Download - Dependable Systems
-
8/9/2019 Dependable Systems
1/24
DEPENDABLEDEPENDABLE
SYSTEMSSYSTEMSFOR QUALITY CAREFOR QUALITY CARE
-
8/9/2019 Dependable Systems
2/24
SYSTEMSYSTEMRELIABILITY RELIABILITY
AVAILABILITY AVAILABILITY
CONFIDENTIALICONFIDENTIALITY TY
DATADATA
INTEGRITY INTEGRITY
RESPONSIVRESPONSIVENESSENESS
SAFETY SAFETY
DEPENDABILITY
-
8/9/2019 Dependable Systems
3/24
DEPENDABILITY
HOLISTIC measurement of the extent to whicha system can justifiably be relied on to deliver the services expected of it
always in a PROGRESSION rather thanRETROGRESSION
-
8/9/2019 Dependable Systems
4/24
ATTRIBUTES OF DEPENDABILITY
ATTRIBUTE DESCRIPTIONSystem reliability system consistently
behaves in the same
wayService availability required services are
present and usablewhen they are needed
Confidentiality sensitive information
is disclosed only to
-
8/9/2019 Dependable Systems
5/24
ATTRIBUTES OF DEPENDABILITY
ATTRIBUTE DESCRIPTIONData integrity Data are not
corrupted or
destroyedResponsiveness The system responds
to user input within anexpected andacceptable timeperiod
Safety the system does not
-
8/9/2019 Dependable Systems
6/24
WHAT IF SOME OR MOST OF THEATTRIBUTES FOR DEPENDABILITY
ARE MISSING???
DEPENDABILITY ISSUESARISE
-
8/9/2019 Dependable Systems
7/24
DEPENDABILITY ISSUES
CareGroup catastrophe (2003)Worm attack at Covenant HealthPower outage at Kaiser PermanenteBlaster and SoBig worm attacks
-
8/9/2019 Dependable Systems
8/24
WHAT IS THEN THE SOLUTIONFOR
THESE ISSUES?ANSWER: GUIDELINES FORDEPENDABILITY
-
8/9/2019 Dependable Systems
9/24
DEPENDABLE SYSTEMSGUIDELINES
Guideline 1: Dependability Architecture
Guideline 2: Anticipate Failures
Guideline 3: Anticipate Success
Guideline 4: Hire Meticulous Managers
Guideline 5: Dont Be Adventurous
-
8/9/2019 Dependable Systems
10/24
ARCHITECT FORDEPENDABILITY
SIMPLIFIED, INTEGRATED STRUCTURE ANDYET, NO-SINGLE DEPENDABILITY
No critical component is dependent on acomponent less trustworthy than itself (Fig. 15.1) CREATION FROM BOTTOM-UP Security and safety services are only as
dependable as the operating systems, networks,and other system services on which they depend
GUIDELINEGUIDELINE11
-
8/9/2019 Dependable Systems
11/24
Vulnerabilities from the bottom structure willcreate a domino effectNo single component should be capable of
bringing the system down should thatcomponent fail
ARCHITECT FORDEPENDABILITY
GUIDELINEGUIDELINE11
-
8/9/2019 Dependable Systems
12/24
COMPLEXITY VULNERABILITY
Design flaws increase in proportion to theincreasing complexity and speed of theprocessors (Moors Law)This vulnerability makes the system prone to
malicious softwares (malwares)
ANTICIPATE FAILURESGUIDELINEGUIDELINE22
-
8/9/2019 Dependable Systems
13/24
Availability of fail-safe options, fault detector softwares, anti-malware and backup recoveryprograms
Application-specific features should beimplementedSafety-critical systems should be designed andbuilt to fail in a SAFE state
ANTICIPATE FAILURESGUIDELINEGUIDELINE22
-
8/9/2019 Dependable Systems
14/24
The systems planning process should anticipatebusiness success---and the consequential needfor larger networks, more systems, new
applications, and additional integrationE.g. Use-case scenarios that anticipate hospital and
clinic mergers, acquisitions, and a growingpatient/customer base
It enhances future planning and possibleintegration
ANTICIPATE SUCCESSGUIDELINEGUIDELINE33
-
8/9/2019 Dependable Systems
15/24
Hiring individuals who are good FORECASTERS- who know that failures will occur and accept thatfailures are most likely to occur when they are
least expected
Applying good managerial skills in managing andmonitoring the system and network performance,managing the workload, and practicing gooddecision-making skills
HIRE METICULOUSMANAGERS
GUIDELINEGUIDELINE44
-
8/9/2019 Dependable Systems
16/24
PROVEN = BEST SUCCESS
USE ONLY the PROVEN methods, tools,technologies, and products that have been inproduction, under conditions, and at a scalesimilar to the intended environment
DONT BE ADVENTUROUSGUIDELINEGUIDELINE55
-
8/9/2019 Dependable Systems
17/24
IF THE HEALTH CARE SYSTEMSARE TO BE EXAMINED,
WILL THE SYSTEMS BEDEPENDABLE?
-
8/9/2019 Dependable Systems
18/24
ASSESSING THEHEALTHCARE INDUSTRY
OBSERVATIONS OF DEPENDABILITY INHEALTH SYSTEMS
-
8/9/2019 Dependable Systems
19/24
ARCHITECTUREGUIDELINGUIDELINE 1E 1
Healthcareorganizationscompose their
systems from the topdownSelection of users
interface IT
analyst-vendornegotiation production
Isolated, complexdepartmental
HIPAA securityregulation:
Security mgmt.
Secured responsibilityInformation accessmgmt.
Security awarenessand training
Security incidentprocedures
Contingency planningEvaluationBusiness associate
GRADEGRADEDD
-
8/9/2019 Dependable Systems
20/24
ANTICIPATEFAILURES
GUIDELINEGUIDELINE22
GRADEGRADEDD
Commercial, clinicalsoftware applications areNOT subject to FDAcertification or any othertype of certification
Complex architecturefurther increases failures,and may lead to loss of
human lifee.g. Therac-25 failurePCs that connect to the
enterprise network fromoutside serve as channelsfor transporting malicious
FDA Improvementin the reportingsystem and
development of procedures andguidelines specificfor software
-
8/9/2019 Dependable Systems
21/24
ANTICIPATESUCCESS
GUIDELINEGUIDELINE33
GRADEGRADECC
Healthcareorganizations expecttheir software
applications,computer systems,and networks towork
However, they donot foresee that theirsuccess may increaseneed for processingpower and
Sharing theexperience to otherorganizations by
the CIO of CareGroup
-
8/9/2019 Dependable Systems
22/24
ITMANAGEMENT
GUIDELINGUIDELINE 4E 4
GRADEGRADECC
Health care organizations may hireIT managers who may understand
the healthcare business, but may notunderstand the fragile nature of IT orthe importance of the Guideline 1
(Architecture) for dependability,leading to LOOSE composites of departmental systems
Very low investment in IT (2%) andsubsequent meager budget for IT
-
8/9/2019 Dependable Systems
23/24
ADVENTUROUS TECHNOLOGY
GUIDELINEGUIDELINE55
GRADEGRADECC
Historically:cliniciansresiliency tochange
Today: Moreadventurous
approaches tohealth caree.g. wireless
networking,
Fallback:Wireless potential
of broadcasting vitalsensitive data toenterprises
Handheld devices weak authentication,no separation of execution domain,weak encryption,
vulnerability to
-
8/9/2019 Dependable Systems
24/24