%0 Journal Article %1 Knight86anexperimental %A Knight, John C. %A Leveson, Nancy G. %D 1986 %J IEEE Transactions on Software Engineering %K diversity multi programming %P 96--109 %T An Experimental Evaluation Of The Assumption Of Independence In Multi-Version Programming * %U http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.29.363 %V 12 %X N-version programming has been proposed as a method of incorporating fault tolerance into software. Multiple versions of a program (i.e. "N") are prepared and executed in parallel. Their outputs are collected and examined by a voter,and, if theyare not identical, it is assumed that the majority is correct. This method depends for its reliability improvement on the assumption that programs that have been developed independently will fail independently.Inthis paper an experiment is described in which the fundamental axiom is tested. Atotal of twenty sevenversions of a program were prepared independently from the same specification at twouniversities and then subjected to one million tests. The results of the tests revealed that the programs were individually extremely reliable but that the number of tests in which more than one program failed was substantially more than expected. The results of these tests are presented along with an analysis of some of the faults that were found in the programs. Background information on the programmers used is also summarized. The conclusion from this experiment is that N-version programming must be used with care and that analysis of its reliability must include the effect of dependent errors. Keywords and Phrases: Multi-version programming, N-version programming, software reliability,fault-tolerant software, design diversity. * This work was sponsored in part by NASA grant number NAG1-242 and in part by a MICROgrant cofunded by the state of California and Hughes Aircraft Company. 1.

@article{Knight86anexperimental, abstract = {N-version programming has been proposed as a method of incorporating fault tolerance into software. Multiple versions of a program (i.e. "N") are prepared and executed in parallel. Their outputs are collected and examined by a voter,and, if theyare not identical, it is assumed that the majority is correct. This method depends for its reliability improvement on the assumption that programs that have been developed independently will fail independently.Inthis paper an experiment is described in which the fundamental axiom is tested. Atotal of twenty sevenversions of a program were prepared independently from the same specification at twouniversities and then subjected to one million tests. The results of the tests revealed that the programs were individually extremely reliable but that the number of tests in which more than one program failed was substantially more than expected. The results of these tests are presented along with an analysis of some of the faults that were found in the programs. Background information on the programmers used is also summarized. The conclusion from this experiment is that N-version programming must be used with care and that analysis of its reliability must include the effect of dependent errors. Keywords and Phrases: Multi-version programming, N-version programming, software reliability,fault-tolerant software, design diversity. * This work was sponsored in part by NASA grant number NAG1-242 and in part by a MICROgrant cofunded by the state of California and Hughes Aircraft Company. 1.}, added-at = {2011-05-23T15:20:35.000+0200}, author = {Knight, John C. and Leveson, Nancy G.}, biburl = {https://www.bibsonomy.org/bibtex/2d94c4d02cfe2f679f19c0113fc6feb17/derbeukatt}, description = {CiteSeerX — An Experimental Evaluation Of The Assumption Of Independence In Multi-Version Programming *}, interhash = {85e4db4239520a3e5de68450a2470557}, intrahash = {d94c4d02cfe2f679f19c0113fc6feb17}, journal = {IEEE Transactions on Software Engineering}, keywords = {diversity multi programming}, pages = {96--109}, timestamp = {2011-05-23T15:20:36.000+0200}, title = {An Experimental Evaluation Of The Assumption Of Independence In Multi-Version Programming *}, url = {http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.29.363}, volume = 12, year = 1986 }