Professional Documents
Culture Documents
The Physics of Software: CS444a - Principles of Dependable Computer Systems Stanford University
The Physics of Software: CS444a - Principles of Dependable Computer Systems Stanford University
The Physics of Software: CS444a - Principles of Dependable Computer Systems Stanford University
Building
z in the physical world
z in the software world
Railroad bridges
Robots
Lasers
Software domain
z abstractions allow us to deal with new orders of complexity in software development
GUI programming (windows instead of pixels)
network programming (sockets instead of bits)
databases (SQL instead of bits)
z TCP built on top of IP Æ TCP obliged to send data reliably using an unreliable tool
when abstraction leaks, it takes the VB programmer 2 weeks to figure his way
out of tar
Law of Leaky Abstractions: All non-trivial abstractions, to some degree, are
leaky. (Joel Spolsky)
when you train someone to be a C++ programmer, it would be nice to not have
to teach her about char*'s and pointer arithmetic; but one day she'll write "foo"
+ "bar"
even with higher and higher level programming tools with better and better
abstractions, becoming a proficient programmer is getting harder and harder
z R.P. Gabriel, Objects Have Failed (OOPSLA 2002): “in OO programming, failures are
called exceptions; in the real world they are called that's life”
Example 1:
z sorted array
z regardless of quicksort, bubblesort, foobarsort, ...
Example 2:
z statistical sampling
z run system in virtual machine
fuse in a circuit
z impossible to have higher potential drop if no physical
changes to system
load on a bridge
z work in additional tolerance
processing limitation:
deny access early
Examples:
z coerce unknown failures into crashes (Rutgers FME)
z coerce timeouts into crashes
software rejuvenation
approach:
1. state desired law
2. design enforcement mechanism
3. find ways to make system more amenable to enforcement