Hermann Kopetz received his PhD in physics "sub auspiciis praesidentis" from the University of Vienna, Austria in 1968. After eight years in Industry he accepted in 1978 an appointment as a Professor for Computer Process Control at the Technical University of West-Berlin, moving to the Technical University of Vienna in 1992. Kopetz is a full member of the Austrian Academy of Science, a Life Fellow of the IEEE, and is a member of the Information Society Advisory Group (ISTAG), advising the European Commission in Brussels in the domain of Information Technology since 2008. In June 2007 he received the honorary degree of Dr. honoris causa from the University Paul Sabatier in Toulouse, France. Kopetz is the chief architect of the Time-Triggered Architecture for dependable Embedded Systems and a co-founder of the company TTTech.




Recognizing the strategic importance of embedded computing for industry and society, the European Commission formed, together with industry, academia, and national governments, the European technology platform ARTEMIS (Advanced Research and Technology for EMbedded Intelligence and Systems) in 2004. It is one goal of ARTEMIS to develop a cross-domain embedded system architecture, supported by design methods and tools, to significantly improve the functionality, dependability, and cost-effectiveness of embedded systems. In a first phase an expert working group consisting of industrial and academic partners captured the requirements and constraints of such a cross-domain architecture. The following GENESYS (GENeric Embedded SYStems) project, carried out by a consortium of twenty industrial and academic partners coming from different embedded system domains, developed a blueprint for such an architecture that should be applicable in the industrial domain as well as in the multimedia domain. This blueprint (GENESYS) has been strongly influenced by the concepts of and the experience with the time-triggered architecture. This talk will discuss the design principles and the architectural style of GENESYS and will give an overview of the architectural services with a focus on dependability issues.




Rick Schlichting is currently Executive Director of Software Systems Research at AT&T Labs in Florham Park, NJ. He received the B.A. degree in mathematics and history from the College of William and Mary, and the M.S. and Ph.D. degrees in computer science from Cornell University. He was on the faculty at the University of Arizona from 1982-2000, and spent sabbaticals in Japan in 1990 at Tokyo Institute of Technology and in 1996-97 at Hitachi Central Research Lab. Schlichting is an ACM Fellow and an IEEE Fellow, has served on the editorial boards of a number of IEEE magazines and journals, and has been on the technical program committees for over 70 conferences and workshops. He is also the current chair of IFIP Working Group 10.4 on Dependable Computing and Fault-Tolerance, and has been active in the IEEE Computer Society Technical Committee on Dependable Computing and Fault Tolerance, serving as Chair of that organization from 1998-99. His research interests include highly dependable computing, distributed systems, and networks.




As a tier-1 ISP and telecom company, AT&T operates many services that form critical components of societal infrastructure, ranging from mobile phone networks to enterprise VPN services to an IP backbone that spans the globe. Ensuring the dependability of such services in a 24 by 7 operational setting is a daunting task, especially given their scale and inherent complexity. This talk will focus on work at AT&T that attempts to address the diagnosis aspect of the dependability equation in a variety of scenarios. Examples will be drawn from operational AT&T services, from the domain of network management, and from experimental techniques under development for VOIP services.




Jean-Paul Blanquart is responsible for advanced studies in dependability in Astrium Satellites. He received his PhD in Dependable Computing from the National Polytechnic Institute of Toulouse (France) in 1983 and worked as researcher in LAAS-CNRS until 1988 when he joined (space) industry. His current work focuses on formal model-based approaches to support the expression and validation of dependability properties, and on the integration of such approaches into industial processes. Jean-Paul Blanquart provides also support as dependability engineer for critical space vehicles (Ariane 5, ATV) or ground centres for navigation sevrices, air traffic management etc. Active member of the dependable computing community he is particularly involved in the organisation of and technical contribution to working groups combining academic and industrial experience from various disciplines and application domains, such as CISEC to promote critical embedded systems among students and professionals or CG2E to work on convergence of practices, tools and standards across domains.




After a brief survey of space systems dependability needs, solutions and achievements, the talk will identify the main challenges and focus on one of them: the demonstration that the set of automatic on-board mechanisms to detect and process faults, and their organisation and behaviour, are actually correct and efficient. Though this may look as a classical problem of design corrrectness, some particular characteristics of dependability analyses introduce additional difficulties, with the necessity to combine different models so as to represent and analyse the behaviour of fault tolerance mechanisms, as well as the dynamics of the propagation of faults and the structure of the system on which the fault propagation dynamics is attached, and on which also the fault tolerance mechanisms directly act. Modelling is based on abstraction and it is always possible, in principle, to abstract one view in another. However this raises the difficulty of the validity of the abstraction which may hide important information for instance on side effects of the coupling between the propagation of faults and the complex dynamics of the system, or between discrete and continuous dynamics. The talk will present the various dependability modelling approaches, how they can be combined towards more accurate analyses, and the current limitations and perspectives.