents, with the latest draft IST 2003-2004 Workprogramme listing "Towards a Global Dependability and Security Framework" as one of the Strategic Objectives for its First Call.

Fortunately, European industry and academia have many of the technical skills needed for the building of a future dependable Information Society, such as in quality management (e.g. ISO 9000-3), system level formal methods and tools, cryptography, fault detection techniques (e.g. static analysis), fault-tolerant architectures, Bayesian statistical approaches to fault assessment, etc. The demand for dependable computing comes at a time when the PC's role as the dominant hardware platform is itself under threat from increasingly powerful smartcards and other embedded system architectures, as the world moves along a path towards ambient (or pervasive) intelligent systems. These changes will create an opportunity for European industry to win a greater share of the software and systems markets, with consequent benefits to employment and wealth creation in the EU. Thus the IST programme in FP6 provides a unique opportunity for an initiative on system and infrastructure dependability that could have a real impact on EU prosperity and quality of life.

The subject of system dependability needs to be treated holistically in such a initiative, in order to contribute significantly to the tasks of:

1. providing all potentially relevant dependability attributes (e.g. availability, security, safety, reliability, survivability, etc), since a balance of several such attributes is invariably needed,
2. allowing for the fact that system dependability is a "weakest link" problem, and hence for all types of faults (e.g. intermittent hardware faults, software specification and design faults, human-machine interaction faults including intrusions, malicious acts by corrupt insiders, and undesirable interdependencies),
3. making appropriate use of all major (technical and socio-technical) means for achieving dependability: rigorous design; fault tolerance; verification and validation; system evaluation, [1]
4. coping with dependability threats (failure, fault and error) "chains" from one system to another, caused by system interaction, composition and creation, and
5. overcoming various linguistic and cultural divides (e.g. dependability/ security/ survivability/ trustworthiness) among the various research communities, though without necessarily imposing a common culture and terminology.

The consortium that is undertaking IST's Accompanying Measure on System Dependability (AMSD), has amongst its tasks the development of an overall dependability road-map, and constituency & consensus building activities aimed at reaching broad agreement on means for achieving such a co-ordinated programme in FP6 of activities centred on dependability. Such a programme should encompass a full range of dependability-related activities, e.g. RTD on the various aspects of dependability, together with education and training provisions, means for encouraging and enabling projects elsewhere in FP6 and in industry generally to use dependability best practice, and support for effective dialogues between relevant policy makers and the dependability research communities.

[1] These are in essence the complete set of 'dependability means' (fault prevention, tolerance, removal and forecasting) that are identified in IFIP WG10.4 analyses - see, for example: J.C. Laprie, (Ed.). Dependability: Basic Concepts and Associated Terminology, Dependable Computing and Fault-Tolerant Systems. Springer-Verlag, 1991.