PREPRINT: Fault Tolerance Tradeoffs in Moving from Decentralized to Centralized Embedded Systems, DSN 2004 Fault Tolerance Tradeoffs in Moving from Decentralized to Centralized Embedded Systems
Abstract:
Some safety-critical distributed embedded systems may need to use centralized components to achieve certain dependability properties. The difficulty in combining centralized and distributed architectures is achieving the potential benefits of centralization without giving up properties that motivated the use of a distributed approach in the first place. This paper examines the impact on fault tolerance of adding selected centralized components to distributed embedded systems, and possible approaches to choosing an appropriate configuration. We consider the proposed use of a star topology with centralized bus guardians in the Time-Triggered Architecture. We model systems with different levels of centralized control in their star couplers, and compare fault tolerance properties in the presence of star-coupler faults. We demonstrate that buffering entire frames in the star coupler could lead to failures in startup and integration. We also show that constraining buffer size imposes restrictions on frame size and clock rates. 1.
Citations
| 806 | The Byzantine generals problem – Lamport, Shostak, et al. - 1982 |
| 37 | Distributed Systems for System Architects – VerĂssimo, Rodrigues - 2001 |
| 37 | Systematic formal verification for fault-tolerant timetriggered algorithms – Rushby - 1999 |
| 19 | Formal verification for time-triggered clock synchronization – Pfeifer, Schwier, et al. - 1999 |
| 14 | Formal Verification of the TTP Group Membership Algorithm – Pfeifer - 2000 |
| 11 | The central guardian approach to enforce fault isolation in a time-triggered system – Bauer, Kopetz, et al. - 2003 |
| 11 | Evaluation of Fault Handling of the Time-Triggered Architecture with Bus and Star Topology – Ademaj, Sivencrona, et al. - 2003 |
| 9 | Assumption coverage under different failure modes in the time-triggered architecture – Bauer, Kopetz, et al. |
| 5 | Slightly-Off-Specification Failures in the Time-Triggered Architecture – Ademaj - 2002 |
