Abstract
A methodology called guarded software upgrading (GSU) is proposed to accomplish dependable onboard evolution for long-life deep-space missions. The core of the methodology is a low-cost error containment and recovery protocol that escorts an upgraded software component through onboard validation and guarded operation, mitigating the effect of residual faults in the upgraded component. The message-driven confidence-driven (MDCD) nature of the protocol eliminates the need for costly process coordination or atomic action, yet guarantees that the system will reach a consistent global state upon the completion of the rollback or roll-forward actions carried out by individual processes during error recovery. To validate the ability of the MDCD protocol to enhance system reliability when a software component undergoes onboard upgrading in a realistic, non-ideal environment, we conduct a stochastic activity network model-based analysis. The results confirm the effectiveness of the protocol as originally surmised. Moreover, a comparative study reveals that the dynamic confidence-driven approach is superior to static approaches and is the key to the attainment of cost-effectiveness.
Original language | English (US) |
---|---|
Pages (from-to) | 211-236 |
Number of pages | 26 |
Journal | Performance Evaluation |
Volume | 44 |
Issue number | 1-4 |
DOIs | |
State | Published - Apr 2001 |
ASJC Scopus subject areas
- Software
- Modeling and Simulation
- Hardware and Architecture
- Computer Networks and Communications