An Approach to Preserving Sufficient Correctness in Open Resource Coalitions

Authors: Orna Raz and Mary Shaw

Proceedings of the Tenth International Workshop on Software Specification and Design, San Diego, California, IEEE Computer Society, 2000, pp. 159-170.

Download the Postscript or PDF


Most software that most people use most of the time needs only moderate assurance of fitness for its intended purpose. Unlike high-assurance software, where the consequences of failure justify substantial investment in validation, everyday software is used in settings where deviations from normal behavior, including occasional degraded service or even failure, is tolerable. Unlike high-assurance software, which has been the subject of extensive scrutiny, everyday software has only meager support for determining how good it must be, for establishing whether a system is sufficiently correct, or for detecting and remedying abnormalities. The need for such techniques is particularly strong for software that takes the form of open resource coalitions -- loosely-coupled aggregations of independent distributed resources. In this paper we discuss the problem of determining fitness for purpose, introduce a model for detecting abnormal behavior, and describe some of the ways of dealing with abnormalities when they are detected.

Keywords: Medium-assurance software, everyday software, fitness for task, fault tolerance, open resource coalitions, sufficient correctness, software homeostasis, distributed component-based software.

Brought to you by the Composable Software Systems Research Group in the School of Computer Science at Carnegie Mellon University.

[Last modified 10 July 2001.
Mail suggestions to the