Data redundancy Immunity-aware programming

in systems without error detection , correction units, reliability of system can improved providing protection through software. protecting entire memory (code , data) may not practical in software, causes unacceptable amount of overhead, software implemented low-cost solution code segments.

another elementary requirement of digital systems faultless transmission of data. communication other components can weak point , source of errors of system. well-thought-out transmission protocol important. techniques described below can applied data transmitted, hence increasing transmission reliability.

cyclic redundancy , parity check

a cyclic redundancy check type of hash function used produce checksum, small integer large block of data, such network traffic or computer files. crcs calculated before , after transmission or duplication, , compared confirm equal. crc detects one- or two-bit errors, odd errors, burst errors if burst smaller crc, , of wide-burst errors. parity checks can applied single characters (vrc—vertical redundancy check), resulting additional parity bit or block of data (lrc—longitudinal redundancy check), issuing block check character. both methods can implemented rather using xor operation. trade-off less errors can detected crc. parity checks detect odd numbers of flipped bits. numbers of bit errors stay undetected. possible improvement usage of both vrc , lrc, called double parity or optimal rectangular code (orc).

some microcontrollers feature hardware crc unit.

different kinds of duplication

a specific method of data redundancy duplication, can applied in several ways, described in following:

data duplication


to cope corruption of data, multiple copies of important registers , variables can stored. consistency checks between memory locations storing same values, or voting techniques, can performed when accessing data.


two different modifications source code need implemented.




the first 1 corresponds duplicating or of program variables introduce data redundancy, , modifying operators manage introduced replica of variables.






the second modification introduces consistency checks in control flow, consistency between 2 copies of each variable verified.

when data read out, 2 sets of data compared. disturbance detected if 2 data sets not equal. error can reported. if both sets of data corrupted, significant error can reported , system can react accordingly.

in cases, safety-critical applications have strict constraints in terms of memory occupation , system performance. duplication of whole set of variables , introduction of consistency check before every read operation represent optimum choice fault coverage point of view. duplication of whole set of variables enables extremely high percentage of faults covered software redundancy technique. on other side, duplicating lower percentage of variables 1 can trade off obtained fault coverage cpu time overhead.

an experimental analysis of cpu time overhead , amount of duplicated variables

the experimental result shows duplicating 50% of variables enough cover 85% of faults cpu time overhead of 28%.

attention should paid implementation of consistency check, carried out after each read operation or @ end of each variable s life period. implementing check can minimize cpu time , code size application.

c sample code: function parameter duplication



c sample code: duplication of test conditions



function parameter duplication

as detection of errors in data achieved through duplicating variables , adding consistency checks after every read operation, special considerations have applied according procedure interfaces. parameters passed procedures, return values, considered variables. hence, every procedure parameter duplicated, return values. procedure still called once, returns 2 results, must hold same value. source listing right shows sample implementation of function parameter duplication.

test duplication

to duplicate test 1 of robust methods exists generic soft error detection. drawback no strict assumption on cause of errors (emi, esd etc.), nor on type of errors expect (errors affecting control flow, errors affecting data etc.) can made. erroneous bit-changes in data-bytes while stored in memory, cache, register, or transmitted on bus known. these data-bytes operation codes (instructions), memory addresses, or data. thus, method able detect wide range of faults, , not limited specific fault model. using method, memory increases 4 times, , execution time 2.5 times long same program without test duplication. source listing right shows sample implementation of duplication of test conditions.

branching duplication


branch duplication

compared test duplication, 1 condition cross-checked, branching duplication condition duplicated.

for every conditional test in program, condition , resulting jump should reevaluated, shown in figure. if condition met again, jump executed, else error has occurred.

instruction duplication , diversity in implementation

what benefit of when data, tests, , branches duplicated when calculated result incorrect? 1 solution duplicate instruction entirely, implement them differently. 2 different programs same functionality, different sets of data , different implementations executed. outputs compared, , must equal. method covers not bit-flips or processor faults programming errors (bugs). if intended handle hardware (cpu) faults, software can implemented using different parts of hardware; example, 1 implementation uses hardware multiply , other implementation multiplies shifting or adding. causes significant overhead (more factor of 2 size of code). on other hand, results outstandingly accurate.