A Game-Theoretic Foundation for the Maximum Software Resilience against Dense Errors

Chung Hao Huang; Doron A. Peled; Sven Schewe; Farn Wang

doi:10.1109/tse.2015.2510001

A Game-Theoretic Foundation for the Maximum Software Resilience against Dense Errors

Chung Hao Huang, Doron A. Peled, Sven Schewe, Farn Wang

Department of Computer Science

Research output: Contribution to journal › Article › peer-review

11 Scopus citations

Abstract

Safety-critical systems need to maintain their functionality in the presence of multiple errors caused by component failures or disastrous environment events. We propose a game-theoretic foundation for synthesizing control strategies that maximize the resilience of a software system in defense against a realistic error model. The new control objective of such a game is called k-resilience. In order to be k-resilient, a system needs to rapidly recover from infinitely many waves of a small number of up to k close errors provided that the blocks of up to k errors are separated by short time intervals, which can be used by the system to recover. We first argue why we believe this to be the right level of abstraction for safety critical systems when local faults are few and far between. We then show how the analysis of k-resilience problems can be formulated as a model-checking problem of a mild extension to the alternating-time μ -calculus (AMC). The witness for k resilience, which can be provided by the model checker, can be used for providing control strategies that are optimal with respect to resilience. We show that the computational complexity of constructing such optimal control strategies is low and demonstrate the feasibility of our approach through an implementation and experimental results.

Original language	English
Article number	7360234
Pages (from-to)	605-622
Number of pages	18
Journal	IEEE Transactions on Software Engineering
Volume	42
Issue number	7
DOIs	https://doi.org/10.1109/tse.2015.2510001
State	Published - 1 Jul 2016

Bibliographical note

Publisher Copyright:
© 2015 IEEE.

Funding

This article is an extended version of [25]. All tool implementation and related experiment materials are available at https://github.com/yyergg/Resil. Peled is partially supported by ISF Grant 126/12: "Efficient Synthesis Method of Control for Concurrent Systems." Schewe is supported by the Engineering and Physical Science Research Council (EPSRC), grant EP/H046623/1, United Kingdom. Wang is supported by Grant MOST 103-2221-E-002-150-MY3, Taiwan, ROC and a research project by Research Center for Information Technology Innovation (CITI), Academia Sinica, Taiwan, ROC. For more information, please email to [email protected].

Funders	Funder number
CITI
Research Center for Information Technology Innovation
Engineering and Physical Sciences Research Council	MOST 103-2221-E-002-150-MY3, EP/H046623/1
Academia Sinica
Israel Science Foundation	126/12

Keywords

Fault tolerance
complexity
formal verification
game
model-checking
resilience
strategy

Access to Document

10.1109/tse.2015.2510001

Cite this

@article{8280b9ad09ed4891b271a19a742560d4,

title = "A Game-Theoretic Foundation for the Maximum Software Resilience against Dense Errors",

abstract = "Safety-critical systems need to maintain their functionality in the presence of multiple errors caused by component failures or disastrous environment events. We propose a game-theoretic foundation for synthesizing control strategies that maximize the resilience of a software system in defense against a realistic error model. The new control objective of such a game is called k-resilience. In order to be k-resilient, a system needs to rapidly recover from infinitely many waves of a small number of up to k close errors provided that the blocks of up to k errors are separated by short time intervals, which can be used by the system to recover. We first argue why we believe this to be the right level of abstraction for safety critical systems when local faults are few and far between. We then show how the analysis of k-resilience problems can be formulated as a model-checking problem of a mild extension to the alternating-time μ -calculus (AMC). The witness for k resilience, which can be provided by the model checker, can be used for providing control strategies that are optimal with respect to resilience. We show that the computational complexity of constructing such optimal control strategies is low and demonstrate the feasibility of our approach through an implementation and experimental results.",

keywords = "Fault tolerance, complexity, formal verification, game, model-checking, resilience, strategy",

author = "Huang, \{Chung Hao\} and Peled, \{Doron A.\} and Sven Schewe and Farn Wang",

note = "Publisher Copyright: {\textcopyright} 2015 IEEE.",

year = "2016",

month = jul,

day = "1",

doi = "10.1109/tse.2015.2510001",

language = "אנגלית",

volume = "42",

pages = "605--622",

journal = "IEEE Transactions on Software Engineering",

issn = "0098-5589",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "7",

}

TY - JOUR

T1 - A Game-Theoretic Foundation for the Maximum Software Resilience against Dense Errors

AU - Huang, Chung Hao

AU - Peled, Doron A.

AU - Schewe, Sven

AU - Wang, Farn

PY - 2016/7/1

Y1 - 2016/7/1

N2 - Safety-critical systems need to maintain their functionality in the presence of multiple errors caused by component failures or disastrous environment events. We propose a game-theoretic foundation for synthesizing control strategies that maximize the resilience of a software system in defense against a realistic error model. The new control objective of such a game is called k-resilience. In order to be k-resilient, a system needs to rapidly recover from infinitely many waves of a small number of up to k close errors provided that the blocks of up to k errors are separated by short time intervals, which can be used by the system to recover. We first argue why we believe this to be the right level of abstraction for safety critical systems when local faults are few and far between. We then show how the analysis of k-resilience problems can be formulated as a model-checking problem of a mild extension to the alternating-time μ -calculus (AMC). The witness for k resilience, which can be provided by the model checker, can be used for providing control strategies that are optimal with respect to resilience. We show that the computational complexity of constructing such optimal control strategies is low and demonstrate the feasibility of our approach through an implementation and experimental results.

AB - Safety-critical systems need to maintain their functionality in the presence of multiple errors caused by component failures or disastrous environment events. We propose a game-theoretic foundation for synthesizing control strategies that maximize the resilience of a software system in defense against a realistic error model. The new control objective of such a game is called k-resilience. In order to be k-resilient, a system needs to rapidly recover from infinitely many waves of a small number of up to k close errors provided that the blocks of up to k errors are separated by short time intervals, which can be used by the system to recover. We first argue why we believe this to be the right level of abstraction for safety critical systems when local faults are few and far between. We then show how the analysis of k-resilience problems can be formulated as a model-checking problem of a mild extension to the alternating-time μ -calculus (AMC). The witness for k resilience, which can be provided by the model checker, can be used for providing control strategies that are optimal with respect to resilience. We show that the computational complexity of constructing such optimal control strategies is low and demonstrate the feasibility of our approach through an implementation and experimental results.

KW - Fault tolerance

KW - complexity

KW - formal verification

KW - game

KW - model-checking

KW - resilience

KW - strategy

UR - https://www.scopus.com/pages/publications/84979584555

U2 - 10.1109/tse.2015.2510001

DO - 10.1109/tse.2015.2510001

M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???

SN - 0098-5589

VL - 42

SP - 605

EP - 622

JO - IEEE Transactions on Software Engineering

JF - IEEE Transactions on Software Engineering

IS - 7

M1 - 7360234

ER -

A Game-Theoretic Foundation for the Maximum Software Resilience against Dense Errors

Abstract

Bibliographical note

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this