Evaluation Applied to Reliability Analysis of Reconfigurable, Highly Reliable, Fault-Tolerant, Computing Systems for Avionics

Emulation techniques are proposed as a solution to a difficulty arising in the analysis of the reliability of highly reliable computer systems for future commercial aircraft. The difficulty, viz., the lack of credible precision in reliability estimates obtained by analytical modeling techniques are established. The difficulty is shown to be an unavoidable consequence of: (1) a high reliability requirement so demanding as to make system evaluation by use testing infeasible, (2) a complex system design technique, fault tolerance, (3) system reliability dominated by errors due to flaws in the system definition, and (4) elaborate analytical modeling techniques whose precision outputs are quite sensitive to errors of approximation in their input data. The technique of emulation is described, indicating how its input is a simple description of the logical structure of a system and its output is the consequent behavior. The use of emulation techniques is discussed for pseudo-testing systems to evaluate bounds on the parameter values needed for the analytical techniques

Quality assessment technique for ubiquitous software and middleware

The new paradigm of computing or information systems is ubiquitous computing systems. The technology-oriented issues of ubiquitous computing systems have made researchers pay much attention to the feasibility study of the technologies rather than building quality assurance indices or guidelines. In this context, measuring quality is the key to developing high-quality ubiquitous computing products. For this reason, various quality models have been defined, adopted and enhanced over the years, for example, the need for one recognised standard quality model (ISO/IEC 9126) is the result of a consensus for a software quality model on three levels: characteristics, sub-characteristics, and metrics. However, it is very much unlikely that this scheme will be directly applicable to ubiquitous computing environments which are considerably different to conventional software, trailing a big concern which is being given to reformulate existing methods, and especially to elaborate new assessment techniques for ubiquitous computing environments. This paper selects appropriate quality characteristics for the ubiquitous computing environment, which can be used as the quality target for both ubiquitous computing product evaluation processes ad development processes. Further, each of the quality characteristics has been expanded with evaluation questions and metrics, in some cases with measures. In addition, this quality model has been applied to the industrial setting of the ubiquitous computing environment. These have revealed that while the approach was sound, there are some parts to be more developed in the future

Evaluation of safety-oriented two-version architectures

A Markov model taking into account physical and design faults for a two-version architecture oriented to safety-related applications is developed. Only a probabilistic knowledge of the initial state of the versions in relation to the presence of design faults is assumed. The model can be split into two submodels accounting separately for physical and design faults, and a closed form expression for the unsafety of the system is obtained. The parameter estimation problem is discussed and a method to predict the probability distribution of the number of related design faults at the beginning of the operational life of the system is proposed. The method uses a pool model to process fault-occurrence data collected during a “face-to-face” debugging of the two versions. It has by nature a limited capability for proving version diversity, but it is shown that the limit is of the order of the diversity reported by recent experiments on real software. Finally, the impact of version correction during operation is shown to be negligible for critical applications.Postprint (author’s final draft

High-speed civil transport flight- and propulsion-control technological issues

Technology advances required in the flight and propulsion control system disciplines to develop a high speed civil transport (HSCT) are identified. The mission and requirements of the transport and major flight and propulsion control technology issues are discussed. Each issue is ranked and, for each issue, a plan for technology readiness is given. Certain features are unique and dominate control system design. These features include the high temperature environment, large flexible aircraft, control-configured empennage, minimizing control margins, and high availability and excellent maintainability. The failure to resolve most high-priority issues can prevent the transport from achieving its goals. The flow-time for hardware may require stimulus, since market forces may be insufficient to ensure timely production. Flight and propulsion control technology will contribute to takeoff gross weight reduction. Similar technology advances are necessary also to ensure flight safety for the transport. The certification basis of the HSCT must be negotiated between airplane manufacturers and government regulators. Efficient, quality design of the transport will require an integrated set of design tools that support the entire engineering design team

Intelligent redundant actuation system requirements and preliminary system design

Several redundant actuation system configurations were designed and demonstrated to satisfy the stringent operational requirements of advanced flight control systems. However, this has been accomplished largely through brute force hardware redundancy, resulting in significantly increased computational requirements on the flight control computers which perform the failure analysis and reconfiguration management. Modern technology now provides powerful, low-cost microprocessors which are effective in performing failure isolation and configuration management at the local actuator level. One such concept, called an Intelligent Redundant Actuation System (IRAS), significantly reduces the flight control computer requirements and performs the local tasks more comprehensively than previously feasible. The requirements and preliminary design of an experimental laboratory system capable of demonstrating the concept and sufficiently flexible to explore a variety of configurations are discussed

Performability evaluation of the SIFT computer

Performability modeling and evaluation techniques are applied to the SIFT computer as it might operate in the computational evironment of an air transport mission. User-visible performance of the total system (SIFT plus its environment) is modeled as a random variable taking values in a set of levels of accomplishment. These levels are defined in terms of four attributes of total system behavior: safety, no change in mission profile, no operational penalties, and no economic process whose states describe the internal structure of SIFT as well as relavant conditions of the environment. Base model state trajectories are related to accomplishment levels via a capability function which is formulated in terms of a 3-level model hierarchy. Performability evaluation algorithms are then applied to determine the performability of the total system for various choices of computer and environment parameter values. Numerical results of those evaluations are presented and, in conclusion, some implications of this effort are discussed

Coordination and Self-Adaptive Communication Primitives for Low-Power Wireless Networks

The Internet of Things (IoT) is a recent trend where objects are augmented with computing and communication capabilities, often via low-power wireless radios. The Internet of Things is an enabler for a connected and more sustainable modern society: smart grids are deployed to improve energy production and consumption, wireless monitoring systems allow smart factories to detect faults early and reduce waste, while connected vehicles coordinate on the road to ensure our safety and save fuel. Many recent IoT applications have stringent requirements for their wireless communication substrate: devices must cooperate and coordinate, must perform efficiently under varying and sometimes extreme environments, while strict deadlines must be met. Current distributed coordination algorithms have high overheads and are unfit to meet the requirements of today\u27s wireless applications, while current wireless protocols are often best-effort and lack the guarantees provided by well-studied coordination solutions. Further, many communication primitives available today lack the ability to adapt to dynamic environments, and are often tuned during their design phase to reach a target performance, rather than be continuously updated at runtime to adapt to reality.In this thesis, we study the problem of efficient and low-latency consensus in the context of low-power wireless networks, where communication is unreliable and nodes can fail, and we investigate the design of a self-adaptive wireless stack, where the communication substrate is able to adapt to changes to its environment. We propose three new communication primitives: Wireless Paxos brings fault-tolerant consensus to low-power wireless networking, STARC is a middleware for safe vehicular coordination at intersections, while Dimmer builds on reinforcement learning to provide adaptivity to low-power wireless networks. We evaluate in-depth each primitive on testbed deployments and we provide an open-source implementation to enable their use and improvement by the community

Closed-form solutions of performability

Methods which yield closed form performability solutions for continuous valued variables are developed. The models are similar to those employed in performance modeling (i.e., Markovian queueing models) but are extended so as to account for variations in structure due to faults. In particular, the modeling of a degradable buffer/multiprocessor system is considered whose performance Y is the (normalized) average throughput rate realized during a bounded interval of time. To avoid known difficulties associated with exact transient solutions, an approximate decomposition of the model is employed permitting certain submodels to be solved in equilibrium. These solutions are then incorporated in a model with fewer transient states and by solving the latter, a closed form solution of the system's performability is obtained. In conclusion, some applications of this solution are discussed and illustrated, including an example of design optimization

A study of System Interface Sets (SIS) for the host, target and integration environments of the Space Station Program (SSP)

System interface sets (SIS) for large, complex, non-stop, distributed systems are examined. The SIS of the Space Station Program (SSP) was selected as the focus of this study because an appropriate virtual interface specification of the SIS is believed to have the most potential to free the project from four life cycle tyrannies which are rooted in a dependance on either a proprietary or particular instance of: operating systems, data management systems, communications systems, and instruction set architectures. The static perspective of the common Ada programming support environment interface set (CAIS) and the portable common execution environment (PCEE) activities are discussed. Also, the dynamic perspective of the PCEE is addressed

Improving the performance of railway track-switching through the introduction of fault tolerance

In the future, the performance of the railway system must be improved to accommodate increasing passenger volumes and service quality demands. Track switches are a vital part of the rail infrastructure, enabling traffic to take different routes. All modern switch designs have evolved from a design first patented in 1832. However, switches present single points of failure, require frequent and costly maintenance interventions, and restrict network capacity. Fault tolerance is the practice of preventing subsystem faults propagating to whole-system failures. Existing switches are not considered fault tolerant. This thesis describes the development and potential performance of fault-tolerant railway track switching solutions. The work first presents a requirements definition and evaluation framework which can be used to select candidate designs from a range of novel switching solutions. A candidate design with the potential to exceed the performance of existing designs is selected. This design is then modelled to ascertain its practical feasibility alongside potential reliability, availability, maintainability and capacity performance. The design and construction of a laboratory scale demonstrator of the design is described. The modelling results show that the performance of the fault tolerant design may exceed that of traditional switches. Reliability and availability performance increases significantly, whilst capacity gains are present but more marginal without the associated relaxation of rules regarding junction control. However, the work also identifies significant areas of future work before such an approach could be adopted in practice