Skip to main content
SpringerLink
Log in
Book cover

International Conference on Computer Safety, Reliability, and Security

SAFECOMP 2004: Computer Safety, Reliability, and Security pp 240–253Cite as

Modular Formal Analysis of the Central Guardian in the Time-Triggered Architecture

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3219))

Abstract

We present a modular formal analysis of the communication properties of the Time-Triggered Protocol TTP/C based on the guardian approach. The guardian is an independent component that employs static knowledge about the system to transform arbitrary node failures into failure modes that are covered by the rather optimistic fault hypothesis of TTP/C. Through a hierarchy of formal models, we give a precise description of the arguments that support the desired correctness properties of TTP/C. First, requirements for correct communication are expressed on an abstract level. By stepwise refinement we show that the abstract requirements are met under the optimistic fault hypothesis, and how the guardian model allows a broader class of failures be tolerated.

This research was supported by the European Commission under the IST project NEXT TTA (IST-2001-32111).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Kopetz, H.: The Time-Triggered Approach to Real-Time System Design. In: Predictably Dependable Computing Systems. Springer, Heidelberg (1995)

    Google Scholar 

  2. Kopetz, H.: The Time-Triggered Architecture. In: Proc. 1st Intl. Symp. on Object-Oriented Real-Time Distributed Computing, pp. 22–31 (1998)

    Google Scholar 

  3. Kopetz, H., Bauer, G.: The Time-Triggered Architecture. Proceedings of the IEEE 91, 112–126 (2003)

    Article  Google Scholar 

  4. Heiner, G., Thurner, T.: Time-Triggered Architecture for Safety-Related Distributed Real-Time Systems in Transportation Systems. In: Proc. 28th Intl. Symp. on Fault-Tolerant Computing. IEEE Computer Society, Los Alamitos (1998)

    Google Scholar 

  5. Bauer, G., Kopetz, H., Steiner, W.: Byzantine Fault Containment in TTP/C. In: Proc. Intl. Workshop on Real-Time LANs in the Internet Age, pp. 13–16 (2002)

    Google Scholar 

  6. Bauer, G., Kopetz, H., Steiner, W.: The Central Guardian Approach to Enforce Fault Isolation in the Time-Triggered Architecture. In: Proc. 6th Intl. Symp. on Autonomous Decentralized Systems, pp. 37–44 (2003)

    Google Scholar 

  7. Pfeifer, H., Schwier, D., von Henke, F.: Formal Verification for Time-Triggered Clock Synchronization. In: Proc. of Dependable Computing for Critical Applications, vol. 7, pp. 207–226. IEEE Computer Society, Los Alamitos (1999)

    Chapter  Google Scholar 

  8. Katz, S., Lincoln, P., Rushby, J.: Low-Overhead Time-Triggered Group Membership. In: Mavronicolas, M. (ed.) WDAG 1997. LNCS, vol. 1320, pp. 155–169. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  9. Pfeifer, H.: Formal Verification of the TTP Group Membership Algorithm. In: Proc. of FORTE XIII / PSTV XX, pp. 3–18. Kluwer Academic Publishers, Dordrecht (2000)

    Google Scholar 

  10. Bouajjani, A., Merceron, A.: Parametric Verification of a Group Membership Algorithm. In: Damm, W., Olderog, E.-R. (eds.) FTRTFT 2002. LNCS, vol. 2469, pp. 311–330. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  11. Merceron, A., Müllerburg, M., Pinna, G.: Verifying a Time-Triggered Protocol in a Multi-Language Environment. In: Ehrenberger, W. (ed.) SAFECOMP 1998. LNCS, vol. 1516, pp. 185–195. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  12. Steiner, W., Rushby, J., Sorea, M., Pfeifer, H.: Model Checking a Fault-Tolerant Startup Algorithm: From Design Exploration To Exhaustive Fault Simulation. In: Proc. Conf. on Dependable Systems and Networks. IEEE Computer Society, Los Alamitos (2004)

    Google Scholar 

  13. Rushby, J.: An Overview of Formal Verification for the Time-Triggered Architecture. In: Damm, W., Olderog, E.-R. (eds.) FTRTFT 2002. LNCS, vol. 2469, pp. 83–105. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  14. Rushby, J.: Systematic Formal Verification for Fault-Tolerant Time-Triggered Algorithms. IEEE Trans. on Software Engineering 25, 651–660 (1999)

    Article  Google Scholar 

  15. Owre, S., Rushby, J., Shankar, N., Stringer-Calvert, D.: PVS: An Experience Report. In: Hutter, D., Traverso, P. (eds.) FM-Trends 1998. LNCS, vol. 1641, pp. 338–345. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  16. Bauer, G., Kopetz, H., Puschner, P.: Assumption Coverage under Different Failure Modes in the Time-Triggered Architecture. In: Proc. 8th IEEE Intl. Conf. on Emerging Technologies and Factory Automation, pp. 333–341 (2001)

    Google Scholar 

  17. TTTech: Time-Triggered Protocol TTP/C High-Level Specification Document (2003), available at: http://www.tttech.com/technology/specification.html

  18. Kopetz, H.: The Time-Triggered (TT) Model of Computation. In: Proc. 19th IEEE Real-Time Systems Symposium, pp. 168–177 (1998)

    Google Scholar 

  19. Pfeifer, H., von Henke, F.: Modular Formal Analysis of the Central Guardian in the Time-Triggered Architecture. Technical report, Fakultät für Informatik, Universität Ulm, Germany (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Fakultät für Informatik, Universität Ulm, D–89069, Ulm, Germany

    Holger Pfeifer & Friedrich W. von Henke

Authors
  1. Holger Pfeifer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Friedrich W. von Henke
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Engineering, Department of Computer Science and Cognitive Science, Workgroup Software Engineering, University Duisburg-Essen, Germany

    Maritta Heisel

  2. Fraunhofer Institute Experimental Software Engineering, Kaiserslautern, Germany

    Peter Liggesmeyer

  3. Bundesamt fuer Sicherheit in der Informationstechnik, Godesberger Allee 185-189, 53175, Bonn, Germany

    Stefan Wittmann

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pfeifer, H., von Henke, F.W. (2004). Modular Formal Analysis of the Central Guardian in the Time-Triggered Architecture. In: Heisel, M., Liggesmeyer, P., Wittmann, S. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2004. Lecture Notes in Computer Science, vol 3219. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30138-7_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30138-7_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23176-9

  • Online ISBN: 978-3-540-30138-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation