MAFALDA: Microkernel Assessment by Fault Injection and Design Aid

  • Manuel Rodríguez
  • Frédéric Salles
  • Jean-Charles Fabre
  • Jean Arlat
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1667)


MAFALDA is a generic experimental environment that is intended to support, for several microkernel candidates, both objectives of characterization of the failure modes in the presence of injected faults (internal or external) and of the incorporation of wrappers to improve these failure modes. After a short classification of current microkernel architectures and of their interactions between the application layer and the microkernel functional components, the paper presents the main features of MAFALDA with a focus on the fault injection and wrapping modules. The implementation of these modules is then described distinguishing the two main modes of interactions identified (library-based or trap-based). Some experimental results are presented that show the usefulness of the tool. The paper concludes by a summary of the main characteristics of MAFALDA and a brief discussion of our future work.


Failure Mode System Call Address Space Fault Injection Transient Fault 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    P. Koopman, J. Sung, C. Dingman, D. Siewiorek and T. Marz, “Comparing Operating Systems using Robustness Benchmarks”, in Proc. 16th IEEE Symp. on Reliable Distributed Systems, Durham, NC, USA, 1997, pp. 72–79.Google Scholar
  2. [2]
    J. Voas, “Certifying Off-The-Shelf Software Components”, Computer, vol. 31, pp. 53–59, June 1998.CrossRefGoogle Scholar
  3. [3]
    W. Kao, R. K. Iyer and D. Tang, “FINE: A Fault Injection and Monitoring Environment for Tracing the UNIX System Behavior under Faults”, IEEE Transactions on Software Engineering, vol. 19, pp. 1105–1118, 1993.CrossRefGoogle Scholar
  4. [4]
    P. Koopman and J. DeVale, “Comparing the Robustness of POSIX Operating Systems”, in 29th IEEE Int. Symp. on Fault-Tolerant Computing, Madison, WI, USA, 1999, pp. 30–37.Google Scholar
  5. [5]
    J.-C. Fabre, F. Salles, M. Rodríguez and J. Arlat, “Assessment of COTS Microkernels by Fault Injection”, in Proc. 7th Dependable Computing for Critical Applications, San Jose, CA, USA, 1999, pp. 19–38.Google Scholar
  6. [6]
    F. Salles, M. Rodríguez, J.-C. Fabre and J. Arlat, “MetaKernel anf Fault Containment Wrappers”, in 29th IEEE Int. Symp. on Fault-Tolerant Computing, Madison, WI, USA, 1999, pp. 22–29.Google Scholar
  7. [7]
    Chorus, “Chorus/ClassiX r3-Technical Overview”, no. Technical Report CS/TR-96-119.8, Chorus systems, 1996.Google Scholar
  8. [8]
    Chorus, “Chorus/ClassiX r3.1b for ix86-Product Description”, no. Technical Report CS/TR-96-221.1, Chorus systems, 1996.Google Scholar
  9. [9]
    VxWorks, “VxWorks Realtime Kernel”, WindRiver Systems, (see, 1998.
  10. [10]
    D. Hildebrand, “An Architectural overview of QNX”, in 1st Work. on Micro-Kernels and Other Kernel Architectures, Seattle, WA, USA, 1992, pp. 113–126.Google Scholar
  11. [11]
    A. Mahmood, D. M. Andrews and E. J. McCluskey, “Executable Assertions and Flight Software”, in Proc. 6th Digital Avionics Systems Conf., Baltimore, Maryland, USA, 1984, pp. 346–351.Google Scholar
  12. [12]
    C. Rabéjac, J.-P. Blanquart and J.-P. Queille, “Executable Assertions and Timed Traces for On-Line Software Error Detection”, in Proc. 26th Int. Symp. on Fault-Tolerant Computing, Sendai, Japan, 1996, pp. 138–147.Google Scholar
  13. [13]
    G. A. Kanawati, N. A. Kanawati and J. A. Abraham, “EMAX: An automatic Extractor of High-Level Error Models”, in Computing Aerospace Conff., San Diego, CA, USA, 1993, pp. 1297–1306.Google Scholar
  14. [14]
    E. Czeck, “Estimates of the Abilities of Software-Implemented Fault Injection to Represent Gate-Level Faults”, in Int. Work. on Fault and Error Injection for Dependability Validation of Computer Systems, Gothemburg, Sweden, 1993.Google Scholar
  15. [15]
    M. Rimén, I. Ohlsson and J. Torin, “On Microprocessor Error Behavior Modeling”, in 24th Int. Symp. on Fault Tolerant Computing, Austin, Texas, USA, 1994, pp. 76–85.Google Scholar
  16. [16]
    E. Fuchs, “Validating the Fail-Silent Assumption of the MARS Architecture”, in proc. 6th Dependable Computing for Critical Applications, Garmisch-Partenkirchen, Germany, 1998, pp. 225–247.Google Scholar
  17. [17]
    J. Carreira, H. Madeira and J. G. Silva, “Xception: A Technique for the Experimental Evaluation of Dependability in Modern Computers”, IEEE Transactions on Software Engineering, vol. 24, pp. 125–136, February 1998.CrossRefGoogle Scholar
  18. [18]
    F. Salles, J. Arlat and J. C. Fabre, “Can We Rely on COTS Microkernels for Building Fault-Tolerant Systems?”, in Proc. 6th Future Trends of Distributing Computing Systems, Tunis, Tunisia, 1997, pp. 189–194.Google Scholar
  19. [19]
    ARINC-653, “Avionics Application Software Standard Interface (ARINC 653)”, ARINC Working Group, (see

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Manuel Rodríguez
    • 1
  • Frédéric Salles
    • 1
  • Jean-Charles Fabre
    • 1
  • Jean Arlat
    • 1
  1. 1.LAAS-CNRS, 7 Avenue du Colonel RocheFrance

Personalised recommendations