The error-resistant interactively consistent architecture (ERICA)

Driel, C.-J.L. van; Follon, R.J.B.; Kohler, Adan; Osch, R.P.M. van; Spanjers, J.M.

doi:10.1109/ftcs.1990.89385

Cited by 3 publications

(3 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…5 In a (4,2)-redundant system, the processing logic is quadrupled, while the memory size is doubled. Each module in the (4,2)-redundant system consists of a processor, an encoder, a decoder, and memory, all operating synchronously and deterministically.…”

Section: Ramesh Karrimentioning

confidence: 99%

Online VLSI Testing

Karri¹,

Nicolaidis

1998

IEEE Des. Test. Comput.

View full text Add to dashboard Cite

Section: Ramesh Karrimentioning

confidence: 99%

Online VLSI Testing

Karri¹,

Nicolaidis

1998

IEEE Des. Test. Comput.

View full text Add to dashboard Cite

“…Access to the bus is controlled by a (reliable) comparator circuit which only enables access to the bus if the signals generated by the two processors are the same. Another example of a fail-controlled node is presented in [6]; this design employs tight synchronisation of redundant processors and in addition, uses coding techniques for detecting/correcting memory bit corruptions.There are however a few problems with the micro-instruction level approach to synchronisation. First, as indicated before, individual processors must be built in such a way that they will have a deterministic behaviour at each clock pulse, so that they will produce identical outputs ("don't care" transitions, for instance, where a bit can be either one or zero, are not allowed in the design of the processors).…”

mentioning

confidence: 99%

mentioning

confidence: 99%

Implementing fail-silent nodes for distributed systems

Brasileiro

Ezhilchelvan

Shrivastava

et al. 1996

IEEE Trans. Comput.

View full text Add to dashboard Cite

A fail-silent node is a self-checking node that either functions correctly or stops functioning after an internal failure is detected. Such a node can be constructed from a number of conventional processors. In a software-implemented fail-silent node, the non-faulty processors of the node need to execute message order and comparison protocols to 'keep in step' and check each other respectively. In this paper the design and implementation of efficient protocols for a two processor fail-silent node are described in detail. The performance figures obtained indicate that in a wide class of applications requiring a high degree of fault-tolerance, software-implemented failsilent nodes constructed simply by utilising standard 'off-the-shelf' components are an attractive alternative to their hardware-implemented counterparts that do require special-purpose hardware components, such as fault-tolerant clocks, comparator and bus interface circuits. replica state divergence. Synchronisation at the level of processor micro-instructions is logically the most straightforward way to achieve replica synchronism. In this approach, processors are driven by a common clock source which guarantees that they execute the same steps at each clock pulse (of course, the logic of the individual processors must be deterministic). Outputs are evaluated (compared/voted) by apossibly replicated-hardware component at appropriate times (e.g., at each bus access). Asynchronous events must be distributed to the processors of a node through special circuits which ensure that all the correct processors will perceive such an event at the same point of their instruction stream [12,23]. Since every correct processor of a node executes the same instruction stream, all the programs that run on the non-redundant version can be made to run, without any changes, on the node. This is the major advantage gained by synchronising at the level of microinstructions. Such implementations of two processor fail-silent nodes have been in use widely; Stratus [27] and Sequoia [2] are two well-known examples. In these systems, a common (reliable) clock source is used for driving a pair of processors which execute in lock-step. Access to the bus is controlled by a (reliable) comparator circuit which only enables access to the bus if the signals generated by the two processors are the same. Another example of a fail-controlled node is presented in [6]; this design employs tight synchronisation of redundant processors and in addition, uses coding techniques for detecting/correcting memory bit corruptions.There are however a few problems with the micro-instruction level approach to synchronisation. First, as indicated before, individual processors must be built in such a way that they will have a deterministic behaviour at each clock pulse, so that they will produce identical outputs ("don't care" transitions, for instance, where a bit can be either one or zero, are not allowed in the design of the processors). Second, the introduction of special circuits such as reliable co...

show abstract

System architecture for Byzantine resilient computation in launch vehicle applications

Iacoponi¹,

Grisell²

9th IEEE/AIAA/NASA Conference on Digital Avionics Systems

View full text Add to dashboard Cite

The error-resistant interactively consistent architecture (ERICA)

Cited by 3 publications

References 6 publications

Online VLSI Testing

Online VLSI Testing

Implementing fail-silent nodes for distributed systems

System architecture for Byzantine resilient computation in launch vehicle applications

Contact Info

Product

Resources

About