This study addresses the critical gap in systematic understanding of real-world failures in Model Context Protocol (MCP)-based systems, which hinders their reliability and safety. Through large-scale empirical analysis and a practitioner survey, we propose and validate a taxonomy of MCP-related failures comprising five high-level categories, explicitly distinguishing MCP-specific faults from general ones. Our findings reveal the prevalence of each failure type in practice, identify the most error-prone and critical components within MCP systems, and provide actionable insights for building more robust and secure AI software. This work establishes the first comprehensive foundation for failure analysis in MCP-based architectures, offering concrete guidance to improve system dependability.

The rapid adoption of foundation models has significantly expanded the capabilities of software systems, enabling them to perform complex language, reasoning, and interaction tasks that were previously difficult to automate. However, this progress has also introduced novel challenges that were largely absent in previous generations of software. In particular, the increasing integration of foundation models with external tools and resources raises new concerns regarding reliability, security, and robustness. The Model Context Protocol (MCP) has recently been proposed to standardize interactions between AI-based software systems, software tools, and external resources. Despite its growing adoption, there remains limited systematic understanding of real-world faults in MCP-based software systems. In this paper, we present the first large-scale taxonomy of faults in MCP servers, comprising five high-level fault categories derived from empirical evidence. To evaluate the completeness and generalizability of this taxonomy, we conduct a survey of MCP practitioners with diverse roles and experience levels. The results confirm that all identified fault categories occur in practice and reveal distinct characteristics that differentiate MCP-specific faults from non-MCP faults. Overall, this study provides actionable insights for researchers and practitioners by identifying the most error-prone and critical components of MCP-based systems. These insights can inform the development of more robust, reliable, and secure AI-enabled software systems that rely on MCP.