Replication and fault-tolerance in real-time systems

PhD ThesisThe increased availability of sophisticated computer hardware and the corresponding decrease in its cost has led to a widespread growth in the use of computer systems for realtime plant and process control applications. Such applications typically place very high demands upon computer control systems and the development of appropriate control software for these application areas can present a number of problems not normally encountered in other applications. First of all, real-time applications must be correct in the time domain as well as the value domain: returning results which are not only correct but also delivered on time. Further, since the potential for catastrophic failures can be high in a process or plant control environment, many real-time applications also have to meet high reliability requirements. These requirements will typically be met by means of a combination of fault avoidance and fault tolerance techniques. This thesis is intended to address some of the problems encountered in the provision of fault tolerance in real-time applications programs. Specifically,it considers the use of replication to ensure the availability of services in real-time systems. In a real-time environment, providing support for replicated services can introduce a number of problems. In particular, the scope for non-deterministic behaviour in real-time applications can be quite large and this can lead to difficultiesin maintainingconsistent internal states across the members of a replica group. To tackle this problem, a model is proposed for fault tolerant real-time objects which not only allows such objects to perform application specific recovery operations and real-time processing activities such as event handling, but which also allows objects to be replicated. The architectural support required for such replicated objects is also discussed and, to conclude, the run-time overheads associated with the use of such replicated services are considered.The Science and Engineering Research Council

Instrumented sensor system - practice

technical reportIn previous work, we introduced the notion of Instrumented Logical Sensor Systems (ILSS) that are derived from a modeling and design methodology [4, 2]. The instrumented sensor approach is based on a sensori-computational model which defines the components of the sensor system in terms of their functionality, accuracy, robustness and efficiency. This approach provides a uniform specification language to define sensor systems as a composition of smaller, predefined components. From a software engineering standpoint, this addresses the issues of modularity, reusability, and reliability for building complex multisensor systems. In this report, we demonstrate the practicality of this approach and discuss several design and implementation aspects in the context of mobile robot applications

Instrumented sensor system architecture

Journal ArticleSensor systems are becoming ubiquitous throughout society, yet their design, construction and operation are still more of an art than a science. In this paper, we define, develop, and apply a formal semantics for sensor systems that provides a theoretical framework for an integrated software architecture for modeling sensor-based control systems. Our goal is to develop a design framework which allows the user to model, analyze and experiment with different versions of a sensor system. This includes the ability to build and modify multisensor systems and to monitor and debug both the output of the system and the affect of any modification in terms of robustness, efficiency, and error measures. The notion of Instrumented Logical Sensor Systems (ILSS) that are derived from this modeling and design methodology is introduced. The instrumented sensor approach is based on a sensori-computational model which defines the components of the sensor system in terms of their functionality, accuracy, robustness and efficiency. This approach provides a uniform specification language to define sensor systems as a composition of smaller, predefined components. From a software engineering standpoint, this addresses the issues of modularity, reusability, and reliability for building complex systems. An example is given which compares vision and sonar techniques for the recovery of wall pose

Operating system fault tolerance support for real-time embedded applications

Tese de doutoramento em Electrónica Industrial (ramo de conhecimento em Informática Industrial)Fault tolerance is a means of achieving high dependability for critical and highavailability systems. Despite the efforts to prevent and remove faults during the development of these systems, the application of fault tolerance is usually required because the hardware may fail during system operation and software faults are very hard to eliminate completely. One of the difficulties in implementing fault tolerance techniques is the lack of support from operating systems and middleware. In most fault tolerant projects, the programmer has to develop a fault tolerance implementation for each application. This strong customization makes the fault-tolerant software costly and difficult to implement and maintain. In particular, for small-scale embedded systems, the introduction of fault tolerance techniques may also have impact on their restricted resources, such as processing power and memory size. The purpose of this research is to provide fault tolerance support for real-time applications in small-scale embedded systems. The main approach of this thesis is to develop and integrate a customizable and extendable fault tolerance framework into a real-time operating system, in order to fulfill the needs of a large range of dependable applications. Special attention is taken to allow the coexistence of fault tolerance with real-time constraints. The utilization of the proposed framework features several advantages over ad-hoc implementations, such as simplifying application-level programming and improving the system configurability and maintainability. In addition, this thesis also investigates the application of aspect-oriented techniques to the development of real-time embedded fault-tolerant software. Aspect- Oriented Programming (AOP) is employed to modularize all fault tolerant source code, following the principle of separation of concerns, and to integrate the proposed framework into the operating system. Two case studies are used to evaluate the proposed implementation in terms of performance and resource costs. The results show that the overheads related to the framework application are acceptable and the ones related to the AOP implementation are negligible.Tolerância a falhas é um meio de obter-se alta confiabilidade para sistemas críticos e de elevada disponibilidade. Apesar dos esforços para prevenir e remover falhas durante o desenvolvimento destes sistemas, a aplicação de tolerância a falhas é normalmente necessária, já que o hardware pode falhar durante a operação do sistema e falhas de software são muito difíceis de eliminar completamente. Uma das dificuldades na implementação de técnicas de tolerância a falhas é a falta de suporte por parte dos sistemas operativos e middleware. Na maioria dos projectos tolerantes a falhas, o programador deve desenvolver uma implementação de tolerância a falhas para cada aplicação. Esta elevada adaptação torna o software tolerante a falhas dispendioso e difícil de implementar e manter. Em particular, para sistemas embebidos de pequena escala, a introdução de técnicas de tolerância a falhas pode também ter impacto nos seus restritos recursos, tais como capacidade de processamento e tamanho da memória. O propósito desta tese é prover suporte à tolerância a falhas para aplicações de tempo real em sistemas embebidos de pequena escala. A principal abordagem utilizada nesta tese foi desenvolver e integrar uma framework tolerante a falhas, customizável e extensível, a um sistema operativo de tempo real, a fim de satisfazer às necessidades de uma larga gama de aplicações confiáveis. Especial atenção foi dada para permitir a coexistência de tolerância a falhas com restrições de tempo real. A utilização da framework proposta apresenta diversas vantagens sobre implementações ad-hoc, tais como simplificar a programação a nível da aplicação e melhorar a configurabilidade e a facilidade de manutenção do sistema. Além disto, esta tese também investiga a aplicação de técnicas orientadas a aspectos no desenvolvimento de software tolerante a falhas, embebido e de tempo real. A Programação Orientada a Aspectos (POA) é empregada para segregar em módulos isolados todo o código fonte tolerante a falhas, seguindo o princípio da separação de interesses, e para integrar a framework proposta com o sistema operativo. Dois casos de estudo são utilizados para avaliar a implementação proposta em termos de desempenho e utilização de recursos. Os resultados mostram que os acréscimos de recursos relativos à aplicação da framework são aceitáveis e os relativos à implementação POA são insignificantes

DT4BP: a Business Process Modelling Language for Dependable Time-Constrained Business Processes

Today, numerous organisations rely on information software systems to run their businesses. The effectiveness of the information software system then, depends largely on the degree to which the organisation's business is accurately captured in the business model. The business model is an abstract description of the way an organisation's functions. Thus, the more precise the business model, the more accurate the requirement definition of the information software system to be engineered.There are an abundance of tools and notations available today to support the development of many types of business process. Many of these artifacts rely on the concept of a business process to describe a business model. A business process is commonly known as a set of one or more linked procedures or activities which collectively realise a business objective or policy goal, normally within the context of an organisational structure defining functional roles and relationships". This thesis is concerned with modelling business processes as a means to accurately capture an organisation's activities and thus, the requirements of the software system that supports these activities.Among the infinite set of possible business processes, this thesis targets only those characterized by the qualities of dependability, collaboration and time. Business processes having these specific dimensions are referred to as Dependable, Collaborative and Time-Constrained (DCTC) business processes. A dependable business process is one whose failures or the number of occurrences in which business process misses its goal are not unacceptably frequent or severe (from certain viewpoint). A collaborative business process is one that requires the interaction of multiple participants to attain its goal. A time-constrained business process is one that owns at least one property expressed in terms of an upper or lower time bound. This thesis investigates how DCTC business processes can be described such that the resulting model captures all the relevant aspects of each dimension of interest. In addition, the business model must be comprehensible to the stakeholders involved not only in its definition, but also in its further use throughout the software development life cycle.A revision and analysis of notations that exist for modelling business processes conducted in this thesis have revealed that today there does not exist any modelling language that provides comprehensible, suitable and sufficiently expressive support for the characteristics of dependability, collaboration and time in an integrated manner. Hence, a significant part of this thesis is devoted to the definition of a new business process modelling language named DT4BP. The aim of this new modelling language is to be comprehensible, suitable and expressive enough to describe DCTC business processes. The definition of this new modelling language implies that a concrete syntax, an abstract syntax, a semantic domain and a semantic mapping is provided. The definition of this new modelling language is given following the Model-Driven Engineering (MDE) approach, and in particular the metamodelling principles. Thus, meta-models and model transformations are used to precisely specify the abstract syntax and semantic mapping elements of the language definition, respectively. Since DT4BP is a textual modelling language, its concrete syntax is specified by a context-free grammar. The Coordinated Atomic Actions conceptual framework with real-time extensions (Timed-CaaFWrk) is used as the semantic domain as it covers a large part of the abstractions included in dependable collaborative time-constrained business processes. The formalisation of this semantic domain according to the metamodelling principles is also part of the material presented in this thesis. Since the business model is considered as a representation of the requirement document the software system to be developed, it is crucial to validate whether it captures the requirements as intended by the stakeholder before going further in the software development process. Hence, besides the comprehensibility, suitability and expressiveness of the modelling language with respect to the domain of interest, it is of special interest to provide a mechanism that allows modellers to ensure that the business model is correct with respect to the stakeholder's expectations. One way of achieving this goal is to provide the modelling language with an executable semantics. In this manner, any business model can be executed on sample input data, and its dynamic behaviour observed. The observation of the dynamic behaviour of the model may be considered as a simulation of the model based on the sample input data. By performing several simulations of the model, the modeller, in cooperation with the stakeholder, can judge whether the business model is correct. This thesis provides an executable semantics for Timed-CaaFWrk that, used in combination with the model transformation that defines the semantic mapping element of the language definition, allows DT4BP models to be validated by simulation. In this manner, the dynamic behaviour of a particular DT4BP model for a given sample input data can be observed by transforming it into a Timed-CaaFWrk model, which is then run thanks to the given executable semantics