HASE in wireless systems

Two problems have a significant economic impact on high assurance engineering of systems. The first problem originates from a frequent lack of discipline in the design of dependable systems, which is often exhibited by a weak or non-existent staffing exclusively dedicated to the design and implementation of a cohesive error and failure management strategy. This, in turn, results in excessive field costs for both defect repairs and system maintenance staffing.The second problem is due to the fact that traditional dependable system designs are very expensive in terms of cost of goods, because they rely heavily on proprietary hardware and software. In fact, the implementation of dependability may increase system costs by several orders of magnitude. This is why the usage of COTS appears attractive from a simple-minded viewpoint. For instance, the reality of competition in the more open wireless market has done more for component reuse that any other factor. However, the urgent need for lower cost of goods combined with of the aforementioned first problem (frequent lack of discipline in design for dependability) have led to lower service quality. Conversely, developing a discipline for dependable system design will be a necessary enabler of the use of COTS.In spite of some differences which are explained next, designing dependable systems using COTS requires the same fundamental principles as designing traditional dependable systems. First, errors and malfunctions need to be detected and located. To that effect, reusable components need to be diagnosable, namely their interfaces need to provide information about the eventual occurrence of errors and malfunctions (component observability). In addition, if the functioning of a failing component cannot be corrected, the component must be able to fail in a way that allows its real time replacement by another equivalent component (component controlability). There is also a need to design and implement, in the application software, mechanisms to manage system reconfiguration without notable service interruptions. Although these fundamental design principles are fundamental, COTS designs must emphasize clear component boundary design constraints for dependability, whereas in traditional designs boundaries are not as critical.In summary, component observability and controlability, and well-organized recovery strategies are necessary complementary requirements for the dependable integration of systems using COTS. Undoubtedly, the need to reduce cost while maintaining system dependability will provide a strong incentive for the establishment of a strong design discipline and for the adaptation of COTS for dependable integration.