3 - Dependability

Question 1

The transmission of a world cup football game in all countries stopped for 35 minutes
due to a software misconfiguration that crashed the central live streaming server in the
head quarters of the media company which is in charge of relaying the game.

Answer 1

Software misconfiguration -> Server crash -> Transmission stopped

Question 2

Broadband services were experienced as being slow several hours after the electricity
outage was created due to lightning.

Answer 2

Electricity outage -> Service overloaded after reboot -> Slow service

Question 3

In Java 1.6.0_21, the company field was changed from ‘Sun Microsystems, Inc’ to
‘Oracle.’ Some applications depend on that field to identify the virtual machine. For
example, all Eclipse versions since 3.3 including the recent Helios release (2010) have
been reported to crash with an OutOfMemoryError due to this change.

Answer 3

Field changed -> OutOfMemory error -> Software crash

Question 4

Where is the MEDL (message descriptor list) of a TTA bus stored and what is its role?

Answer 4

The Message Descriptor List (MEDL) of a TTA bus is stored in each TTP controller
and contains information about the time slots that each node has to send their
messages.

Question 5

Give an example technique that helps to discover early design faults in embedded realtime systems.

Answer 5

Design faults in embedded real-time systems can be discovered using simulation
techniques or formal verification.

Question 6

What is meant by platform independence, and why is it a good property in modelling
languages for real-time systems?

Answer 6

Platform independence applied to systems design means that one system can be
designed using abstract languages with independence of the underlying platform
architecture.
It is a good property because the design is reusable for many platforms just applying
some specific transformations.

Question 7

Application program timing faults can never be detected by the run-time
environment.

Answer 7

False, for example the operating system can detect tasks that miss a deadline.

Question 8

Simulation of the design of a program can be used to study run-time fault
tolerance properties.

Answer 8

True, because some of the faults can be tested in the simulation.

Question 9

Voting systems (e.g. triple modular redundancy) cannot be used to tolerate the
same software design fault appearing in every replica.

Answer 9

True, because in this case usually error manifestation will be the same in each
replica.

Question 10

Functional property

Answer 10

It defines what the system should do

Question 11

Extra-Functional property

Answer 11

It defines how the system should adapt to the

presence of faults.