Abstract image of a woman sitting on books and studying on a laptop

Web Ex2 28 Jan09

L
Lawrence Bernstein

The document discusses issues with trustworthy and untrustworthy software systems. It provides examples of software bugs that have led to plane crashes. It also discusses how software ages over time through various aging processes, which can lead to crashes or hangs if not addressed. The document advocates for techniques like software rejuvenation to periodically restart software and clear out aging issues, helping to prevent future failures and keep systems running in a stable and trustworthy manner.

EducationTechnology
1 of 24
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Trustworthy Systems for Today & Tomorrow Larry Bernstein (lbernste@stevens.edu) Stevens Institute of Technology Castle Point, Hoboken, NJ 07030
Trustworthy Software is: Safe: Does no harm Reliable: No crash or hang. Secure: No Hacking Possible
Airbus 320 Troubles In three crashes each pilot claimed the plane was higher than indicated. Altitude read 67ft before the wheels had even left the ground! The fly-by-wire system could ignore pilot actions.
Poor Designs in A320 Programmed landing maneuvers with a bug in altitude calculation Warning system alerts only seconds before accident with no time to react Flight path angle and vertical speed indicator have the same display format; confuses pilots.
Untrustworthy Software Buggy software Pilots either frantic or bored. Error and warning messages are often numerous or indecipherable, so pilots ignore them.
Two Software Aging Processes Development Shelf-life Multiple releases Environmental changes Execution Launch-to-Crash State & Data focus
Software ages like fish, not like wine
Trustworthy Characteristics Quantitative Specifications Designed for reliability, safety and security Bounded execution domains Certified against requirements Certified against problem Reliability tested Stress tested Diabolically tested Defined Development and Config. Process Trusted
Software Yesterday and Today Software execution is chaotic and always repeatable but may not be stable. Professionals untrained in analysis Debugging is detective work Software products are often complex and untrustworthy Crashes and hangs expected Bugs or Glitches are common
Execution-Aging Latent faults causes gradual deterioration of software with respect to the use of some resource resulting in a crash or hang.
Conditions That Cause Instability Memory Leaks Poor Algorithms Missing Deadlines Roundoff Error Amplification Broken Pointers Register Misuse- Extinct bug reappears in multi-core machines
Rejuvenation Concept Periodic preemptive rollback prevents future failures. Gracefully terminating an application at a known point allows restarting at a fixed and carefully tested initial state .
Pragmatic Software Rejuvenation Instead of running a system for a year, run it one day 365 times Prevents many future failures. Restarts at a known and clean internal state.
History 1960’s: Anti-missile “On-Interrupt” Code 1970’s: Store and Forward 1980s: Billing Data Collector
1980s: Billing Data Collector Snap shots of switch call records 600 switches/ system Daily rejuvenation Crash-free & Hang-free
History 1960’s: Anti-missile “On-Interrupt” Code 1970’s: Store and Forward 1980s: Billing Data Collector 1990’s: R&D emerges from Bell Labs and Duke with industrial use State-of-the-Practice: Scenario, regression and automatic testing State-of-the-Art: Agility & Software Failure Prevention
Case Study: Network Management System System monitors network equipment. Messages are trigger by network events I/O Buffer Sharing reduces memory required.
Customer Complaint It crashed again!!!
Failure Analysis Latent Fault in Buffer Flow Control. Software does not return ‘buffer full’ signal. Messages are written to full buffers. Messages are accepted,acknowleged and then partially dropped. Application waits and waits for a complete message.
Solution Fix the bug by returning appropriate indicator, or Rejuvenate: Re-launch message handler and avoid the problem: When buffers are half full. Periodically. After hang is detected.
Programmer Resistance to Rejuvenation Culture? Skepticism? Management? “Is the limited use of known good methods of software engineering a consequence of poor training?” National Research Council 1997
Perspectives on the Profession Software Engineering is the 4 th Fastest Growing Occupation in 2009 Top-notch players remained employed Software Engineering/Project Managers continue to get raises Beware of ‘off-shoring’ a risky way to reduce costs by 20-30%.
Ethics from IEEE & ACM Understand the problem Analyze safety and risks Humanize tasks Read & study Respect property rights and privacy Ship systems that work crash-free and hang-free Stand up and be counted.
Re-engineer Your Career with a Stevens Software Engineering Graduate Certificate One year 4 courses (www.stevens.edu) Modular Format or WebCampus March 9-13: SSW533 with Laird May 14-15,18-20 SSW540 with Cohen August 24-28: SSW564/SYS625 with Barrese Jan 4 –8: SSW 565 with Cohen

More Related Content

PPTX
Secure develpment 2014
Ariel Evans
 
PPTX
Protect Your Airspace. You control your wireless space. Not others.
ROOTS Communications Pte Ltd
 
PDF
Vulnerability , Malware and Risk
SecPod Technologies
 
PDF
Vulnerability Malware And Risk
Chandrashekhar B
 
PDF
OSB120 Beat Ransomware
Ivanti
 
PDF
CIO Technical Series - Solving Scan Gun Performance Issues
Bruce McCullough
 
PPTX
Cutting the Cord
RLE Technologies
 
PDF
Applying principles of chaos engineering to Serverless
Yan Cui
 
Secure develpment 2014
Ariel Evans
 
Protect Your Airspace. You control your wireless space. Not others.
ROOTS Communications Pte Ltd
 
Vulnerability , Malware and Risk
SecPod Technologies
 
Vulnerability Malware And Risk
Chandrashekhar B
 
OSB120 Beat Ransomware
Ivanti
 
CIO Technical Series - Solving Scan Gun Performance Issues
Bruce McCullough
 
Cutting the Cord
RLE Technologies
 
Applying principles of chaos engineering to Serverless
Yan Cui
 

What's hot (8)

PPT
Viruses And Their Cures
annperry09
 
PDF
KAE028 - Kaizen -RL- Handheld Device Tool
Eslam Al-Eraky, LSSGB,PMI-RMP®,PMP®
 
PPT
Bank One App Sec Training
Mike Spaulding
 
PDF
Why Static Analysis is mandatory for IoT device software
Duncan Purves
 
PPTX
Reflexion rtc
TheArturoO
 
PPTX
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
Adrian Sanabria
 
PPT
eG Overview
bs5034
 
PPTX
Computer viruses and removal techniques
St. Joseph Health System
 
Viruses And Their Cures
annperry09
 
KAE028 - Kaizen -RL- Handheld Device Tool
Eslam Al-Eraky, LSSGB,PMI-RMP®,PMP®
 
Bank One App Sec Training
Mike Spaulding
 
Why Static Analysis is mandatory for IoT device software
Duncan Purves
 
Reflexion rtc
TheArturoO
 
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
Adrian Sanabria
 
eG Overview
bs5034
 
Computer viruses and removal techniques
St. Joseph Health System
 
Ad

Viewers also liked (18)

PPT
Cs 568 Spring 10 Lecture 5 Estimation
Lawrence Bernstein
 
PPT
Sergeants
captainhowie175
 
PPT
Medical Treatment Of Enem
captainhowie175
 
PPTX
Aula 1 básico 1
Romilson Gomes
 
PDF
How To Catch A Lobster
Christina Lemieux
 
PDF
Indhraprasta mailer2
Raju Alluri
 
PDF
Antone Media's Effective Presentations Resource Page
Robert Antone (Tony) Woodall
 
PDF
Indhraprasta mailer2
Raju Alluri
 
PDF
Rightability Overview
--
 
PPT
As
katu123
 
PPTX
Get The Skinny on Skinny Cow Marketing Plan - Intro to Marketing Course
Robert Antone (Tony) Woodall
 
PPT
Epw Handling
captainhowie175
 
PDF
Health Care Reform
Robert Antone (Tony) Woodall
 
PPT
Animated Powerpoint Test
guest1bebf74
 
PDF
Herman Work
Herman Ho
 
PPTX
Social Media Marketing Strategy - Final Project- Munchery
Robert Antone (Tony) Woodall
 
PPT
Enemy Prisoner Of War
captainhowie175
 
PPT
Dhwms Company Project Presntation Nov 8, 2007
lornehaveruk
 
Cs 568 Spring 10 Lecture 5 Estimation
Lawrence Bernstein
 
Sergeants
captainhowie175
 
Medical Treatment Of Enem
captainhowie175
 
Aula 1 básico 1
Romilson Gomes
 
How To Catch A Lobster
Christina Lemieux
 
Indhraprasta mailer2
Raju Alluri
 
Antone Media's Effective Presentations Resource Page
Robert Antone (Tony) Woodall
 
Indhraprasta mailer2
Raju Alluri
 
Rightability Overview
--
 
As
katu123
 
Get The Skinny on Skinny Cow Marketing Plan - Intro to Marketing Course
Robert Antone (Tony) Woodall
 
Epw Handling
captainhowie175
 
Health Care Reform
Robert Antone (Tony) Woodall
 
Animated Powerpoint Test
guest1bebf74
 
Herman Work
Herman Ho
 
Social Media Marketing Strategy - Final Project- Munchery
Robert Antone (Tony) Woodall
 
Enemy Prisoner Of War
captainhowie175
 
Dhwms Company Project Presntation Nov 8, 2007
lornehaveruk
 
Ad

Similar to Web Ex2 28 Jan09 (20)

PPTX
MAINTAINING AND REPAIRING COMPUTER SYSTEMS AND NETWORKS 12.pptx
RichardSugbo
 
PDF
Top 5 best practice for delivering secure in-vehicle software
Rogue Wave Software
 
PPTX
Security Misconfiguration.pptx
Kalyani Raut
 
PPT
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Phil Agcaoili
 
PDF
Phil Koopman's ISSRE 2016 Keynote
edgecaseresearch
 
PDF
Code and No-Code Journeys: The Coverage Overlook
Applitools
 
PPTX
Defect Tracking Software Project Presentation
Shiv Prakash
 
PPT
SOFWARE QUALITY, INTRODUCTION
Networked Research Lab, UK
 
PDF
"Can We Have Both Safety and Performance in AI for Autonomous Vehicles?," a P...
Edge AI and Vision Alliance
 
PPT
Survey Presentation About Application Security
Nicholas Davis
 
PPTX
Application and Website Security -- Developer Edition: Introducing Security I...
Daniel Owens
 
PDF
Compliance as Code Everywhere
Matt Ray
 
PPT
Testingfor Sw Security
ankitmehta21
 
PDF
Lanlogic IT White Paper
ZAG Technical Services
 
PPTX
Preparing your QA team for mobile testing
Geoffrey Goetz
 
PPT
Introduction to principles of software engineeringWhy1and2
EstherBaguma
 
PPTX
Chapter 5
Anil Bilgihan
 
PPT
2011-05-02 - VU Amsterdam - Testing safety critical systems
Jaap van Ekris
 
PPTX
Presentation confoo optimization_sherifzaroubi
Valtech Canada
 
PDF
Shift Happens - Rapidly Rolling Forward During Production Failure
IBM UrbanCode Products
 
MAINTAINING AND REPAIRING COMPUTER SYSTEMS AND NETWORKS 12.pptx
RichardSugbo
 
Top 5 best practice for delivering secure in-vehicle software
Rogue Wave Software
 
Security Misconfiguration.pptx
Kalyani Raut
 
Good Security Starts with Software Assurance - Software Assurance Market Plac...
Phil Agcaoili
 
Phil Koopman's ISSRE 2016 Keynote
edgecaseresearch
 
Code and No-Code Journeys: The Coverage Overlook
Applitools
 
Defect Tracking Software Project Presentation
Shiv Prakash
 
SOFWARE QUALITY, INTRODUCTION
Networked Research Lab, UK
 
"Can We Have Both Safety and Performance in AI for Autonomous Vehicles?," a P...
Edge AI and Vision Alliance
 
Survey Presentation About Application Security
Nicholas Davis
 
Application and Website Security -- Developer Edition: Introducing Security I...
Daniel Owens
 
Compliance as Code Everywhere
Matt Ray
 
Testingfor Sw Security
ankitmehta21
 
Lanlogic IT White Paper
ZAG Technical Services
 
Preparing your QA team for mobile testing
Geoffrey Goetz
 
Introduction to principles of software engineeringWhy1and2
EstherBaguma
 
Chapter 5
Anil Bilgihan
 
2011-05-02 - VU Amsterdam - Testing safety critical systems
Jaap van Ekris
 
Presentation confoo optimization_sherifzaroubi
Valtech Canada
 
Shift Happens - Rapidly Rolling Forward During Production Failure
IBM UrbanCode Products
 

Recently uploaded (20)

PDF
advance database management system book.pdf
hinamannan364
 
PDF
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 1)
CMEmpire
 
PPTX
20th Century Theater, Methods, History.pptx
cpadilla9
 
PDF
AI-driven educational solutions for real-life interventions in the Philippine...
EleniIlkou
 
PPTX
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 
PPTX
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
PDF
HVAC Specification 2024 according to central public works department
amitrobanipl
 
PDF
احياء السادس العلمي - الفصل الثالث (التكاثر) منهج متميزين/كلية بغداد/موهوبين
S LS
 
PDF
My India Quiz Book_20210205121199924.pdf
AtandraDey2
 
PDF
1.3 FINAL REVISED K-10 PE and Health CG 2023 Grades 4-10 (1).pdf
JohnJerryDalawampu
 
PPTX
A powerpoint presentation on the Revised K-10 Science Shaping Paper
JericEstaco2
 
PDF
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
PDF
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 
PPTX
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
 
PDF
What if we spent less time fighting change, and more time building what’s rig...
Derek Wenmoth
 
PPTX
B.Sc. DS Unit 2 Software Engineering.pptx
Dr. Pallawi Bulakh
 
PPTX
ELIAS-SEZIURE AND EPilepsy semmioan session.pptx
eyoba2172
 
PPTX
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
PDF
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
PPTX
History, Philosophy and sociology of education (1).pptx
tmdth1
 
advance database management system book.pdf
hinamannan364
 
BP 704 T. NOVEL DRUG DELIVERY SYSTEMS (UNIT 1)
CMEmpire
 
20th Century Theater, Methods, History.pptx
cpadilla9
 
AI-driven educational solutions for real-life interventions in the Philippine...
EleniIlkou
 
202450812 BayCHI UCSC-SV 20250812 v17.pptx
home
 
TNA_Presentation-1-Final(SAVE)) (1).pptx
RomnickTanilon
 
HVAC Specification 2024 according to central public works department
amitrobanipl
 
احياء السادس العلمي - الفصل الثالث (التكاثر) منهج متميزين/كلية بغداد/موهوبين
S LS
 
My India Quiz Book_20210205121199924.pdf
AtandraDey2
 
1.3 FINAL REVISED K-10 PE and Health CG 2023 Grades 4-10 (1).pdf
JohnJerryDalawampu
 
A powerpoint presentation on the Revised K-10 Science Shaping Paper
JericEstaco2
 
FORM 1 BIOLOGY MIND MAPS and their schemes
arcade5
 
Chinmaya Tiranga quiz Grand Finale.pdf
Nitin Suresh
 
Introduction to pro and eukaryotes and differences.pptx
AvaniKarumathil
 
What if we spent less time fighting change, and more time building what’s rig...
Derek Wenmoth
 
B.Sc. DS Unit 2 Software Engineering.pptx
Dr. Pallawi Bulakh
 
ELIAS-SEZIURE AND EPilepsy semmioan session.pptx
eyoba2172
 
CHAPTER IV. MAN AND BIOSPHERE AND ITS TOTALITY.pptx
greciamaycalambro
 
Complications of Minimal Access-Surgery.pdf
Laparoscopy Hospital
 
History, Philosophy and sociology of education (1).pptx
tmdth1
 

Web Ex2 28 Jan09

  • 1. Trustworthy Systems for Today & Tomorrow Larry Bernstein (lbernste@stevens.edu) Stevens Institute of Technology Castle Point, Hoboken, NJ 07030
  • 2. Trustworthy Software is: Safe: Does no harm Reliable: No crash or hang. Secure: No Hacking Possible
  • 3. Airbus 320 Troubles In three crashes each pilot claimed the plane was higher than indicated. Altitude read 67ft before the wheels had even left the ground! The fly-by-wire system could ignore pilot actions.
  • 4. Poor Designs in A320 Programmed landing maneuvers with a bug in altitude calculation Warning system alerts only seconds before accident with no time to react Flight path angle and vertical speed indicator have the same display format; confuses pilots.
  • 5. Untrustworthy Software Buggy software Pilots either frantic or bored. Error and warning messages are often numerous or indecipherable, so pilots ignore them.
  • 6. Two Software Aging Processes Development Shelf-life Multiple releases Environmental changes Execution Launch-to-Crash State & Data focus
  • 7. Software ages like fish, not like wine
  • 8. Trustworthy Characteristics Quantitative Specifications Designed for reliability, safety and security Bounded execution domains Certified against requirements Certified against problem Reliability tested Stress tested Diabolically tested Defined Development and Config. Process Trusted
  • 9. Software Yesterday and Today Software execution is chaotic and always repeatable but may not be stable. Professionals untrained in analysis Debugging is detective work Software products are often complex and untrustworthy Crashes and hangs expected Bugs or Glitches are common
  • 10. Execution-Aging Latent faults causes gradual deterioration of software with respect to the use of some resource resulting in a crash or hang.
  • 11. Conditions That Cause Instability Memory Leaks Poor Algorithms Missing Deadlines Roundoff Error Amplification Broken Pointers Register Misuse- Extinct bug reappears in multi-core machines
  • 12. Rejuvenation Concept Periodic preemptive rollback prevents future failures. Gracefully terminating an application at a known point allows restarting at a fixed and carefully tested initial state .
  • 13. Pragmatic Software Rejuvenation Instead of running a system for a year, run it one day 365 times Prevents many future failures. Restarts at a known and clean internal state.
  • 14. History 1960’s: Anti-missile “On-Interrupt” Code 1970’s: Store and Forward 1980s: Billing Data Collector
  • 15. 1980s: Billing Data Collector Snap shots of switch call records 600 switches/ system Daily rejuvenation Crash-free & Hang-free
  • 16. History 1960’s: Anti-missile “On-Interrupt” Code 1970’s: Store and Forward 1980s: Billing Data Collector 1990’s: R&D emerges from Bell Labs and Duke with industrial use State-of-the-Practice: Scenario, regression and automatic testing State-of-the-Art: Agility & Software Failure Prevention
  • 17. Case Study: Network Management System System monitors network equipment. Messages are trigger by network events I/O Buffer Sharing reduces memory required.
  • 18. Customer Complaint It crashed again!!!
  • 19. Failure Analysis Latent Fault in Buffer Flow Control. Software does not return ‘buffer full’ signal. Messages are written to full buffers. Messages are accepted,acknowleged and then partially dropped. Application waits and waits for a complete message.
  • 20. Solution Fix the bug by returning appropriate indicator, or Rejuvenate: Re-launch message handler and avoid the problem: When buffers are half full. Periodically. After hang is detected.
  • 21. Programmer Resistance to Rejuvenation Culture? Skepticism? Management? “Is the limited use of known good methods of software engineering a consequence of poor training?” National Research Council 1997
  • 22. Perspectives on the Profession Software Engineering is the 4 th Fastest Growing Occupation in 2009 Top-notch players remained employed Software Engineering/Project Managers continue to get raises Beware of ‘off-shoring’ a risky way to reduce costs by 20-30%.
  • 23. Ethics from IEEE & ACM Understand the problem Analyze safety and risks Humanize tasks Read & study Respect property rights and privacy Ship systems that work crash-free and hang-free Stand up and be counted.
  • 24. Re-engineer Your Career with a Stevens Software Engineering Graduate Certificate One year 4 courses (www.stevens.edu) Modular Format or WebCampus March 9-13: SSW533 with Laird May 14-15,18-20 SSW540 with Cohen August 24-28: SSW564/SYS625 with Barrese Jan 4 –8: SSW 565 with Cohen