A methodology for cost-effective software fault tolerance for mission-critical systems

Kreutzfeld, R.J.; Neese, R.E.

doi:10.1109/dasc.1996.559128

Cited by 4 publications

(6 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However their application in conjunction provides integrated comprehensive coverage, which dramatically increases the reliability of PANSAT. As mentioned at the beginning, most faulttolerance research has been working with distributed systems, working with a large pool of hardware resources [Kreutzfeld, 1997]. Unfortunately, the particulars of space, especially in this project, preclude the use of most of those features.…”

Section: Discussionmentioning

confidence: 99%

“…If the same state is required to be restored multiple times, an alternate error handling routine is executed. The alternate method may be anything from running a substitute method, ignoring the process that generated the error, if possible, or requesting human intervention to correct a procedure [Kreutzfeld, 1997]. While there is enough slack in the system to perform the acceptance tests, there is neither enough memory nor extra processing time to keep track of multiple program states.…”

Section: Previous Workmentioning

confidence: 99%

“…Voting not only can be used to compare N-versions, but also the exact same software run on different hardware. For instance, running the same program on multiple processors simultaneously could provide different results if one processor was faulty [Kreutzfeld, 1997]. PANSAT cannot use N-version or voting because one processor is running at a time.…”

Section: Previous Workmentioning

confidence: 99%

See 2 more Smart Citations

Software Design For a Fault-Tolerant Communications Satellite

Hunter¹,

Rowe

2000

View full text Add to dashboard Cite

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Previous Workmentioning

confidence: 99%

Section: Previous Workmentioning

confidence: 99%

See 1 more Smart Citation

Software Design For a Fault-Tolerant Communications Satellite

Hunter¹,

Rowe

2000

View full text Add to dashboard Cite

show abstract

“…Developing highly reliable software is often an expensive undertaking due to the prolonged development time, attributable to increased design, review and testing activities [1]. Other trade-offs usually associated with the production of reliable software are functionality, performance, complexity, and safety [2].…”

Section: Introductionmentioning

confidence: 99%

A model driven framework for N-version programming

Lewis

Beaulieu

2011

2011 IEEE International Systems Conference

View full text Add to dashboard Cite

Complex systems-of-systems (SoS) requiring faulttolerance and high reliability often require redundant systems. The concept of redundancy that includes components with differing failure modes is well understood in the realm of hardware design. N-version programming, although shown to produce significant gains in software reliability over single-version fault tolerant techniques, is not widely accepted or applied. This is due, in part, to N-version programming's lengthy development time and its inherent problems with version independence. Model Driven Software Development (MDSD) is a process that promises gains in software productivity and quality. While progress in MDSD has witnessed the expansion of the supporting Unified Modeling Language profile for modeling fault tolerant characteristics, and the development of specific design patterns for the production of fault tolerant software, MDSD's support in the generation and testing of fault tolerant applications is not evident or explicitly defined. This paper discusses the development of a fault tolerant MDSD framework, which enables users to design, implement and test fault tolerant applications using the N-version modeling technique. The framework closes the gap between existing modeling patterns and the practical application of fault tolerant MDSD, and supports follow-on research to address specific questions relating to the benefits of MDSD within the fault tolerance software domain.

show abstract

“…For example, avionic applications may use techniques such as error or reasonability checks accompanied by simple recovery mechanisms such as replacement by last valid data [5]. More critical functions such as the system executive or common operating system functions should use techniques such as recovery blocks or N-version programming.…”

Section: 2-37mentioning

confidence: 99%

Enhanced fault management for future IMA systems

Wilcock

16th DASC. AIAA/IEEE Digital Avionics Systems Conference. Reflections to the Future. Proceedings

View full text Add to dashboard Cite

Integrated Modular Avionic (IMA) concepts offer the capability to enhance the reliability and availability of future avionic systems whilst supporting high performance, flexible deployment and affordability. Fault management is the key to achieving many of the projected benefits but involves significant technical risk: design entails complex trade-offs whilst validation of solutions through testing is only practicable for a small proportion of the possible failure set. System modelling as part of requirements definition and design is essential to achieve optimised solutions with low risk. This paper describes a modelling programme initially aimed at exploring the tradeoffs in system architecture and fault management. The approach being taken to extend it to allow for software reliability and fault tolerance is described.

show abstract

A methodology for cost-effective software fault tolerance for mission-critical systems

Cited by 4 publications

References 3 publications

Software Design For a Fault-Tolerant Communications Satellite

Software Design For a Fault-Tolerant Communications Satellite

A model driven framework for N-version programming

Enhanced fault management for future IMA systems

Contact Info

Product

Resources

About