Download
1 / 28
310 likes | 708 Views
Dependability. TSW 10 Anders P. Ravn Aalborg University November 2009. Characteristics of a RTS. Timing Constraints Dependability Requirements Concurrent control of separate components Facilities to interact with special purpose hardware. . Fault. Error. Failure. Fault.
E N D
Dependability TSW 10 Anders P. Ravn Aalborg University November 2009
Characteristics of a RTS • Timing Constraints • Dependability Requirements • Concurrent control of separate components • Facilities to interact with special purpose hardware
... Fault Error Failure Fault Dependability - impediments • Faults • Errors • Failures BW Ch 2, ...
Dependability - attributes • Availability • Reliability • Safety • Confidentiality • Integrity • Maintainability BW Ch 2
Dependability - means • Fault prevention • Fault tolerance • Error Removal • Failure Forecasting BW Ch 2
byzantine Fault classification • physical (internal/external) • logical (design/interaction) • Origin • Kind • Property • omission • value • timing • duration (permanent, transient) • consistency (determinate, nondeterminate) • autonomy (spontaneous, event-dependent)
Error Classification • (Fault Error) • Effect • Extent • latent • effective • local • distributed
Failure Classification • (Fault Failure) • Consequence • benign • malign (a mishap) BW (Failure modes) Ch 2
Dependability - means • Fault prevention • Fault tolerance • Error Removal • Failure Forecasting
Fault Prevention • process (procedures) • notations • tools • Careful Design • Conservative Design • robust functionality • testability • tracability
Dependability - means • Fault prevention • Fault tolerance • Error Removal • Failure Forecasting
Error Removal • Verification (analysis of design) • Test (analysis of implementation)
Dependability - means • Fault prevention • Fault tolerance • Error Removal • Failure Forecasting
Failure Forecasting • Calculation – analysis of design • Simulation – measurement on design • Test -- measurement on implementation
Dependability - means • Fault prevention • Fault tolerance • Error Removal • Failure Forecasting BW Ch 2
Fault Tolerance Means to isolate componentfaults ... And mask them Prevents systemfailures May increase systemdependability
Full tolerance • Graceful Degradation • Fail safe FT - levels BW Ch 2
Retry ... ... Try Try Try FT basis: Redundancy • Time • Space Try Retry BW Ch 2
N-version programming V1 V3 V2 Comparison vectors (votes) Driver (comporator) Comparison status indicators Comparison points BW Ch 2
byzantine Fault classification (scope of N-VP) + + (+) ++ (+) + / (+) + / + + / + • physical (internal/external) • logical (design/interaction) • Origin • Kind • Property • omission • value • timing • duration (permanent, transient) • consistency (determinate, nondeterminate) • autonomy (spontaneous, event-dependent)
Dynamic Redundancy • Error detection • Damage confinement and assessment • Error recovery • Fault treatment and continued service BW Ch 2
D Error Detection f: State x Input State x Output • Environment (exception) • Application • Assertion: • precondition (input) • postcondition (input, output) • invariant(state, state’) • Timing: • WCET(f, input) • Deadline (f,input) BW Ch 2
object I object I Damage Confinement • Static structure • Dynamic structure BW Ch 2
Error Recovery • Forward • Backward Repair the state – if you can ! • define recovery points • checkpoint state at r. p. • roll back • retry Domino effect BW Ch 2
Recovery blocks ENSURE acceptance_test BY { module_1 } ELSE BY { module_2 } ... ELSE BY { module_m } ELSE ERROR BW Ch 2
Failure exception Interface exception Request/response Interface exception Failure exception Request/response The ideal FT-component Normal mode Exception Handler BW Ch 2
