Sérgio Luis Cechin

Applying FIRMAMENT to test the SCTP communication protocol under network faults

How to apply a fault injector to evaluate the dependability of a network protocol implementation is the main focus of this paper. In the last years, we have been developing FIRMAMENT, a tool to inject faults directly into messages that pass through the kernel protocol stack. SCTP is a promising new protocol over IP that, due its enhanced reliability, is competing with TCP where dependability has to be guaranteed. Using FIRMAMENT we evaluate the error coverage and the performance degradation of SCTP under faults. Performing a complete fault injection campaign over a third party software give us a deep insight about the additional test strategies that are needed to reach significant dependability measures.

On the design and performance evaluation of notification support for P2P-based network management

In this paper we present the design of a notification service used in a peer-to-peer (P2P) based network management solution called ManP2P. The notification service is based on the publish/subscribe paradigm, and implemented over a P2P overlay that carry the notification messages using SOAP, the Web services basic protocol. The performance of the notification service is evaluated considering the network traffic, the delivery delay, and the processing power required to forward notifications from physical devices (e.g., router, switches) to interested network managers. The results show that the notification service performs better if an increasing number of intermediate elements called mid-level managers is used between a notification source and destination.

Experimental dependability assessment using a faultload specification tool

Use of two or more fault injection tools in a test campaign enriches the scenario obtained from a test execution. Faultloads represent the main input for these tools but their specification mechanisms lack usability and expressiveness. This paper presents a full test scenario featuring the use of jFaultload, which applies Java for the specification of fault-loads and translates them to specific formats that are appropriate to each available fault injector. FIRMAMENT, a fault injector for communication systems, was integrated in the environment and completes the test scenario. The service under test used to demonstrate the usability and expressiveness of our solution is a video streaming session using RTP Protocol.

Implementing rollback-recovery coordinated checkpoints

Recovering from processor failures in distributed systems is an important problem in the design of reliable systems. The processes should coordinate their operation to guarantee that the set of local checkpoints taken by the individual processes form a consistent global checkpoint (recovery line). This allows the system to resume operation from a consistent global state, when recovering from failure. This paper shows the results of the implementation of a transparent (no special needs for applications) and coordinated (non blocking) rollback-recovery distributed algorithm. As it does not block applications, the overhead is reduced during failure-free operation. Furthermore, the rollback procedure can be executed fast as a recovery line is always available and well identified. Our preliminary experimental results show that the algorithm causes very low overhead on the performance (less than 2%), and high dependency on the checkpoint size. Now we study optimizations on the implementation to reduce checkpoint latency.

On the performance of employing presence services in P2P-based network management systems

The use of notifications to report the status of underlying communication networks has a crucial impact on the performance of the managed network itself. Presence services, which are implemented using notification messages, have been designed with the objective to provide ways of delivering accurate presence information to interested parties. However, up to now, the use of presence services in the network management discipline has not been properly addressed. Is this paper, we propose an architecture that introduces presence services into traditional network management processes. We evaluated, through a system prototype implementation, the feasibility of using diverse presence services solutions as management tools and compare their performance against to each other. We present the results of a set of experiments regarding the propagation delay of the two main steps of a presence service, i.e., registration and notification. Those results allows a network administrator to choose which presence service solution is more adequate for the administrators necessities, thus helping to improve the notification process.

Dependability evaluation of distributed systems through partitioning fault injection

Fault injection intents to insert artificial faults in a target system under test to assess their behavior in abnormal situations. However, few efforts focus on partitioning faults that affect distributed applications. The difficulties in reproducing network partitionings remain open. This paper presents a novel tool that emulate partitioning in a real IP network to evaluate the dependability of distributed applications. The tool is composed of distributed instances of a communication fault injector and an experiment coordinator. Using the tool, partitioning scenarios can be described at a high level of abstraction allowing to create high expressive faultloads and realize effective fault injection experiments.

Practical experience designing and debugging an FPGA for a real-time ethernet industrial bus

Several debugging methods are available for FPGA design, including logical simulation and physical debug. We face the challenge to systematize and apply a simple methodology using these methods to develop a communication processing module for a distributed control system with real time constraints. This methodology must follow some restrictions as to be easy to learn, use only available tools and not conflict with techniques employed by our industrial partner. The hardware module must be designed from scratch and must replace commercial communication modules in new devices. It will be responsible for real time interactions between programmable controllers and remote IO in large distributed control systems. The paper describes our experience designing the processing module, the methodology applied and an evaluation of this methodology during the project development.

A Software Fault Injector to Validate Implementations of a Safety Communication Protocol

Communication faults can lead to irreparable damages. Faulty messages increase the risk of accidents in distributed industrial environments. When the risk is high, safety standards force communication over safety protocols. For each new controller, input and output device, a new implementation of a safety protocol is required. Its validation must strictly follow safety standards, which imposes fault injection to test the protocol. This paper introduces a communication fault injector to validate implementations of PROFIsafe, one of the safety protocols standardized by IEC 61784-3. To meet low cost and minor intrusiveness requirements, the injector was developed in software and uses an efficient kernel module, PF-RING, to capture messages directly from network interfaces. A complete functional version of the injector is ready to use and was applied to validate a prototype implementation of PROFIsafe.

Software Architecture for Safety Communication in Critical Systems

Safety systems for critical industrial automation must detect the highest possible percentage of communication errors because they can place lives, property, or the environment at risk. To reduce the probability of failures, safety communication protocols developed in accordance with IEC 61784-3 and certified in accordance with IEC 61508 are used. These standards define the fault tolerance mechanisms and software engineering measures that should be implemented to detect and avoid errors that can corrupt data transmission between automation devices. This paper presents the main aspects of the implementation of a safety communication protocol, that were observed during the development of a programmable logic controler.

A Java Framework to Specify Faultloads for Fault Injection Campaigns

In an operational environment, the identification and reproduction of faults may be hard to be done, specially in complex systems. Use of fault injection accelerates this process, improving the test of fault tolerance mechanisms. However, there are a significant amount of fault injectors available, using several different approaches. This diversity of tools, each one with different methods to describe faultloads for fault injection campaigns, imposes severe obstacles to the efficient use of such fault injectors. In this context, this paper presents jFaultload, which applies Java for the specification of faultloads and translates them to specific formats that are appropriate to each available fault injector. Fault injectors for communication systems were integrated in the environment and completes the test scenario. The service under test used to demonstrate the usability and expressiveness of our solution is a video streaming session using RTP Protocol.