Integrating redundancy management and real-time services for ultra reliable control systems

Integration of multiple real-time control modules has gained increased acceptance as a new trend in the industry during the past few years. For example, the avionics industry is embracing a new design approach referred to as Integrated Modular Avionics (IMA). The IMA approach encourages the use of general-purpose basic components and sharing of common resources to minimize the development and maintenance costs of avionics. However, the integration complicates the design and validation of these systems since sharing resources makes the behavior of the integrated application hard to predict and guarantee and therefore ensuring the fulfillment of timing constraints and maintaining fault-tolerance becomes a challenge. In this paper, we describe our experience with integrating redundancy management and real-time services in an IMA setup. The redundancy management system (RMS) masks faults through voting on the computation results from multiple redundant computing nodes and ensures synchronization among replicas. RMS is set to share the same CPU with real-time applications managed by a real-time operating system (RTOS). We discuss the issues related to that integration and our approach for addressing them. We describe validation efforts and summarize lessons learned.