Advertisement

Annotated Bibliography on Software Diversity

  • Udo Voges
Part of the Dependable Computing and Fault-Tolerant Systems book series (DEPENDABLECOMP, volume 2)

Abstract

This annotated bibliography is an attempt to list all relevant material which is related to software diversity. Nevertheless it will be incomplete and biased by the author. The author would welcome any further information on publications and work which should be contained in such a bibliography for later editions.

Keywords

Fault Tolerance Software Reliability Annotate Bibliography Triple Modular Redundancy Computer Control System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Reference

  1. 1.
    J. M. Adams, “On the Practicality of Software Redundancy,” in Proc. 20th Hawaii Intern. Conf. on System Sciences, Vol. 2, pp. 31–40, Kailua-Kona, HI, USA, 6–9 January 1987.Google Scholar
  2. 2.
    P. E. Ammann and J. C. Knight, “Data Diversity: An Approach to Software Fault Tolerance,” in Proc. 17th Intern. Symp. on Fault-Tolerant Computing FTCS’ 17, pp. 122–126, Pittsburgh, PA, USA, 6–8 July 1987.Google Scholar
  3. 3.
    M. Ancona, A. Clematis, G. Dodero, E. B. Fernandez, and V. Gianuzzi, “A System Architecture for Software Fault Tolerance,” in Proc. 3rd Intern. Conf. Fault- Tolerant Computing Systems, Vol. IFB 147, pp. 273–283, Bremerhaven, Germany, 9–11 September 1987.Google Scholar
  4. 4.
    T. Anderson and R. Kerr, “Recovery Blocks in Action: A System Supporting High Reliability,” in Proc. 2nd Intern. Conf on Software Engineering, pp. 447–457, San Francisco, CA, USA, 13–15 October 1976.Google Scholar
  5. 5.
    T. Anderson and P. A. Lee, Fault Tolerance: Principles and Practice, Prentice Hall, Englewood Cliffs, NJ, USA, 1981.Google Scholar
  6. 6.
    T. Anderson and J. C. Knight, “A Framework for Software Fault Tolerance in Real-Time Systems,” IEEE Trans, on Software Engineering, Vol. SE-9, No. 3, pp. 355–364, May 1983.Google Scholar
  7. 7.
    T. Anderson, “Can Design Faults be Tolerated?,” in Proc. 2nd GI/NTG/GMR- Fachtagung Fehlertolerierende Rechensysteme, Vol. IFB 84, pp. 426–433, Bonn, Germany, 19–21 September 1984.Google Scholar
  8. 8.
    T. Anderson, “Fault Tolerant Computing,” in Resilient Computing Systems, Ed. T. Anderson, Collins, London, 1985.Google Scholar
  9. 9.
    T. Anderson, D. N. Halliwell, P. A. Barrett, and M. R. Moulding, “An Evaluation of Software Fault Tolerance in a Practical System,” in Proc. 15th Intern. Symp. on Fault-Tolerant Computing FTCS’ 15, pp. 140–145, Ann Arbor, MI, USA, 19–21 June 1985.Google Scholar
  10. 10.
    T. Anderson, P. A. Barrett, D. N. Halliwell, and M. R. Moulding, “Software Fault Tolerance: An Evaluation,” IEEE Trans, on Software Engineering, Vol. SE-11, No. 12, pp. 1502–1510, December 1985.Google Scholar
  11. 11.
    T. Anderson, “A Structured Decision Mechanism for Diverse Software,” in Proc. 5th Symposium on Reliability in Distributed Software and Database Systems, pp. 125–129, Los Angeles, CA, USA, 13–15 January 1986.Google Scholar
  12. 12.
    H. S. Andersson and G. Hagelin, “Computer Controlled Interlocking System,” Ericsson Review, No. 2, pp. 74–80,1981.Google Scholar
  13. 13.
    J. Arlat, “Design of a Microcomputer Tolerating Faults Through Functional Diversity,” Dr. Eng. dissertation (in French), National Polytechnic Institute, Toulouse, F, April 1979.Google Scholar
  14. 14.
    A. Avižienis, “Fault-Tolerance and Fault-Intolerance: Complementary Approaches to Reliable Computing,” in Proc. Intern. Conf. on Reliable Software, pp. 458–464, Los Angeles, CA, USA, 21–23 April 1975.Google Scholar
  15. 15.
    A. Avižienis, “Fault-Tolerant Computing - Progress, Problems, and Prospects,” in Proc. IFIP Information Processing 77, pp. 405–420, Toronto, Canada, August 1977.Google Scholar
  16. 16.
    A. Avižienis and L. Chen, “On the Implementation of N-Version Programming for Software Fault-Tolerance During Program Execution,” in Proc. COMPSAC 77, pp. 149–155, Chicago, IL, USA, November 1977.Google Scholar
  17. 17.
    A. Avižienis, “Fault Tolerance: The Survival Attribute of Digital Systems,” Proc. IEEE, Vol. 66, No. 10, pp. 1109–1125, October 1978.Google Scholar
  18. 18.
    A. Avižienis, “Design Diversity - The Challenge for the Eighties,” in Proc. 12th Intern. Symp. on Fault-Tolerant Computing FTCS’12, pp. 44–45, Santa Monica, CA, USA, June 1982.Google Scholar
  19. 19.
    A. Avižienis, “Design Diversity: An Approach to Fault Tolerance of Design Faults,” in AFIPS Vol. 53,1984.Google Scholar
  20. 20.
    A. Avižienis and J. P. J. Kelly, “Fault-Tolerance by Design Diversity: Concepts and Experiments,” IEEE Computer, Vol. 17, No. 8, pp. 67–80, August 1984.Google Scholar
  21. 21.
    A. Avižienis, P. Gunningberg, J. P. J. Kelly, R. T. Lyu, L. Strigini, P. J. Traverse, K. S. Tso, and U. Voges, “Software Fault-Tolerance by Design Diversity; DEDIX: A Tool for Experiments,” in Proc. IF AC Workshop SAFECOMP’85, pp. 173–178, Como, Italy, 1–3 October 1985.Google Scholar
  22. 22.
    A. Avižienis, P. Gunningberg, J. P. J. Kelly, L. Strigini, P. J. Traverse, K. S. Tso, and U. Voges, “The UCLA DEDIX System: A Distributed Testbed for Multiple- Version Software,” in Proc. 15th Intern. Symp. on Fault-Tolerant Computing FTCS’15, pp. 126–134, Ann Arbor, MI, USA, 19–21 June 1985.Google Scholar
  23. 23.
    A. Avižienis, “The N-Version Approach to Fault-Tolerant Software,”IEEE Trans. Software Engineering, Vol. SE-11, No. 12, pp. 1491–1501, December 1985.Google Scholar
  24. 24.
    A. Avižienis and J.-C. Laprie, “Dependable Computing: From Concepts to Design Diversity,” IEEE Proceedings, Vol. 74, No. 5, pp. 629–638, May 1986.Google Scholar
  25. 25.
    A. Avižienis and D. A. Rennels, “The Evolution of Fault Tolerant Computing at the Jet Propulsion Laboratory and at UCLA: 1955 - 1986,” in The Evolution of Fault- Tolerant Computing, Ed. A. Avižienis, H. Kopetz, and J.-C. Laprie, pp. 141–191, Springer-Verlag Wien New York, 1987.Google Scholar
  26. 26.
    B. Bhargava, “Software Reliability in Real-Time Systems,” in Proc. National Computer Conference, pp. 297–309, Chicago, 1981.Google Scholar
  27. 27.
    P. Bishop, D. Esp, M. Barnes, P. Humphreys, G. Dahll, J. Lahti, and S. Yoshimura, “Project on Diverse Software - An Experiment in Software Reliability,” in Proc. IF AC Workshop SAFECOMP’85, pp. 153–158, Como, Italy, 1–3 October 1985.Google Scholar
  28. 28.
    J. P. Black, D. J. Taylor, and D. E. Morgan, “A Case Study in Fault Tolerant Software,”Software - Practice and Experience, Vol. 11, pp. 145–157,1981.Google Scholar
  29. 29.
    S. S. Brilliant, J. C. Knight, and N. G. Leveson, “Analysis of Faults in an N- Version Software Experiment,” TR-86–20, University of Virginia, September 1986.Google Scholar
  30. 30.
    S. S. Brilliant, J. C. Knight, and N. G. Leveson, “The Consistent Comparison Problem in N-Version Software,” ACM Sigsoft SEN, Vol. 12, No. 1, pp. 29–34, January 1987.Google Scholar
  31. 31.
    J. E. Brunelle and D. E. Eckhardt, “Fault-Tolerant Software: Experiment with the SIFT Operating System,” in Proc. AIAA/ACM/NASA/IEEE Computers in Aerospace VConf, pp. 355–360, Long Beach, CA, USA, 21–23 October 1985.Google Scholar
  32. 32.
    A. K. Caglayan and D. E. Eckhardt, “Systems Approach to Software Fault Tolerance,” in Proc. AIAA/ACM/NASA/IEEE Computers in Aerospace V Conference, pp. 361–369, Long Beach, CA, USA, 21–23 October 1985.Google Scholar
  33. 33.
    S. D. Cha, “A Recovery Block Model and its Analysis,” in Proc. IF AC Workshop Safety of Computer Control Systems 1986 (SAFECOMF86), pp. 21–26, Sarlat, France, 14–17 October 1986.Google Scholar
  34. 34.
    A. Cheilan and J.-C. Laprie, “Software Fault Tolerance: Why, How and How Much,” LAAS Report No. 87077, March 1987.Google Scholar
  35. 35.
    L. Chen and A. Avižienis, “N-Version Programming: A Fault-Tolerance Approach to Reliability of Software Operation,” in Proc. 8th Intern. Symp. on Fault-Tolerant Computing FTCS’8, pp. 3–9, Toulouse, France, 21–23 June 1978.Google Scholar
  36. 36.
    L. Chen, “Improving Software Reliability by N-Version Programming,” ENG- 7843, UCLA, Computer Science Department, Los Angeles, CA, USA, August 1978.Google Scholar
  37. 37.
    D. G. Clews, “Post Certification Aspects of Digital Systems - Pain or Pleasure for the Operator?,” in Proc. Conf. Intern. Federation of Airworthiness, Singapore, June 1983.Google Scholar
  38. 38.
    J. P. Considine and J. J. Myers, “MARC: MVS Archival Storage and Recovery Program,” IBM Systems Journal, Vol. 4, pp. 378–397,1977.Google Scholar
  39. 39.
    J. D. Cummins, “Fault Detection Using Inverse Transfer Characteristic Software,” in Proc. IFAC Workshop SAFECOMF’86, pp. 73–81, Sarlat, France, 14–17 October 1986.Google Scholar
  40. 40.
    G. Dahll, U. S. Jorgensen, J. M. Holso, and J. Lahti, “Examination of Methods for Production and Testing of Highly Reliable Programmes,” in Enlarged Halden Programme Group Meeting, Fredrikstad, Norway, 6–9 June 1977.Google Scholar
  41. 41.
    G. Dahll and J. Lahti, “An Investigation of Methods for Production and Verification of Highly Reliable Software,” in Proc. IFAC Workshop SAFECOMF79, pp. 89–94, Stuttgart, Germany, 16–18 May 1979.Google Scholar
  42. 42.
    P. A. Davies, “The Latest Developments in Automatic Train Control,” in Proc. Intern. Conf on Railway Safety Control and Automation Towards the 21st Century, pp. 272–279, London, United Kingdom, 25–27 September 1984.Google Scholar
  43. 43.
    G. Demars, E. Girard, and J.-C. Rault, “APL in a Two-Step Programming Technique for Developing Complex Programs,” in Proc. APL Congress 73, pp. 83–90, Copenhagen, Denmark, 22–24 August 1973.Google Scholar
  44. 44.
    K. H. Dorato, “Fault Tolerant Multi-Version Software: The Problem of Similar Errors,” Master Thesis, University of California Los Angeles, 1986.Google Scholar
  45. 45.
    J. R. Dunham, “Software Errors in Experimental Systems Having Ultra-Reliability Requirements,” in Proc. 16th Intern. Symp. on Fault-Tolerant Computing FTCS’16, pp. 158–164, Wien, Austria, 1–4 July 1986.Google Scholar
  46. 46.
    J. R. Dunham and L. A. Lauterbach, “Reliability Analysis of a Three-Version Software System,” in Proc. COMPSAC’86, pp. 484–490, Chicago, IL, USA, 8–10 October 1986.Google Scholar
  47. 47.
    J. R. Dunham, “Experiments in Software Reliability: Life-Critical Applications,” IEEE Trans, on Software Engineering, Vol. SE-12, No. 1, pp. 110–123, January 1986.Google Scholar
  48. 48.
    W. R. Dunn, “Software Reliability: Measures and Effects in Flight Critical Digital Avionics Systems,” in Proc. IEEE/AIAA 7th Digital Avionics Systems Conf, pp. 664–669, Fort Worth, TX, USA, 13–16 October 1986.Google Scholar
  49. 49.
    D. E. Eckhardt and L. D. Lee, “An Analysis of the Effects of Coincident Errors on Multi-Version Software,” in Proc. AIAA/ACM/NASA/IEEE Computers in Aerospace V Conference, pp. 370–373, Long Beach, CA, USA, 21–23 October 1985.Google Scholar
  50. 50.
    D. E. Eckhardt and L. D. Lee, “A Theoretical Basis for the Analysis of Multiversion Software Subject to Coincident Errors,” IEEE Trans, on Software Engineering, Vol. SE-11, No. 12, pp. 1511–1517, December 1985.Google Scholar
  51. 51.
    W. Ehrenberger and M. Kersken, “Zuverlässigkeitseigenschaften diversitärer Programmsysteme (Reliability of Diverse Programs - in German),” in Proc. Fachtagung Prozeßrechner 1981, pp. 230–239, München, Germany, 10–11 March 1981.Google Scholar
  52. 52.
    W. Ehrenberger, “Safety, Availability, and Cost Questions about Diversity,” in Proc. IFAC Conference on Control in Transportation Systems, pp. 261–267, Baden-Baden, Germany, April 1983.Google Scholar
  53. 53.
    W. R. Elmendorf, “Fault-Tolerant Programming,” in Proc. 2nd Intern. Symp. on Fault-Tolerant Computing FTCS’2, pp. 79–83, Newton, MA, USA, 19–21 June 1972.Google Scholar
  54. 54.
    R. S. Fabry, “Dynamic Verification of Operating System Decisions,” Communications of the ACM, Vol. 16, No. 11, pp. 659–668, November 1973.Google Scholar
  55. 55.
    F. Fetsch, L. Gmeiner, and U. Voges, “Entwurf eines hochzuverlâssigen redundanten Mikrorechnernetzes (Design of a High Reliable Redundant Microcomputer Network - in German),” in Proc. GI -11. Jahrestagung, pp. 317–326, Miinchen, Germany, 20–23 October 1981.Google Scholar
  56. 56.
    O. Firschein and M. S. Fischler, “Fault Tolerance Hardware and Software Techniques for Communications Multiprocessors,” in Proc. National Electronics Conf, Vol. 29, pp. 57–61,1974.Google Scholar
  57. 57.
    M. A. Fischler and O. Firschein, “A Fault Tolerant Architecture for Real Time Control Applications,” in Proc. 1st Annual Symp. on Computer Architecture, Florida, USA, December 1973.Google Scholar
  58. 58.
    M. A. Fischler, O. Firschein, and D. L. Drew, “Distinct Software: An Approach to Reliable Computing,” in Proc. Second US A-Japan Computer Conference, pp. 573–579,1975.Google Scholar
  59. 59.
    R. Frullini and A. Lazzari, “Use of Microprocessor in Fail-Safe on Board Equipment,” in Proc. Intern. Conf. on Railway Safety Control and Automation Towards the 21st Century, pp. 292–299, London, United Kingdom, 25–27 September 1984.Google Scholar
  60. 60.
    J. R. Garman, “The ’Bug’ Heard ’Round the World,” ACM Sigsoft SEN, Vol. 6, No. 5, pp. 3–10, October 1981.Google Scholar
  61. 61.
    J. Gayen, “Ein Beitrag zum Thema Diversitat in Sicherungseinrichtungen spurgebundener Verkehrssysteme (A Contribution to the Topic Diversity in Safety Systems for Railway Traffic Systems - in German),” Signal + Draht, Vol. 75, No. 1/2, pp. 12–15,1983.Google Scholar
  62. 62.
    W. Geiger, L. Gmeiner, H. Trauboth, and U. Voges, “Program Testing Techniques for Nuclear Reactor Protection Systems,” IEEE Computer, Vol. 12, No. 8, pp. 1018, August 1979.Google Scholar
  63. 63.
    D.P. Geller, “Coding in Two Languages Boots Program Reliability,” Electronic Design, Vol. 31, No. 7, pp. 161–170, March 1983.Google Scholar
  64. 64.
    T. Gilb, “Parallel Programming,” Datamation, Vol. 20, No. 10, pp. 160–161, October 1974.Google Scholar
  65. 65.
    T. Gilb, “Data Engineering,” Studentlitteratur, Lund, 1976.Google Scholar
  66. 66.
    T. Gilb, Software Metrics, Studentlitteratur, Lund, Sweden, 1976.Google Scholar
  67. 67.
    E. Girard and J.-C. Rault, “A Programming Technique for Software Reliability,” 1st IEEE Symposium on Computer Software Reliability, pp. 44–50,1973.Google Scholar
  68. 68.
    L. Gmeiner and U. Voges, “Software Diversity in Reactor Protection Systems: An Experiment,” in Proceedings IF AC Workshop Safety of Computer Control Systems, pp. 75–79, Stuttgart, Germany, 16–18 May 1979.Google Scholar
  69. 69.
    L. Gmeiner and U. Voges, “Experimentelle Untersuchungen zur Software- Diversität (Experimental Evaluation of Software Diversity - in German),” in KFK- PDV179, pp. 126–139, Kernforschungszentrum Karlsruhe, December 1979.Google Scholar
  70. 70.
    J. Goldberg, “SIFT: A Provable Fault-Tolerant Computer for Aircraft Flight Control,” in Proc. IFIP Congress Information Processing 80, pp. 151–156, Tokyo, Japan, 6–9 October 1980.Google Scholar
  71. 71.
    B. A. Golovkin, “Multiversion Programming and its Application,” Autom. & Remote Control, Vol. 47, No. 7, pp. 877–903, July 1986.Google Scholar
  72. 72.
    C. J. Goring, “A Practical Approach to Diversity and Redundancy,” in IEE Colloquium on ’Programmable Electronic Systems and Safety - HSE Guidelines’, Vol. Digest No. 74, pp. 7/1–3, IEE, London, England, 9 June 1987.Google Scholar
  73. 73.
    T. Grams, “Diversitäre Programmierung: Kein Allheilmittel (Software Diversity: No Cure-All - in German),” Informationstechnik, Vol. 28, No. 4, pp. 196–203, 1986.Google Scholar
  74. 74.
    T. Grams, “Biased Programming Faults - How to Overcome them?,” in Proc. 3rd Intern. Conf. Fault-Tolerant Computing Systems, Vol. IFB 147, pp. 13–23, Bremerhaven, Germany, 9–11 September 1987.Google Scholar
  75. 75.
    S. T. Gregory and J. C. Knight, “A New Linguistic Approach to Backward Error Recovery,” in Proc. 15th Intern. Symp. on Fault-Tolerant Computing FTCS’15, pp. 404–409, Ann Arbor, MI, USA, 19–21 June 1985.Google Scholar
  76. 76.
    W. Grigulewitsch, K. Meffert, and G. Reuß, “Aufbau elektrischer Maschinensteuerungen mit diversitärer Redundanz (Design of Electrical Machine Control Systems with Diverse Redundancy - in German),” BIA - Report 5/86,1986.Google Scholar
  77. 77.
    A. Grnarov, J. Arlat, and A. Avižienis, “On the Performance of Software Fault- Tolerance Strategies,” in Proc. 10th Intern. Symp. on Fault-Tolerant Computing FTCS’10, pp. 251–253, Kyoto, Japan, 1–3 October 1980.Google Scholar
  78. 78.
    K.-E. Großpietsch and U. Voges, “Methoden der Fehlerbehandlung (Methods for Error Handling - in German),” Informatik-Spektrum, Vol. 9, No. 2, pp. 95–109, April 1986.Google Scholar
  79. 79.
    P. Gunningberg and B. Pehrson, “Specification and Verification of a Synchronization Protocol for Comparison of Results,” in Proc. 15th Intern. Symp. on Fault- Tolerant Computing FTCS’15, pp. 172–177, Ann Arbor, MI, USA, 19–21 June 1985.Google Scholar
  80. 80.
    J. P. Hack, “Digitale Elektronik in Verkehrsflugzeugen (Digital Electronic in Airplanes - in German),” in DGLR-Symposium, Köln, Germany, 25–26 October 1983.Google Scholar
  81. 81.
    H. Hecht, “Fault-Tolerant Software for Real-Time Applications,” ACM Computing Surveys, Vol. 8, No. 4, pp. 391–407, December 1976.MATHGoogle Scholar
  82. 82.
    H. Hecht, “Fault-Tolerant Software,” IEEE Trans. Reliability, Vol. R-28, No. 3, pp. 227–232, August 1979.Google Scholar
  83. 83.
    H. Hecht,“Current Issues in Fault Tolerant Software,” in Proc. COMP SAC 80, pp. 603–607, Chicago, IL, USA, 1980.Google Scholar
  84. 84.
    H. Hecht and M. Hecht, “Fault-Tolerant Software,” in Fault-tolerant computing. Theory and techniques. Vol. II, Ed. D. K. Pradhan, pp. 658–696, Prentice-Hall, En- glewood Cliffs, NJ, USA, 1986.Google Scholar
  85. 85.
    G. Heiner, “Introduction to Software Reliability - A Key Issue of Computing Systems Reliability,” in AGARD-CP-261, pp. 30.1–30.13, April 1979.Google Scholar
  86. 86.
    A. D. Hills, “A 310 Slat and Flap Control System Management and Experience,” in Proc. 5th DASC, November 1983.Google Scholar
  87. 87.
    A. D. Hills, “Digital Fly-by-Wire Experience,” in Nato AGARD Conf., Edmunds AFB, CA, USA, October 1985.Google Scholar
  88. 88.
    E. F. Hitt and J. J. Webb, “A Fault-Tolerant Software Strategy for Digital Systems,” AIAA/IEEE 6th Digital Avionics Systems Conference, pp. 211–216, Baltimore, MD, USA, 3–6 December 1984.Google Scholar
  89. 89.
    H. Hofer, “Erfahrungen mit Flight Standard Software (Experience with Flight Standard Software - in German),” in Proc. DGLR-Symposium, Köln, Germany, 25–26 October 1983.Google Scholar
  90. 90.
    J. J. Horning, H. C. Lauer, P. M. Melliar-Smith, and B. Randell, “A Program Structure for Error Detection and Recovery,” in Proc. Intern. Symp. on Operating Systems, pp. 171–187, Rocquencourt, France, 23–25 April 1974.Google Scholar
  91. 91.
    H. Hölscher and J. Rader, Mikrocomputer in der Sicherheitstechnik (Microcomputers in Safety-Related Applications - in German), TÜV Rheinland, 1984.Google Scholar
  92. 92.
    R. K. Iyer, K. Ravishankar, and P. Velardi, “A Statistical Study of Hardware Related Software Errors in MVS,” No. 83–12, Stanford University, Center for Reliable Computing, Stanford, CA, USA, October 1983.Google Scholar
  93. 93.
    N. Jack, “Analysis of a Repairable 2-Unit Parallel Redundant System with Dependent Failures,” IEEE Trans, on Ret., Vol. R-35, pp. 444–446, October 1986.MATHGoogle Scholar
  94. 94.
    E. J. Joyce, “The Art of Space Software,” Datamation, Vol. 31, No. 22, pp. 30–34, 15 November 1985.Google Scholar
  95. 95.
    H. Kameda, “The Module Standby Organization: A Scheme for more Reliable Operating Systems,” in Proc. IEEE 3rd Texas Conf. on Computing Systems, pp. 10–2/1 -10–2/4, Austin, TX, USA, 1974.Google Scholar
  96. 96.
    U. M. Kammerer, “Einsatzbedingungen fiir Mini- und Mikrorechner in Kernkraftwerken (Requirements for the Use of Mini- and Microcomputers in Nuclear Power Stations - in German),” RWFÜV-Schriftenreihe, Vol. 22, pp. 46–51, 1983.Google Scholar
  97. 97.
    K.-H. Kapp, R. Daum, E. Sartori, and R. Harms, “Sicherheit durch vollständige Diversität (Safety Through Complete Diversity - in German),” in Proc. Fachtagung Prozeßrechner 1981, pp. 216–229, München, Germany, 10–11 March 1981.Google Scholar
  98. 98.
    K.-H. Kapp, “Eine Methode zur Konstruktion und Überprüfung sicherheitsrelevanter Automatisierungssoftware (A Method for the Construction and Validation of Safety-Relevant Automation Software - in German),” Diss., Universität Karlsruhe, Fakultät für Informatik, July 1985.Google Scholar
  99. 99.
    J. P. J. Kelly, “Specification of Fault-Tolerant Multi-Version Software: Experimental Studies of a Design Diversity Approach,” CSD-820927, UCLA, Computer Science Department, Los Angeles, CA, USA, September 1982.Google Scholar
  100. 100.
    J. P. J. Kelly and A. Avižienis, “A Specification Oriented Multi-Version Software Experiment,” in Proc. 13 th Intern. Symp. on Fault-Tolerant Computing FTCS’13, pp. 121–126, Milan, Italy, June 1983.Google Scholar
  101. 101.
    J. P. J. Kelly, A. Avižienis, B. T. Ulery, B. J. Swain, R.-T. Lyu, A. Tai, and K.-S. Tso, “Multi-Version Software Development,” in Proc. IF AC Workshop Safety of Computer Control Systems 1986 (SAFECOMF 86), pp. 43–49, Sarlat, France, 14–17 October 1986.Google Scholar
  102. 102.
    M. Kersken and W. Ehrenberger, “A Statistical Assessment of Reliability Features of Diverse Programs,” Reliability Engineering, Vol. 2, pp. 233–240,1981.Google Scholar
  103. 103.
    K. H. Kim, “Distributed Execution of Recovery Blocks: Approach to Uniform Treatment of Hardware and Software Faults,” in Proc. 4th Intern. Conf. Distributed Computing Systems, pp. 526–532, San Francisco, CA, USA, 14–18 May 1984.Google Scholar
  104. 104.
    J. C. Knight and N. G. Leveson, “Correlated Failures in Multi-Version Software,” in Proc. IFAC SAFECOMF85, pp. 159–165, Como, Italy, 1–3 October 1985.Google Scholar
  105. 105.
    J. C. Knight, N. G. Leveson, and L. D. St. Jean, “A Large Scale Experiment in N- Version Programming,” in Proc. 15th Intern. Symp. on Fault-Tolerant Computing FTCS’15, pp. 135–139, Ann Arbor, MI, USA, 19–21 June 1985.Google Scholar
  106. 106.
    J. C. Knight and N. G. Leveson, “An Empirical Study of Failure Probabilities in Multi-Version Software,” in Proc. 16th Intern. Symp. on Fault-Tolerant Computing FTCS’16, pp. 165–170, Wien, Austria, 1–4 July 1986.Google Scholar
  107. 107.
    J. C. Knight, “Data Diversity - A New Approach to Fault-Tolerant Software,” in Proc. 11th Annual Software Engineering Workshop, NASA Goddard Space Flight Center, 3 December 1986.Google Scholar
  108. 108.
    J. C. Knight and N. G. Leveson, “An Experimental Evaluation of the Assumption of Independence in Multiversion Programming,” IEEE Trans, on Software Engineering, Vol. SE-12, No. 1, pp. 96–109, January 1986.Google Scholar
  109. 109.
    R. Konakovsky, “On a Diversified Parallel Microcomputer System,” in Proc. IFAC Workshop SAFECOMP’79, pp. 81–88, Stuttgart, Germany, 16–18 May 1979.Google Scholar
  110. 110.
    H. Kopetz, “Software Redundancy in Real Time Systems,” Proc. Information Processing 74, pp. 182–186, Stockholm, Sweden, 5–10 August 1974.Google Scholar
  111. 111.
    H. Krebs and U. Haspel, “Ein Verfahren zur Software-Verifikation (A Technique for Software Verification - in German),” Regelungstechnische Praxis, Vol. 26, pp. 73–78,1984.Google Scholar
  112. 112.
    H. Krebs, “Verification of Safety Related Programs for a Maglev System,” in Proc. 5th IFACHFIP/IFORS Conf. Control in Transportation Systems, pp. 357–363, Vienna, Austria, 8–11 July 1986.Google Scholar
  113. 113.
    J.-C. Laprie, “Dependability Evaluation of Software Systems in Operation,” IEEE Trans, on Software Engineering, Vol. SE-10, No. 6, pp. 701–714, November 1984.Google Scholar
  114. 114.
    J.-C. Laprie, “Dependable Computing and Fault Tolerance: Concepts and Terminology,” in Proc. 15th Intern. Symp. on Fault-Tolerant Computing FTCS’15, pp. 2–11, Ann Arbor, MI, USA, 19–21 June 1985.Google Scholar
  115. 115.
    J.-C. Laprie, J. Arlat, C. Beounes, C. Hourtolle, and K. Kanoun, “Software Fault Tolerance,” LAAS 86.044 (in French), April 1986.Google Scholar
  116. 116.
    U Voges Preparatory work performed for the Hermes space shuttle.Report 86.357, December 1986.Google Scholar
  117. 117.
    J.-C. Laprie, J. Arlat, C. Beounes, K. Kanoun, and C. Hourtolle, “Hardware- and Software-Fault Tolerance: Definition and Analysis of Architectural Solutions,” in Proc. 17th Intern. Symp. on Fault-Tolerant Computing FTCS’17, pp. 116–121, Pittsburgh, PA, USA, 6–8 July 1987.Google Scholar
  118. 118.
    D. Lardner, “Babbage’s Calculating Engine; From the Edinburgh Review, July, 1834, No. CXX,” in Charles Babbage and His Calculating Engines, Ed. E. Morrison, Dover Publications, Inc. New York, 1961.Google Scholar
  119. 119.
    R. Lauber, “Safe Software by Functional Diversity,” EWICS TC 7 WP 37,1975.Google Scholar
  120. 120.
    N. G. Leveson, “An Empirical Study of Error Detection Using Self-Test,” in Proc. 11th Annual Software Engineering Workshop, NASA Goddard Space Flight Center, 3 December 1986.Google Scholar
  121. 121.
    N. G. Leveson, “Software Fault Tolerance in Safety-Critical Applications,” in Proc. 3rd Intern. Conf. Fault-Tolerant Computing Systems, Vol. IFB 147, pp. 1–12, Bremerhaven, Germany, 9–11 September 1987.Google Scholar
  122. 122.
    K.-J. Lin, “Resilient Procedures - an Approach to Highly Available System,” in Proc. IEEE 1986 Intern. Conf. on Computer Languages, pp. 98–106, Miami, FL, USA, 27–30 October 1986.Google Scholar
  123. 123.
    O. Berg von Linde, “Computers Can Now Perform Vital Functions Safely,” Railway Gazette International, pp. 1004–1007, November 1979.Google Scholar
  124. 124.
    L. Liotta and D. Sciuto, “Static and Dynamic Redundancy: Proposal and Evaluation of Two Constructs of Software Fault Tolerance,” in Proc. 11th EUROMICRO Symposium on Microprocessing and Microprogramming: Microcomputers, Usage and Design., pp. 463–473, Brussels, Belgium, 3–6 September 1985.Google Scholar
  125. 125.
    B. Littlewood and D. R. Miller, “A Conceptual Model of Multi-Version Software,” CSR Technical Report, December 1986.Google Scholar
  126. 126.
    B. Littlewood and D. R. Miller, “A Conceptual Model of Multi-Version Software,” in Proc. 17th Intern. Symp. on Fault-Tolerant Computing FTCS’17, pp. 150–155, Pittsburgh, PA, USA, 6–8 July 1987.Google Scholar
  127. 127.
    B. Littlewood and D. R. Miller, “A Conceptual Model of the Effect of Diverse Methodologies on Coincident Failures in Multi-Version Software,” in Proc. 3rd Intern. Conf. Fault-Tolerant Computing Systems, Vol. IFB 147, pp. 263–272, Bremerhaven, Germany, 9–11 September 1987.Google Scholar
  128. 128.
    A. B. Long, C. V. Ramamoorthy, S. F. Ho, H. H. So, H. L. Reeves, and E. A. Strak-er, “A Methodology for the Development and Validation of Critical Software for Nuclear Power Plants,” in Proc. COMP SAC 77, pp. 620–626, Chicago, IL, USA, November 1977.Google Scholar
  129. 129.
    S. V. Makam, “Design Study of a Fault-Tolerant Computer System to Execute N- Version Software,” CSD-821222, UCLA, Computer Science Department, Los Angeles, CA, USA, December 1982.Google Scholar
  130. 130.
    L. Mancini and G. Pappalardo, “The Join Algorithm: Ordering Messages in Replicated Systems,” in Proc. IFAC Workshop SAFECOMP’86, pp. 51–55, Sarlat, France, 14–17 October 1986.Google Scholar
  131. 131.
    D. J. Martin, “Dissimilar Redundancy for Fly-by-Wire Secondary Flight Controls,” in Proc. Advanced Flight Controls Symposium, Colorado Springs, CO, USA, 1981.Google Scholar
  132. 132.
    D. J. Martin, “Dissimilar Software in High Integrity Applications in Flight Controls,” in Proc. AGARD Symp. on Software for Avionics, CPP-330, pp. 36.1–36.13, The Hague, The Netherlands, September 1982.Google Scholar
  133. 133.
    G. E. Migneault, “The Cost of Software Fault Tolerance,” in Proc. AGARD Symposium on Software for Avionics, CPP-330, pp. 37.1–37.8, The Hague, The Nether lands, 1982Google Scholar
  134. 134.
    J. S. Miller, “On Software Quality,” in Proc. 2nd Intern. Symp. on Fault-Tolerant Computing FTCS’2, pp. 84–88, Cambridge, MA, USA, 1972.Google Scholar
  135. 135.
    D. E. Morgan and D. J. Taylor, “A Survey of Methods of Achieving Reliable Software,” IEEE Computer, Vol. 10, No. 2, pp. 44–53, February 1977.MATHGoogle Scholar
  136. 136. M. A. Morris, “An Approach to the Desing of Fault-Tolerant Software,” MS Thesis, Cranfield Institute of Technology, September 1981.Google Scholar
  137. 137.
    M. R. Moulding, “Techniques for Achieving Software Fault Tolerance,” in IEE Colloquium on 1 High Integrity Systems - Theory and Practice’, Vol. Digest No. 112, pp. 2/1–11, London, England, 5 November 1986.Google Scholar
  138. 138.
    M. Mulazzani, “Reliability versus Safety,” in Proc. IF AC Workshop SAFECOMP’85, pp. 141–146, Como, Italy, 1–3 October 1985.Google Scholar
  139. 139.
    M. Mulazzani, “Reliability and Safety in Electronic Interlocking,” in Proc. 5th IFAC/IFIP/IFORS Conf. Control in Transportation Systems, pp. 321–328, Vienna, Austria, 8–11 July 1986.Google Scholar
  140. 140.
    N. N., “N-Version Simulator Interface. User’s Guide,” RTI/43U-2094–12, Research Triangle Institute, October 1983.Google Scholar
  141. 141.
    N. N., “Guidance on the Safe Use of Programmable Electronic Systems: Part 2: Safety Integrity Assessment. Draft Document,” Health and Safety Executive, Boo- tle, United Kingdom, 1984.Google Scholar
  142. 142.
    N. N., “Redundancy Management Software Requirements Specification for a Redundant Strapped Down Inertia Measurement Unit,” Version 2.0, Charles River Analytics, Research Triangle Institute, Research Triangle Park, N.C., 30 May 1985.Google Scholar
  143. 143.
    N. N., “Automatic Software Generation and Validation for Nuclear Power Plant Status Monitoring,” EPRI-NP-4784-SR, Palo Alto, 31 October 1986.Google Scholar
  144. 144.
    N. N., “Requirements for Software for Use with Digital Processors,” Navel Engineering Standard NES 620, United Kingdom Ministry of Defence, October 1986.Google Scholar
  145. 145.
    P. M. Nagel and J. A. Skrivan, “Software Reliability: Repetitive Run Experimentation and Modeling,” NASA CR-165836,1982.Google Scholar
  146. 146.
    H. G. Nix, “Sichere Mikroprozessorsysteme für Schutzaufgaben bei der Prozeßautomatisierung (Safe Microcomputer Systems for Safety Functions in Process Automation - in German),” Automatisierungstechnische Praxis, Vol. 28, No. 3, pp. 130–135,1986.Google Scholar
  147. 147.
    D. Nordenfors and A. Sjöberg, “Computer-Controlled Electronic Interlocking System ERILOCK 850,” Ericsson Review, No. 1, pp. 11–17,1986.Google Scholar
  148. 148.
    D. J. Panzl, “A Method for Evaluating Software Development Techniques,” Journal of Systems and Software, Vol. 2, No. 2, pp. 233–240, June 1981.Google Scholar
  149. 149.
    S. Pfleger, “Structuring Concepts for Robust Applications,” in Proc. COMP- SAC86, pp. 420–426, Chicago, IL, USA, 8–10 October 1986.Google Scholar
  150. 150.
    J. R. Popovic, D. C. Chan, D. B. Buijoijee, and B. K. Patterson, “Computer Control in Candu Plants,” in Symposium on Advanced Nuclear Services, CAN/CNS Intern. Nuclear Conference, Toronto, Canada, 8–11 June 1986.Google Scholar
  151. 151.
    C. V. Ramamoorthy, F. B. Bastani, J. M. Favaro, Y. R. Mok, C. W. Nam, and K. Suzuki, “A Systematic Approach to the Development and Validation of Critical Software for Nuclear Power Plants,” in Proc. 4th Intern. Conf. Software Engineering, pp. 231–240, München, Germany, 17–19 September 1979.Google Scholar
  152. 152.
    C. V. Ramamoorthy, Y. R. Mok, F. B. Bastani, G. H. Chin, and K. Suzuki, “Application of a Methodology for the Development and Validation of Reliable Process Control Software,” IEEE Trans, on Software Engineering, Vol. SE-7, No. 6, pp. 537–555, November 1981.Google Scholar
  153. 153.
    B. Randell, “System Structure for Software Fault Tolerance,” IEEE Trans, on Software Engineering, Vol. SE-1, No. 2, pp. 220–232, June 1975.Google Scholar
  154. 154.
    B. Randell, P. A. Lee, and P. C. Treleaven, “Reliability Issues in Computing System Design,” ACM Computing Surveys, Vol. 10, No. 2, pp. 123–165, June 1978.MATHGoogle Scholar
  155. 155.
    B. Randell, “Design Fault Tolerance,” in The Evolution of Fault-Tolerant Computing, Ed. A. Avižienis, H. Kopetz, and J.-C. Laprie, pp. 251–270, Springer-Verlag Wien New York, 1987.Google Scholar
  156. 156.
    J.-C. Rault, “Extension of Hardware Fault Detection Models to the Verification of Software,” in Program Test Methods, Ed. W. C. Hetzel, pp. 255–262, Prentice-Hall, Inc., Englewood Cliffs, NJ, USA, 1973.Google Scholar
  157. 157.
    J. C. Rouquet and P. J. Traverse, “Safe and Reliable Computing on Board the Airbus and ATR Aircraft,” in Proc. IF AC Workshop SAFECOMP’86, pp. 93–97, Sarlat, France, 14–17 October 1986.Google Scholar
  158. 158.
    F. Saglietti and W. Ehrenberger, “Software Diversity - Some Considerations about its Benefits and its Limitations,” in Proc. IF AC Workshop Safety of Computer Control Systems 1986 (SAFECOMP’86), pp. 27–34, Sarlat, France, 14–17 October 1986.Google Scholar
  159. 159.
    F. Saglietti and M. Kersken, “Quantitative Assessment of Fault-Tolerant Software Architecture,” in Proc. 3rd Intern. Conf. Fault-Tolerant Computing Systems, Vol. IFB 147, pp. 284–297, Bremerhaven, Germany, 9–11 September 1987Google Scholar
  160. 160.
    S. H. Saib, “Validation of Real-Time Software for Nuclear Plant Safety Applications,” EPRINP-2646, November 1982.Google Scholar
  161. 161.
    E. Schmidt, “Eine lebenswichtige System-Steuerung, die nicht ausfallen darf (A Life-Critical Control System which May not Fail - in German),” Minimicro Magazin, Vol. 2, No. 9, pp. 74–77, September 1986.Google Scholar
  162. 162.
    W. Schwier, Private communication, 1987.Google Scholar
  163. 163.
    R. K. Scott, “Data Domain Modeling of Fault-Tolerant Software Reliability,” Ph. D. Dissertation, North Carolina State Univ., Raleigh, NC, USA, 1983.Google Scholar
  164. 164.
    R. K. Scott, J. W. Gault, and D. F. McAllister, “The Consensus Recovery Block,” in Proc. Total Systems Reliability Symposium, pp. 74–85,1983.Google Scholar
  165. 165.
    R. K. Scott, J. W. Gault, and D. F. McAllister, “Modeling Fault-Tolerant Software Reliability,” in Proc. 3rd Symp. on Reliability in Distributed Software and Database Systems, pp. 15–27, Clearwater Beach, FL, USA, 17–19 October 1983.Google Scholar
  166. 166.
    R. K. Scott, J. W. Gault, D. F. McAllister, and J. Wiggs, “Investigation of Version Dependence in Fault-Tolerant Software,” in Proc. Avionics Panel Spring 1984 Meeting on Design for Tactical Avionics Maintainability, 1984.Google Scholar
  167. 167.
    R. K. Scott, J. W. Gault, D. F. McAllister, and J. Wiggs, “Experimental Validation of Six Fault-Tolerant Software Reliability Models,” in Proc. 14th Intern. Symp. on Fault-Tolerant Computing FTCS’14, pp. 102–107, Orlando, FL, USA, June 1984.Google Scholar
  168. 168.
    R. K. Scott, J. W. Gault, and D. F. McAllister, “Fault-Tolerant Software Reliability Modeling,” IEEE Trans, on Software Engineering, Vol. SE-13, No. 5, pp. 582–592, May 1987.Google Scholar
  169. 169.
    Kang G. Shin and Yann-Hang Lee, “Evaluation of Error Recovery Blocks Used for Cooperating Processes,” IEEE Trans. on Software Engineering, Vol. SE-10, No. 6, pp. 692–700, November 1984.Google Scholar
  170. 170.
    S. K. Shrivastava and A. A. Akinpelu, “Fault-Tolerant Sequential Progamming Using Recovery Blocks,” Computing Laboratory Technical Report 122, University of Newcastle upon Tyne, United Kingdom, March 1978.Google Scholar
  171. 171.
    S. K. Shrivastava, “Concurrent Pascal with Backward Error Recovery: Language Features and Examples,” Software - Practice and Experience, Vol. 9, No. 12, pp. 1001–1020, December 1979.MATHGoogle Scholar
  172. 172.
    A. Sjoberg, “Automatic Train Control,” Ericsson Review, No. 1, pp. 22–29,1981.Google Scholar
  173. 173.
    J. R. Sklaroff, “Redundancy Management Techniques for Space Shutde Computers,” IBM J. Res. Develop., Vol. 20, pp. 20–28, January 1976.Google Scholar
  174. 174.
    H. So, C. Nam, H. Reeves, T. Albert, E. Straker, S. Saib, and A. B. Long, “Experience with a Specification Language in the Dual Development of Safety System Software,” in Proc. IF AC Workshop SAFECOMP’79, pp. 161–167, Stuttgart, Germany, 16–18 May 1979.Google Scholar
  175. 175.
    M. D. Sonera, “A Methodology for the Design and Analysis of Fault-Tolerant Operating Systems,” PhD Dissertation, Illinois Institute of Technology, Chicago, IL, USA, May 1981.Google Scholar
  176. 176.
    B. J. Sterner, “Computerised Interlocking System - a Multidimensional Structure in the Pursuit of Safety,” IMechE Railway Engineer International, pp. 29–30, November/December 1978.Google Scholar
  177. 177.
    J. Stocker and J. Rauch, “CSTS: Ein Software-Testsystem für den TornadoAutopiloten (CSTS: A Cross Software Test System for the Tornado Autopilot - in German),” in Proc. DGLR-Symposium, Köln, Germany, 25–26 October 1983.Google Scholar
  178. 178.
    L. Strigini and A. Avižienis, “Software Fault Tolerance and Design Diversity: Past Experience and Future Evolution,” in Proc. IFAC Workshop SAFECO MP’85, pp. 167–172, Como, Italy, 1–3 October 1985.Google Scholar
  179. 179.
    B. J. Swain, “Group Branch Coverage Testing of Multi-Version Software,” UCLA-CSD-860013, Los Angeles, CA, USA, December 1986.Google Scholar
  180. 180.
    J. R. Taylor and U. Voges, “Use of Complementary Methods to Validate Safety Related Software Systems,” in Proc. IFAC 7th Triennial World Congress, pp. 731–737, Helsinki, Finland, 12–16 June 1978.Google Scholar
  181. 181.
    J. R. Taylor, “Redundant Programming in Europe,” ACM Sigsoft SEN, Vol. 6, No. l,pp. 1–2, January 1981.Google Scholar
  182. 182.
    N. Theuretzbacher, “Using AI-Methods to Improve Software Safety,” in Proc. IFAC Workshop SAFECO MF 86, Sarlat, France, 14–17 October 1986.Google Scholar
  183. 183.
    J. E. Tomayko, “NASA’s Manned Spacecraft Computers,” Annals of the History of Computing, Vol. 7, No. 1, pp. 7–18, January 1985.MathSciNetGoogle Scholar
  184. 184.
    H. Trauboth, “Zuverlässigkeit von DV-Systemen - Eine systemtechnische Aufgabe (Reliability in Process Control Systems: A Duty for System Technique - in German),” in Proc. Architektur und Betrieb von Rechensystemen, Vol. IFB 78, pp. 271–295, Karlsruhe, Germany, 26–28 March 1984.Google Scholar
  185. 185.
    R. Troy and C. Baluteau, “Assessment of Software Quality for the Airbus A310 Automatic Pilot,” in Proc. 15th Intern. Symp. on Fault-Tolerant Computing FTCS’15, pp. 438–443, Ann Arbor, MI, USA, 19–21 June 1985.Google Scholar
  186. 186.
    K. S. Tso, A. Avižienis, and J. P. J. Kelly, “Error Recovery in Multi-Version Software,” in Proc. IFAC Workshop Safety of Computer Control Systems 1986 (SAFECOMP’86), pp. 35–41, Sarlat, France, 14–17 October 1986.Google Scholar
  187. 187.
    K. S. Tso and A. Avižienis, “Community Error Recovery in N-Version Software: A Design Study with Experimentation,” in Proc. 17th Intern. Symp. on Fault-Tolerant Computing FTCS’17, pp. 127–133, Pittsburgh, PA, USA, 6–8 July 1987.Google Scholar
  188. 188.
    K. S. Tso, “Error Recovery in Multi-Version Software,” CSD-870013, UCLA, Los Angeles, CA, USA, March 1987.Google Scholar
  189. 189.
    D. B. Turner, R. D. Burns, and H. Hecht, “Designing Micro-Based Systems for Fail-Safe Travel,” IEEE Spectrum, Vol. 24, No. 2, pp. 58–63, February 1987.Google Scholar
  190. 190.
    P. Velardi, R. K. Iyer, and K. Ravishankar, “A Study of Software Failures and Recovery in the MVS Operating System,” No. 83–7, Stanford University, Center for Reliable Computing, Stanford, CA, USA, July 1983.Google Scholar
  191. 191.
    P. Velardi and R. K. Iyer, “A Study of Software Failures in the MVS Operating System,” IEEE Transactions on Computers, Vol. C-33, No. 6, pp. 564–568, June 1984.Google Scholar
  192. 192.
    U. Voges and J. R. Taylor, “A Survey of Methods for the Validation of Safety Related Software,” in Proc. IFAC Workshop SAFECOMF79, pp. 95–103, Stuttgart, Germany, 16–18 May 1979.Google Scholar
  193. 193.
    U. Voges, F. Fetsch, and L. Gmeiner, “Use of Microprocessors in a Safety-Oriented Reactor Shut-Down System,” in Proc. EURO CON’ 82, pp. 493–497, Lyngby, Denmark, 14–18 June 1982.Google Scholar
  194. 194.
    U. Voges, “Der Einsatz von Software-Diversität in Systemen mit hohen Zuverlässigkeitsanforderungen (The Use of Software Diversity in Systems with High Reliability Requirements - in German),” in Proc. Software-Fehlertoleranz und -Zuverlässigkeit, pp. 155–165, Bremerhaven, Germany, 1984Google Scholar
  195. 195.
    U. Voges, “Application of a Fault-Tolerant Microprocessor-Based Core- Surveillance System in a German Fast Breeder Reactor,” in EPRI Seminar: Digital Control and Fault-Tolerant Computer Technology, Scottsdale, AZ, USA, 9–12 April 1985.Google Scholar
  196. 196.
    U. Voges, “Anwendung von Software-Diversität in rechnergesteuerten Systemen (The Application of Software Diversity to Computer Controlled Systems - in German),” Automatisierungstechnische Praxis atp, Vol. 28, No. 12, pp. 583–588,1986.Google Scholar
  197. 197.
    G. Weber, L. Gmeiner, and U. Voges, “Methoden der Zuverlässigkeitsanalyse und -Sicherung bei Hardware und Software (Methods for Reliability Analysis and Achievement for Hardware and Software - in German),” in Proc. Zuverlässigkeit von Rechensystemen, Ed. W. Görke, pp. 71–96, Karlsruhe, Germany, 28–29 September 1978.Google Scholar
  198. 198.
    A. Y.-W. Wei, “Real-Time Programming with Fault Tolerance,” PhD Dissertation, University of Illinois, Urbana, IL, USA, 1981.Google Scholar
  199. 199.
    H. O. Welch, “Distributed Recovery Block Performance in a Real-Time Control Loop,” in Proc. Real-Time Systems Symposium, pp. 268–276, Arlington, VA, USA, 1983.Google Scholar
  200. 200.
    J. H. Wensley, “SIFT - Software Implemented Fault Tolerance,” in AFIPS Conf. Proc., Vol. 41, pp. 89–96,1972.Google Scholar
  201. 201.
    J. F. Williams, L. J. Yount, and J. B. Flannigan, “Advanced Autopilot-Flight Director System Computer Architecture for Boeing 737–300 Aircraft,” in Proc. Fifth Digital Avionics Systems Conference, Seattle, WA, USA, 30 October - 3 November 1983.Google Scholar
  202. 202.
    N. C. J. Wright, “Dissimilar Software,” in Workshop ’Design Diversity in Action’ Baden, Austria, 27–28 June 1986.Google Scholar
  203. 203.
    S. Yoshimura, “Strategy for Back-to-Back Testing in the Project on Diverse Software (PODS),” HWR-97, OECD Halden Reactor Project, May 1983.Google Scholar
  204. 204.
    L. J. Yount, “Architectural Solutions to Safety Problems of Digital Flight-Critical Systems for Commercial Transports,” in Proc. of the AIAA/IEEE 6th Digital Avionics Systems Conf, pp. 28–35, Baltimore, MD, USA, 3–6 December 1984.Google Scholar
  205. 205.
    L. J. Yount, K. A. Liebel, and B. H. Hill, “Fault Effect Protection and Partitioning for Fly-by-Wire and Fly-by-Light Avionics Systems,” in Proc. AIAA/ACM/NASA/IEEE Computers in Aerospace V Conference, pp. 275–284, Long Beach, CA, USA, 21–23 October 1985.Google Scholar
  206. 206.
    L. J. Yount, “Generic Fault-Tolerance Techniques for Critical Avionics Systems,” in Proc. AIAA Guidance and Control Conference, Snowmass, CO, USA, June 1985.Google Scholar
  207. 207.
    L. J. Yount, “Use of Diversity in Boeing Airplanes,” in Workshop ’Design Diversity in Action’ Baden, Austria, 27–28 June 1986.Google Scholar
  208. 208.
    A. Zeh, “Softwareentwicklung für ein zuverlässiges und sicheres Prozeßrechnersystem (Software Development for a Reliable and Safe Process Control System - in German),” in Proc. Fachtagung Prozeßrechner 1981, pp. 240–250, München, Germany, 10–11 March 1981.Google Scholar

Copyright information

© Springer-Verlag/Wien 1988

Authors and Affiliations

  • Udo Voges
    • 1
  1. 1.Kernforschungszentrum Karlsruhe GmbHInstitut für Datenverarbeitung in der TechnikKarlsruhe 1Federal Republic of Germany

Personalised recommendations