Handling Process Overruns and Underruns on Multiprocessors in a Fault-Tolerant Real-Time Embedded System

Abstract

The failure of safety-critical hard real-time embedded systems, can have catastrophic consequences. In such systems, a fault tolerant design is often necessary to enable the system to continue to provide a specified service, possibly at a reduced level of performance, rather than failing completely, in spite of system errors. One approach for achieving fault tolerance in real-time embedded systems, is to provide two versions of programs for each real-time task: a primary and an alternate. If an error in the execution of the primary of a task is detected, or if the successful completion of the primary cannot be guaranteed, then the alternate will be activated, while the primary will be aborted. This paper presents a method which provides a higher level of system dependency and reliability by effectively handling underruns and overruns in a fault tolerant real-time embedded system which uses a primary and an alternate for each real-time task to achieve fault tolerance. A main advantage of this method is that it significantly increases the chances that either the primary or the alternate of each process will be able to successfully complete its computation before its deadline despite overrunning, which significantly increases system robustness and reliability, while at the same time any additional processor capacity created at run-time due to primary or alternate underruns can be efficiently utilized, which increases system resource and processor utilization, while also satisfying additional complex constraints defined on the primaries and alternates such as precedence and exclusion relations.