Title :
The Startup Problem in Fault-Tolerant Time-Triggered Communication
Author :
Steiner, Wilfried ; Kopetz, Hermann
Author_Institution :
Real-Time Syst. Group, Vienna Univ. of Technol.
Abstract :
Fault-tolerant time-triggered communication relies on the synchronization of local clocks. The startup problem is the problem of reaching a sufficient degree of synchronization after power-on of the system. The complexity of this problem naturally depends on the system assumptions. The system assumptions in this paper were compiled from cooperation with partners in the automotive and aeronautic industry. We present a general startup strategy for safety-critical systems that discusses the solution to the startup problem from an abstract point of view. From this abstract view we derive and analyze a new startup algorithm that is used in a TTP/C research derivative protocol (LTTP). We also analyze the FlexRay startup algorithm and discuss its behavior in presence of simple failures. The analyses were done by exhaustive fault simulation using the SAL model checker. While LTTP was found to tolerate the arbitrary failure of one node, the FlexRay startup shows to be vulnerable to simple failure modes
Keywords :
clocks; fault tolerant computing; formal verification; protocols; scheduling; synchronisation; telecommunication computing; time division multiple access; FlexRay startup algorithm; LTTP algorithm; SAL model checker; TDMA round schedule; TTP/C research derivative protocol; fault simulation; fault-tolerant time-triggered communication; local clock synchronization; safety-critical systems; Access protocols; Algorithm design and analysis; Automotive engineering; Clocks; Failure analysis; Fault tolerance; Fault tolerant systems; Real time systems; Synchronization; Time division multiple access;
Conference_Titel :
Dependable Systems and Networks, 2006. DSN 2006. International Conference on
Conference_Location :
Philadelphia, PA
Print_ISBN :
0-7695-2607-1
DOI :
10.1109/DSN.2006.69
