Roll-Forward Checkpointing Scheme: A Novel Fault-Tolerant Architecture

Dhiraj K. Pradhan; Nitin H. Vaidya

doi:10.1109/12.324542

Roll-Forward Checkpointing Scheme: A Novel Fault-Tolerant Architecture

Dhiraj K. Pradhan, Nitin H. Vaidya

Research output: Contribution to journal › Article › peer-review

Abstract

Proposed here is a novel architecture for a fault- tolerant multiprocessor environment. It is assumed that the multiprocessor organization consists of a pool of active processing modules and either a small number of spare modules or active modules with some spare processing capacity. A fault-tolerance scheme is developed for duplex systems using checkpoints. Our scheme, unlike traditional checkpointing schemes, requires no rollbacks for recovering from single faults. The objective here is to achieve performance of a Triple Modular Redundant system using duplex system redundancy. In the proposed scheme, at each checkpoint, the state of the two modules executing the task is compared for detection of faults. If a disagreement occurs, indicating a fault, the two differing states are both stored. Instead of performing usual rollback and retry, the following mechanism is used. The state at the preceding checkpoint, where both processing modules had agreed, is loaded into a spare module. The checkpoint interval in which the failure is detected is then “retried" on the spare module. Concurrently, the task continues forward on the two active modules, beyond the checkpoint where the disagreement occurred. At the next checkpoint, the state of the spare is compared with the stored states of the two active modules (stored states correspond to where the disagreement occurred). The active module which disagrees with the spare is identified to be faulty. Once the faulty module is identified, the state of the faulty module is restored to the correct state by copying the state from the other active module, which is fault-free. The spare is released to the pool after recovery is completed. It is important to note that the spare is shared among many processor pairs and is used temporarily when faults occur. Since the above mechanism achieves forward recovery, the proposed scheme is termed Roll-Forward Checkpointing Scheme (RFCS). The RFCS scheme allows recovery from single failures without the overhead of rollback. The advantage of the proposed scheme is that it achieves a lower average execution time with a lower variance as compared to the rollback scheme. This can be crucial for Real time systems since lower variance enhances the predictability of the task completion time.

Original language	English (US)
Pages (from-to)	1163-1174
Number of pages	12
Journal	IEEE Transactions on Computers
Volume	43
Issue number	10
DOIs	https://doi.org/10.1109/12.324542
State	Published - Oct 1994
Externally published	Yes

Keywords

Checkpointing
duplex systems
forward recovery
nondedicated spares
transient faults

ASJC Scopus subject areas

Software
Theoretical Computer Science
Hardware and Architecture
Computational Theory and Mathematics

Online availability

10.1109/12.324542

Library availability

Discover UIUC Full Text

Cite this

@article{5185fb0481824077b32bf00bb21878a0,

title = "Roll-Forward Checkpointing Scheme: A Novel Fault-Tolerant Architecture",

abstract = "Proposed here is a novel architecture for a fault- tolerant multiprocessor environment. It is assumed that the multiprocessor organization consists of a pool of active processing modules and either a small number of spare modules or active modules with some spare processing capacity. A fault-tolerance scheme is developed for duplex systems using checkpoints. Our scheme, unlike traditional checkpointing schemes, requires no rollbacks for recovering from single faults. The objective here is to achieve performance of a Triple Modular Redundant system using duplex system redundancy. In the proposed scheme, at each checkpoint, the state of the two modules executing the task is compared for detection of faults. If a disagreement occurs, indicating a fault, the two differing states are both stored. Instead of performing usual rollback and retry, the following mechanism is used. The state at the preceding checkpoint, where both processing modules had agreed, is loaded into a spare module. The checkpoint interval in which the failure is detected is then “retried{"} on the spare module. Concurrently, the task continues forward on the two active modules, beyond the checkpoint where the disagreement occurred. At the next checkpoint, the state of the spare is compared with the stored states of the two active modules (stored states correspond to where the disagreement occurred). The active module which disagrees with the spare is identified to be faulty. Once the faulty module is identified, the state of the faulty module is restored to the correct state by copying the state from the other active module, which is fault-free. The spare is released to the pool after recovery is completed. It is important to note that the spare is shared among many processor pairs and is used temporarily when faults occur. Since the above mechanism achieves forward recovery, the proposed scheme is termed Roll-Forward Checkpointing Scheme (RFCS). The RFCS scheme allows recovery from single failures without the overhead of rollback. The advantage of the proposed scheme is that it achieves a lower average execution time with a lower variance as compared to the rollback scheme. This can be crucial for Real time systems since lower variance enhances the predictability of the task completion time.",

keywords = "Checkpointing, duplex systems, forward recovery, nondedicated spares, transient faults",

author = "Pradhan, {Dhiraj K.} and Vaidya, {Nitin H.}",

note = "Funding Information: Manuscript received November 29, 1992; revised November 15, 1993. This work was supported in part by the ONR and AFOSR. This work was presented in part at the 1992 IEEE Workshop on Fault-Tolerant Parallel and Distributed Systems.",

year = "1994",

month = oct,

doi = "10.1109/12.324542",

language = "English (US)",

volume = "43",

pages = "1163--1174",

journal = "IEEE Transactions on Computers",

issn = "0018-9340",

publisher = "IEEE Computer Society",

number = "10",

}

TY - JOUR

T1 - Roll-Forward Checkpointing Scheme

T2 - A Novel Fault-Tolerant Architecture

AU - Pradhan, Dhiraj K.

AU - Vaidya, Nitin H.

N1 - Funding Information: Manuscript received November 29, 1992; revised November 15, 1993. This work was supported in part by the ONR and AFOSR. This work was presented in part at the 1992 IEEE Workshop on Fault-Tolerant Parallel and Distributed Systems.

PY - 1994/10

Y1 - 1994/10

N2 - Proposed here is a novel architecture for a fault- tolerant multiprocessor environment. It is assumed that the multiprocessor organization consists of a pool of active processing modules and either a small number of spare modules or active modules with some spare processing capacity. A fault-tolerance scheme is developed for duplex systems using checkpoints. Our scheme, unlike traditional checkpointing schemes, requires no rollbacks for recovering from single faults. The objective here is to achieve performance of a Triple Modular Redundant system using duplex system redundancy. In the proposed scheme, at each checkpoint, the state of the two modules executing the task is compared for detection of faults. If a disagreement occurs, indicating a fault, the two differing states are both stored. Instead of performing usual rollback and retry, the following mechanism is used. The state at the preceding checkpoint, where both processing modules had agreed, is loaded into a spare module. The checkpoint interval in which the failure is detected is then “retried" on the spare module. Concurrently, the task continues forward on the two active modules, beyond the checkpoint where the disagreement occurred. At the next checkpoint, the state of the spare is compared with the stored states of the two active modules (stored states correspond to where the disagreement occurred). The active module which disagrees with the spare is identified to be faulty. Once the faulty module is identified, the state of the faulty module is restored to the correct state by copying the state from the other active module, which is fault-free. The spare is released to the pool after recovery is completed. It is important to note that the spare is shared among many processor pairs and is used temporarily when faults occur. Since the above mechanism achieves forward recovery, the proposed scheme is termed Roll-Forward Checkpointing Scheme (RFCS). The RFCS scheme allows recovery from single failures without the overhead of rollback. The advantage of the proposed scheme is that it achieves a lower average execution time with a lower variance as compared to the rollback scheme. This can be crucial for Real time systems since lower variance enhances the predictability of the task completion time.

AB - Proposed here is a novel architecture for a fault- tolerant multiprocessor environment. It is assumed that the multiprocessor organization consists of a pool of active processing modules and either a small number of spare modules or active modules with some spare processing capacity. A fault-tolerance scheme is developed for duplex systems using checkpoints. Our scheme, unlike traditional checkpointing schemes, requires no rollbacks for recovering from single faults. The objective here is to achieve performance of a Triple Modular Redundant system using duplex system redundancy. In the proposed scheme, at each checkpoint, the state of the two modules executing the task is compared for detection of faults. If a disagreement occurs, indicating a fault, the two differing states are both stored. Instead of performing usual rollback and retry, the following mechanism is used. The state at the preceding checkpoint, where both processing modules had agreed, is loaded into a spare module. The checkpoint interval in which the failure is detected is then “retried" on the spare module. Concurrently, the task continues forward on the two active modules, beyond the checkpoint where the disagreement occurred. At the next checkpoint, the state of the spare is compared with the stored states of the two active modules (stored states correspond to where the disagreement occurred). The active module which disagrees with the spare is identified to be faulty. Once the faulty module is identified, the state of the faulty module is restored to the correct state by copying the state from the other active module, which is fault-free. The spare is released to the pool after recovery is completed. It is important to note that the spare is shared among many processor pairs and is used temporarily when faults occur. Since the above mechanism achieves forward recovery, the proposed scheme is termed Roll-Forward Checkpointing Scheme (RFCS). The RFCS scheme allows recovery from single failures without the overhead of rollback. The advantage of the proposed scheme is that it achieves a lower average execution time with a lower variance as compared to the rollback scheme. This can be crucial for Real time systems since lower variance enhances the predictability of the task completion time.

KW - Checkpointing

KW - duplex systems

KW - forward recovery

KW - nondedicated spares

KW - transient faults

UR - http://www.scopus.com/inward/record.url?scp=0028518423&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0028518423&partnerID=8YFLogxK

U2 - 10.1109/12.324542

DO - 10.1109/12.324542

M3 - Article

AN - SCOPUS:0028518423

SN - 0018-9340

VL - 43

SP - 1163

EP - 1174

JO - IEEE Transactions on Computers

JF - IEEE Transactions on Computers

IS - 10

ER -

Roll-Forward Checkpointing Scheme: A Novel Fault-Tolerant Architecture

Abstract

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this