serene 2014 workshop: paper "formal fault tolerance analysis of algorithms for redundant...
TRANSCRIPT
![Page 1: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/1.jpg)
S C I E N C E P A S S I O N T E C H N O L O G Y
u www.iti.tugraz.at
Formal Fault Tolerance Analysis of
Algorithms for Redundant Systems in
Early Design Stages
Institute of Technical Informatics, Graz University of Technology
Andrea Höller, Nermin Kajtazovic,
Christopher Preschern and Christian Kreiner
6th International Workshop on
Software Engineering for Resilient Systems
![Page 2: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/2.jpg)
Hardware Fault Tolerance is a Challenge
Trend to use COTS-hardware components
for safety-critical systems
Increasing number of soft erros
High level of fault tolerance required
Hardware redundancy
Introduction
2
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
![Page 3: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/3.jpg)
Hardware Redundancy
Introduction
3
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
low-reliabilty
hardware
high-reliabilty
hardware
Diversity to tolerate ...
systematic faults
random faults
Inherent fault masking at algorithm-layer
Example: stuck-at-1 fault
1 OR 0 = 1 1 AND 0 = 0
Which algorithms should be chosen
to efficiently exploit the
redundancy?
1oo2 Voter
![Page 4: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/4.jpg)
Hardware Redundancy
Introduction
4
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
low-reliabilty
hardware
high-reliabilty
hardware
Diversity to tolerate ...
systematic faults
random faults
Inherent fault masking at algorithm-layer
Example: stuck-at-1 fault
1 OR 1 = 1 1 AND 1 = 1
Which algorithms should be chosen
to efficiently exploit the
redundancy?
1oo2 Voter
![Page 5: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/5.jpg)
Model Checking
• NuSMV Tool
• Related work: Qualitative fault tolerance analysis [Huth2006, Krautz2006, Ezkiel2009]
Introduction
5
Adapted from [Boulé2008]
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
![Page 6: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/6.jpg)
Fault Tolerance Analysis in Early Design Stages
Proposed Fault Tolerance Analysis of Redundant Algorithms
6
Input probability density function
Dangerousoutputs
FAnToMTool
Undetected faults statistics of this variant
FSM model of alternative algorithm Fault statistics of all variants
Variant 1 Variant 2 Variant n
...
Best design option
ANALYSIS
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
![Page 7: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/7.jpg)
High-Level Evaluation of diverse Algorithms
Proposed Fault Tolerance Analysis of Redundant Algorithms
7
Find all non-detected dual fault combinations
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
Alternative way
Do other stuff
check
Do final stuff
Do some stuff
Do other stuff
check
Do final stuff
cond
Alg
ori
thm
2
Alg
ori
thm
1 Voter
correct out = 001
out = 101
out = 101out = 101
stuck-at-1
stuck-at-0
![Page 8: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/8.jpg)
High-Level Evaluation of diverse Algorithms
Proposed Fault Tolerance Analysis of Redundant Algorithms
8
Find all non-detected dual fault combinations
All undetected dual-fault
combinations
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
Model of Algorithm 1
Model of Algorithm 2
Model of Algorithm 2
Model of Algorithm 1generate
v =?
Golden Model
\ already
found dual
fault comb.
![Page 9: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/9.jpg)
Fault Modeling
Proposed Fault Tolerance Analysis of Redundant Algorithms
9
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
Data faults
Stuck-at-x faults
Bit-flips
Input variables to model random faults
Target signal
Fault type
Triggering time
![Page 10: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/10.jpg)
Experimental Results Hydro-electrical power plant controller
Simple boolean calculations Example 1
Experimental Results
10
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
![Page 11: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/11.jpg)
Experimental Results Simple boolean calculations
Example 2
Experimental Results
11
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
![Page 12: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/12.jpg)
Conclusion
Formal quantitative fault tolerance analysis
Applicable in early design stages
Understanding of algorithm-specific fault tolerance
Influence of input
Probability of certain errorneous output value
Scalability issues
Future work
Application for control-flow analysis and security
Handle more complex designs
Conclusion
12
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
![Page 13: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/13.jpg)
Thank you very much for your attention!
Any questions?
13
Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages
Andrea Höller ([email protected])
![Page 14: SERENE 2014 Workshop: Paper "Formal Fault Tolerance Analysis of Algorithms for Redundant Systems in Early Design Stages"](https://reader035.vdocuments.site/reader035/viewer/2022081404/55a22e191a28ab77428b45a6/html5/thumbnails/14.jpg)
References
[Boulé2008] M. Boulé and Z. Zilic. Generating hardware assertion checkers: for hardware verification, emulation, post-
fabrication debugging and on-line monitoring. Springer Verlag, 2008.
[Ezekiel2009] J. Ezekiel and A. Lomuscio. Combining fault injection and model checking to verify fault tolerance in multi-
agent systems. In Proceedings of The 8th International Conference on Autonomous Agents and Multiagent Systems-
Volume 1, 2009.
[Huth2006] Huth, M., Ryan, M. Logic in Computer Science: Modeling and reasoning about systems. Cambridge University
Press, 2006
[Krautz2006] Krautz et al. Evaluating coverage of error detection logic for soft errors using formal methods. DATE 2006
[Ezkiel2009] Ezekiel, J. Lomuscio, A.: Combining fault injection and model checking to verify fault tolerance in multi-agent
systems. AAMS, 2009
27.10.2014
Institut für Technische Informatik
14