Specifying graceful degradation

A description is given of the relaxation lattice method, a new approach to specifying graceful degradation for a large class of programs. A relaxation lattice is a lattice of specifications parameterized by a set of constraints, where the stronger the set of constraints, the more restrictive the spe...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on parallel and distributed systems 1991-01, Vol.2 (1), p.93-104
Main Authors: Herlihy, M.P., Wing, J.M.
Format: Article
Language:English
Subjects:
Computer crashes
Concurrent computing
Degradation
Displays
Distributed computing
Fault tolerance
Formal specifications
Lattices
Security
Timing
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:A description is given of the relaxation lattice method, a new approach to specifying graceful degradation for a large class of programs. A relaxation lattice is a lattice of specifications parameterized by a set of constraints, where the stronger the set of constraints, the more restrictive the specification. While a program is able to satisfy its strongest set of constraints, it satisfies its preferred specification, but if changes to the environment force it to satisfy a weaker set, then it will permit additional weakly consistent computations which are undesired but tolerated. The use of relaxation lattices is illustrated by specifications for programs that tolerate (1) faults, such as site crashes and network partitions, (2) timing anomalies, such as attempting to read a value too soon after it was written, (3) synchronization conflicts, such as choosing the oldest unlocked item from a queue, and (4) security breaches, such as acquiring unauthorized capabilities.< >
ISSN:1045-9219
1558-2183
DOI:10.1109/71.80192