Measuring Masking Fault-Tolerance

TL;DR

This paper introduces a quantitative measure of masking fault-tolerance in systems, capturing how well a system can hide faults without observable effects, and provides tools for automatic analysis.

Contribution

It defines a novel masking fault-tolerance distance using simulation relations and game theory, and implements a prototype tool for automatic measurement.

Findings

The masking distance is a directed pseudo metric.

The approach is validated on multiple case studies.

The tool effectively measures masking fault-tolerance levels.

Abstract

In this paper we introduce a notion of fault-tolerance distance between labeled transition systems. Intuitively, this notion of distance measures the degree of fault-tolerance exhibited by a candidate system. In practice, there are different kinds of fault-tolerance, here we restrict ourselves to the analysis of masking fault-tolerance because it is often a highly desirable goal for critical systems. Roughly speaking, a system is masking fault-tolerant when it is able to completely mask the faults, not allowing these faults to have any observable consequences for the users. We capture masking fault-tolerance via a simulation relation, which is accompanied by a corresponding game characterization. We enrich the resulting games with quantitative objectives to define the notion of masking fault-tolerance distance. Furthermore, we investigate the basic properties of this notion of masking distance, and we prove that it is a directed pseudo metric. We have implemented our approach in a prototype tool that automatically compute the masking distance between a nominal system and a fault-tolerant version of it. We have used this tool to measure the masking tolerance of multiple instances of several case studies