Abstract
Increasingly, fault-tolerant distributed software applications use a separate architecture for failure detection instead of coding the mechanisms inside the application itself. Such a structure removes the intricacies of the failure detection mechanisms from the application, and avoids repeating them in every program. However, successful system reconfiguration now depends on the management architecture (which does both fault detection and reconfiguration), and on management subsystem failures, as well as on the application. This paper presents an approach which computes the architecture-based system reconfiguration coverage simultaneously with its performability.