Verifying abstract information flow properties in fault tolerant security devices

The verification of information flow properties of security devices is difficult because it involves the analysis of schematic diagrams, artwork, embedded software, etc. In addition, a typical security device has many modes, partial information flow, and needs to be fault tolerant. We propose a new approach to the verification of such devices based upon checking abstract information flow properties expressed as graphs. This approach has been implemented in software, and successfully used to find possible paths of information flow through security devices.

Direct current ripple compensation for multi-phase fault-tolerant machines

A second-harmonic direct current (DC) ripple compensation technique is presented for a multi-phase, fault-tolerant, permanent magnet machine. The analysis has been undertaken in a general manner for any pair of phases in operation with the remaining phases inactive. The compensation technique determines the required alternating currents in the machine to eliminate the second-harmonic DC-link current, while at the same time minimising the total rms current in the windings. An additional benefit of the compensation technique is a reduction in the magnitude of the electromagnetic torque ripple. Practical results are included from a 70 kW, five-phase generator system to validate the analysis and illustrate the performance of the compensation technique.

Single-phase active rectifier selection for fault tolerant machine

A fault tolerant, 5-phase PM generator has been developed for use on the low pressure (LP) shaft of an aircraft gas turbine engine. The machine operates at variable speed and therefore has a variable voltage, variable frequency electrical output (VVVF). The generator is to be used to provide a 350V DC bus for distribution throughout the aircraft, and a study has been carried out that identifies the most suitable AC-DC converter topology for this machine in terms of losses, electrical component ratings, filtering requirements and circuit complexity.

Hardware Implementation of a Fault-Tolerant Hopfield Neural Network on FPGAs

This letter presents an FPGA implementation of a fault-tolerant Hopfield NeuralNetwork (HNN). The robustness of this circuit against Single Event Upsets (SEUs) and Single Event Transients (SETs) has been evaluated. Results show the fault tolerance of the proposed design, compared to a previous non fault- tolerant implementation and a solution based on triple modular redundancy (TMR) of a standard HNN design.

Formalization of an architectural model for exception handling coordination based on CA action concepts

Architectures based on Coordinated Atomic action (CA action) concepts have been used to build concurrent fault-tolerant systems. This conceptual model combines concurrent exception handling with action nesting to provide a general mechanism for both enclosing interactions among system components and coordinating forward error recovery measures. This article presents an architectural model to guide the formal specification of concurrent fault-tolerant systems. This architecture provides built-in Communicating Sequential Processes (CSPs) and predefined channels to coordinate exception handling of the user-defined components. Hence some safety properties concerning action scoping and concurrent exception handling can be proved by using the FDR (Failure Divergence Refinement) verification tool. As a result, a formal and general architecture supporting software fault tolerance is ready to be used and proved as users define components with normal and exceptional behaviors. (C) 2010 Elsevier B.V. All rights reserved.

Designing single event upset mitigation techniques for large SRAM-Based FPGA components

This thesis presents the study and development of fault-tolerant techniques for programmable architectures, the well-known Field Programmable Gate Arrays (FPGAs), customizable by SRAM. FPGAs are becoming more valuable for space applications because of the high density, high performance, reduced development cost and re-programmability. In particular, SRAM-based FPGAs are very valuable for remote missions because of the possibility of being reprogrammed by the user as many times as necessary in a very short period. SRAM-based FPGA and micro-controllers represent a wide range of components in space applications, and as a result will be the focus of this work, more specifically the Virtex® family from Xilinx and the architecture of the 8051 micro-controller from Intel. The Triple Modular Redundancy (TMR) with voters is a common high-level technique to protect ASICs against single event upset (SEU) and it can also be applied to FPGAs. The TMR technique was first tested in the Virtex® FPGA architecture by using a small design based on counters. Faults were injected in all sensitive parts of the FPGA and a detailed analysis of the effect of a fault in a TMR design synthesized in the Virtex® platform was performed. Results from fault injection and from a radiation ground test facility showed the efficiency of the TMR for the related case study circuit. Although TMR has showed a high reliability, this technique presents some limitations, such as area overhead, three times more input and output pins and, consequently, a significant increase in power dissipation. Aiming to reduce TMR costs and improve reliability, an innovative high-level technique for designing fault-tolerant systems in SRAM-based FPGAs was developed, without modification in the FPGA architecture. This technique combines time and hardware redundancy to reduce overhead and to ensure reliability. It is based on duplication with comparison and concurrent error detection. The new technique proposed in this work was specifically developed for FPGAs to cope with transient faults in the user combinational and sequential logic, while also reducing pin count, area and power dissipation. The methodology was validated by fault injection experiments in an emulation board. The thesis presents comparison results in fault coverage, area and performance between the discussed techniques.

Fault tolerance in multiprocessor systems

Multiprocessor systems which afford a high degree of parallelism are used in a variety of applications. The extremely stringent reliability requirement has made the provision of fault-tolerance an important aspect in the design of such systems. This paper presents a review of the various approaches towards tolerating hardware faults in multiprocessor systems. It. emphasizes the basic concepts of fault tolerant design and the various problems to be taken care of by the designer. An indepth survey of the various models, techniques and methods for fault diagnosis is given. Further, we consider the strategies for fault-tolerance in specialized multiprocessor architectures which have the ability of dynamic reconfiguration and are suited to VLSI implementation. An analysis of the state-óf-the-art is given which points out the major aspects of fault-tolerance in such architectures.

Multi-μ: an Ada 95 based architecture for fault tolerance support of real-time systems

This paper presents an architecture (Multi-μ) being implemented to study and develop software based fault tolerant mechanisms for Real-Time Systems, using the Ada language (Ada 95) and Commercial Off-The-Shelf (COTS) components. Several issues regarding fault tolerance are presented and mechanisms to achieve fault tolerance by software active replication in Ada 95 are discussed. The Multi-μ architecture, based on a specifically proposed Fault Tolerance Manager (FTManager), is then described. Finally, some considerations are made about the work being done and essential future developments.

Constraint satisfaction techniques under uncertain conditions for fault diagnosis in nonlinear dynamic systems

The speed of fault isolation is crucial for the design and reconfiguration of fault tolerant control (FTC). In this paper the fault isolation problem is stated as a constraint satisfaction problem (CSP) and solved using constraint propagation techniques. The proposed method is based on constraint satisfaction techniques and uncertainty space refining of interval parameters. In comparison with other approaches based on adaptive observers, the major advantage of the presented method is that the isolation speed is fast even taking into account uncertainty in parameters, measurements and model errors and without the monotonicity assumption. In order to illustrate the proposed approach, a case study of a nonlinear dynamic system is presented

Fault tolerance logging-based model for deterministic systems

Fault tolerance allows a system to remain operational to some degree when some of its components fail. One of the most common fault tolerance mechanisms consists on logging the system state periodically, and recovering the system to a consistent state in the event of a failure. This paper describes a general fault tolerance logging-based mechanism, which can be layered over deterministic systems. Our proposal describes how a logging mechanism can recover the underlying system to a consistent state, even if an action or set of actions were interrupted mid-way, due to a server crash. We also propose different methods of storing the logging information, and describe how to deploy a fault tolerant master-slave cluster for information replication. We adapt our model to a previously proposed framework, which provided common relational features, like transactions with atomic, consistent, isolated and durable properties, to NoSQL database management systems.

A UKF-based estimation strategy for actuator fault detection of UASs

This paper presents a recursive strategy for online detection of actuator faults on a unmanned aerial system (UAS) subjected to accidental actuator faults. The proposed detection algorithm aims to provide a UAS with the capability of identifying and determining characteristics of actuator faults, offering necessary flight information for the design of fault-tolerant mechanism to compensate for the resultant side-effect when faults occur. The proposed fault detection strategy consists of a bank of unscented Kalman filters (UKFs) with each one detecting a specific type of actuator faults and estimating correspond- ing velocity and attitude information. Performance of the proposed method is evaluated using a typical nonlinear UAS model and it is demonstrated in simulations that our method is able to detect representative faults with a sufficient accuracy and acceptable time delay, and can be applied to the design of fault-tolerant flight control systems of UASs.

Nonlinear actuator fault detection for small-scale UAS

This paper presents a recursive strategy for online detection of actuator faults on a unmanned aerial system (UAS) subjected to accidental actuator faults. The proposed detection algorithm aims to provide a UAS with the capability of identifying and determining characteristics of actuator faults, offering necessary flight information for the design of fault-tolerant mechanism to compensate for the resultant side-effect when faults occur. The proposed fault detection strategy consists of a bank of unscented Kalman filters (UKFs) with each one detecting a specific type of actuator faults and estimating corresponding velocity and attitude information. Performance of the proposed method is evaluated using a typical nonlinear UAS model and it is demonstrated in simulations that our method is able to detect representative faults with a sufficient accuracy and acceptable time delay, and can be applied to the design of fault-tolerant flight control systems of UASs.