Run-time Distributions in Passively Replicated Systems Using Timeout and Acceptance Fault Detection

Fault tolerance based on passive replication is common in many systems. If this kind of fault tolerance mechanism is to be used in a real-time system, timing analysis is necessary, as the fault tolerance mechanism itself may cause timing faults. There are different ways of detecting when the primary replica has failed, one of them is to use a timeout to detect crash and omission failures, another to run acceptance tests on the results, which detects some value failures. As these two detection strategies cover different kinds of failures, it can be useful to combine them. In this paper, a mathematical model for the timing behaviour of a system with passive replication, where a combination of timeout and acceptance test is used for fault detection, is derived. Examples are given to demonstrate how the model can be used for calculation of deadline miss probabilities, and further how this can be used for checkpoint placement optimisation.