Title :
Specifying graceful degradation
Author :
Herlihy, Maurice P. ; Wing, Jeannette M.
Author_Institution :
Digital Equipment Corp., Cambridge, MA, USA
fDate :
1/1/1991 12:00:00 AM
Abstract :
A description is given of the relaxation lattice method, a new approach to specifying graceful degradation for a large class of programs. A relaxation lattice is a lattice of specifications parameterized by a set of constraints, where the stronger the set of constraints, the more restrictive the specification. While a program is able to satisfy its strongest set of constraints, it satisfies its preferred specification, but if changes to the environment force it to satisfy a weaker set, then it will permit additional weakly consistent computations which are undesired but tolerated. The use of relaxation lattices is illustrated by specifications for programs that tolerate (1) faults, such as site crashes and network partitions, (2) timing anomalies, such as attempting to read a value too soon after it was written, (3) synchronization conflicts, such as choosing the oldest unlocked item from a queue, and (4) security breaches, such as acquiring unauthorized capabilities
Keywords :
fault tolerant computing; formal specification; graceful degradation specification; large class of programs; network partitions; relaxation lattice method; security breaches; site crashes; synchronization conflicts; timing anomalies; Computer crashes; Concurrent computing; Degradation; Displays; Distributed computing; Fault tolerance; Formal specifications; Lattices; Security; Timing;
Journal_Title :
Parallel and Distributed Systems, IEEE Transactions on
