Available fail-safe systems
نویسندگان
چکیده
Continuity of service and cost-effectiveness are adding new challenges to life critical systems over and above the underlying safety concerns. The introduction of redundant components is a necessary condition for increasing the overall system availability with respect to physical component failures. Here we consider redundancy by means of replicating fail-safe components in a distributed real-time system for railway applications. In such a system, some functions cannot tolerate even a brief service interruption. These functions have to be replicated using active redundancy, and their outputs must be consolidated with the goal that the failure of one component has no effect on the delivered service. We formally investigate conditions for preserving safety properties of fail-safe components when replicating them using active redundancy. We focus our analysis on duplex computers with two fail-safe units. Given some safety constraints, we show that inconsistency of replicated units can lead to safety degradation even if each replicated component (taken individually) satisfies the given safety constraints. Two solutions are studied: masking and detection of state or context inconsistency. The former leads to requirements on the output consolidation function and the latter to requirements on the redundancy management mechanisms.
منابع مشابه
Designing Efficient Fail-Safe Multitolerant Systems
In this paper, we propose a method for designing efficient fail-safe multitolerant systems. A multitolerant system is one that is able to tolerate multiple types of faults, and a fail-safe multitolerant system handles the various fault types in a fail-safe manner. Efficiency issues of interest are fault tolerance-related, and they are: (i) completeness, and (ii) accuracy. Based on earlier work,...
متن کاملFail-safe Modeling of Discrete Event Systems using Petri Nets
In this paper the effect of faults in the elements and parts of discrete event systems is investigated. In the occurrence of faults, some states of the system must be changed and some of them must be forbidden. For this goal, different states of these elements are examined and a model for fail-safe behavior of each state is introduced. Replacing new models of the target elements in the prelimin...
متن کاملAutomated design of efficient fail-safe fault tolerance
Both the scale and the reach of computer systems and embedded devices have been constantly increasing over the last decade. As such computer systems become pervasive, our reliance on such systems increases, resulting in our expectation for such systems to continuously deliver services, even in the presence of faults, that is we expect the computer systems to be dependable. One way to ensure the...
متن کاملAND DAVID R . MCGEE Safety - Critical Applications TANGIBLE MULTIMODAL INTERFACES FOR
D espite the success of information technology, there are important problem-solving tasks that computing has had difficulty supporting. Consider an example from the military. In Figure 1, we see officers turning their backs on computing, preferring instead to work with an 8-foot high paper map and Post-it notes. They explain there are good reasons for their reluctance to use digital systems—pap...
متن کاملFail-Stutter Fault Tolerance
Traditional fault models present system designers with two extremes: the Byzantine fault model, which is general and therefore difficult to apply, and the fail-stop fault model, which is easier to employ but does not accurately capture modern device behavior. To address this gap, we introduce the concept of fail-stutter fault tolerance, a realistic and yet tractable fault model that accounts fo...
متن کامل