Breaking the Limits of Redundancy Systems Analysis

Redundancy mechanisms such as triple modular redundancy protect safety-critical components by replication and thus improve systems fault tolerance. However, the gained fault tolerance comes along with costs to be invested, e.g., increasing execution time, energy consumption, or packaging size, for which constraints have to be obeyed during system design. This turns the question of finding suitable combinations of components to be protected into a challenging task as the number of possible protection combinations grows exponentially in the number of components. We propose family-based approaches to tackle the combinatorial blowup in redundancy systems modeling and analysis phases. Based on systems designed in SIMULINK we show how to obtain models that include all possible protection combinations and present a tool chain that, given a probabilistic error model, generates discrete Markov chain families. Using symbolic techniques that enable concise family representation and analysis, we show how SIMULINK models of realistic size can be protected and analyzed with a single family-based analysis run while a one-by-one analysis of each protection combination would clearly exceed any realistic time constraints.Comment: This paper is a preprint of the corresponding ESREL'19 conference publicatio