Name
Abstract | ||
|---|---|---|
An in-depth assessment of the implementation of fault tolerance in contemporary "off-the-shelf" computing systems (1) leads us to conclude that hardware defenses are not adequately exploited for the assurance of dependability. In the search for a fundamentally better solution we have looked at the self-protection (i.e., fault tolerance) mechanisms of the human being. We use two analogies (2): (1) the body is analogous to hardware; and (2) the cognitive processes of the mind are analogous to software. The immune system of the body is a major protective mechanism that is completely independent of the cognitive processes. It functions from conception until death of the body and protects the body of an unconscious or sleeping human equally well as that of a conscious one. The solution that we have proposed is to insert into a given "host" computing system a hardware subsystem called the FTI that is analogous to the immune system of the human body (3). We call this approach to building dependable systems the "immune system paradigm" (ISP). The ISP is a set of design principles for a software-independent and fully fault-tolerant implementation of the FTI. To develop the ISP we identify the key properties of the human immune system and from them derive the attributes that the FTI must have in order to satisfy the analogy with the immune system. There are four attributes of the immune system that are especially relevant (4): 1. It functions (i.e. detects and reacts to threats) continuously and autonomously, independently of cognition. 2. Its elements (lymph nodes, other lymphoid organs, lymphocytes) are distributed throughout the body, serving all its organs. 3. It has its own communication links - the network of lymphatic vessels. 4. Its elements (cells, organs, and vessels) themselves are self-defended, redundant and in several cases diverse. The properties that the FTI must possess to justify the immune system analogy are: 1. The FTI consists of hardware and firmware elements only. 2. The FTI is independent of (requires no support from) any software of the host platform, but can communicate with it and support its recovery. 3. The FTI supports (provides protected decisions algorithms for) multichannel computing of the host platform, including diverse hardware and software channels to provide design fault tolerance for the host platform. 4. The FTI is compatible with (i.e., protects) a wide range of host platform components, including processors, memories, supporting chipsets, discs, power supplies, fans and various peripherals. |
Year | DOI | Venue |
|---|---|---|
2002 | 10.1007/3-540-36080-8_8 | european dependable computing conference |
Keywords | Field | DocType |
immune system paradigm,fault tolerant systems | Unconscious mind,Communication link,Dependability,Cognitive science,Computer science,Software,Fault tolerance,Malware,Cognition,Computing systems,Distributed computing,Embedded system | Conference |
Volume | ISSN | ISBN |
2485 | 0302-9743 | 3-540-00012-7 |
Citations | PageRank | References |
7 | 1.21 | 3 |
Authors | ||
2 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Algirdas Avizienis | 1 | 3116 | 351.14 |
| A. Avizienis | 2 | 737 | 299.45 |