rtft15 unit 4

7/25/2019 RTFT15 Unit 4

1/41

UNIT 4

Experimental Evaluation Modelling and simulation

Fault injection

NFTAPE fault injector

Modelling for performance

dependability and perform

ability:

dependabilityspeci!c

met"ods

#fault trees$ reliability

bloc% diagrams&$ 'ueues (oll No: )*

stoc"astic Petrinets

stoc"astic acti+ity

net,or%s Application: Ultra

-AN.NA-/

7/25/2019 RTFT15 Unit 4

2/41

Modelling

Modeling is t"e process of producing a model/

A model is a representation of t"e construction and

,or%ing of

some system of interest/

A model is similar to but simpler t"an t"e system itrepresents/

0ne purpose of a model is to enable t"e analyst to

predict t"e e1ect of c"anges to t"e system/(eal Time and Fault Tolerance

2e!nition

7/25/2019 RTFT15 Unit 4

3/41

Modelling

close appro3imation to t"e real system

incorporate most of its salient features/

ess comple3

(ealism and simplicity/

(eal Time and Fault Tolerance

A model s"ould be

7/25/2019 RTFT15 Unit 4

4/41

Modelling Application

5an%ing

-pace

Military

6ommerce

Education


A model s"ould be

7/25/2019 RTFT15 Unit 4

5/41

2eterministic #input and output +ariables are !3ed

+alues&

-toc"astic #at least one of t"e input or output

+ariables is probabilistic&7

-tatic #time is not ta%en into account&

2ynamic #time+arying interactions among

+ariables are ta%en into account&/

Typically$ simulation models are stoc"astic and

dynamic/

Mat"ematical model classi!cations

include


7/25/2019 RTFT15 Unit 4

6/41

Simulation

A simulation of a system is t"e operation of a model

of t"e system/

T"e operation of t"e model can be studied$ and

"ence$ properties concerning t"e be"a+ior of t"e

actual system or its subsystem can be inferred/

2e!nition


7/25/2019 RTFT15 Unit 4

7/41

-imulation is a tool to e+aluate t"e performance of a

system$ e3isting or proposed$ under di1erent

con!gurations of interest and o+er long periods of

real time/

2e!nition


7/25/2019 RTFT15 Unit 4

8/41

-imulation is used before an e3isting system is

altered or a ne, system built$:

To reduce t"e c"ances of failure to meet

speci!cations$

To eliminate unforeseen bottlenec%s$

To pre+ent under or o+erutili8ation of resources$

To optimi8e system performance/

sombody9gmail/com

7/25/2019 RTFT15 Unit 4

9/41

simulation can be used to ans,er 'uestions

"at is t"e best design for a ne,

telecommunications net,or%;

"at are t"e associated resource re'uirements;

?;

7/25/2019 RTFT15 Unit 4

10/41


7/25/2019 RTFT15 Unit 4

11/41

T"e steps in+ol+ed in de+eloping a simulation

model$ designing a simulation e3periment$ and

performing simulation analysis are:

-tep )/ Identify t"e problem/-tep @/ Formulate t"e problem/

-tep / 6ollect and process real system data/

-tep 4/ Formulate and de+elop a model/

-tep */ Balidate t"e model/


-teps in simulation

7/25/2019 RTFT15 Unit 4

12/41

-tep C/ 2ocument model for future use/

-tep D/ -elect appropriate e3perimental design/ -tep / Establis" e3perimental conditions for runs/

-tep / Perform simulation runs/

-tep )>/ Interpret and present results/

-tep ))/ (ecommend furt"er course of action/


7/25/2019 RTFT15 Unit 4

13/41

-imulation Used In

go+ernment$ defense$ computer and

communication

systems$ manufacturing$ transportation #air tra=c

control&$ "ealt" care$ ecology and en+ironment$

sociological and be"a+ioral studies$ biosciences$

epidemiology$ ser+ices #ban%


7/25/2019 RTFT15 Unit 4

14/41

Fault Injection

Fault injection is a tec"ni'ue for impro+ing

t"e co+erage of a test by introducing faults to test

code pat"s$ in particular error "andling code

pat"s$ t"at mig"t ot"er,ise rarely be follo,ed/

It is often used ,it" stress testingand is ,idely

considered to be an important part of

de+eloping robust soft,are

2e!nition


7/25/2019 RTFT15 Unit 4

15/41

Fault Injection Types 6ompile time injection

Mutation testing

(untime injection #memory corruption and n.,

fault&

P"ysical met"ods

Triggers

Time

Interrupt based

2e!nition


7/25/2019 RTFT15 Unit 4

16/41


7/25/2019 RTFT15 Unit 4

17/41

T"e fault injector injects faults into t"e targetsystem as it e3ecutes commands from t"e

,or%load generator

T"e monitor trac%s t"e e3ecution of t"e commandsand

initiates data collection ,"ene+er necessary/

T"e data collector performs online data collection/

T"e data analy8er$ ,"ic" can be oHine$ performsdata processing and analysis/

T"e controller controls t"e e3periment/(eal Time and Fault Tolerance

Fig e3plained

7/25/2019 RTFT15 Unit 4

18/41

Ferrari

FTAPE

0rc"estra

2octor

ception


Tools

7/25/2019 RTFT15 Unit 4

19/41

FTAPE

FTAPE #Fault Tolerance and Performance E+aluator& can

inject faults$ not only into memory and registers$ but

into dis% accesses as ,ell/

T"is is ac"ie+ed by inserting a special dis% dri+er into

t"e system t"at can inject faults into data sent and

recei+ed from t"e dis% unit/

FTAPE also "as a synt"etic load unit t"at can simulate

speci!c amounts of load for robustness testing

purposes

Introduction


7/25/2019 RTFT15 Unit 4

20/41

NFTAPE

NFTAPE is a con!gurable tool for J

injecting faults$

triggering injections$

producing ,or%loads$

detecting errors

logging results/

Introduction


7/25/2019 RTFT15 Unit 4

21/41

Modelling for performance, dependaility andperform aility

2ependability$ performance$ and performability

e+aluation tec"ni'ues pro+ide a useful met"od for

understanding t"e dynamic be"a+ior of a computer or

communication system/

To be useful$ t"e e+aluation s"ould reKect important

system c"aracteristics suc" as fault tolerance$

automatic recon!guration$ and repair7 contention for

resources7 concurrency and sync"roni8ation7 deadlines

imposed on t"e tas%s7 and graceful degradation/

Introduction


7/25/2019 RTFT15 Unit 4

22/41

!ependaility

A+ailability ? of time deli+ering correct ser+ice

(eliability

E3pected time until incorrect ser+ice

-afety

Absence of catastrop"ic conse'uences

6on!dentiality

Absence of unaut"ori8ed disclosure

Measure of follo,ing attributes


M t 2 d bl t

7/25/2019 RTFT15 Unit 4

23/41

Fault pre+ention

Fault tolerance

Fault remo+al

Fault forecasting


Means to 2ependable system

P f bilit

7/25/2019 RTFT15 Unit 4

24/41

It is a measure of t"e system ability to ac"ie+e a

gi+en performance le+el$ despite t"e occurrence of

failures/

Performability di1ers from reliability in t"at

reliability is a measure of t"e li%e"oo" t"at all of

t"e functions are performed correctly$ ,"ileperformability is a measure of li%e"ood t"at some

subset of t"e functins is performed correctly/


Performability

Fault tree diagrams

7/25/2019 RTFT15 Unit 4

25/41

Fault tree diagrams consist of gates and e+entsconnected ,it" lines/

T"e AN2 and 0( gates are t"e t,o mostcommonly used gates in a fault tree/

To illustrate t"e use of t"ese gates$ consider t,oe+ents #called Linput e+entsL& t"at can lead toanot"er e+ent #called t"e Loutput e+entL&/

If t"e occurrence of eit"er input e+ent causes t"eoutput e+ent to occur$ t"en t"ese input e+entsare connected using an 0( gate/

Fault tree diagrams


Fault tree diagrams symbol

7/25/2019 RTFT15 Unit 4

26/41

5asic

E3ternal

Unde+eloped

6onditioning

aerospace$ nuclear po,er$ c"emical and process$p"armaceutical$ petroc"emical and ot"er "ig""a8ard industries

Fault tree diagrams symbol


Used in

Fault tree diagrams

7/25/2019 RTFT15 Unit 4

27/41

Alternati+ely$ if bot" input e+ents must occur inorder for t"e output e+ent to occur$ t"en t"ey are

connected by an AN2 gate/

Figure ) s"o,s a simple fault tree diagram in,"ic" eit"er A or 5 must occur in order for t"e

output e+ent to occur/ In t"is diagram$ t"e t,oe+ents are connected to an 0( gate

Fault tree diagrams


stages

7/25/2019 RTFT15 Unit 4

28/41

Identify undesired e+ent to study

Understand system

6onstruct tree

E+aluate

6ontrol "a8ards identi!ed

stages


(eliability 5loc% 2iagram

7/25/2019 RTFT15 Unit 4

29/41

2irected grap":

E3actly one starting node E$ e3actly one terminal

node A/

0t"er nodes represent t"e binary random+ariable of a

component #stating ,"et"er LfaultlessL or LfaultyL&/

Notice t"at multiple nodes are allo,ed for a single

component/

Additional +irtual nodes < "elp to simplify t"erepresentation/

-emantics: T"e system is faultless if and only if




7/25/2019 RTFT15 Unit 4

30/41



7/25/2019 RTFT15 Unit 4

31/41

Stoc"astic activity

-toc"astic acti+ity net,or%s$ or -ANs$ are a

con+enient$ grap"ical$ "ig"le+el language for

describing system be"a+ior/

-ANs are useful in capturing t"e stoc"astic #or

random& be"a+ior of a system/

Includes


7/25/2019 RTFT15 Unit 4

32/41

T"e amount of time a program ta%es to e3ecute

can be computed precisely if all factors are %no,n$but t"is is nearly impossible and sometimes

useless/

At a more abstract le+el$ ,e can appro3imate

t"e running time by a random +ariable/

Fault arri+als almost al,ays must be modeled by

a random process/(eal Time and Fault Tolerance

E3amples

St " ti P t i N t # i

7/25/2019 RTFT15 Unit 4

33/41

Stoc"astic Petri Net #evie$

0ne of t"e simplest "ig"le+el modeling

formalisms is called stoc"astic Petri nets/

A stoc"astic Petri net is composed of t"e follo,ing

components:

6oncepts


7/25/2019 RTFT15 Unit 4

34/41

continue


A stoc"astic Petri net is made from a Petri net by

7/25/2019 RTFT15 Unit 4

35/41

y

J Assigning an e3ponentially distributed time to all

transitions/

J Time represents t"e Odelay bet,een enabling and

!ring of a timed transition/

J Transitions Oe3ecute in parallel ,it" independent

delay distributions/

-ince t"e minimum of multiple independent

e3ponentials is itself e3ponential$ time bet,een

transition !rings is e3ponential/

If a transition t becomes enabled$ and before t !res$

some ot"er transition !res and c"anges t"e state of t"e(eal Time and Fault Tolerance

St " ti A ti it N t %

7/25/2019 RTFT15 Unit 4

36/41

Stoc"astic Activity Net$or%s

T"e need for more e3pressi+e modeling languages"as led to se+eral e3tensions to stoc"astic Petri

nets/

0ne e3tension t"at ,e ,ill e3amine is calledstoc"astic acti+ity net,or%s/

5ecause t"ere are a number of subtle distinctionsrelati+e to -PNs$ stoc"astic acti+ity net,or%s usedi1erent ,ords to describe ideas similar to t"ose of

-PNs/


-toc"astic acti+ity net,or%s "a+e t"e follo,ing

7/25/2019 RTFT15 Unit 4

37/41

-toc"astic acti+ity net,or%s "a+e t"e follo,ingproperties:

A general ,ay to specify t"at an acti+ity #transition&

is enabled

A general ,ay to specify a completion #!ring& rule

A ,ay to represent 8erotimed e+ents

A ,ay to represent probabilistic c"oices upon

acti+ity completion

-tatedependent parameter +alues

Qeneral delay distributions on acti+ities


-AN -ymbols

7/25/2019 RTFT15 Unit 4

38/41

-AN -ymbols


7/25/2019 RTFT15 Unit 4

39/41

-AN Terms

)/acti+ation time at ,"ic" an acti+ity begins

@/ completion time at ,"ic" acti+ity completes

/ abort J time: after acti+ation but before

completion$ ,"en acti+ity is no longer enabled

4/ acti+e t"e time after an acti+ity "as been

acti+ated but before it completes or aborts/


6 l ti ( l

7/25/2019 RTFT15 Unit 4

40/41

6ompletion (ules

"en an acti+ity completes$ t"e follo,ing e+ents ta%e

place #in t"e order listed&$ possibly c"anging t"e

mar%ing of t"e net,or%:

)/ If t"e acti+ity "as cases$ a case is #probabilistically&

c"osen/

@/ T"e functions of all t"e connected input gates are

e3ecuted #in an

unspeci!ed order&/

/ To%ens are remo+ed from places connected by input

arcs/

4/ T"e functions of all t"e output gates connected to t"e

c"osen case are e3ecuted #in an uns eci!ed order&/(eal Time and Fault Tolerance

7/25/2019 RTFT15 Unit 4

41/41

T&AN' ()*

rtft15 unit 4

Documents