On the Design of Robust Integrators for Fail-Bounded Control System

Jonny Vinter (Institutionen för datorteknik) ; A. Johansson ; Peter Folkesson (Institutionen för datorteknik) ; Johan Karlsson (Institutionen för datorteknik)
Proceedings of the International Conference on Dependable Systems and Networks, San Francisco, CA; United States; 22 June 2003 through 25 June 2003; Code 62415 p. 415-424. (2003)
[Konferensbidrag, refereegranskat]

This paper describes the design and evaluation of a robust integrator for software-implemented control systems. The integrator is constructed as a generic component in the Simulink design tool, and can thus be used for robust implementation of a wide range of control algorithms. The integrator is designed to support the fail-bounded failure model for transient bit-flips that may occur in the CPU, main memory and I/O circuits of a control system. In particular, it allows the control system to detect and recover from bit-flips that cause data errors. Robustness is achieved by sequentially executing duplicated integrator code on the same processor to support error detection, and through the use of a recovery buffer that allows a roll-back to the previous integrator state when an error is detected. The effectiveness of the robust integrator was evaluated through fault injection experiments with a PI controller, where single bit flips were injected inside the CPU of the control system. No violations of the fail-bounded model were observed in the experiments.

