| |||||||||||||
BleaghBleaghPosted Apr 18, 2012 0:01 UTC (Wed) by jd (guest, #26381)In reply to: Bleagh by mpr22 Parent article: PHP: a fractal of bad design (fuzzy notepad)
Definitions are close to what are usually used:
"Mission Critical" - seven 9s reliability as being a minimum
"Secure" - B2 or EAL5 as a minimum, can't have known exploits, security kernel must be amenable to being provably correct (whether or not it has actually been proven)
"Real-Time" - I'll accept "fixed number of CPU cycles in a given window, doesn't matter when in that window", -or- "fixed start and end times in which the program will be running, doesn't matter exactly how many CPU cycles were used", soft real-time is not really "Real-Time".
And so on. Real-Time has multiple definitions, so I simply ORed the two usual ones together and excluded the one that should never have existed.
Some of these are orthogonal, some have trade-offs and some are mutually exclusive. Which is what has changed, as new techniques and methods are discovered. "Mission-Critical" is orthogonal to "Real-Time" up to the point where sufficient validation of pre-conditions permits deadline guarantees to be met.
Where it is NOT possible to validate pre-conditions to the extent needed to ensure the probability of an error resulting in a failure condition is below the threshold guaranteed (99.99999% reliability = 0.00001% probability of a catastrophic error) THEN you cannot have something that meets both requirements, you have to trade off.
However, for most practical purposes (and I include NASA's rocketry, Boeing's military aircraft, etc, to be a practical purpose), well-written software, developed using an established and recognized software engineering technique, properly tested, is very unlikely to require validation that is so extensive that real-time guarantees can't be met.
(Log in to post comments)
Bleagh Posted Apr 19, 2012 13:49 UTC (Thu) by nye (guest, #51576) [Link]
>Definitions are close to what are usually used:
> "Mission Critical" - seven 9s reliability as being a minimum
I'd say that's pretty far from 'usually used'. Nearly nothing has seven 9s reliability. That's 30 seconds of downtime per decade - even applications which are literally life-or-death don't generally manage that, and the overwhelming majority of people using the phrase 'mission critical' would mean at least two orders of magnitude less reliable.
'Real-time', as you (sort of) say, has too many definitions to be especially meaningful without qualification. I've always been a little confused by 'soft real-time'. It generally seems to mean vaguely 'low-latency'; which is largely orthogonal to real-time. I guess it's really intended to mean 'general purpose' as opposed to 'batch mode'.
Either way it sounded like your earlier post said that a system can't be both 'real-time' and 'mission-critical', but then later you seemed to say that they can, which is confusing.
Bleagh Posted Apr 19, 2012 20:32 UTC (Thu) by dlang (✭ supporter ✭, #313) [Link]
"Mission Critical" just means that the organization can't function without it, it says nothing about the required uptime.
for many businesses e-mail is mission critical, but if it's up between 9 and 5 it could be down the rest of the day and not matter. And if it is down during the day and business is crippled, it hurts, but the business doesn't go under.
I can't think of very many companies that electrical power wouldn't be considered "Mission Critical", but very few companies (outside of ones focused on Internet accessible servers) have backup generators and UPS systems, and those don't come anywhere close to 7 9's of availability.
|
|||||||||||||