distributed real time fault tolerance on a virtualized
play

Distributed Real-Time Fault Tolerance on a Virtualized Multi-Core - PowerPoint PPT Presentation

Oct 16, 2023 •333 likes •614 views

Distributed Real-Time Fault Tolerance on a Virtualized Multi-Core System Eric Missimer*, Richard West and Ye Li Computer Science Department Boston University Boston, MA 02215 Email: { missimer,richwest,liye } @cs.bu.edu *VMware, Inc. Eric

  1. Distributed Real-Time Fault Tolerance on a Virtualized Multi-Core System Eric Missimer*, Richard West and Ye Li Computer Science Department Boston University Boston, MA 02215 Email: { missimer,richwest,liye } @cs.bu.edu *VMware, Inc. Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 1

  2. Quest-V: Virtualized Multi-Core System Quest-V Background: Boston University’s in house operating system + hypervisor Developed for real-time and high-confidence systems Key Features: Virtualized Separation Kernel Simplified Hypervisor: Sandboxes are pinned to cores at boot, no need for scheduling I/O devices are partitioned amongst sandboxes, not shared or emulated Virtualization used for encapsulation Assume hypervisor is a trusted code base Communication through explicit shared memory channels Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 2

  3. Quest-V Design Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 3

  4. Motivation Safety critical systems requires component isolation and redundancy Integrated Modular Avionics (IMA), Automobiles Multi-/many-core processors are increasingly popular in embedded systems Multi-core processors can be used to consolidate redundant services onto a single platform Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 4

  5. Motivation Many processors now feature hardware virtualization ARM Cortex A15, Intel VT-x, AMD-V Hardware virtualization provides opportunity to efficiently partition resources amongst guest VMs Not trying to remove all hardware redundancy – just lessen it Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 5

  6. Motivation Many processors now feature hardware virtualization ARM Cortex A15, Intel VT-x, AMD-V Hardware virtualization provides opportunity to efficiently partition resources amongst guest VMs Not trying to remove all hardware redundancy – just lessen it H/W Virtualization + Resource Partitioning/Isolation = Platform for Embedded Safety Critical Systems Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 5

  7. Motivation Focusing on hardware transient faults and software timing faults Random bit flips from caused by radiation Asynchronous bugs in faulty device drivers Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 6

  8. Quest-V N-Modular Redundancy N redundant copies of a program, one per sandbox (at least three) At least one voter Hash based fault detection and recovery Virtualized separation kernel platform provides new n-modular redundancy configurations Software based dual core lock step (DCLS) Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 7

  9. N-Modular Redundancy Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 8

  10. N-Modular Redundancy for Real-Time Applications Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 9

  11. Fault Detection Typical n-modular redundancy compares the output of the computation Pro: Fast Con: Don’t know what went wrong Proposed detection method: compare application memory on a per page basis via hashes Pro: Faster and generic recovery for complicated applications (discussed later) Con: Must hash memory state of process (slow) Can speed on comparison using a “summary” hash Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 10

  12. Fault Detection Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 11

  13. N-Modular Redundancy Configurations Voting mechanism and device driver in the hypervisor Voting mechanism and device driver in one sandbox Voting mechanism distributed across sandboxes and device driver is shared Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 12

  14. Voting Mechanism and Device Driver in the Hypervisor Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 13

  15. Voting Mechanism and Device Driver in the Hypervisor Pros: No need to modify operating system - could apply to Linux as well as Quest Need only n sandboxes Cons: Conflicts with Quest-V hypervisor design Faulty device driver could jeopardize the entire system Need to duplicate the entire guest Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 14

  16. Voting Mechanism and Device Driver in One Sandbox Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 15

  17. Voting Mechanism and Device Driver in One Sandbox Pros: Simpler hypervisor Application level redundancy, don’t need to copy the entire sandbox Cons: Need ( n +1) sandboxes Need to modify guest Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 16

  18. Voting is Distributed and Device Driver is Shared Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 17

  19. Voting is Distributed and Device Driver is Shared Pros: Need only n sandboxes Application level redundancy, don’t need to copy the entire sandbox Cons: Need to modify guest Complicated shared device driver Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 18

  20. Recovery Want recovery to be as generic as possible Simple applications – rebooting might be sufficient Complicated applications – rebooting could cause important state to be lost Perform live migrations of either application or guest machine Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 19

  21. Recovery All performed within the context of the thread’s sporadic server Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 20

  22. Quick Summary - Key Points to Take Away Per-page hash based fault detection and recovery Three n-modular redundancy configurations in a virtualized separation kernel Hypervisor Voting Sandbox Voting Distributed Voting Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 21

  23. Conclusion So what’s left? Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 22

  24. Conclusion So what’s left? Further implementation and comparison Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 22

  25. Conclusion So what’s left? Further implementation and comparison Figure out solution for voter single point of failure: Possibilities include arithmetic encoding and memory scrubbing Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 22

  26. Conclusion More Info: www.questos.org Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 23

  27. Conclusion More Info: www.questos.org Questions? Eric Missimer, Richard West and Ye Li Real-Time Fault Tolerance 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CSci 5105 Introduction to Distributed Systems Fault Tolerance Last Time Replication and

CSci 5105 Introduction to Distributed Systems Fault Tolerance Last Time Replication and

CSci 5105 Introduction to Distributed Systems Fault Tolerance Last Time Replication and Consistency Today Fault tolerance Chapter 8 TVS Fault Tolerance Basics Availability short time horizon e.g down 1 msec every hour

292 views • 27 slides
Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi

Distributed Systems 5. Fault Tolerant Systems Fault-Tolerance - 1 Lszl Bszrmnyi Distributed Systems Fault tolerance A system or a component fails due to a fault Fault tolerance means that the system continues to provide its

428 views • 40 slides
Distributed Systems (ICE 601) Fault Tolerance Dongman Lee ICU Class Overview Introduction

Distributed Systems (ICE 601) Fault Tolerance Dongman Lee ICU Class Overview Introduction

Distributed Systems (ICE 601) Fault Tolerance Dongman Lee ICU Class Overview Introduction Failure Model Fault Tolerance Models state machine primary-backup Distributed Systems - Fault Tolerance Introduction

146 views • 12 slides
Unicamp MC714 Distributed Systems Slides by Maarten van Steen, adapted from Distributed Systems,

Unicamp MC714 Distributed Systems Slides by Maarten van Steen, adapted from Distributed Systems,

Unicamp MC714 Distributed Systems Slides by Maarten van Steen, adapted from Distributed Systems, 3rd edition Chapter 08: Fault Tolerance Fault tolerance: Introduction to fault tolerance Basic concepts Dependability Basics A component

1.19k views • 105 slides
CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault

CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault

1 Tr n H i Anh Distributed System CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault tolerance 2. Process resilience 3. Reliable client-Server Communication 4. Reliable Group Communication 5.

966 views • 50 slides
General Principles of Fault- Tolerance Daniel Gottesman Perimeter Institute Whats Left For

General Principles of Fault- Tolerance Daniel Gottesman Perimeter Institute Whats Left For

General Principles of Fault- Tolerance Daniel Gottesman Perimeter Institute Whats Left For Fault-Tolerance? Reduce the overhead (in space and in time) needed for fault-tolerance Better fault-tolerance in 1D? Better magic state

556 views • 22 slides
Trading Off Lifetime, Fault-tolerance, and Power Consumption in Real-time MPSoC Jacopo Panerati

Trading Off Lifetime, Fault-tolerance, and Power Consumption in Real-time MPSoC Jacopo Panerati

Trading Off Lifetime, Fault-tolerance, and Power Consumption in Real-time MPSoC Jacopo Panerati , Samar Abdi , and Giovanni Beltrame eal, Concordia University Ecole Polytechnique de Montr MPSoC 2015 - Ventura Beach, CA,

332 views • 10 slides
Roadmap for Section 10.1 The Notion of Fault-Tolerance Fault-Tolerance Support in NTFS Volume

Roadmap for Section 10.1 The Notion of Fault-Tolerance Fault-Tolerance Support in NTFS Volume

Unit OS10: Fault Tolerance Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section 10.1 The Notion of Fault-Tolerance Fault-Tolerance Support in NTFS Volume Management - Striped

394 views • 25 slides
Fault-Tolerance of Capillary Multi-Path Routing for Real-Time Multimedia Streaming with Forward

Fault-Tolerance of Capillary Multi-Path Routing for Real-Time Multimedia Streaming with Forward

Fault-Tolerance of Capillary Multi-Path Routing for Real-Time Multimedia Streaming with Forward Error Correction Emin Gabrielyan Roger D. Hersch EPFL and Switzernet Srl Swiss Federal Institute of Technology EPFL Lausanne, Switzerland

73 views • 6 slides
MC714 - Sistemas Distribuidos slides by Maarten van Steen (adapted from Distributed System - 3rd

MC714 - Sistemas Distribuidos slides by Maarten van Steen (adapted from Distributed System - 3rd

MC714 - Sistemas Distribuidos slides by Maarten van Steen (adapted from Distributed System - 3rd Edition) Chapter 08: Fault Tolerance Version: May 16, 2019 Fault tolerance: Introduction to fault tolerance Basic concepts Dependability Basics

587 views • 47 slides
Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis

Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis

Hypervisor-Based Fault-Tolerance Thomas C. Bressoud, Isis Distributed Systems Fred B. Schneider, Cornell University SOSP, 1995 Problem Fault tolerance

2.97k views • 8 slides
CPL 2016, week 9 Erlang fault tolerance and distributed programming Oleg Batrashev Institute of

CPL 2016, week 9 Erlang fault tolerance and distributed programming Oleg Batrashev Institute of

CPL 2016, week 9 Erlang fault tolerance and distributed programming Oleg Batrashev Institute of Computer Science, Tartu, Estonia April 4, 2016 Overview Previous week Erlang: functional core and agents Today Erlang fault tolerance and

828 views • 29 slides
Distributed Systems Fault Tolerance Paul Krzyzanowski Except as otherwise noted, the content of

Distributed Systems Fault Tolerance Paul Krzyzanowski Except as otherwise noted, the content of

Distributed Systems Fault Tolerance Paul Krzyzanowski Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License. Page Faults Deviation from expected behavior Due to a

188 views • 18 slides
Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in

Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in

Fault Tolerance in Message Passing Fault Tolerance in Message Passing and in Action and in Action Jack Dongarra, Innovative Computing Laboratory University of Tennessee and Computer Science and Mathematics Division Oak Ridge National

422 views • 14 slides
CSE 5306 Distributed Systems Fault Tolerance Jia Rao http://ranger.uta.edu/~jrao/ 1 Failure

CSE 5306 Distributed Systems Fault Tolerance Jia Rao http://ranger.uta.edu/~jrao/ 1 Failure

CSE 5306 Distributed Systems Fault Tolerance Jia Rao http://ranger.uta.edu/~jrao/ 1 Failure in Distributed Systems Partial failure Happens when one component of a distributed system fails Often leaves other components unaffected

869 views • 50 slides
Privacy and Fault-Tolerance in Distributed Optimization Nitin Vaidya University of Illinois at

Privacy and Fault-Tolerance in Distributed Optimization Nitin Vaidya University of Illinois at

Privacy and Fault-Tolerance in Distributed Optimization Nitin Vaidya University of Illinois at Urbana-Champaign Acknowledgements Shripad Gade Lili Su S X f i ( x ) argmin x X i =1 i Applications f 1 (x) g fi(x) = cost for robot i

1.38k views • 78 slides
Dependability Engineering of Complex Computing Systems M. Kaniche J.-C. Laprie

Dependability Engineering of Complex Computing Systems M. Kaniche J.-C. Laprie

Dependability Engineering of Complex Computing Systems M. Kaniche J.-C. Laprie J.-P. Blanquart LAAS / LIS LAAS / LIS Astrium / LIS kaaniche@laas.fr laprie@laas.fr blanquar@laas.fr 6th International Conference on Engineering

269 views • 12 slides
Fully Fault Tolerant Real Time Data Pipeline with Docker and Mesos Rahul Kumar Technical Lead

Fully Fault Tolerant Real Time Data Pipeline with Docker and Mesos Rahul Kumar Technical Lead

Fully Fault Tolerant Real Time Data Pipeline with Docker and Mesos Rahul Kumar Technical Lead LinuxCon / ContainerCon - Berlin, Germany Data Pipeline Agenda Mesos + Docker Reactive Data Pipeline Goal Analyzing data always

504 views • 37 slides
Fault Tolerant Computing Coping with errors Steven Janke February 2013 Steven Janke (Seminar)

Fault Tolerant Computing Coping with errors Steven Janke February 2013 Steven Janke (Seminar)

Fault Tolerant Computing Coping with errors Steven Janke February 2013 Steven Janke (Seminar) Fault Tolerant Computing February 2013 1 / 30 Outline Problem: How do you design a computer system to avoid errors? Failure Data for laptops,

608 views • 30 slides
Formalization and Verification of Fault Tolerance and Security Felix G artner TU Darmstadt,

Formalization and Verification of Fault Tolerance and Security Felix G artner TU Darmstadt,

1/35 Formalization and Verification of Fault Tolerance and Security Felix G artner TU Darmstadt, Germany fcg@acm.org Example: Space Shuttle STS51 Discovery, http://spaceflight.nasa.gov/ 2/35 3/35 Fault-tolerant Operation [Spector and

682 views • 42 slides
Model Checking of Fault-Tolerant Distributed Algorithms Igor Konnov joint work with Annu

Model Checking of Fault-Tolerant Distributed Algorithms Igor Konnov joint work with Annu

Model Checking of Fault-Tolerant Distributed Algorithms Igor Konnov joint work with Annu Gmeiner Ulrich Schmid Helmut Veith Josef Widder Igor Konnov Distributed Systems Are they always working? 2/63 No. . . some failing systems

979 views • 72 slides
Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems 22nd International

Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems 22nd International

Platzhalter fr Bild, Bild auf Titelfolie hinter das Logo einsetzen Hybrid Fault-Tolerant Consensus in Asynchronous and Wireless Embedded Systems 22nd International Conference on Principles of Distributed Systems Wenbo Xu, Signe Rsch, Bijun

594 views • 33 slides
COMP9313: Big Data Management Introduction to MapReduce and Spark Motivation of MapReduce

COMP9313: Big Data Management Introduction to MapReduce and Spark Motivation of MapReduce

COMP9313: Big Data Management Introduction to MapReduce and Spark Motivation of MapReduce Word count output the number of occurrence for each word in the dataset. Nave solution: word_count(D): H = new dict For each w in D:

1.15k views • 30 slides
Policy-Driven Fault Management for NFV Eco System Akhil Jain (NEC) akhil.jain@india.nec.com

Policy-Driven Fault Management for NFV Eco System Akhil Jain (NEC) akhil.jain@india.nec.com

April 2019 Policy-Driven Fault Management for NFV Eco System Akhil Jain (NEC) akhil.jain@india.nec.com Eric Kao (VMware) ekcs.openstack@gmail..com Definitions Network Function (NF): A functional building block in a network packet

458 views • 25 slides

More recommend