Bernhard Fechner

Fault-tolerant static scheduling for grids

While fault-tolerance is desirable for grid applications because of the distributed and dynamic nature of grid resources, it has seldom been considered in static scheduling. We present a fault-tolerant static scheduler for grid applications that uses task duplication and combines the advantages of static scheduling, namely no overhead for the fault-free case, and of dynamic scheduling, namely low overhead in case of a fault. We also give preliminary experimental results on our scheme.

Web server protection by customized instruction set encoding

We present a novel technique to secure the execution of a processor against the execution of malicious code (trojans, viruses). The main idea is to permute parts of the opcode values so that it gets a different semantic meaning. A virus which does not know the permutation is not able to execute and will cause a failure such as segmentation violation, whereby the execution of malicious code is prevented. The permutation is realized by a lookup table. We develop several variants that require only small changes to microprocessors. We sketch how to bootstrap a system such that all intended applications (including operating system) are reversely permuted, and can execute as intended. While this will be cumbersome for typical personal computers, it will work for Web servers, because the number of applications and frequency of installation is lower. Furthermore, Web servers are particularly endangered: they cannot be protected as good as personal computers, because by the very nature of their duty they are more openly connected with the Internet than any other computer in an organizations network.

A meta-level true random number generator

True random number generators (TRNGs) are extensively used in cryptography, simulations and statistics. In this work, we introduce, extend and analyse the concept of the randomised bit cell (RBC), introducing a second meta-level of randomisation, being able to simultaneously produce random numbers and detect active non-intrusive attacks. The concept is extended by using a corrector. Meta-stability is one way to generate true random numbers. By using electromagnetic radiation, a flip-flop (ff) in a meta-stable state can be manipulated to a known state. We clarify and comprehend open issues of meta-stable ffs such as power consumption and electromagnetic field strength. The experimental comparison though a software simulation with a standard TRNG yields a 17.69 times better distribution of zeros and ones while the TRNGs are under attack at the expense of a delay which is proportional to the quality of the random source.

A True Random Number Generator with Built-in Attack Detection

True random number generators (TRNGs) are extensively used in cryptography, simulations and statistics. Metastability is a way to generate true random numbers. By using electromagnetic radiation, a flip-flop in a metastable state can be manipulated to a known state. In this work, we introduce and analyze the concept of a randomized bit-cell, being able to simultaneously produce random numbers and detect active nonintrusive attacks. The experimental comparison with a standard TRNG yields an 11.5 times better distribution of zeros and ones while the TRNGs are under attack. The concept is extended by using a corrector. A perfect distribution can be gained at the expense of a delay which is proportional to the quality of the random source.

A Fault-Tolerant Voting Scheme for Multithreaded Environments

Voting schemes are widely used in fault-tolerant systems, mainly systems which imply temporal or component redundancy. We present a voting scheme for multithreaded environments which is based on the observation that a fault-tolerant system which does not know its history can not distinguish between transient (SEUs) and permanent errors, caused by use of a faulty component. The history of errors is used to predict future errors and to determine if a permanent or transient error occurred. Only in the former case a repair is necessary; in the latter case recovery is sufficient. Using prediction and credibility points we are able to tell if a system failure is likely to occur soon. The more credibility a version has, the more likely it will compute a correct result. Therefore we can use credibility points in connection with thread priorisation to increase performance.

Efficient Fault-Tolerant Addition by Operand Width Consideration

Addition is a central operation in microcontrollers and hence faults should be detected for safety reasons. We extend the principle of recomputing with shifted operands (RESO) by doing the re-computation concurrently to the computation in the case of small operands. Thus, we generate a solution cheaper than two adders and faster than simple repetition. To extend RESO, we consider the actual bit-widths of the operands. We validate our method with data from static code analysis of two application kernels.

Dynamic delay-fault injection for reconfigurable hardware

Modern Internet and telephone switches consist of numerous VLSI-circuits operating at high frequencies to handle high bandwidths. It is beyond question that such systems must contain mechanisms making them reliable through fault-detection or fault-tolerance. For monetary reasons, one or multiple field programmable gate arrays (FPGAs) are used in modern application specific integrated circuit (ASIC) development systems before production. Hardware manufacturers have a strong focus on quick fault-injection to verify and validate the correct function of such a (fault-tolerant) system. However, current FPGA-based fault injection schemes do not consider delay faults. In this paper we present an extension to traditional FPGA fault injection schemes without any additional hardware for fixed and small hardware overhead for dynamic phase shifting. By using digital clock managers (DCMs), we are able to inject delay faults very fast through phase-shift variation of the clock without reconfiguring the FPGA.

Performance estimation of virtual duplex systems on simultaneous multithreaded processors

Summary form only given. Virtual duplex systems provide detection of transient as well as most permanent hardware faults by executing two versions of a program on a single processor in a time-shared manner. Previous studies on virtual duplex systems have focussed on either improving fault coverage or reducing overhead. We build upon this work and investigate the positive influence of an underlying processor architecture that supports parallelism in the form of multiple threads in hardware. Such processor architectures are just entering the market, with a die area only slightly larger than that of a conventional processor. A performance prediction shows that those processors allow faster fault detection than conventional processors of the same speed. Moreover, the parallelism can be utilized for a recovery that extends the concept of virtual duplex systems. Additionally, we present a technique that further increases the above mentioned gain by using prediction of the faulty version in a manner similar to branch prediction.

Anforderungsmanagement in großen IT-Projekten

ZusammenfassungNicht wenige IT-Projekte scheitern daran, dass Anforderungen zu unpräzise festgehalten oder gar nicht erst wahrgenommen worden sind. Eine adäquate und genaue Aufnahme der Anforderungen ist jedoch aus ganz unterschiedlichen Gründen alles andere als trivial. Im Folgenden gehen wir auf diese Problematik ein und präsentieren ein in der Praxis bewährtes Vorgehen zur Vermeidung typischer Risiken.

Petri Net Analysis of Non-Redundant and Redundant Execution Schemes

The quest for high-performance has led to multiand many-core systems. To push the performance of a single core to the limit, simultaneous multithreading (SMT) is used. SMT enables to fetch different instructions from different threads, hiding latencies in other threads. SMT also gives the opportunity to execute redundant threads (redundant multithreading, RMT) and thus to detect faults by comparing the results of both threads. The instruction fetch algorithm determines which instructions to fetch from which thread and therefore has great influence on processor performance. This work investigates the influence of different instruction fetch algorithms on the performance of an SMT processor by modeling it with Petri nets. Over the intrinsic results of a detailed processor simulation, our approach offers a generic evaluation. Furthermore, we distinguish between homogeneous (redundant execution, RMT) and inhomogeneous threads to determine the effects on the performance of each execution scheme with a dedicated instruction fetch algorithm. For inhomogeneous threads, the effect of instruction fetch algorithms can be confirmed, but not for homogeneous threads. Therefore, scheduling algorithms as simple as Round Robin can be recommended for redundant execution.