Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reliability and Fault Tolerance

Published byCordelia Davidson Modified over 5 years ago

Similar presentations

Presentation on theme: "Reliability and Fault Tolerance"— Presentation transcript:

1 Reliability and Fault Tolerance
Setha Pan-ngum

2 Introduction From the survey by American Society for Quality Control [1]. Ten most important product attributes Attribute Ave. Score performance 9.5 Ease of use 8.3 Last a long time (reliability) 9.0 Appearance 7.7 Service 8.9 Brand name 6.3 Easily repaired (maintainability) 8.8 Packaging/display 5.8 warranty 8.4 Latest model 5.4

3 Introduction Embedded system major requirements Low failure rate
Leads to fault tolerance design Gracefully degradable

4 Failures, errors, faults
Fault – defects that cause malfunction Hardware fault e.g. broken wire, stuck logic Software fault e.g. bug Error – unintended state caused by fault. E.g. software bug leads to wrong calculation  wrong output Failure – errors leads to system failure (opearates differently from intended)

5 Causes of Failures Errors in specification or design Component defects
Environmental effects

6 Errors in specification or design
Probably the hardest to detect Embedded system development: Specification Design Implementation If specification is wrong, the following steps will be wrong. E.g. unit compatibility of rocket example.

7 Component defects Depends on device
Electronic components can have defects from manufacturing, and wear and tear.

8 Operating environment
Stresses Temperatures Moisture vibration

9 Classification of failures
Nature Value – incorrect output Timing – correct output but too late. Perception – as seen by users Persistent – all users see same results. E.g. sensor reading stuck at ‘0’ Inconsistent – users see differently. E.g. sensor reading floats (say between 1-3V, and could be seen as ‘1’ or ‘0’). Called malicious or Byzantine failures

10 Classification of failures
Effects Benign – not serious e.g. broken tv Malign – serious e.g. plane crash Oftenness Permanent – broken equipment Transient – lose wire, processors under stress (EMI, power supply, radiation) Transient occurs a lot more often!

11 Example of transient failure
From report on fire control radar of F-16 fighters [3] Pilot noticed malfunctions every 6 hrs Pilot requested maintenance every 31 hrs 1/3 of requests can be reproduced in workshop Overall less than 10% of transient failures can be reproduced!

12 Types of errors Transient Permanent
Regularly occurs. E.g. electrical glitches causes temporary value error Permanent Transient fault can be kept in database, making it permanent.

13 Classifications of faults
Nature By chance – broken wire Intentional – virus Perception Physical Design Boundary Internal – component breakdown External – EMI causes faults

14 Classifications of faults
Origin Development e.g. in program or device Operation e.g. user entering wrong input Persistence Transient – glitches caused by lightning Permanent faults that need repair

15 Definitions Reliability R(t) Maintainability M(t) Availability A(t)
Probability that a system will perform its intended function in the specified environment up to time t. Maintainability M(t) Probability that a system can be restored within t units after a failure. Availability A(t) Probability that a system is available to perform the specified service at tdt. (% of system working)

16 Reliability [4] R(0) = 1, R( Failure density f(t) = -dR(t)/dt
Failure rate (t) = f(t)/R(t) (t) dt is the conditional probability that a system will fail in the interval dt, provided it has been operational at the beginning of this interval When (t) = constant then R(t) = e-t = MTTF (Mean Time to Failure)

17 Failure rate (t) Burn-in Wear-out Late Early faillures
Real-time Period of constant Failure Rate Early faillures Late Burn-in Wear-out

18 Failure rate vs Costs [4]
Cost of System US Air Force: Failure rate of electronic systems within a given technology increases with increasing system cost.

19 Maintainability Mesured by Repair-rate 
When (t) = constant then M(t) = e-t = MTTR (Mean Time to Repair) Preventive maintenace: If  increases in time, then it makes sense to replace the aging unit. If  of different units evolves differently, preventive maintenace consists in replacing the “Smallest Replaceable Units” with growing 

20 Reliability vs. Maintainability
Reliability and maintainability are, to a certain extent, conflicting goals. Example: Connectors Inside a SRU, reliability must be optimized Between SRU’s, maintainability is important Plug Solder Reliability bad good Maintainability

21 Availability A = MTTF / ( MTTF + MTTR ) Good availability can be achieved either by a high MTTF by a small MTTR A high system MTTF can be achieved by means of fault tolerance: the system continues to operate properly even when some components have failed. Fault tolerance reduces also the MTTR requirements.

22 Fault tolerance obtained through redundancy (more resources assigned to a task than strictly required) REDUNDANCY can be used for Fault detection Fault correction can be implemented at various levels at component level at processor level at system level

23 Redundancy at component level
Error detection/correction in memories Error detection by parity bit. Error correction by multiple parity bits.

24 Redundancy at component level
Stripe Sets with Parity (RAID) Disk 1 Disk 2 Disk 3 = XOR of two other disks

25 Redundancy at component level
Error detection in an ALU ALU proof by 9 Error !

26 Redundancy in components
Error detection to correct transient errors by retry to avoid using corrupted data Error correction to correct transient errors on the fly to remain operational after catastrophic component failure Scheduled maintenance instead of urgent repair.

27 Fault detection at Processor Level
1 C P U 2 = Error

28 Fault correction at Processor Level
Voting Logic C P U 1 C P U 2 C P U 3

29 Replica Determinism A set of replicated RT objects is “replica determinate” if all objects of this set visit the same state at about the same time. “At about the same time” makes a concession to the finite precision of the clock synchronization Replica determinism is needed for consistent distributed actions fault tolerance by active redundancy

30 Replica Determinism Lack of replica determinism makes voting meaningless. Example: Airplane on takeoff Lack of replica determinism causes the faulty channel to win !!! System 1: System 2: System 3: Majority: Take off Abort Accelerate Engine Stop Engine Stop Engine (fault)

31 Fault Correction at System Level Hot Stand-By
1 S Y T E M 2 Error Detection

32 Fault Correction at System Level Cold Stand-By
1 S Y T E M 2 Error Detection Common Memory

33 Fault Correction at System Level Distributed Common Memory
1 S Y T E M 2 Error Detection Distributed Common Memory In fact, each processor has access to the memory of the other to keep a copy of the state of all critical processes

34 Fault Correction at System Level Load Sharing
1 S Y T E M 1 S Y T E M 1 S Y T E M 1 Common Memory

35 Safety Critical systems
Voting Logic S Y 1 S Y 2 S Y 3 S Y 4 Fail once, still operational, fail twice, still safe.

36 Safety Critical Systems
But What happens in case of a Software Bug ???

37 Space Shuttle Computer system
Voting Logic S Y 4 S Y 1 S Y 2 S Y 3 S Y 5

38 References Ebeling C, An introduction to reliability and maintainability engineering, McGraw-Hill, 1997 Krishna C, Real-time systems, McGraw-Hill, 1997 Kopetz H, Real-time systems design principles for distributed embedded applications, Kluwer, 1997 Tiberghien J, Real-time system fault tolerance, Lecture slides

Download ppt "Reliability and Fault Tolerance"

Similar presentations

Redundant Array of Independent Disks (RAID) Striping of data across multiple media for expansion, performance and reliability.

Redundant Array of Independent Disks (RAID) Striping of data across multiple media for expansion, performance and reliability.
Chapter 8 Fault Tolerance

Chapter 8 Fault Tolerance
Fault-Tolerant Systems Design Part 1.

Fault-Tolerant Systems Design Part 1.
Copyright 2007 Koren & Krishna, Morgan-Kaufman Part.1.1 FAULT TOLERANT SYSTEMS Part 1 - Introduction.

Copyright 2007 Koren & Krishna, Morgan-Kaufman Part.1.1 FAULT TOLERANT SYSTEMS Part 1 - Introduction.
5th Conference on Intelligent Systems

5th Conference on Intelligent Systems
Software Fault Tolerance – The big Picture RTS April 2008 Anders P. Ravn Aalborg University.

Software Fault Tolerance – The big Picture RTS April 2008 Anders P. Ravn Aalborg University.
CS 582 / CMPE 481 Distributed Systems Fault Tolerance.

CS 582 / CMPE 481 Distributed Systems Fault Tolerance.
REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

REAL-TIME SOFTWARE SYSTEMS DEVELOPMENT Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Last Class: Weak Consistency

Last Class: Weak Consistency
7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.

7. Fault Tolerance Through Dynamic or Standby Redundancy 7.5 Forward Recovery Systems Upon the detection of a failure, the system discards the current.
CSE 466 – Fall 2000 - Introduction - 1 Safety  Examples  Terms and Concepts  Safety Architectures  Safe Design Process  Software Specific Stuff 

CSE 466 – Fall Introduction - 1 Safety  Examples  Terms and Concepts  Safety Architectures  Safe Design Process  Software Specific Stuff 
Computer Science Lecture 16, page 1 CS677: Distributed OS Last Class:Consistency Semantics Consistency models –Data-centric consistency models –Client-centric.

Computer Science Lecture 16, page 1 CS677: Distributed OS Last Class:Consistency Semantics Consistency models –Data-centric consistency models –Client-centric.
Page 1 Copyright © 2002-2010 Alexander Allister Shvartsman CSE 6510 (461) Fall 2010 Selected Notes on Fault-Tolerance (12) Alexander A. Shvartsman Computer.

Page 1 Copyright © Alexander Allister Shvartsman CSE 6510 (461) Fall 2010 Selected Notes on Fault-Tolerance (12) Alexander A. Shvartsman Computer.
Introduction to Dependability slides made with the collaboration of: Laprie, Kanoon, Romano.

Introduction to Dependability slides made with the collaboration of: Laprie, Kanoon, Romano.
Lecture 11: Storage Systems Disk, RAID, Dependability Kai Bu

Lecture 11: Storage Systems Disk, RAID, Dependability Kai Bu
Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.
Lecture 11: Storage Systems Disk, RAID, Dependability Kai Bu

Lecture 11: Storage Systems Disk, RAID, Dependability Kai Bu
Chapter 6 RAID. Chapter 6 — Storage and Other I/O Topics — 2 RAID Redundant Array of Inexpensive (Independent) Disks Use multiple smaller disks (c.f.

Chapter 6 RAID. Chapter 6 — Storage and Other I/O Topics — 2 RAID Redundant Array of Inexpensive (Independent) Disks Use multiple smaller disks (c.f.
1 Fault-Tolerant Computing Systems #2 Hardware Fault Tolerance Pattara Leelaprute Computer Engineering Department Kasetsart University

1 Fault-Tolerant Computing Systems #2 Hardware Fault Tolerance Pattara Leelaprute Computer Engineering Department Kasetsart University
CS 352 : Computer Organization and Design University of Wisconsin-Eau Claire Dan Ernst Storage Systems.

CS 352 : Computer Organization and Design University of Wisconsin-Eau Claire Dan Ernst Storage Systems.

Similar presentations

Ads by Google