The increasing complexity of software systems causes unprecedented dependability challenges, with software layers becoming the new dependability bottlenecks. Comprehending the enormous state space and perceiving the potential paths to system failure easily exceeds software ei1gineers' capabilities. In particular, existing methods for the evaluation of dependability attributes are no longer applicable in many modern software development scenarios.
This thesis suggests to structure software development around the scalable, empirical approach of software fault injection (SFI). The proposed fault-injection-driven development (FJDD) is first and foremost based on a dependability and a failure cause model of the system under consideration. Starting from these models, SFI approaches at different layers of abstraction are explored, which exercise the system's fault tolerance mechanisms to uncover dependability issues. Tools to automate both modelling and SFI experiments are presented in this thesis. From the vast space of conceivable failure causes, a model-based algorithm selects adequate SFI campaigns, which maximise the stress on the fault tolerance mechanisms of the system that is evaluated, while maintaining coverage guarantees.
The validity of the proposed techniques is demonstrated by applying FIDD to two case studies: a cloud management system (OpenStack) and a distributed, embedded railway setup.
FIDD can aid dependability comprehension and provides a structured framework for the evaluation of the dependability of complex software systems. By demonstrating the potential of FIDD, this thesis strives to motivate further efforts of explicitly integrating dependability aspects and SFI into everyday software development.