Damage Confinement and Assessment

  • Peter Alan Lee
  • Thomas Anderson
Part of the Dependable Computing and Fault-Tolerant Systems book series (DEPENDABLECOMP, volume 3)


The design and component faults that affect a system will generate errors in the state of that system. Measures and mechanisms for error detection can hope to identify some errors but there can be no guarantee that all of the unwanted consequences of a fault (the damage) will be identified. In fact, there may be a substantial delay between the erroneous transition caused by a fault and the detection of any error, during which damage can spread through the system. For example, a fault in a program may result in the generation of erroneous values upon which other processes have subsequently based their actions. Thus, before error recovery is attempted it may be necessary for the system to adopt strategies for damage assessment in order to try to establish more precisely the extent to which the system state has been damaged. Appropriate recovery can then be undertaken.


Error Detection Damage Assessment Atomic Action Error Recovery Data Base System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M.N. Meyers, W.A. Roult, and K.W. Yoder, “No. 4 ESS: Maintenance Software,” Bell System Technical Journal 56 (7), pp. 1139–1167 (September 1977).Google Scholar
  2. 2.
    A. Borr, “Robustness to Crash in a Distributed Database,” Proceedings 9th VLDB (September 1984).Google Scholar
  3. 3.
    J.M. Taylor, “Redundancy and Recovery in the HIVE Virtual Machine,” Proceedings European Conference on Software System Engineering, London, pp. 263–293 (September 1976).Google Scholar
  4. 4.
    A.K. Jones, “Protection Mechanisms and The Enforcement of Security Policies,” pp. 228–251 in Lecture Notes in Computer Science 60, (ed. R. Bayer, R.M. Graham and G. Seegmuller ), Springer-Verlag, Berlin (1978).Google Scholar
  5. 5.
    J.H. Saltzer and M.D. Schroeder, “The Protection of Information in Computer Systems,” Proceedings of the IEEE 63 (9), pp. 1278–1308 (September 1975).CrossRefGoogle Scholar
  6. 6.
    M.V. Wilkes, Time-Sharing Computer Systems, Macdonald, London (1972).Google Scholar
  7. 7.
    H.M. Levy, Capability-Based Computer Systems, Digital Press, Bedford, MA (1984).Google Scholar
  8. 8.
    T.A. Linden, “Operating System Structures to Support Security and Reliable Software,” Computing Surveys 8 (4), pp. 409–445 (December 1976).CrossRefGoogle Scholar
  9. 9.
    R.M. Needham, “Protection,” pp. 264–287 in Computing Systems Reliability, (ed. T. Anderson and B. Randell ), Cambridge University Press, Cambridge (1979).Google Scholar
  10. 10.
    E.W. Dijkstra, “Cooperating Sequential Processes,” pp. 43–112 in Programming Languages, (ed. F. Genuys ), Academic Press, London (1968).Google Scholar
  11. 11.
    C.A.R. Hoare, “Monitors: An Operating System Structuring Concept,” Communications of the ACM 17 (10), pp. 549–557 (October 1974).Google Scholar
  12. 12.
    P. Brinch Hansen, Operating System Principles, Prentice-Hall, Englewood Cliffs (NJ ) (1973).MATHGoogle Scholar
  13. 13.
    K.P. Eswaran et al., “The Notion of Consistency and Predicate Locks in a Data Base System,” Communications of the ACM 19 (11), pp.624–633 (November 1976).Google Scholar
  14. 14.
    J.N. Gray et al., “Granularity of Locks and Degrees of Consistency in a Shared Data Base,” pp. 365–394 in Modelling in Data Base Management Systems, (ed. G.M. Nijssen), North-Holland, Amsterdam (1976).Google Scholar
  15. 15.
    J.N. Gray, “Notes on Data Base Operating Systems,” pp. 393–481 in Lecture Notes in Computer Science 60, (ed. R. Bayer, R.M. Graham and G. Seegmuller ), Springer-Verlag, Berlin (1978).Google Scholar
  16. 16.
    P.A. Bernstein, V. Hadzilacos, and N. Goodman, Concurrency Control and Recovery in Database Systems, Addison-Wesley, Reading (MA ) (1987).Google Scholar
  17. 17.
    E.G. Coffman, M.J. Elphick, and A. Shoshani, “System Deadlocks,” Computing Surveys 3 (2), pp. 67–78 (June 1971).CrossRefMATHGoogle Scholar
  18. 18.
    R.C. Holt, “Some Deadlock Properties of Computer Systems,” Computing Surveys 4 (3), pp. 177–196 (September 1972).CrossRefMathSciNetGoogle Scholar
  19. 19.
    D.B. Lomet, “Subsystems of Processes with Deadlock Avoidance,” IEEE Transactions on Software Engineering SE-6 (3), pp.297–304 (May 1980).Google Scholar
  20. 20.
    L. Svobodova, “Resilient Distributed Computing,” IEEE Transactions on Software Engineering SE-10 (3), pp.257–268 (May 1984).Google Scholar
  21. 21.
    J.E.B. Moss, Nested Transactions: An Approach to Reliable Distributed Computing, MIT Press (1985).Google Scholar
  22. 22.
    R.M. Needham and R.D.H. Walker, “The Cambridge CAP Computer and its Protection System,” Proceedings of 6th Symposium on Operating System Principles, West Lafayette (IN), pp. 1–10 (November 1977).Google Scholar
  23. 23.
    M.V. Wilkes and R.M. Needham, The Cambridge CAP Computer and its Operating System, North-Holland, New York (1979).Google Scholar
  24. 24.
    D.M. England, “Capability Concept Mechanisms and Structure in System 250,” International Workshop on Protection in Operating Systems, Rocquencourt, pp. 63–82 (August 1974).Google Scholar
  25. 25.
    E.I. Organick, A Programmer’s View of the Intel 432 System, McGraw-Hill (1983).Google Scholar
  26. 26.
    M.E. Houdek, F.G. Soltis, and R.L. Hoffman, “IBM System/38 Support For Capability-Based Addressing,” Proceedings of 8th Symposium on Computer Architecture, ACM SIGARCH 9 (3), pp. 341–348 (May 1981).Google Scholar
  27. 27.
    J.H. Saltzer, “Protection and the Control of Information Sharing in Multics,” Communications of the ACM 17 (7), pp. 388–402 (July 1974).CrossRefGoogle Scholar
  28. 28.
    E.I. Organick, Computer System Organization: The B5700/6700 Series, Academic Press, New York (1973).Google Scholar
  29. 29.
    W. Wulf et al., “HYDRA: The Kernel of a Multiprocessor Operating System,” Communications of the ACM 17 (6), pp.337–345 (June 1974).Google Scholar

Copyright information

© Springer-Verlag/Wien 1990

Authors and Affiliations

  • Peter Alan Lee
    • 1
  • Thomas Anderson
    • 1
  1. 1.Computing LaboratoryUniversity of Newcastle upon TyneUK

Personalised recommendations