This document presents a solution for determining transition probabilities for component reliability specifications using Markov models. The proposed approach models components as control flow graphs containing internal actions, branches, external calls, loops, and failure probabilities. Parameter dependencies capture how failure probabilities and branch probabilities may depend on input parameters. The model is transformed into a Markov model to calculate component reliability. The approach is demonstrated on a case study of an inventory service component from a retail management system.
13. Our Solution: Markov Model Solution Heiko Koziolek: Parameter Dependencies for Component Reliability Specifications 12 R Q [Trivedi2001]
14. Case Study: Retail Management System Heiko Koziolek: Parameter Dependencies for Component Reliability Specifications 13
15. Case Study: Inventory Service - BookSale Heiko Koziolek: Parameter Dependencies for Component Reliability Specifications 14
16. Case Study: Modelling Heiko Koziolek: Parameter Dependencies for Component Reliability Specifications 15 Parameter Dependency on Loop Count ComponentArchitecture PalladioTool Control Flow Graph for a Component Service
17. Case Study: Analysis Heiko Koziolek: Parameter Dependencies for Component Reliability Specifications 16 PalladioTool Markov Model Solution
About 20 approachesknownwhichfollowthiscycleGoal: Validateuserrequirements, improvearchitecture design, selectfittingcomponentsTheperceivedreliabilitydepends on howthecomponentsareused: iftheunreliablefunctionsarecalledonlyseldomly, theoverallreliabilitymight still behighFailureprobabilitiesmightbedetermined via testing individual componentsbythedevelopersAfter computingtheexpectedreliability- reliabilitycanbecomputedforcertaincomponents- find componentsmostlycontributingtooverallreliability- introduceredundancy
TransitionprobabiltiesbetweenthecomponentarisefromtheusageprofileofthesystemDepending on someuseractions, thecomponentmightpropagatecallsdirectedtothemitis vital tohaveaccuratetransitionprobabilitiesotherwisethepredictionbecomeinaccuratetheproblemisespeciallypronunced in a systemcomposed out ofblack box compoents, whichonlydescribetheprovidedandrequiredinterfaces. Whichprovidedservicecallswhichrequiredservice? The dependencyisunknown. Itmightbethecasethat a providedservicedoes not userequiredservicesat all. Itmightbethecasethat a providedserviceusesmanyrequiredservices. Thisis not visiblefromtheinterfacedescriptionbythecomponentdevelopers
Onlyfourrepresentativeapproaches- cheungrequiresthewholesystemtobesetupandmeasured, thisis not desirable- hamletisdifficult- reussnerandcheung do not deal withtheissueandassumetheprobabilitiesasgivenorignorethembecausetheyfocus on a singlecomponent.
Correct y>5!Useannotationsforloop? Multiple internalactions?Correctfailureprobabilitiesfor P2 and P3
a retail chain to handle its sales and manage its inventory dataservice-orientedsystemwithcustomerandproviderfocus on theservicebookSale() oftheInventorycomponent- retail solution clients invoke this operation at the end of each salesprocess in order to update the stock information
If we set a goal of 99.99% for the bookSale() reliability, the gure shows thatthis goal is reached with a stock update failure probability of 10-e6 and at most 98items. If the failure probability rises to 2-e6 the goal is only reached with anumber of items smaller than 50.