Dear Reviewers,
Thank you for your valuable feedback, we have carefully considered your requests and made the following changes to the paper.
- fixed typographical and grammatical errors throughout the text
- page 2: clarified the motivation of evaluating detection and mitigation mechanisms: FMEA includes the definition of disposition, the mechanisms of which are often compiled into a wrapper component, which is equally important to evaluate, but no other work addresses this problem experimentally
- page 2: clarified the role of the detailed running example: it is meant to be a tutorial demonstrating the main steps and points of interest in applying the approach for other systems
- page 3: included fault injection in the general FMEA part
- page 4: added more references to studies about software fault injection and fault models, this way better positioning our contribution and its novelty with respect to the state of the art
- page 4: added related work about source-code-level software fault injection and other approaches involving experimental fault injection to highlight the roots of model-based methods
- page 4: emphasized the context in which the presented approach is to be considered, highlighting the differences from existing methods
- page 9: added more citations to justify the example faults - page 13: added citations to general failure classifications
- page 18: again clarified the motivation of evaluating error detection and fault-tolerance mechanisms
- page 19: added note to advise readers about the larger amount of examples in the section and their purpose
- page 19: clarified the motivation of Section 5.1
- page 30: emphasized lazy evaluation as a contribution to the automated SW-FMEA approaches
- page 30: emphasized the benefit of the detailed running example
Reviewer C had specific questions and recommendations, which were also addressed, but we would like to give textual answers as well.
Reviewer C: state of the art: there are several recent works on SW FMEA. These involves different kind of software and languages, target systems, etc. I would recommend to perform an attentive comparison to better position your contribution and its novelty wrt the state of the art. This would help to clearly define the novelty of the work.
Authors: We have collected recent related work in SW-FMEA and showed that they mostly apply to source-code, which is supposedly not available in the design phase where we wish to introduce our approach.
Reviewer C: I find that some parts of the paper are exceedingly long, and could be shortened without significant loss of information. For example, I believe that the reading would be more pleasant (removing or reducing several of the listings/pieces of code.
Authors: One of the goals of this paper is to provide hands-on experience with the application of the proposed approach, facilitating the adaptability to real-life projects. This goal has been emphasized in the text and notes have been added to guide the readers between the introductory and detailed parts.
Reviewer C: I am not sure I understood how you define your fault model. Can you claim that it is complete?
Authors: The fault model is not complete (as this is hard to achieve in case of software faults).
It focuses on simple but frequent faults to provide a meaningful example. We have added several references to direct the reader to relevant studies on this topic.
Reviewer C: Table 3: some of the injections does not lead to an error detection. Why? What are the expectations? What happens in such cases?
Authors: This is a consequence of Table 2, where it turns out those 3 OM faults affect redundant instructions in the code, and therefore will not change the behavior of the system.
Thank you again for your feedback, let us know if you have any more comments.
Best regards, The authors