A Fault-Tolerant Dynamic Time-Triggered Protocol

The increasing use of embedded networks in safety-critical systems, for example in the automotive and avionics fields, comes with additional requirements like real-time capabilities and fault-tolerance. This work presents the new fault-tolerant real-time protocol TEA, which provides the ability of fault-tolerant dynamic arbitration, in opposite to already present protocols. TEA tolerates single- and double faults. This is implemented using a time-triggered method. Therefore, a special hardware architecture is presented, where two nodes are guarding each other. The arbitration takes place in cycles, which are separated into a regular and an extension part. Every controller in the network can send in the extension part, if it sends a request in the the regular part of the cycle. A fault-tolerant agreement protocol decides, if the controller gets permission to send or not. In order to formalize this approach, two new methods will be presented, to model the fault propagation and the temporal behavior of a system. Using this methods, the behavior of a TEA-network is analyzed. Furthermore, it will be shown how a more dynamic use of the extension part can be accomplished, by determining the time to send for a controller by the message length which can be variable. Furthermore, a scheduling algorithm for the extension part is presented, which can be easily adapted to different scheduling strategies.