Experimental evaluation of the fail-silent behavior of a distributed real-time run-time support built from COTS components

Mainly for economic and maintainability reasons, more and more dependable real-time systems are being built from commercial off-the-shelf (COTS) components. To build these systems, a commonly-used assumption is that computers are fail-silent. The goal of our work is so determine the coverage of the fail-silence assumption for computers executing a real-time run-time support system built exclusively from COTS components, in the presence of physical faults. The evaluation of fail-silence has been performed on the HADES (Highly Available Distributed Embedded System) run-time support system, aimed at executing distributed hard real-time dependable applications. The main result of the evaluation is a fail-silence coverage of 99.1%. Moreover, we evaluate the error detection mechanisms embedded in HADES according to a rich set of metrics which provides guidance for choosing the set of error detection mechanisms that is best suited to the system needs (e.g. find the best trade-off between fail-silence coverage and overhead caused by error detection).