Abstract
Control programs for safety-critical systems are required to tolerate faults in the devices they control. In this paper we examine a systematic approach to devising code to detect faulty devices at runtime. The approach is centred around the use of integrity constraints, which are invariants on the state of a system’s variables, including its inputs and outputs. Under normal operation integrity constraints should always hold, but they are designed to fail to hold if there is a fault. By adding variables to capture the previous state of variables or the time of significant events, additional integrity constraints can be devised to check for faults in state transitions or faults with the rate of progress of the system. We discuss techniques for devising integrity constraints as well as efficiently evaluating the constraints. When an error is detected via the failure of an integrity constraint, the integrity constraint(s) that failed can help diagnose the likely fault. The techniques are presented by way of a simple case study of controller software written in the action system style, but the approach is equally applicable to other state machine approaches such as Event-B and TLA.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Storey, N.: Safety-Critical Computer Systems. Addison-Wesley, Reading (1996)
Leveson, N.G.: Safeware: System Safety and Computers. Addison-Wesley, Reading (1995)
Anderson, T., Lee, P.A.: Fault Tolerance: Principles and Practice, 2nd edn. Prentice-Hall, Englewood Cliffs (1990)
Torres-Pomales, W.: Software fault tolerance: A tutorial. Technical Report TM-2000-210616, NASA Langley Research Centre (October 2000)
Randell, B.: On failures and faults. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 18–39. Springer, Heidelberg (2003)
Hanmer, R.S.: Patterns for Fault Tolerant Software. Wiley, Chichester (2007)
Breitling, M.: Modeling faults of distributed, reactive systems. In: Joseph, M. (ed.) FTRTFT 2000. LNCS, vol. 1926, pp. 58–69. Springer, Heidelberg (2000)
Hayes, I., Jackson, M., Jones, C.: Determining the specification of a control system from that of its environment. In: Araki, K., Gnesi, S., Mandrioli, D. (eds.) FME 2003. LNCS, vol. 2805, pp. 154–169. Springer, Heidelberg (2003)
Jones, C.B., Hayes, I.J., Jackson, M.A.: Deriving specifications for systems that are connected to the physical world. In: Jones, C.B., Liu, Z., Woodcock, J. (eds.) Formal Methods and Hybrid Real-Time Systems. LNCS, vol. 4700, pp. 364–390. Springer, Heidelberg (2007)
Back, R.J., Sere, K.: Action systems with synchronous communication. In: Programming Concepts, Methods, and Calculi (PROCOMET 1994), pp. 107–126. North-Holland, Amsterdam (1994)
Butler, M., Sekerinski, E., Sere, K.: An action system approach to the steam boiler problem. In: Abrial, J.-R., Börger, E., Langmaack, H. (eds.) Dagstuhl Seminar 1995. LNCS, vol. 1165. Springer, Heidelberg (1996)
Dijkstra, E.W.: A Discipline of Programming. Prentice-Hall, Englewood Cliffs (1976)
McDermid, J., Kelly, T.: Industrial press: Safety case. Technical report, High Integrity Systems Engineering Group, University of York (1996)
Fidge, C.J., Hayes, I.J., Watson, G.: The deadline command. IEE Proceedings—Software 146(2), 104–111 (1999)
Hayes, I.J., Utting, M.: A sequential real-time refinement calculus. Acta Informatica 37(6), 385–448 (2001)
Jackson, M.A.: Problem Frames: Analyzing and structuring software development problems. Addison-Wesley, Reading (2001)
Caspi, P., Salem, R.: Threshold and bounded-delay voting in critical control systems. In: Joseph, M. (ed.) FTRTFT 2000. LNCS, vol. 1926, pp. 70–81. Springer, Heidelberg (2000)
Abrial, J.R., Mussat, L.: Introducing dynamic constraints in B. In: Bert, D. (ed.) B 1998. LNCS, vol. 1393, pp. 83–128. Springer, Heidelberg (1998)
Lamport, L.: Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers. Addison-Wesley, Reading (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Hayes, I.J. (2009). Dynamically Detecting Faults via Integrity Constraints. In: Butler, M., Jones, C., Romanovsky, A., Troubitsyna, E. (eds) Methods, Models and Tools for Fault Tolerance. Lecture Notes in Computer Science, vol 5454. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00867-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-00867-2_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00866-5
Online ISBN: 978-3-642-00867-2
eBook Packages: Computer ScienceComputer Science (R0)