Heavy-ion Fault Injection in the Time-triggered Communication Protocol

Paper i proceeding, 2003

In dependable distributed systems, the communication link is a critical component with strict dependability requirements. The Time-Triggered Protocol (TTP/C) was developed to meet these requirements. To validate this design, one node in a TTP/C cluster was injected with faults using heavy-ions. It was a prototype implementation and cluster sizes of four and five nodes were tested. The experimental results show that arbitrary faults in one node can cause inconsistencies in the cluster and jeopardize the operation of correctly working nodes and the whole cluster. Further, the system’s vulnerability to arbitrary failures in single nodes for a cluster with a broadcast bus is shown. Experiments with varying cluster sizes indicate a relationship between cluster size and system vulnerability thus it seems to be important to further analyze if and why cluster sizes need to be taken into account when validating distributed systems. The described inconsistencies resulted from asymmetric value faults, asymmetric timing faults or arbitrary single node failures.