An operate with missing region feature allows a cluster to continue servicing reads for available regions even when some regions are missing. Upon a given node failure condition, the cluster is placed in an effective read-only mode for all regions. The node failure condition typically is one where there has been a failure of an authoritative region copy and no backup copy is then available. Typically, read-only means no client write or update requests succeed while the cluster is in this state. Those requests should fail with an error message that indicates failure because of the read-only status. Preferably, such requests are re-tried. In this mode, regions are only allowed to perform read operations but the cluster continues to operate with missing regions, and missing regions are entered on a region map. The cluster then automatically recovers returning missing regions, after which it leaves the read-only state.

Methods and apparatus are provided for providing testing as a service. A loading computing device can receive a request to restore a testing computing device to a known software configuration. The loading computing device, after receiving the request to restore the testing computing device, can restore the testing computing device by at least: obtaining a software image storing the known software configuration, where the software image includes security-context data having security contexts associated with the plurality of software components, and where a particular security context can have an identity, a role, and a domain or type; storing at least part of the obtained software image onto the testing computing device, and after storing at least part of the obtained software image onto the testing computing device, setting security contexts for the obtained software image stored on the testing computing device using the security-context data.

Disclosed are systems, methods, and articles for determining compatibility of a mobile application and operating system on a mobile device. In some aspects, a method includes receiving one or more data values from a mobile device having a mobile medical software application installed thereon, the data value(s) characterizing a version of the software application, a version of an operating system installed on the mobile device, and one or more attributes of the mobile device; determining whether the mobile medical software application is compatible with the operating system by at least comparing the received data value(s) to one or more test values in a configuration file; and sending a message to the mobile device based on the determining, the message causing the software application to operate in one or more of a normal mode, a safe mode, and a non-operational mode.

Disclosed are systems, methods, and articles for determining compatibility of a mobile application and operating system on a mobile device. In some aspects, a method includes receiving one or more data values from a mobile device having a mobile medical software application installed thereon, the data value(s) characterizing a version of the software application, a version of an operating system installed on the mobile device, and one or more attributes of the mobile device; determining whether the mobile medical software application is compatible with the operating system by at least comparing the received data value(s) to one or more test values in a configuration file; and sending a message to the mobile device based on the determining, the message causing the software application to operate in one or more of a normal mode, a safe mode, and a non-operational mode.

Methods and apparatus are provided for providing testing as a service. A loading computing device can receive a request to restore a testing computing device to a known software configuration. The loading computing device, after receiving the request to restore the testing computing device, can restore the testing computing device by at least: obtaining a software image storing the known software configuration, where the software image includes security-context data having security contexts associated with the plurality of software components, and where a particular security context can have an identity, a role, and a domain or type; storing at least part of the obtained software image onto the testing computing device, and after storing at least part of the obtained software image onto the testing computing device, setting security contexts for the obtained software image stored on the testing computing device using the security-context data.

A method includes identifying a subset of components of a node that should be loaded during the next boot of the node, storing a list of the identified subset of components in a file outside of a basic input output system, and initiating boot of the node. The method further comprises the basic input output system accessing the file and controlling boot of the node to load only the identified subset of components of the node. Another method stores a plurality of such files, wherein each file is associated with maintenance of a target component of the node. After selecting one of the files, the basic input output system may access the selected file and control boot of the node to load only the subset of components that the selected file indicates should be loaded for purposes of a maintaining or testing the target component.

A system and method for enhanced dispatch of an operationally critical system is disclosed. The method receives a minimum equipment list associated with the system including a plurality of dispatch critical applications with at least one dispatch critical application instance. A rules set determines a plurality of schedules of the dispatch critical application instances in compliance with the minimum equipment list, each schedule associates a specific processing resource with a specific dispatch critical application instance. A monitor tracks the availability of each dispatch critical application instance and, should one or more instanced become unavailable, the method implements an alternate schedule of dispatch critical application instances in accordance with the rules set and the minimum equipment list.

Described embodiments include methods and systems for managing client-side services. An intermediary may receive metadata from a first client device of the plurality of client devices. The metadata can include runtime characteristics of a first instance of a service that is incorporated into a client-side application or a web application. The first instance may execute on the first client device and request service data from the at least one server. The intermediary can detect an anomaly in the operation of the first instance of the service. The intermediary can identify an operation of the first instance of the service causing the detected anomaly. The intermediary can, responsive to the detected anomaly, cause delay, removal or modification of operations corresponding to the identified operation, in other instances of the service executing on the plurality of client devices.

Provided is a fault tolerance method which is performed by one or more processors, and which includes receiving an application execute command, executing a main process of an application in response to the execute command, receiving, by a split execution module, information on a plurality of devices associated with the execution of the application from an orchestrator, executing, by the split execution module, a sub-process for each of the plurality of devices using the information on the plurality of devices, and performing, by the split execution module, fault tolerance associated with the execution of the application using an idle device, if a failure occurs in at least some of the plurality of devices.

This disclosure provides systems, methods, and devices for vehicles with automated driving systems. In a first aspect, a method of isolation in an automated driving system includes detecting the error in a first domain of the automated driving system, isolating a second domain of the automated driving system from the first domain, maintaining operation of the second domain after isolating the second domain from the first domain, and bypassing, by the second domain, the first domain to transmit notifications to an external controller via a first communication interface. Other aspects and features are also claimed and described.