A computer system is usually comprised of one or more processors - for example, microcontrollers or microprocessors - and some software that will execute on such processor(s): this software may be created, for example, using a programming language such as ‘C’.
In many cases, processors are “embedded” inside larger systems, including cars, aircraft, industrial and agricultural machinery, medical equipment, white and brown goods and even in toys. It is estimated that people in the developed world encounter around 300 of such “embedded systems” every day while going about their normal activities.
It is often very important that such embedded systems operate correctly, even in the event of software or hardware errors, the impact of electromagnetic interference (for example, from mobile phones), or when computer viruses are introduced into the system.
Existing techniques for monitoring embedded computer systems will – in general – only confer an ability to respond to changes in the behaviour of systems that result from errors. By the time such changes are significant enough to be detected, a great deal of damage may already have been done.
For example, consider that we have detected an error in the braking system of a passenger car: if the driver is already applying the brakes in an emergency situation when we detect the error, the error-detection mechanism is of little value. Late detection of errors in aerospace systems, industrial systems, defence systems, medical systems, financial systems or even household goods may also result in injury, loss of human life and / or very significant financial losses.
Unlike conventional systems, the ReliabiliTTy platform provides the Main Processor in an embedded systems with a simple, low-cost, Monitor Processor. The Monitor Processor is arranged to obtain information from the Main Processor about at least some of the software tasks that the Main Processor plans to execute, BEFORE the tasks concerned are executed. This enables the Monitor Processor to determine IN ADVANCE whether the Main Processor is about to execute a critical task that is not in accordance with the active task schedule. This provides the Monitor Processor with an opportunity to take appropriate corrective action before the Main Processor executes a task that it is not scheduled to execute at the current time. Such corrective action may – for example - include disabling devices that are under the control of the Main Processor: for example, this might mean removing power from a medical that is being controlled by the Main Processor, thereby preventing harm to a patient.
We believe that the ReliabiliTTy platform (which is the subject of two patent applications for the underlying MoniTTor and PredicTTor technology) has the potential to improve significantly the reliability of embedded systems that are employed in a wide range of sectors, from household goods to aerospace and defence systems.
A prototype of the ReliabiliTTy platform is illustrated in the photograph.
The two figures illustrate potential applications of the ReliabiliTTy platform in an industrial robot system and a controller for a domestic washing machine.