Presentation is loading. Please wait.

Presentation is loading. Please wait.

FMEA-technique of Web Services Analysis and Dependability Ensuring Anatoliy Gorbenko Vyacheslav Kharchenko Olga Tarasyuk National Aerospace University.

Published byMarvin Griffith Modified over 9 years ago

Similar presentations

Presentation on theme: "FMEA-technique of Web Services Analysis and Dependability Ensuring Anatoliy Gorbenko Vyacheslav Kharchenko Olga Tarasyuk National Aerospace University."— Presentation transcript:

1 FMEA-technique of Web Services Analysis and Dependability Ensuring Anatoliy Gorbenko Vyacheslav Kharchenko Olga Tarasyuk National Aerospace University "KhAI“, Ukraine Department of Computer Systems and Networks 1

2 CONTENT 1.Introduction  Web Services Technologies;  Purpose & Tasks of the Paper 2.Analysis of the Web Services by using FMEA-technique  Web Services component architectures  Web Services Failure Taxonomy  FMEA-tables & results of Web Services analysis 3.Ensuring Web Services dependability and fault-tolerance  Failure effect recovery  Failure prevention  Fault-tolerance & Web Service Diversity  Fault removal 4.Dependable Web Services development and deployment  Using FMEA-technique for dependable Web Services development  The principles of dependable and secure Web Services deployment  Implementation 5.Conclusion 2

3 1. Introduction (1) 3 Web Services Technologies

4 1. Introduction (2) Web Services are extensively used now in developing various business-critical applications:  distributed banking systems & Internet auctions;  hotel/car/flight/train reservation and booking;  e-commerce, e-business, e-science, etc. Web Services dependability attributes:  Availability and Reliability;  Performance/responsiveness;  Security, etc. Analysis and ensuring dependability in this architecture is an emerging area of research and development. 4

5 1. Introduction (3) Purpose of this report is: application of FMEA (Failure Modes and Effects Analysis) -technique for Web Services analysis and dependability ensuring. Tasks of the report are:  Analysis of Web Services failures modes and causes;  Analysis of Web Services failures effect on system, components and end users;  Determination of the means for ensuring dependability: Failure prevention; Fault-tolerance and failure effect recovery;; Fault removal. 5

6 2. 2. Analysis of the Web Services by Using FMEA-technique The use of the FMEA-technique for the Web Services analysis includes:  Web Services decomposition on component parts;  Identification of the typical failures;  Analysis of theirs influence on the Web Services dependability;  Determination of the necessary means for fault-tolerance and failure effect recovery. FMEA-technique may be an important part of Web Services dependability guaranteeing program. 6

7 Web Services component architectures (1) Web Services Components 1. Hardware Environment; 2. Software Environment: 2.1. Operating System; 2.2. System SW: 2.2.1. Web Server; 2.2.2. Application Server; 2.2.3. DBMS; 2.3. Application SW: 2.3.1. Servlets; 2.3.2. Stored procedures & triggers. 1. All components in the same host 7

8 2. Fully separated component architecture Web Services Components 1. Hardware Environment; 2. Software Environment: 2.1. Operating System; 2.2. System SW: 2.2.1. Web Server; 2.2.2. App Server; 2.2.3. DBMS; 2.3. Application SW: 2.3.1. Servlets; 2.3.2. Stored proc. & triggers. 8 Web Services component architectures (2)

9 Web Services component architectures (3) 3. Partially separated component architecture 9 Web Services Components 1. Hardware Environment; 2. Software Environment: 2.1. Operating System; 2.2. System SW: 2.2.1. Web Server; 2.2.2. App Server; 2.2.3. DBMS; 2.3. Application SW: 2.3.1. Servlets; 2.3.2. Stored proc. & triggers.

10 Web Services Failure Taxonomy 10

11 Hardware failures modes and effects analysis 11

12 Compressed Format of FMEA-Tables 12

13 Software failures modes and effects analysis 13

14 Results of Web Services failures modes and effects analysis  Several failures modes can lead to the prolonged or short- term service aborting that affects on users as denial of service.  Some failures result in a non-evident incorrect service that is more dramatic for many applications (e-commerce, critical automation control, etc.) because will entail serious consequences, financial loss and, finally, service discrediting.  The prevalent sources of Web Services failures are the different software components. 14

15 3. Ensuring Web Services Dependability and Fault-Tolerance 15

16 Failure effect recovery 1) replacement of crashed hardware components; 2) reinstall of crashed software components; 3) data recovery; 4) system rebooting or restarting of the particular software services*. * System rebooting and restarting of the particular software services and applications can be performed in automatic mode with the help of hardware or software implemented watch-dog timers to achieve better availability. 16

17 Failure prevention 1) quality control techniques employed during the design of the own developed application software; 2) procedures for input parameter checking; 3) rigorous procedures for system maintenance and administration; 4) firewalls, security guards and scanners to prevent malicious failures; 5) software rejuvenation based on forced restarting/reinitialization of the SW components. NOTE: Service publisher has limited means for failure effect prevention because the most of the HW and SW components of the Web Service are the COTS- (commercial of the shelf) components developed by third parties. 17

18 Fault-tolerance (1) 18

19 Fault-tolerance (2) Diversity is one of the most efficient method for Web Services fault-tolerance provision. Diversity of Web Services can be used for:  Hardware platform;  Operating Systems;  Web & Application Servers;  DBMS and, finally,  for Application Software. It can by applied both separately and in many various combinations. 19

20 Fault Removal Fault removal of the Web Services based, first of all, on the systematic applying of the updates and patches for hardware (microcode updates) and software developed by third parties (OS, drivers, web and application servers, DBMS). Fault removal from the own developed application software is performed both during the development phase and the maintenance. 20

21 4. Dependable Web Services Development and Deployment Using FMEA-technique for Dependable Web Services Development General scheme of Web Services FMEA-analysis and dependability ensuring 21

22 Detailed scheme of Web Services FMEA-analysis and dependability ensuring 22

23 The principles of Dependable and Secure Web Services Deployment 1. Defence in Depth and Diversity (DD&D). 2. Adaptability and Update (A&U). 23

24 Defence in Depth and Diversity (DD&D) Principle DD&D principle provides: Defence in Depth 1) joint usage of existed security and fault-tolerance facilities at the different levels of the Web Service architecture (Defence in Depth); Diversity 2) using of Diversity at the different levels of the Web Service architecture (HW platform, OS, System and Application SW, etc.). Here, the compatibility between different facilities and diversity modes must be taken into account. 24

25 Adaptability and update (A&U) principle Adaptability The essence of this principle is the dynamic changing of Web Service architecture and diversity mode according to observed failures and intrusions (Adaptability). For that the intellectual monitors can be used  to detect failures and intrusions;  to analyse their modes, effects and causes;  to choose the better Web Service configuration. Update These means can include external alarm services to notify automatically about recent Internet security vulnerabilities, novel viruses and to distribute security updates and patches (Update). 25

26 Implementation (1) Implementation (1) 26 Architecture of dependable Web Services upgrading A. Gorbenko, V. Kharchenko, P. Popov, A. Romanovsky, A. Boyarchuk. Development of Dependable Web Services out of Undependable Web Components. CS-TR: 863, School of Computing Science, University of Newcastle upon Tyne, UK, Oct 2004, 36 pages.

27 Implementation (2) Implementation (2) 27 Architecture of dependable and Secure WSs Deployment

28 5. Conclusion (1) 1. Publishers of Web Services have a limited possibility for fault prevention and fault removal of the most Web Services components, developed by third parties. => => Thus, redundancy in combination with diversity is one of the basic means of dependability ensuring and fault tolerance provision. 2. However, using diversity in Web Service architecture requires detailed researches and addition solutions because it can lead to the addition security violations. 28

29 5. Conclusion (2) 3.The non-evident failures are the most critical for the majority areas of Web Services applications. 4. The additional adaptive reliable algorithms and means of voting and failures diagnosis must be implemented for the ensuring tolerance to the non-evident failures and prevention of losses of the processed (in-service) requests. 29

30 5. Conclusion (3) 5. FMEA-tables may be dynamically updated during Web Service operation. It will allow (jointly with implementation of DD&D and A&U principles) to increase the effectiveness of the used means of dependability ensuring. 6. Fulfilled analysis can be extended by taking into account the lacks of required resources or services and service unavailability due to network failures. Besides, the critical analysis of different failures modes can be performed. 30

Download ppt "FMEA-technique of Web Services Analysis and Dependability Ensuring Anatoliy Gorbenko Vyacheslav Kharchenko Olga Tarasyuk National Aerospace University."

Similar presentations

Presented by Nikita Shah 5th IT ( )

Presented by Nikita Shah 5th IT ( )
Express5800/ft series servers Product Information Fault-Tolerant General Purpose Servers.

Express5800/ft series servers Product Information Fault-Tolerant General Purpose Servers.
Business Plug-In B4 MIS Infrastructures.

Business Plug-In B4 MIS Infrastructures.
11. Practical fault-tolerant system design Reliable System Design 2005 by: Amir M. Rahmani.

11. Practical fault-tolerant system design Reliable System Design 2005 by: Amir M. Rahmani.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
Chapter 13 Managing Computer and Data Resources. Introduction A disciplined, systematic approach is needed for management success Problem Management,

Chapter 13 Managing Computer and Data Resources. Introduction A disciplined, systematic approach is needed for management success Problem Management,
Database Administration and Security Transparencies 1.

Database Administration and Security Transparencies 1.
ITIL: Service Transition

ITIL: Service Transition
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.

Some general principles in computer security Tomasz Bilski Chair of Control, Robotics and Computer Science Poznań University.
Objektorienteret Middleware Presentation 2: Distributed Systems – A brush up, and relations to Middleware, Heterogeneity & Transparency.

Objektorienteret Middleware Presentation 2: Distributed Systems – A brush up, and relations to Middleware, Heterogeneity & Transparency.
Making Services Fault Tolerant

Making Services Fault Tolerant
Business Continuity and DR, A Practical Implementation Mich Talebzadeh, Consultant, Deutsche Bank

Business Continuity and DR, A Practical Implementation Mich Talebzadeh, Consultant, Deutsche Bank
02/12/00 E-Business Architecture

02/12/00 E-Business Architecture
City University London

City University London
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 7, Pertemuan 13 Security Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Lecture 11 Reliability and Security in IT infrastructure.

Lecture 11 Reliability and Security in IT infrastructure.

Similar presentations

Ads by Google