Rigorous development of an embedded fault-tolerant system based on coordinated atomic actions

Abstract: ÐThis paper describes our experience using coordinated atomic (CA) actions as a system structuring tool to design and validate a sophisticated and embedded control system for a complex industrial application that has high reliability and safety requirements. Our study is based on an extended production cell model, the specification and simulator for which were defined and developed by FZI (Forschungszentrum Informatik, Germany). This ªFault-Tolerant Production Cellº represents a manufacturing process involving… Show more

“…The main requirement for this integration is the a priori execution of activities for defining the failure hypotheses of the system and designing the exceptional behaviour to be implemented. The execution of these tasks is not considered to be trivial and, in the literature, there are several works that address them [2,29,40]. We consider these works complementary to ours.…”

“…Existing component-based development processes, such as Catalysis [10] and UML Components [6], focus almost exclusively on the system's normal behaviour. There are some proposals in the literature for extending such processes with activities for designing the exceptional behaviour of component-based systems [2,29,40]. However, these proposals do not address the translation of the obtained design down to the implementation level of a componentbased system.…”

A systematic approach for structuring exception handling in robust component-based software

“…The main requirement for this integration is the a priori execution of activities for defining the failure hypotheses of the system and designing the exceptional behaviour to be implemented. The execution of these tasks is not considered to be trivial and, in the literature, there are several works that address them [2,29,40]. We consider these works complementary to ours.…”

“…Existing component-based development processes, such as Catalysis [10] and UML Components [6], focus almost exclusively on the system's normal behaviour. There are some proposals in the literature for extending such processes with activities for designing the exceptional behaviour of component-based systems [2,29,40]. However, these proposals do not address the translation of the obtained design down to the implementation level of a componentbased system.…”

A systematic approach for structuring exception handling in robust component-based software

“…While it is convenient to use this abstraction to develop our proposed authentication system for automatic SOA-based business processes, our system could be combined with other models for multi-party interactions such as atomic actions [3] and process groups [16]. However, regardless of the model used, a multi-party authentication system needs to address the issues with message routing and secret keys for communications.…”

“…Within a serviceoriented architecture (SOA), an organization may encapsulate and publish its applications as services, and select and interact at runtime with the services provided by other organizations. However, such dynamic interactions at runtime raise immediate problems of security, trust and dependability [3]. Until these problems are addressed and solved satisfactorily, the potential of automatic inter-organizational business processes will be severely restricted.…”

Dynamic Authentication for Cross-Realm SOA-Based Business Processes

“…However, the need for developing a unified method for tolerating both hardware and software faults has been recognised in the last few years, and several proposals in this direction have already appeared in the literature ( [8] [9][10] [14][22] [24]). The idea of implementing fault tolerance separately at the hardware and software layers of a computing system could result in a too weak approach.…”

An adaptive approach to achieving hardware and software fault tolerance in a distributed computing environment