Modeling software design diversity - A review

Design diversity has been used for many years now as a means of achieving a degree of fault tolerance in software-based systems. While there is clear evidence that the approach can be expected to deliver some increase in reli ability compared to a single version, there is no agreement about the exten t of this. More importantly, it remains difficult to evaluate exactly how. reliable a particular diverse fault-tolerant system is. This difficulty ari ses because assumptions of independence of failures between different versi ons have been shown to be untenable: assessment of the actual level of depe ndence present is therefore needed, and this is difficult. In this tutorial , we survey the modeling issues here, with an emphasis upon the impact thes e have upon the problem of assessing the reliability of fault-tolerant syst ems. The intended audience is one of designers, assessors, and project mana gers with only a basic knowledge of probabilities, as well as reliability e xperts without detailed knowledge of software, who seek an introduction to the probabilistic issues in decisions about design diversity.