How Failures Cascade in Software Systems

Chamberlin, Barbara W.

18 April 2022

Cascading failures involve a failure in one system component that triggers failures in successive system components, potentially leading to system wide failures. While frequently used fault tolerant techniques can reduce the severity and the frequency of such failures, they continue to occur in practice. To better understand how failures cascade, we have conducted a qualitative analysis of 55 cascading failures, described in 26 publicly available incident reports. Through this analysis we have identified 16 types of cascading mechanisms (organized into eight categories) that capture the nature of the system interactions that contribute to cascading failures. We also discuss three themes based on the observation that the cascading failures we have analyzed occurred in one of three ways: a component being unable to tolerate a failure in another component, through the actions of support or automation systems as they respond to an initial failure, or during system recovery. We believe that the 16 cascading mechanisms we present and the three themes we discuss, provide important insights into some of the challenges associated with engineering a truly resilient and well-supported system.

software design

cascading failure

graceful degradation

fault tolerance

graceful recovery

Physical Sciences and Mathematics

Conception conjointe optimisée de lois de contrôle et d'ordonnancement / Integrated optimal control and scheduling co-design

Jia, Ning

15 January 2009

Le cadre de ce travail est l’étude coordonnée de lois de contrôle et d’ordonnancement. Le premier objectif est de proposer et évaluer une approche de contrôle de la dégradation de la Qualité de Contrôle (QdC) par rejet sélectif d’instances de tâches ou de messages selon le modèle (m,k)-firm. Plus particulièrement, nous avons étudié l’impact de distribution de rejets sur la QdC d'une boucle de contrôle et, sur la base des résultats obtenus, nous avons spécifié une méthode de co-conception permettant de déterminer les paramètres (gain) optimaux de la loi de contrôle et les paramètres de la contrainte (m,k)-firm spécifiant le rejet sélectif d’instances. Cette proposition a été validée sur modèles à l’aide de techniques analytiques, par simulation ainsi que grâce à des expérimentations. Notre deuxième objectif est d'étudier le problème de l'ordonnancement d'un ensemble de tâches temps réel réalisant chacune les algorithmes de contrôle dans une application centralisée évolutive. Nous proposons un mécanisme d'ordonnancement qui ajuste en ligne les contraintes (m,k)-firm des tâches suivant la configuration courante de l'application de manière à ce qu’un critère reflétant la performance globale de l'application soit optimal à tout instant / In this thesis, we study a coordinated approach for the design of control laws and scheduling parameters. The first objective is to propose and evaluate a technique to control the degradation of the quality of control (QoC) by selectively rejecting task or message instances according to the (m,k)-firm model. More specifically, we have studied the impact of the (m,k)-firm packet dropout policy on the QoC of a control loop. Based on the obtained results, we have specified a co-design method for determining the parameters (gain) of the optimal control law and the (m,k)-firm constraint specifying the selective rejet of instances. This proposal was validated by using analytical techniques, simulation and experimentation activities. The second objective is to address the scheduling problem of a set of real-time tasks where each task implements a control law in a centralized scalable application. We proposed a scheduling mechanism which determines on line, according to the current system configuration, a (m,k)-constraint based scheduling strategy to apply to each task so that the criterion reflecting the overall performance of the application is optimal at all times

Temps Réel

Ordonnancement

Optimisation

Dégradation acceptable

Qualité de contrôle

(m,k)-firm

Real-Time

Scheduling

Optimization

Graceful degradation

QoC

(m,k)-firm

Toward a graceful degradation of air traffic management systems

Gariel, Maxime

15 June 2010

Abstract: This thesis addresses the problem of graceful degradation for air traffic management systems (ATMS). The graceful degradation is the process by which the safety of the airspace is ensured in the event of failures or operational degradation in the system. After listing the main areas where failures and degradation can affect the ATMS, an ontology of the ATMS is proposed. The ontology allows to introduce failures at different levels, track their propagation throughout the system, and measure their operational impact. Then, two operational degradations are studied: The first degradation studied is a reduction in the landing capacity at San Francisco International Airport. The aircraft queueing process for terminal area is modeled and optimized to ensure a graceful degradation. The second degradation encompasses Communication, Navigation and Surveillance systems failures. The graceful degradation is ensured by increasing the spacing distance between aircraft, using novel algorithms of avoidance under uncertainties. Those algorithm also serve as probes to compare the degradation capabilities of different traffic configurations such as Miles-In-Trail and Free-Flight arrivals. Finally, this thesis focuses on monitoring the airspace for potential degradation. The ability and the difficulty of en-route traffic configuration are evaluated using degradation maps. Those maps can be used controller to rapidly and efficiently steer traffic from nominal mode of operations to mode of operations under abnormal conditions. Finally, a monitoring tool for terminal area is presented: the conformance of current flight to pre-identified typical operations is determined in real time. As the number of non-conforming aircraft increases, the complexity seen by air traffic controllers increases, and can become a threat for the airspace safety.

Air traffic control

Airspace monitoring

Graceful degradation

Air traffic management

Capacity degradation

Failure

Air traffic capacity

Airplanes Collision avoidance

Airports Traffic control

Developing a responsive mobile-first design guide for e-commerce with the users in focus

Aktan, Mathias, Wirén-Hallqvist, Ulf

January 2014

Mobile e-commerce is an increasing trend. Still, many sales sites are not adapted to mobile interfaces. Important factors in the design of successful e-commerce applications are trust, high quality graphics, and easy navigation. However, a typical design approach is to strip down functionality and this can have a negative impact on the user experience. The goal of this thesis was to create a style guide that can be used to develop responsive e-commerce sites through a mobile first implementation strategy. A style guide was created by applying modern design theory and by investigating existing e-commerce solutions. Moreover, a prototype of an e- commerce solution was developed using the style guide. This prototype was evaluated by an expert group of usability professionals. The study indicates that the style guide is a useful and effective tool in the design and development of e-commerce systems. We conclude that a mobile first strategy needs to be combined with subsequent traditional desktop design.

usability

design guide

e-commerce

responsive design

html5

css3

sass

human centered design

m-commerce

trust

mobile first

desktop first

user value

user experience

Progressive enhancement

Graceful degradation

A Control Theoretic Approach for Resilient Network Services

Vempati, Jagannadh Ambareesh

12 1900

Resilient networks have the ability to provide the desired level of service, despite challenges such as malicious attacks and misconfigurations. The primary goal of this dissertation is to be able to provide uninterrupted network services in the face of an attack or any failures. This dissertation attempts to apply control system theory techniques with a focus on system identification and closed-loop feedback control. It explores the benefits of system identification technique in designing and validating the model for the complex and dynamic networks. Further, this dissertation focuses on designing robust feedback control mechanisms that are both scalable and effective in real-time. It focuses on employing dynamic and predictive control approaches to reduce the impact of an attack on network services. The closed-loop feedback control mechanisms tackle this issue by degrading the network services gracefully to an acceptable level and then stabilizing the network in real-time (less than 50 seconds). Employing these feedback mechanisms also provide the ability to automatically configure the settings such that the QoS metrics of the network is consistent with those specified in the service level agreements.

Control Theory

Resilient

Network

DDoS

Feedback control

Graceful Degradation

System Identification

Computer Science

Computer networks -- Security measures.

Feedback control systems.

Control theory.

System identification.