| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 723941 | IFAC Proceedings Volumes | 2007 | 6 Pages |
We propose a safe design method for safe execution systems, based on fault-tolerance techniques: it uses optimal discrete controller synthesis (DCS) to generate a correct-by-construction fault-tolerant system. The properties enforced concern consistent execution, functionality fulfillment (whatever the faults, under some failure hypothesis), and several optimizations (of the tasks’ execution time). We propose an algorithm for optimal DCS on bounded paths. We propose model patterns for a set of periodic tasks with checkpoints, a set of distributed, heterogeneous and fail-silent processors, and an environment model that expresses potential fault patterns. The implementation is illustrated using the Sigali symbolic DCS tool and the Mode Automata programming language.
