dependability itv real-time systems anders p. ravn aalborg university february 2006
Post on 21-Dec-2015
219 Views
Preview:
TRANSCRIPT
Characteristics of a RTS
• Timing Constraints
• Dependability Requirements
• Concurrent control of separate components
• Facilities to interact with special purpose hardware
Dependability - attributes
• Availability• Reliability• Safety• Confidentiality• Integrity• Maintainability
BW p. 139
Dependability - means
• Fault prevention • Fault tolerance• Error Removal• Failure Forecasting
BW p. 106, ...
Fault classification
• Origin
• Kind
• Property
• physical (internal/external)
• logical (design/interaction)
• omission
• value
• timing
byzantine
• duration (permanent, transient)
• consistency (determinate, nondeterminate)
• autonomy (spontaneous, event-dependent)
Failure Classification
• (Fault Failure)
• Consequence • benign
• malign (a mishap)
BW (Failure modes) p. 105
Fault Prevention
• Careful Design
• Conservative Design
• process (procedures)
• notations
• tools
• robust functionality
• testability
• tracability
Failure Forecasting
• Calculation – analysis of design
• Simulation – measurement on design
• Test -- measurement on implementation
Dependability - means
• Fault prevention • Fault tolerance• Error Removal• Failure Forecasting
BW p. 106 …
Fault Tolerance
Means to isolate component faults
Prevents system failures
May increase system dependability
... And mask them
N-version programming
V1 V2 V3
Driver (comporator)
Comparison vectors (votes)
Comparison status indicators
BW p. 109Comparison points
Fault classification (scope of N-VP)
• Origin
• Kind
• Property
• physical (internal/external)
• logical (design/interaction)
• omission
• value
• timing
byzantine
• duration (permanent, transient)
• consistency (determinate, nondeterminate)
• autonomy (spontaneous, event-dependent)
++
(+)++(+)
+ / (+)
+ / ++ / +
Dynamic Redundancy
1. Error detection
2. Damage confinement and assessment
3. Error recovery
4. Fault treatment and continued service
BW p. 114
Error Detection
f: State x Input State x Output
• Environment (exception)
• Application
BW p. 115
Assertion:• precondition (input)• postcondition (input, output)• invariant(state, state’)
Timing:• WCET(f, input) • Deadline (f,input)
D
Error Recovery
• Forward
• Backward
BW p. 118
Repair the state – if you can !
• define recovery points• checkpoint state at r. p.• roll back• retry
Domino effect
Recovery blocks
ENSURE acceptance_testBY { module_1 }ELSE BY { module_2 } ...ELSE BY { module_m }ELSE ERROR
BW p. 120
top related