--On Wednesday, September 24, 2003 12:37 PM +0200 Alistair Crooks
<agc@wasabisystems.com> wrote:

> On Tue, Sep 23, 2003 at 08:19:07PM -0700, Sam Leffler wrote:
>> > I have written the code for two extra options to systrace that I
>> > think will help when systrace comes across less than usual situations.
>> > 
>> > They are:
>> > 
>> > Randomly cause system calls to fail.
>> >  * This can be used to explore code paths that may only be taken
>> >    rarely.  When used with automatic policy generation, this helps
>> >    the policy to converge on a programs actual behaviour.
>> 
>> You should learn about the ROC project going on at UCBerkeley/Stanford.
>> Part of that work is a tool for fault injection testing of systems.
>> 
>> 	<http://roc.cs.berkeley.edu/>
>> 
>> Look for FIG on Pete Broadwell's page.
> 
> Fault-injection as a means of testing systems has been around for a
> while (ORCHESTRA, http://www.pdl.cmu.edu/SDI/1996/jahanian.html), if
> not before, and newer implementations like Mendosus, leading up to
> hybrid implementations as found in
> (http://citeseer.nj.nec.com/584965.html).

I suggest you read about ROC.  Fault injection is old hat and their papers
recognize that. But what they're trying to do with fault injection is
different. I directed the ROC folks to systrace a while ago; not sure if
they did anything with it. Probably not as they're more interested in using
virtual machines as a vehicle.

Anyway, the point was to make both groups aware of each other (I also poked
the ROC folks).

	Sam