Hardware Reliability and Bathtub Curve

Questions and Answers

Which phase of the bathtub curve is characterized by a constant failure rate?

• Normal operating phase (correct)
• Wear-out phase
• Burn-in phase
• Infant mortality phase

What is the primary cause of failures during the wear-out phase?

• Aging or wear-out mechanisms (correct)
• Human error
• Poor design or manufacturing defects
• Random failures

Which of the following is not a phase of the bathtub curve?

• Wear-out phase
• Burn-in phase (correct)
• Normal operating phase
• Infant mortality phase

What is the primary goal of exception handling?

To handle unexpected events (C)

Which software quality model is not mentioned among the options?

CMM model (B)

What is MTTF an abbreviation for?

Mean time to failure (A)

How many product quality factors are proposed in McCall quality model?

8 (C)

What is the 'Useful Life' phase of the 'bathtub curve' characterized by?

Constant failure rate (B)

What is software reliability defined as?

Time to failure (D)

Time Behavior and Resource Behavior fall under which quality attribute of ISO 9126?

Efficiency (C)

How are reliability and failure intensity related?

Direct relation (B)

What is the main goal of combining historical data and systematic techniques in software project estimation?

To improve estimation accuracy (B)

Who is responsible for designing security into a system?

System designers (A)

What is the main benefit of using diverse technologies in distributed systems?

Increased system availability (B)

What is social engineering in the context of system security?

A way to fool accredited users into giving away secret information (A)

Why is it difficult to protect against social engineering in large organizations?

Due to the hierarchical structure and lack of personal relationships (B)

What is infrastructure security engineering responsible for?

Configuring existing infrastructure to conform to security policies (D)

What is the goal of application security engineering?

To design security into a system (C)

What is the main advantage of distributing assets in a distributed system?

Increased system availability (C)

What is the primary focus of configuration management policies and processes?

Recording and processing proposed system changes (A)

What is the purpose of process analysis in process improvement?

To identify process weaknesses and bottlenecks (B)

What is the relationship between the attribute that can be measured and the external quality attribute?

Dependent (D)

What is the most significant factor that affects the accuracy and efficacy of estimates?

Project size (C)

What describes the data and control to be processed?

Software scope (C)

What is the approach to requirements gathering that encourages the creation of a joint team of customers and developers?

FAST (B)

What is the primary objective of configuration management?

To record and process proposed system changes (C)

What is the outcome of process analysis in process improvement?

Identification of process weaknesses and bottlenecks (A)

What is the primary goal of the resistance strategy in enhancing system survivability?

To prevent attacks from being successful in the first place (A)

Why might you recommend against software reuse in critical applications?

Because source code may not be available for review and testing (A)

What is a potential risk of using COTS components?

Incompatible event/data model with other systems (B)

What is the primary goal of the recognition strategy in enhancing system survivability?

To recognize attacks as they occur and respond quickly (A)

In what circumstances might you recommend against software reuse?

When the business status of the code provider is dubious (B)

What is the primary goal of the recovery strategy in enhancing system survivability?

To quickly recover from successful attacks and restore normal system service (B)

What is a potential risk of using COTS components?

Inadequate performance when integrated with other systems (A)

Why might you recommend against software reuse in systems where performance is critical?

Because specially developed code can be made more efficient (C)

What is the main reason why it is practically impossible to validate reliability specifications when these are expressed in terms of a very small number of failures over the total lifetime of a system?

The number of failures is so low that it would take an unrealistically large amount of time to gather statistically valid failure data (D)

Which of the following is a circumstance where software reuse is not recommended?

In small systems where the costs of reuse are comparable to the savings (C)

What is a potential additional cost that may arise when deploying software as a service?

Increased maintenance costs (C)

What is the main distinction between application security engineering and infrastructure security engineering?

Application security engineering focuses on securing applications, while infrastructure security engineering focuses on securing the underlying infrastructure (D)

Why might a reliable system be unsafe?

Because a system can be reliable but still have safety vulnerabilities (A)

In what type of system would software reuse not be recommended, even if source code is available?

High-performance systems (B)

Why might deploying software as a service reduce IT support costs for a company?

Because it reduces the need for IT support (A)

Flashcards are hidden until you start studying

Study Notes

Bathtub Curve Phases

• The infant mortality phase is characterized by a high initial failure rate.
• The primary cause of failures during the infant mortality phase is defects in materials or manufacturing.

Constant Failure Rate Phase

• The constant failure rate phase is characterized by a constant failure rate.

Wear-Out Phase

• The primary cause of failures during the wear-out phase is deterioration due to aging.

Non-Phases of the Bathtub Curve

• There is no "random failure phase" in the bathtub curve.

Exception Handling

• Exception handling is a type of forward error recovery mechanism.

Software Quality Models

• ISO 9000 is not a software quality model.
• McCall model and Boehm model are software quality models.

Reliability

• MTTF stands for Mean Time To Failure.
• Reliability is defined as the ability of a system to perform its required functions under stated conditions for a specified period of time.
• Reliability and failure intensity are inversely related.

CMM Model

• CMM (Capability Maturity Model) is a technique to improve the software process.

Security

• Configuration management policies and processes define how to record and process proposed system changes.
• An independent relationship must not exist between the attribute that can be measured and the external quality attribute.
• Social engineering is when accredited users of a system are fooled into giving away secret information.
• It is difficult to protect against social engineering in large organizations because of their hierarchical structure and size.

Estimation

• Project size is an important factor that can affect the accuracy and efficacy of estimates.
• Software scope describes the data and control to be processed.
• Facilitated Application Specification Techniques (FAST) is a team-oriented approach to requirements gathering.

Application and Infrastructure Security Engineering

• Application security engineering is the responsibility of system designers who design security into the system.
• Infrastructure security engineering is the responsibility of system managers or administrators who configure the existing infrastructure software.

Diversity in Distributed Systems

• Diverse technologies provide protection against common vulnerabilities in different elements of the distributed system.
• Distributing assets so that attacks on one element do not disable the entire system enhances availability.

Survivability Strategies

• Resistance involves built-in mechanisms to resist attacks.
• Recognition involves recognizing that an attack is underway.
• Recovery involves built-in features to support recovery and resume normal system service quickly after a successful attack.

Software Reuse

• Software reuse is not recommended in certain circumstances, including:
  • If the business status of the code provider is dubious.
  • In critical applications where source code is not available.
  • In small systems where the costs of reuse are comparable to the savings.
  • In systems where performance is a critical requirement.

COTS Risks

• Risks that can arise when systems are constructed using COTS include:
  • Vendor risks (e.g., failure of vendor to provide support).
  • Product risks (e.g., incompatibility with other systems).

Reliability and Safety

• A reliable system can still be unsafe, and vice versa.
• It is practically impossible to validate reliability specifications when these are expressed in terms of a very small number of failures over the total lifetime of a system.