Download presentation
Presentation is loading. Please wait.
1
Dependability ITV Real-Time Systems Anders P. Ravn Aalborg University February 2006
2
Characteristics of a RTS Timing Constraints Dependability Requirements Concurrent control of separate components Facilities to interact with special purpose hardware
3
Dependability - attributes Availability Reliability Safety Confidentiality Integrity Maintainability BW p. 139
4
Dependability - means Fault prevention Fault tolerance Error Removal Failure Forecasting BW p. 106,...
5
Dependability - impediments Faults Errors Failures BW p. 103,... FaultErrorFailure... Fault
6
System and Component
7
Fault classification Origin Kind Property physical (internal/external) logical (design/interaction) omission value timing byzantine duration (permanent, transient) consistency (determinate, nondeterminate) autonomy (spontaneous, event-dependent)
8
Error Classification (Fault Error) Effect Extent latent effective local distributed
9
Failure Classification (Fault Failure) Consequence benign malign (a mishap) BW (Failure modes) p. 105
10
Dependability - means Fault prevention Fault tolerance Error Removal Failure Forecasting
11
Fault Prevention Careful Design Conservative Design process (procedures) notations tools robust functionality testability tracability
12
Dependability - means Fault prevention Fault tolerance Error Removal Failure Forecasting
13
Error Removal Verification (analysis of design) Test (analysis of implementation)
14
Dependability - means Fault prevention Fault tolerance Error Removal Failure Forecasting
15
Calculation – analysis of design Simulation – measurement on design Test -- measurement on implementation
16
Dependability - means Fault prevention Fault tolerance Error Removal Failure Forecasting BW p. 106 …
17
Fault Tolerance Means to isolate component faults Prevents system failures May increase system dependability... And mask them
18
Fault Tolerance
19
FT - levels Full tolerance Graceful Degradation Fail safe BW p. 107
20
FT basis: Redundancy Time Space TryRetry... Try... BW p. 109
21
N-version programming V1 V2 V3 Driver (comporator) Comparison vectors (votes) Comparison status indicators BW p. 109 Comparison points
22
Fault classification (scope of N-VP) Origin Kind Property physical (internal/external) logical (design/interaction) omission value timing byzantine duration (permanent, transient) consistency (determinate, nondeterminate) autonomy (spontaneous, event-dependent) + (+) ++ (+) + / (+) + / +
23
Dynamic Redundancy 1.Error detection 2.Damage confinement and assessment 3.Error recovery 4.Fault treatment and continued service BW p. 114
24
Error Detection f: State x Input State x Output Environment (exception) Application BW p. 115 Assertion: precondition (input) postcondition (input, output) invariant(state, state’) Timing: WCET(f, input) Deadline (f,input) D
25
Damage Confinement Static structure Dynamic structure BW p. 117 object I I
26
Error Recovery Forward Backward BW p. 118 Repair the state – if you can ! define recovery points checkpoint state at r. p. roll back retry Domino effect
27
Recovery blocks ENSURE acceptance_test BY { module_1 } ELSE BY { module_2 }... ELSE BY { module_m } ELSE ERROR BW p. 120
28
The ideal FT-component Exception HandlerNormal mode Request/response Interface exception Interface exception Failure exception Failure exception BW p. 126
Similar presentations
