• Journal of Institute of Control, Robotics and Systems
• /
• v.14 no.4
• /
• pp.376-380
• /
• 2008

This paper deals with a performance analysis of real-time control systems, which engages DMR(dual modular redundancy) to detect transient errors and checkpointing technique to tolerate transient errors. Transient errors are caused by transient faults and the most significant type of errors in reliable computer systems. Transient faults are assumed to occur according to a Poisson process and to be detected by a dual modular redundant structure. In addition, an equidistant checkpointing strategy is considered. The probability of the successful task completion in a real-time control system where periodic checkpointing operations are performed during the execution of a real-time control task is derived. Numerical examples show how checkpoiniting scheme influences the probability of task completion. In addition, the result of the analysis is compared with the simulation result.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.44 no.7 s.361
• /
• pp.112-121
• /
• 2007

In this paper, we propose a new checkpointing strategy for dual modular redundancy real-time systems. For every checkpoints the execution results from two processors, and the result saved in the previous checkpoint are compared to detect faults. We devised an operation algorithm in chectpoints to recover from transient faults as well as permanent faults. We also develop a Markov model for the optimization of the proposed checkpointing strategy. The probability of successful task execution within its deadline is derived from the Markov model. The optimal number of checkpoints is the checkpoints which makes the successful probability maximum.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.26 no.6A
• /
• pp.1067-1077
• /
• 2001

본 논문에서는 결함의 영향을 받지 않고 동작할 수 있는 AVTMR(All Voting Triple Modular Redundancy) 시스템과 듀얼 듀플렉스(Dual-duplex) 시스템을 설계하고, 각 시스템의 평가를 통하여 RAMS(Reliability, Avaliability, Maintainability, Safety)를 비교하였다. ABTMR 시스템은 3중화된 보터(voter)를 사용하여 설계를 하였으며, 듀얼 듀플렉스 시스템은 비교기(comparator)를 이용하여 시스템을 설계하였다. 각 시스템은 버스 레벨로 데이터를 비교하도록 설계하였으며, 시스템 평가를 위해서 소자의 고장율은 MILSPEC-217F에 기반을 두고 RELEX6.0을 이용하였고, 마코브 모델(Markov model)을 이용하여 시스템의 RAMS를 평가하였다. 본 논문에서는 각 시스템을 MC68000을 기반으로 설계하여, 각각 시스템에 사용되는 비용 및 시스템이 어느 부분에서 선호될 수 있는가를 RAMS 및 MTTF(Mean Time To Failure)를 통하여 선택할 수 있는 기반을 제시하도록 나타내고 있다. 이러한 AVTMR이나 듀얼 듀플렉스 시스템(dual-duplex system)은 결함 허용 시스템(fault tolerant system)으로 인간의 생명과 직접적인 관련이 있는 고속철도 시스템이나 항공기 시스템에 적용될 수 있다.

• Journal of Institute of Control, Robotics and Systems
• /
• v.20 no.6
• /
• pp.625-630
• /
• 2014

Asynchronous digital circuits working in military and space environments are often subject to the adverse effects of radiation faults. In this paper, we propose a new hardening technique against radiation faults. The considered digital system has the structure of DMR (Double Modular Redundancy), in which two sub-systems conduct the same work simultaneously. Based on the output feedback, the proposed scheme diagnoses occurrences of radiation faults and realizes immediate recovery to the normal behavior by overriding parts of memory bits of the faulty sub-system. As a case study, the proposed control scheme is applied to an asynchronous dual ring counter implemented in VHDL code.

• Journal of Advanced Navigation Technology
• /
• v.21 no.5
• /
• pp.491-500
• /
• 2017

This paper investigates a low cost dual modular redundancy system based on heartbeat which can be applied to traffic control signal system. Failure of the traffic control signal system can cause traffic confusion and traffic accidents. Therefore safety and reliability of traffic control should be secured using fault tolerance technology. To do this, we configured a redundant board using the open source hardware and the heartbeat technique of Linux HA. The function of the traffic signal control system was verified and the fault recovery time was measured using fault injection test. As a result of the test, the fault recovery time was confirmed to be less than 9 seconds on average, confirming that the reliability target time is satisfied. Based on the results of this study, it is expected that it can be applied to fields requiring high reliability systems such as aviation, space, and nuclear power embedded systems.

• The Transactions of the Korean Institute of Electrical Engineers D
• /
• v.50 no.4
• /
• pp.168-176
• /
• 2001

In this paper, we develop a dual-duplex system which detects a fault by hardware comparator and switches to hot standby redundancy. This system is designed on the basis of MC68000 and can be used in VMEbus. To improve reliability, the dual-duplex system is designed in dual modular redundancy. The failure rate of electrical element is calculated in MILSPEC-217F, and the system RAMS(Reliability, Availiability, Maintainability and Safety) and MTTF(Mean Time to Failure) are evaluated by Markov modeling method. As the evaluation result shows improved reliability, it can be used as a component hardware for a highly reliable control system.

• Journal of Ocean Engineering and Technology
• /
• v.29 no.5
• /
• pp.380-385
• /
• 2015

In the development of an underwater construction robot, the reliability of the operating system is the most important issue because of its huge maintenance cost, especially in a deep sea application. In this paper, we propose a new redundant architectural design for the hydraulic control system of an underwater construction robot. The proposed architecture consists of dual independent modular redundancy management systems linked with a commercial profibus network. A cold standby redundancy management system consisting of a preprocessing switch circuit is applied to the signal network, and a hot standby redundancy management system is adapted to utilize two main controllers.

• The Transactions of The Korean Institute of Electrical Engineers
• /
• v.62 no.1
• /
• pp.109-119
• /
• 2013

This paper presents the design of the Safety Programmable Logic Controller (SPLC) used in the Nuclear Power Plants, an analysis of a reliability for the SPLC using a markov model. The architecture of the SPLC is designed to have the multiple modular redundancy composed of the Dual Modular Redundancy(DMR) and the Triple Modular Redundancy(TMR). The operating system of the SPLC is designed to have the non-preemptive state based scheduler and the supervisory task managing the sequential scheduling, timing of tasks, diagnostic and security. The data communication of the SPLC is designed to have the deterministic state based protocol, and is designed to satisfy the effective transmission capacity of 20Mbps. Using Markov model, the reliability of SPLC is analyzed, and assessed. To have the reasonable reliability such as the mean time to failure (MTTF) more than 10,000 hours, the failure rate of each SPLC module should be less than $2{\times}10^{-5}$/hour. When the fault coverage factor (FCF) is increased by 0.1, the MTTF is improved by about 4 months, thus to enhance the MTTF effectively, it is needed that the diagnostic ability of each SPLC module should be strengthened. Also as the result of comparison the SPLC and the existing safety grade PLCs, the reliability and MTTF of SPLC is up to 1.6-times and up to 22,000 hours better than the existing PLCs.

• Journal of IKEEE
• /
• v.27 no.4
• /
• pp.683-686
• /
• 2023

In this paper, we designed a Delayed Dual Core Lock-Step (D-DCLS) processor where two cores operate same instructions with delay and the result is compared to mitigate soft errors and common mode failures in automotive electronic systems. Because D-DCLS does not know which core an error occurred in, each core must be recovered to the point before the error occurred, but complex hardware modifications are required to return all intermediate values on the pipeline stage. In this paper, in order for easy hardware implementation, all register values are saved to a buffer whenever a branch instruction is executed. When an error is detected, the saved register values are automatically restored, and then 'BX LR' instruction is executed to return to the last branch point. The proposed D-DCLS processor was designed using Verilog HDL and was confirmed to continue normal operation after automatically recovering error.

• Journal of Institute of Control, Robotics and Systems
• /
• v.20 no.6
• /
• pp.689-694
• /
• 2014

An SPLC (Safety Programmable Logic Controller) must be designed to meet the highest safety standards, IEEE 1E, and should guarantee a level of fault-tolerance and high-reliability that ensures complete error-free operation. In order to satisfy these criteria, I/O modules, communication modules, processor modules and bus modules of the SPLC have been configured in triple or dual modular redundancy. The redundant modules receive the same data to determine the final data by the voting logic. Currently, the processor of each rx module performs the voting by deciding on the final data. It is the intent of this paper to prove the improvement on the current system, and develop a voting system for multiple data on a system bus level. The new system bus protocol is implemented based on a TCN-MVB that is a deterministic network consisting of a master-slave structure. The test result shows that the suggested system is better than the present system in view of its high utilization and improved performance of data exchange and voting.