国际空间站流体和燃烧设备的容错验证

26th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'06) Pub Date : 2006-07-04 DOI:10.1109/ICDCSW.2006.52

Raquel S. Whittlesey-Harris, Mikhail Nesterenko

{"title":"国际空间站流体和燃烧设备的容错验证","authors":"Raquel S. Whittlesey-Harris, Mikhail Nesterenko","doi":"10.1109/ICDCSW.2006.52","DOIUrl":null,"url":null,"abstract":"This article describes our experience with faulttolerance verification of the Fluids and Combustion Facility (FCF) of the International Space Station (ISS). The FCF will be a permanent installation for scientific microgravity experiments in the U.S. Laboratory Module aboard the ISS. The ability to withstand faults is vital for all ISS installations. Currently, the FCF safety specification requires one-component faulttolerance. In future versions, even greater robustness may be required. Faults encountered by ISS modules vary in nature and extent. Self-stabilization is an adequate approach to tolerance design of the FCF. However, for systems as complex as the FCF, analytical tolerance verification is not feasible. We use automated model-checking. We model the FCF in SPIN and specify stabilization predicates to which the FCF must conform. Our model of the FCF allows us to inject component faults as well as hazardous conditions. We use SPIN to automatically verify the convergence of the FCF model to legitimate states.","PeriodicalId":333505,"journal":{"name":"26th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'06)","volume":"134 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Fault-Tolerance Verification of the Fluids and Combustion Facility of the International Space Station\",\"authors\":\"Raquel S. Whittlesey-Harris, Mikhail Nesterenko\",\"doi\":\"10.1109/ICDCSW.2006.52\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This article describes our experience with faulttolerance verification of the Fluids and Combustion Facility (FCF) of the International Space Station (ISS). The FCF will be a permanent installation for scientific microgravity experiments in the U.S. Laboratory Module aboard the ISS. The ability to withstand faults is vital for all ISS installations. Currently, the FCF safety specification requires one-component faulttolerance. In future versions, even greater robustness may be required. Faults encountered by ISS modules vary in nature and extent. Self-stabilization is an adequate approach to tolerance design of the FCF. However, for systems as complex as the FCF, analytical tolerance verification is not feasible. We use automated model-checking. We model the FCF in SPIN and specify stabilization predicates to which the FCF must conform. Our model of the FCF allows us to inject component faults as well as hazardous conditions. We use SPIN to automatically verify the convergence of the FCF model to legitimate states.\",\"PeriodicalId\":333505,\"journal\":{\"name\":\"26th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'06)\",\"volume\":\"134 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-07-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"26th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICDCSW.2006.52\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"26th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICDCSW.2006.52","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

本文描述了我们对国际空间站(ISS)流体和燃烧设施(FCF)进行容错验证的经验。FCF将成为国际空间站上美国实验舱进行科学微重力实验的永久装置。承受故障的能力对所有国际空间站装置都至关重要。目前，FCF安全规范要求单组件容错。在未来的版本中，可能需要更强的健壮性。国际空间站模块遇到的故障在性质和程度上各不相同。自稳定是FCF公差设计的一种有效方法。然而，对于像FCF这样复杂的系统，分析公差验证是不可行的。我们使用自动模型检查。我们在SPIN中对FCF进行建模，并指定了FCF必须符合的稳定谓词。我们的FCF模型允许我们注入组件故障以及危险条件。我们使用SPIN自动验证FCF模型对合法状态的收敛性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Fault-Tolerance Verification of the Fluids and Combustion Facility of the International Space Station

This article describes our experience with faulttolerance verification of the Fluids and Combustion Facility (FCF) of the International Space Station (ISS). The FCF will be a permanent installation for scientific microgravity experiments in the U.S. Laboratory Module aboard the ISS. The ability to withstand faults is vital for all ISS installations. Currently, the FCF safety specification requires one-component faulttolerance. In future versions, even greater robustness may be required. Faults encountered by ISS modules vary in nature and extent. Self-stabilization is an adequate approach to tolerance design of the FCF. However, for systems as complex as the FCF, analytical tolerance verification is not feasible. We use automated model-checking. We model the FCF in SPIN and specify stabilization predicates to which the FCF must conform. Our model of the FCF allows us to inject component faults as well as hazardous conditions. We use SPIN to automatically verify the convergence of the FCF model to legitimate states.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

26th IEEE International Conference on Distributed Computing Systems Workshops (ICDCSW'06)

自引率

0.00%

发文量