[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Reliability and assurances

To: sage-members@usenix.org
Subject: Re: Reliability and assurances
From: Mario Obejas <obejas@phylum.rsc.raytheon.com>
Date: Mon, 10 Jan 2000 09:41:06 -0800 (PST)
Reply-To: Mario Obejas <obejas@phylum.rsc.raytheon.com>
Sender: owner-sage-members@usenix.ORG

Mark R. Lindsey wrote:
>I'm working on a theory: if (A) you can't be assured that a subsystem is going
>to work all of the time, then (B) you can't be assured that a subsystem is
>going to work any of the time.
>
>Does that seem reasonable?

Not to me. Maybe you wrote it different than what you intended, 
e.g., you meant "system" instead of subsystem in your B clause.
IMHO, your A and B clauses need to be switched.
Let's substitute numerical values:
all=100%
any="<100%"

I'd agree with
(B) If 
  one "can't be assured that a subsystem is going to work <100% of the time"
(A) Then
  one "can't be assured that a subsystem is going to work 100% of the time".

But respectfully, I don't agree with your original statement. As the example of 
redundancy pointed out, I can have a system (e.g., a RAID box) and be assured 
that a component *will* fail at some point, yet redundancy allows the 
containing system to work "100%" of the time. In other words, I can have 
components of known finite lifetimes in a system, yet the system has greater 
reliability than the best of its parts.

Follow-Ups:
- Re: Reliability and assurances
  - From: Paul Joslin <Paul.Joslin@sdrc.com>

Prev by Date: Re: brief email survey
Next by Date: Re: brief email survey
Prev by thread: RE: Reliability and assurances
Next by thread: Re: Reliability and assurances
Index(es):
- Date
- Thread