Experimental Evaluation of the Fail-Silent Behavior of a Distributed Real-Time Run-Time Support Built from COTS Components

Mainly for economic and maintainability reasons, more and more dependable real-time systems are built from Commercial Off-The-Shelf (COTS) components. To build these systems, a commonly-used assumption is that computers are fail-silent. The goal of our work is to determine the coverage of the fail-silence assumption for computers executing a real-time run-time support built exclusively from COTS components, in the presence of physical faults. The evaluation of fail-silence has been performed on the HADES run-time support [1], aimed at executing distributed hard real-time dependable applications. The main result of the evaluation is a fail-silence coverage of 99.1%. Moreover, we evaluate the error detection mechanisms embedded in HADES according to a rich set of metrics, which provides guidance to choose the set of error detection mechanisms the best suited to the system needs (e.g. find the best trade-off between fail-silence coverage and overhead caused by error detection).