A real-time gracefully degrading avionics system for unmanned aerial vehicles

Graceful degradation is an approach for developing dependable safety-critical embedded applications, where redundant active or standby resources are used to cope with faults through system reconfiguration at run-time. Compared to traditional hardware and software redundancy, it is a promising technique that may achieve dependability with a significant reduction in cost, size, weight, and power requirements. Checkpointing protocols, which are necessary components of degrading systems, support task migration through state preservation. They allow real-time embedded systems to recover from any failure by restarting from the last well-defined and consistent state, thus preserving the progress of computations that have been achieved. This paper demonstrates and applies the graceful degradation concept to achieve fault tolerance in an unmanned aerial vehicle (UAV) real-time embedded system. A checkpointing protocol is used to reserve the state of the avionics of the UAV system. Faults were injected during run-time causing one of the system´s stability critical control tasks to fail. The system was able successfully to recover by restarting the affected critical task(s) on a different processor with last valid consistent state(s). This paper presents the architecture, fault injection scheme, and the results of the tests performed, which demonstrate the viability of graceful degradation in our tested UAV.