航天嵌入式现代小卫星软件容错设计及测试系统研究
|
摘要
本文的主要工作是研究航天嵌入式现代小卫星软件高可靠、强容错的设计
及实现,以及如何评价软件的冗余、容错效果,并且应用于CX-1小卫星软件的
容错设计及测试。
软件质量是软件开发过程中所使用的各种开发技术和验证方法的最终体
现。通常用软件质量模型来描述影响软件质量的特性。本文首先在众多经典软
件质量模型的基础上,提出了一套动态的、实用的、可度量的适合于现代小卫
星软件质量管理及开发的软件质量模型,该模型强调了软件质量应该与软件生
存周期相对应,体现了质量模型的动态特性;同时针对航天环境的特殊性,强
调了容错能力特性在软件质量度量中的重要性。该模型为“创新一号”现代小
卫星软件的开发及质量管理提供了有益的手段。
软件冗余、容错是现代小卫星软件质量模型的重要内容,本文对小卫星软
件容错设计技术进行了研究。根据小卫星硬件冗余结构的特点,采用了以多版
本编程、恢复块技术、前向恢复和后向恢复技术等软件容错技术来提高现代小
卫星系统的容错能力。同时利用基于双机冗余备份的双机互检技术来提高整个
系统的可靠性。
软件容错效果需要通过软件容错测试来进行评估。测试用例生成、仿真测
试环境及测试结果分析是软件容错测试的三个重要环节。本文将故障树分析方
法应用于故障测试用例的分析与设计,利用软件故障树分析方法来分析软件故
障模式有利于分析导致软件故障的起因,从而得到导致软件故障的集合;为了
克服传统的随机抽样方法生成测试用例测试时间长的缺点,本文利用仿生学中
的遗传算法来生成测试用例,测试结果表明这种方法可以在较短的时间内达到
较高的覆盖率,因此可以大大缩短软件测试时间。
空间宇宙射线易导致半导体器件发生单粒子效应,从而引起软件故障,因
此评估软件对单粒子事件的容错能力是必不可少的。故障注入是一种非常有效
的验证容错机制的方法。本文根据单粒子事件效应及内存故障模式,提出了一
种事件驱动的单粒子事件故障模型,同时针对该模型的具体应用算法进行了详
细阐述,提供了将故障注入技术应用于容错机制测评的具体试验中的一种方法。
中国科学院博土研究生学位论文 *
同时,本文在比较了众多故障注入方法的优点和缺陷之后,提出了以内存故障
注入和总线故障注入相结合的故障注入方法,并在此基础上设计并实现了单粒
子事件故障注入器。单粒子事件故障注入器具有成本低、通用性强、故障注入
方便快捷。全动态实时和定量注入单粒子事件的能力等特点。
软件测试环境的建立是软件容错测试中的另一关键环节。测试环境与具体
工程相关。本文以CX4小卫星软件工程为基础,重点研究了小卫星仿真测试平
台的分析、设计及实现。采用混合原型法构建的分布式小卫星软件仿真测试平
台,具有成本低、配置灵活等特点。混合原型设计方法的关键是各分系统仿真
模型的实现,本文结合CX-l小卫星的体系结构,对动力学仿真模型。能源仿真
模型和 GPS及轨道仿真模型进行了具体的研究和设计。同时,利用确定性同步
算法来减小分布式仿真系统的时空不一致性,保证了分布式仿真的真实性和有
效性。实验结果表明,软件开发仿真测试平台可以用来进行软硬件集成实时仿
真、故障模式仿真、软件功能验证、软件调度及控制算法验证等,对加速小卫
星软件开发进程及软件自闭环测试具有重要意义。
Relevant studies on the design of micro-satellite embedded software high
fault-tolerance and high reliability and the method for testing and evaluation of
software fault-tolerance mechanisms (FTMs) are presented in this dissertation.
The software quality model in the space condition is discussed and researched
in detail at first. After the comparison of lots of software quality models, a model that
fits the needs of project managers is introduced. According to other models, This
model is dynamic, not static, in the fact that it allows the production of multiple
snapshots of project status across the development, and uses a broad range of
measures, since it contains goals, attributes, and metrics for both software products
and development processes. This model is also comprehensive, starting with
specifying goals through presenting the results. In order to fit the space condition, the
ability of fault-tolerance is used to measure the software quality.
Subsequently, the design method of fault-tolerance is discussed. According to
the needs of high function density and low volume and mass of modem
micro-satellite, not only hardware fault-tolerance but also software fault-tolerance
are needed. In order to improve the reliability and ability of fault-tolerance of CX- 1
micro-satellite, hardware fault-tolerance technology such as WDT, EDAC,
multi-computer system etc. and software fault-tolerance technology such as NYP,
Recovery Block, Forward and Backward Recovery etc. are used together.
Fault-tolerance testing is a classic emphasis of evaluating the effection of
software fault-tolerance. Testing case generation is one of three key processes of
software fault-tolerance testing. And this paper brings out one method to optimize the
fault testing case based on Fault Tree Analysis (FTA) and GA (Genetic Algorithm)
software testing case generation strategy.
Fault injection (FL) is a powerful method for the testing and evaluation of
fault-tolerance mechanisms (FTMs), which may widely be used during all phases of
the development of fault tolerant computer systems. A single event phenomenon fault
injection (SEP-FL) model based on event-driven is presented in this paper, and
SEP-FL algorithm is discussed in detail. After the comparison of lots of fault injection
tools, the aerospace SEP Fault Insertion System based on injecting fault both in the
memory and through the bus is introduced in the following. The structure and
functions of FIS (Fault Injection System) are firstly introduced. On the basis of
expansibility and universality, the study is concentrated on the key implementation
technology in Fault Injection Unit. The practical results show that the FIS is low cost,
high universality, fully dynamically and real-timely injected.
Another problem that must be studied in the software fault-tolerance testing is
SRTP (Software Reliabi1ity Testing PlatfOrm). Because of the specia1 needs of the
embedded software, SRTP is very imPortant for the morden micro-sate1lite
embedded software testing. A S&T (Simulation and Testing) platform fitted to CX-1
micro-satellite is introduced in this paPer S&T platfOrm is designed by mixed
prototape, which can improve the system's flexibility and low the cost. The
simulation models such as dynamics simulation, energy system simulation and GPS
simulation are discussed in detail. As a DIS (Distributed Interactive Simulation)
system, the problem of time syncbIonization is a key technology and is discussed in
this paper Finally one simPly software time sgnchronization method with high
precision is proposed and realized. S&T platfOrm is very significant for self testing
of the com
及实现,以及如何评价软件的冗余、容错效果,并且应用于CX-1小卫星软件的
容错设计及测试。
软件质量是软件开发过程中所使用的各种开发技术和验证方法的最终体
现。通常用软件质量模型来描述影响软件质量的特性。本文首先在众多经典软
件质量模型的基础上,提出了一套动态的、实用的、可度量的适合于现代小卫
星软件质量管理及开发的软件质量模型,该模型强调了软件质量应该与软件生
存周期相对应,体现了质量模型的动态特性;同时针对航天环境的特殊性,强
调了容错能力特性在软件质量度量中的重要性。该模型为“创新一号”现代小
卫星软件的开发及质量管理提供了有益的手段。
软件冗余、容错是现代小卫星软件质量模型的重要内容,本文对小卫星软
件容错设计技术进行了研究。根据小卫星硬件冗余结构的特点,采用了以多版
本编程、恢复块技术、前向恢复和后向恢复技术等软件容错技术来提高现代小
卫星系统的容错能力。同时利用基于双机冗余备份的双机互检技术来提高整个
系统的可靠性。
软件容错效果需要通过软件容错测试来进行评估。测试用例生成、仿真测
试环境及测试结果分析是软件容错测试的三个重要环节。本文将故障树分析方
法应用于故障测试用例的分析与设计,利用软件故障树分析方法来分析软件故
障模式有利于分析导致软件故障的起因,从而得到导致软件故障的集合;为了
克服传统的随机抽样方法生成测试用例测试时间长的缺点,本文利用仿生学中
的遗传算法来生成测试用例,测试结果表明这种方法可以在较短的时间内达到
较高的覆盖率,因此可以大大缩短软件测试时间。
空间宇宙射线易导致半导体器件发生单粒子效应,从而引起软件故障,因
此评估软件对单粒子事件的容错能力是必不可少的。故障注入是一种非常有效
的验证容错机制的方法。本文根据单粒子事件效应及内存故障模式,提出了一
种事件驱动的单粒子事件故障模型,同时针对该模型的具体应用算法进行了详
细阐述,提供了将故障注入技术应用于容错机制测评的具体试验中的一种方法。
中国科学院博土研究生学位论文 *
同时,本文在比较了众多故障注入方法的优点和缺陷之后,提出了以内存故障
注入和总线故障注入相结合的故障注入方法,并在此基础上设计并实现了单粒
子事件故障注入器。单粒子事件故障注入器具有成本低、通用性强、故障注入
方便快捷。全动态实时和定量注入单粒子事件的能力等特点。
软件测试环境的建立是软件容错测试中的另一关键环节。测试环境与具体
工程相关。本文以CX4小卫星软件工程为基础,重点研究了小卫星仿真测试平
台的分析、设计及实现。采用混合原型法构建的分布式小卫星软件仿真测试平
台,具有成本低、配置灵活等特点。混合原型设计方法的关键是各分系统仿真
模型的实现,本文结合CX-l小卫星的体系结构,对动力学仿真模型。能源仿真
模型和 GPS及轨道仿真模型进行了具体的研究和设计。同时,利用确定性同步
算法来减小分布式仿真系统的时空不一致性,保证了分布式仿真的真实性和有
效性。实验结果表明,软件开发仿真测试平台可以用来进行软硬件集成实时仿
真、故障模式仿真、软件功能验证、软件调度及控制算法验证等,对加速小卫
星软件开发进程及软件自闭环测试具有重要意义。
Relevant studies on the design of micro-satellite embedded software high
fault-tolerance and high reliability and the method for testing and evaluation of
software fault-tolerance mechanisms (FTMs) are presented in this dissertation.
The software quality model in the space condition is discussed and researched
in detail at first. After the comparison of lots of software quality models, a model that
fits the needs of project managers is introduced. According to other models, This
model is dynamic, not static, in the fact that it allows the production of multiple
snapshots of project status across the development, and uses a broad range of
measures, since it contains goals, attributes, and metrics for both software products
and development processes. This model is also comprehensive, starting with
specifying goals through presenting the results. In order to fit the space condition, the
ability of fault-tolerance is used to measure the software quality.
Subsequently, the design method of fault-tolerance is discussed. According to
the needs of high function density and low volume and mass of modem
micro-satellite, not only hardware fault-tolerance but also software fault-tolerance
are needed. In order to improve the reliability and ability of fault-tolerance of CX- 1
micro-satellite, hardware fault-tolerance technology such as WDT, EDAC,
multi-computer system etc. and software fault-tolerance technology such as NYP,
Recovery Block, Forward and Backward Recovery etc. are used together.
Fault-tolerance testing is a classic emphasis of evaluating the effection of
software fault-tolerance. Testing case generation is one of three key processes of
software fault-tolerance testing. And this paper brings out one method to optimize the
fault testing case based on Fault Tree Analysis (FTA) and GA (Genetic Algorithm)
software testing case generation strategy.
Fault injection (FL) is a powerful method for the testing and evaluation of
fault-tolerance mechanisms (FTMs), which may widely be used during all phases of
the development of fault tolerant computer systems. A single event phenomenon fault
injection (SEP-FL) model based on event-driven is presented in this paper, and
SEP-FL algorithm is discussed in detail. After the comparison of lots of fault injection
tools, the aerospace SEP Fault Insertion System based on injecting fault both in the
memory and through the bus is introduced in the following. The structure and
functions of FIS (Fault Injection System) are firstly introduced. On the basis of
expansibility and universality, the study is concentrated on the key implementation
technology in Fault Injection Unit. The practical results show that the FIS is low cost,
high universality, fully dynamically and real-timely injected.
Another problem that must be studied in the software fault-tolerance testing is
SRTP (Software Reliabi1ity Testing PlatfOrm). Because of the specia1 needs of the
embedded software, SRTP is very imPortant for the morden micro-sate1lite
embedded software testing. A S&T (Simulation and Testing) platform fitted to CX-1
micro-satellite is introduced in this paPer S&T platfOrm is designed by mixed
prototape, which can improve the system's flexibility and low the cost. The
simulation models such as dynamics simulation, energy system simulation and GPS
simulation are discussed in detail. As a DIS (Distributed Interactive Simulation)
system, the problem of time syncbIonization is a key technology and is discussed in
this paper Finally one simPly software time sgnchronization method with high
precision is proposed and realized. S&T platfOrm is very significant for self testing
of the com
引文
[1]郑人杰,殷人昆,陶永雷.实用软件工程.清华大学出版社.1997
[2]张海藩.软件工程导论.清华大学出版社.1998
[3]邓良松,刘海岩,陆丽娜.软件工程.西安电子科技大学出版社,2000,11.
[4]郑人杰.计算机软件测试技术(第1版).清华大学出版社,1992.
[5]Rosenberg, L., and Hammer, T., Metrics for Quality Assurance and Risk Assessment, Proc.Eleventh International Software Quality Week, San Francisco, CA, 1998.
[6]Boehm, B. Tutotial: Software Risk Management(1989), IEEE Computer Society Press.
[7]J. Arlat, M. Aguera, L. Amat, Y. Crouzet, J. C. Fabre, J. -C. Laprie, E. Matrins, and D.Powell. Fault injection for dependability validation - A methodology and some application.IEEE Trans. Software Eng., 1990,2:166~182
[8]J. Arlat, A. Costes, Y. Crouzet, J. -C. Laprie, and D. Powell, Fault injection and defendability evaluation of fault-tolerant systems. IEEE Trans.Computers,1993,8:913~923
[9]H. Madeira, M. Rela, F. Moreira, J. Gabriel Silva. RIFLE: A general purpose pin-level fault injector. Proc. EDCC- 1 Berlin, 1994:199~216
[10]T.A. Delong, B. W. Johnson, J. A. Profeta Ⅲ, A Fault Injection Technique for VHDL Behavioral-Level Models, IEEE Design & Test of Computers, Winter 1996, pp.24~33
[11]A. Benso, M. Rebaudengo, etc. An Intergrated HW and SW Fault Injection Environment for Real-Time Systems, Digest of FastAbstracts: FTCS-28, The 28~(th) Annual International Symposium on Fault-Tolerant Computing, June 23-25, Munich (Germany), pp. 74-75
[12]J. Carreira, H. Madeira, J. Silva, Xception: Software Fault Injection and Monitoring in Processor Functional Units, DCCA-5, Conference on Dependable Computing for Critical Applications, Urbana-Champaign, USA, Sep. 1995, PP. 135~149
[13]G. A. Kanawati, N. A. Kanawati, J. A. Abraham, FERRARI: A Flexible Software-Based Fault and Error Injection System, IEEE Trans. On Computers, vol 44, N. 2, Feb. 1995,pp.248~260
[14]L. T. Young, R. Iyer, K. K. Goswami, A Hybrid Monitor Assisted Fault injection Experiment, Proc. DCCA-3, 1993, pp. 163~174
[15]A. Benso, P. Prinetto, M. Rebaudengo, M. Sonza, A Fault Injection Environment for Microprocessor-based Boards, to be presented to IEEE International Test Conference,Washington(USA), Oct. 1998
[16]A. Benso, M. Rebaudengo, L. Impagliazzo, P. Marmo, Fault-list collapsing for fault injection experiments, Proc. Ann. Reliability & Maintainability Symp., 1998, pp. 183~188
[17]U. Gunneflo, J. Karlsson, J. Torin, Evaluation of Error Detection Schemes Using Fault injection by Heavy-iron Radiation, Proc. FTCS-19, Chicago, USA, Jun. 1989, pp. 340~347
[18] K. Goswami, R. Iyer, Simulation of Software Behavior Under Hardware Faults, Proc. FTCS-23, Toulouse, F, Jun. 1993, pp. 218-227
[19] D. T. Smith, B. W. Johnson, J. A. Profeta Ⅱ, D. G. Bozzolo, A Fault-List Generation Algorithm for the Evaluation of System Coverage, IEEE Annual Reliability and Maintainability Symposium, 1995, pp. 425-432
[20] Z. Segall, D. Vrsalovic, D. Siewiorek, D. Yaskin, J. Kownacki, J. Barton, R. Dancey, A. Robinson, T. Lin, FIAT: Fault injection Based Automated Testing Enviroment, Proc. FTCS-18, Jun. 1988, Tokyo, pp. 102-107
[22] A.M. Amendola, A. Benso, F. Corno, etc. Fault Behavior of a Microprocessor System through a VHDL Simulation-Based Fault Injection Experiment, IEEE EURO-VHDL'96, Geneva (Switzerland), Sep. 1996
[23] Kwang-Ting Cheng, Shi-Yu Huang, and Wei-Jin Dai. Fault Emulation: A New Methodology for Fault Grading, IEEE Trans. On Computer-aided Design of Intergrated Circuits and Systems, Vol. 18, No. 10, Oct. 1999, pp. 1487-1495
[24] P. Agrawal, V. D. Agrawal, and K.-T. Cheng, Fault simulation in a pipelined multiprocessor system, in Proc. Int. Test Conf., Aug. 1989, pp. 727-734.
[25] L. Burgun, F. Reblewski, G. Fenelon, J. Barbier, and O. Lepape, Serial fault simulation, in Proc. Design Automation Conf., June 1996, pp.801-806.
[26] P. A. Duba, R. K. Roy, J. A. Abraham, and W. A. Rogers, Fault simulation in a distributed environment, in Proc. 25th Design Automation Conf., June 1988, pp. 686-691.
[27] A. Benso, P. L. Civera, M. Rebaudengo, M. Sonza Reorda, A. Ferro, A Hybrid Fault Injection Methodology for Real Time Systems, Digest of FastAbstracts: FTCS-28, The 28th Annual International Symposium on Fault-Tolerant Computing, June 23-25, Munich (Germany), pp. 74-75
[28] E. Jenn, J. Arlat, M. Rimen, J. Ohlsson, J. Karllson, Fault injection into VHDL Models: the MEFISTO Tool, Proc. FTCS-24, 1994, pp. 66-75
[29] P. K. Lala, Fault Tolerant and Fault Testable Hardware Design, Prentice Hall Int. New York, 1985
[30] J. Christmansson, M. Hiller, et al. An Experimental Comparison of Fault and Error Injection
[31] R. Chillarege, N. S. Bowen, Understanding Large System Failures-A Fault Injection Experiment, Proc. 19th Int. Symp. On Fault Tolerant Computing, pp. 356-363, Jun. 1989.
[32] J.C. Laprie (ed.), Dependability: Basic Concepts and Terminology, Dependable Computing and Fault-Tolerant Systems series, Vol. 5, Springer-Verlag, 1992.
[33] J. Karlsson, P. Liden, P. Dahlgren, R. Johansson, U. Gunneflo, Using Heavy-ion Radiation to Validate Fault-Handling Mechanism, Proc. Int. Test Conference, pp. 140-149, 1991.
[34] J. Hudak, B.H. Suh, D. Siewiorek, Z. Segall, Evaluation & Comparison of Fault-Tolerant Software Techniques, IEEE Trans, on Reliability, Vol. 42, No. 2, pp. 190-204, June 1993.
[35] L. Young, R.K. Iyer, K. Goswami, and C. Alonso, Hybrid Monitor Assisted Fault Injection Environment, Proc. Third IFIP Working Conference on Dependable Computing for Critical Applications, pp. 163-174, September, 1992
[36] T.K. Tsai, R.K. Iyer, An approach towards Benchmarking of Fault-Tolerant Commercial Systems, Proc. 26th Int. Symp. On Fault Tolerant Computing, pp. 314-325, June,1996
[37] J. Carreira, et al., Xception: Software Fault Injection and Monitoring in Processor Functional Units, Proc. Fifth IFIP Working Conference on Dependable Computing for Critical Applications, pp. 135-149, September, 1995
[38] S. Han, K.G. Shin, H.A. Rosenberg, DOCTOR: An IntegrateD Software Fault InjeCTiOn EnviRonment for Distributed Real-Time System, Proc. IPDS'95, pp. 204-213, 1995
[39] R. Chillarege, I. Bhandari, J. Chaar, M. Halliday, D. Moebus, B. Ray, M. Wong, Orthogonal Defect Classification-A Concept for In-Process Measurements, IEEE Trans. On Software Eng., Vol. 18, No. 11, pp. 943-956, November, 1992.
[40] G. J. Myers, The Art of Software Testing, John Wiley & Sons, New York, 1 976.
[41] S. Rapps and E. J. Weyuker, Selecting Software Test Data Using Dataflow Information, IEEE Trans. Software Eng., Vol. 11, No. 4, Arp. 1985, pp. 367-375
[42] J. A. Whittaker and M. G. Thomason, A Markov Chain Model for Statistical Software Testing, IEEE Trans. Software Eng., Vol. 20, No. 10, Oct. 1994, pp. 812-814
[43] D. K. Peters and D. L. Parnas, Using Test Oracles Generated from Program Documentation, IEEE Trans. Software Eng., Vol. 24, No. 3, Mar. 1998, pp. 161-173
[44] G. Rothermel and M. J. Harrold, "A Safe, Efficient Algorithm for Regression Test Selection", Proc. IEEE Software Maintenance Conf., IEEE Computer Soc. Press, Los Alamitos, Calif. 1993, pp. 358-367
[45] J. B. Goodenough and S. L. Gerhart, Toward a Theory of Test Data Selection, IEEE Trans. Eng., Vol. 2, No. 2, Jun. 1975, pp. 156-173
[46] J. D. Musa, Software Reliability Engineered Testing, Computer, Vol.29, No. 11, Nov. 1996, pp. 61-68
[47] J. M. Voas, PIE: A Dynamic Failure-Based Technique, IEEE Trans. Software Eng., Vol. 18, Aug. 1992, pp. 717-727
[48] Dr. Linda Rosenberg, Ted Hammer, Jack Shaw, Software Metrics and Reliability
[49] W. Carter and J. Abraham, Design and evaluation tools for fault-tolerant systems, Proc. AIAA Computers in Aerospace Conference, 1987, pp. 70-77.
[50] R. Iyer and D. Rossetti, A measurement-based model for workload dependance of CPU errors, IEEE Transactions on Computers, vol. C-35, pp. 511-519, June 1986.
[51] Y. Crouzet and B. Decouty, Measurements of fault detection mechanisms efficiency: results, Proc. of FTCS-12, Santa Monica, Ca., June 1982, pp. 373-376.
[52] J. Lala, Fault detection isolation and reconfiguration in FTMP: methods and experimental results, 5th AIAA/IEEE Digital Avionics Systems Conf., 1983, pp.2 1. 3. 1-21. 3. 9.
[53] P. Duba and R. Iyer, Transient fault behavior in a microprocessor: a case study, Proceedings of ICCD, October 1988, p. 272-276.
[54] J. Karlsson, U. Gunneflo, P Lid.n e J. Torin, Two Fault Injection Techniques for Test of Fault Handling Mechanisms, Proc. of International Test Conference, 1991, p. 140-149.
[55] Dromey, R. Geoff, A Model for Software Product Quality, IEEE Transactions on Software
Engineering, Feb. 1995, pp. 146-162
[56] Kitchenham, B., and Pfleeger, S., Software Quality: The Elusive Target, IEEE Software, Jan. 1996, pp. 12-21
[57] Kitchenham, B., Walker, J., A Quantitative Approach to Monitoring Software Development, Software Engineering Journal, Jan. 1989
[58] Banker, R., Datar, S., Kemerer, C., Zweig, D., Software Complexity and Maintenance Costs, Communications of the ACM, Nov. 1993, pp. 81-93
[59] A. Benso, P.L. Civera, M. Rebaudengo, M. Sonza Reorda, A low-cost programmable board for speeding-up Fault Injection in microprocessorbased systems, RAMS'99: Annual Reliability and Maintainability Symposium, Washington, DC (USA), Jan. 1999, pp. 171-177
[60] J. Clark, D. Pradhan, Fault Injection: A method for Validating Computer-System Dependability, IEEE Computer, June 1995, pp. 47-56
[61] M.C. Hsueh, T. Tsai, R.K. Iyer, Fault Injection Techniques and Tools, IEEE Computer, Apr. 1997, pp. 75-82
[62] T.A. Delong, B.W. Johnson, J.A. Profeta Ⅲ, A Fault Injection Technique for VHDL Behavioral-Level Models, IEEE Design & Test of Computers, Winter 1996, pp. 24-33
[63] Dimitri Avresky, Jean Arlat, Jean-Claude Laprie, and Yves Crouzet, Fault Injection for the Formal Testing of Fault Tolerance, 22th International Symposium on Fault-Tolerant Computing, pp. 345-354
[64] Ghassem Miremadi, and Jan Torin, Effects of Physical Injection of Transient Faults on Control Flow and Evaluation of Some Software-Implemented Error Detection Techniques, 4th Intern. Conference on Dependable Computing for Critical Applications, pp. 435-457
[65] Joakim Ohlsson, Marcus Rimen, and Ulf Gunneflo, A Study of the Effects of Transient Fault Injection into a 32-bit RISC with Built-in Watchdog, 22th International Symposium on Fault-Tolerant Computing, pp. 316-325
[66] David Powell, Eliane Martins, Jean Arlat, and Yves Crouzet, Estimators for Fault Tolerance Coverage Evaluation, 23th International Symposium on Fault-Tolerant Computing, pp. 228-237
[67] Marcus Rimen and Joakim Ohlsson, A Study of the Error Behavior of a 32-bit RISC Subjected to Simulated Transient Fault Injection, Predictable Dependable Computing Systems 2, pp. 445-460
[68] Marcus Rimen, Joakim Ohlsson, and Jan Torin, On Microprocessor Error Behavior Modeling, 24th International Symposium on Fault-Tolerant Computing, pp. 76-85
[69] M.A. Schuette, J.P. Shen, D.P. Siewiorek and Y.X. Zhu, Experimental Evaluation of Two Concurrent Error Detection Schemes, 16th International Symposium on Fault-Tolerant Computing, pp. 138-143
[70] Algirdas Avizienis, The N-Version Approach to Fault-Tolerant Software, IEEE Transactions on Software Engineering, Vol. SE-11, No. 12, December 1985, pp. 290-300.
[71] A. Avizienis and L. Chen, On the Implementation of N-Version Programming, for Software
Fault Tolerance During Execution, Proceedings of the IEEE COMPSAC'77, November 1977, pp. 149~155.
[72]Algirdas Avizienis, The Methodology of N-Version Programming, in R. Lyu, editor,Software Fault Tolerance, John Wiley & Sons, 1995.
[73]Dave E. Eckhardt and Larry D. Lee, Fundamental Differences in the Reliability of N-Modular Redundancy and N-Version Programming, The Journal of Systems and Software 8, 1988, pp. 313~318.
[74]Susan S. Brilliant, et al, The Consistent Comparison Problem in N-Version Software, IEEE Transactions on Software Engineering, Vol. 15, No. 11, November 1989, pp. 1481~1485.
[75]Stacy A. Doyle and Jane Latin Mackey, Comparative Analysis of Two Architectural Alternatives for the N-Version Programming (NVP) System, Proceedings of the 1995 Annual Reliability and Maintainability Symposium, 1995, pp. 275~282.
[76]L. Boi, et al, Exception Handling and Error Recovery Techniques in Modular Systems-An Application to the ISAURE System, Digest of Papers FTCS-11: The Eleventh Annual International Symposium on Fault-Tolerant Computing, 1981, pp. 62~64.
[77]Dave E. Eckhardt, et al, An Experimental Evaluation of Software Redundancy as a Strategy for Improving Reliability, IEEE Transactions on Software Engineering, Vol. 17, No. 7, July 1991, pp. 692~702.
[78]Herbert Hecht, Fault-Tolerant Software, IEEE Transactions on Reliability, Vol. R-28, No. 3,August 1979, pp. 227~232.
[79]Cem Kaner, Jack Falk, Hung Qudoc Nguyen, Testing Computer Software (Second Edtion),International Thomson Computer Press.
[80]Howden, W., The Theory and Practice of Functional Testing, IEEE Software, Vol. 2, No. 5,1985, pp. 6~17.
[81]孙峻朝,王建莹,杨孝宗.容错机制评测中的故障注入模型及应用算法.计算机研究与发展,1999,36(11)
[82]刘超.程序交互执行流程图及其测试覆盖准则.软件学报.1998,9(6)
[83]曾芷德,曾献君.基于故障划分的并行测试生成算法.软件学报.1999,10(11)
[84]李璇君,辛季龄,张天宏,刘国钢.RAM 的故障模型及自测试算法.南京航空航天大学学报.1999,1
[85]刘东艳,申功勋.嵌入式软件可靠性测试平台仿真器分系统研究.北京航空航天大学学报.1999,25(6)
[86]刘久文,罗志强.容错计算机故障注入系统.航空电子技术.2000,99(2)
[87]孙峻朝,杨孝宗,刘嘉林.总线级故障模型的分析与生成.计算机工程,2000,26(2)
[88]王建莹,孙峻朝,杨孝宗.容错计算机系统可靠性评估工具:HFI—2故障注入器.电子学报.1999,27(11)
[89]阮镰,刘斌,陈雪松.软件可靠性测试及测试环境.测控技术.2000,19(2)
[90]刘斌,高小鹏,陆民燕,阮镰.嵌入式软件可靠性仿真测试系统研究.北京航空航天大学学报.2000,26(4)
[91]王志言,刘椿年.区间算术在软件测试中的应用.软件学报.1998,9(6)
[92]陆民艳,陈雪松.软件可靠性测试及其实践,测控技术.2000,19(5)
[93]陈雪松,陆民燕,阮镰.基于面向对象技术的实时软件可靠性测试数据生成方法研究.测控技术,2000,19(9)
[94]刘超,张茂林,晏海华,杨峰,何智涛.软件集成测试的群体协同工作模式及其特性.软件学报.2000,11(6)
[95]胡世亮,臧斌宇,凌冰,朱传琪.数据流分析中的区域覆盖技术.软件学报.2000,11(3)
[96]李伯虎,王行仁,黄柯棣等.综合仿真测试系统研究.系统仿真学报,2000,12(5)
[97]黄四牛,熊新平.DIS中时钟同步问题研究.系统仿真学报.2000,12(5)
[98]熊新平,肖江剑.DIS系统集成技术研究.系统仿真学报.2000,12(5)
[99]冯博琴,徐景民,李波.计算机时间同步问题的研究.西安交通大学学报.1999,33(5)
[100]马静远.科学—1卫星星上轨道预报方案.内部资料.1999,9
[101]章仁为.卫星轨道姿态动力学与控制.北京航空航天大学出版社.1998
[102]林来兴,何英姿.现代小卫星的重力梯度姿态稳定系统.航天控制.1995
[103]James R. Wertz & Wiley J. Larson, Space Mission Analysis and Design. Kluwer Academic Publisher, 1991
[104]Wilfredo Torres-Pomales, Software Fault Tolerance: A Tutorial, Langley Research Center, Hampton, Virginia, Oct. 2000
[105]Authur H. Watson, Thomas J. McCabe, Structured Testing: A Testing Methodology Using The Cyclomatic Complexity Metic, NIST Special Publication, September 1996
[106]陆延孝,郑鹏渊等.可靠性设计与分析.国防工业出版社.1995
[107]James A. Whittaker, What Is Software Testing? And Why Is It So Hard?, IEEE Software,Jan/Feb, 2000
[108]张鸿宾,郭建军.遗传算法在曲线多边形近似中的应用.计算机学报,1999,10:1100~1104.
[109]苏广平.CASCOM-1 小卫星姿控系统分析和仿真及地面测试控制软件的研制.硕士学位论文.2000,1
[110]NASA Software Assurance guidebook, NASA GSFC MD, Office of Safety and Mission Assurance, 1989.
[111]Musa, J.D., A. lannino and K. Okumoto, Software Reliability: Measurement, Prediction, Application, Professional Edition: Software Engineering Series, McGraw-Hill, New York,NY., 1990.
[112]刘海涛,小卫星OBDH模块可行性报告(内部、秘密),1998
[113]刘海涛,赵宏坤等,小卫星星载软件设计报告(内部、秘密),2000
[2]张海藩.软件工程导论.清华大学出版社.1998
[3]邓良松,刘海岩,陆丽娜.软件工程.西安电子科技大学出版社,2000,11.
[4]郑人杰.计算机软件测试技术(第1版).清华大学出版社,1992.
[5]Rosenberg, L., and Hammer, T., Metrics for Quality Assurance and Risk Assessment, Proc.Eleventh International Software Quality Week, San Francisco, CA, 1998.
[6]Boehm, B. Tutotial: Software Risk Management(1989), IEEE Computer Society Press.
[7]J. Arlat, M. Aguera, L. Amat, Y. Crouzet, J. C. Fabre, J. -C. Laprie, E. Matrins, and D.Powell. Fault injection for dependability validation - A methodology and some application.IEEE Trans. Software Eng., 1990,2:166~182
[8]J. Arlat, A. Costes, Y. Crouzet, J. -C. Laprie, and D. Powell, Fault injection and defendability evaluation of fault-tolerant systems. IEEE Trans.Computers,1993,8:913~923
[9]H. Madeira, M. Rela, F. Moreira, J. Gabriel Silva. RIFLE: A general purpose pin-level fault injector. Proc. EDCC- 1 Berlin, 1994:199~216
[10]T.A. Delong, B. W. Johnson, J. A. Profeta Ⅲ, A Fault Injection Technique for VHDL Behavioral-Level Models, IEEE Design & Test of Computers, Winter 1996, pp.24~33
[11]A. Benso, M. Rebaudengo, etc. An Intergrated HW and SW Fault Injection Environment for Real-Time Systems, Digest of FastAbstracts: FTCS-28, The 28~(th) Annual International Symposium on Fault-Tolerant Computing, June 23-25, Munich (Germany), pp. 74-75
[12]J. Carreira, H. Madeira, J. Silva, Xception: Software Fault Injection and Monitoring in Processor Functional Units, DCCA-5, Conference on Dependable Computing for Critical Applications, Urbana-Champaign, USA, Sep. 1995, PP. 135~149
[13]G. A. Kanawati, N. A. Kanawati, J. A. Abraham, FERRARI: A Flexible Software-Based Fault and Error Injection System, IEEE Trans. On Computers, vol 44, N. 2, Feb. 1995,pp.248~260
[14]L. T. Young, R. Iyer, K. K. Goswami, A Hybrid Monitor Assisted Fault injection Experiment, Proc. DCCA-3, 1993, pp. 163~174
[15]A. Benso, P. Prinetto, M. Rebaudengo, M. Sonza, A Fault Injection Environment for Microprocessor-based Boards, to be presented to IEEE International Test Conference,Washington(USA), Oct. 1998
[16]A. Benso, M. Rebaudengo, L. Impagliazzo, P. Marmo, Fault-list collapsing for fault injection experiments, Proc. Ann. Reliability & Maintainability Symp., 1998, pp. 183~188
[17]U. Gunneflo, J. Karlsson, J. Torin, Evaluation of Error Detection Schemes Using Fault injection by Heavy-iron Radiation, Proc. FTCS-19, Chicago, USA, Jun. 1989, pp. 340~347
[18] K. Goswami, R. Iyer, Simulation of Software Behavior Under Hardware Faults, Proc. FTCS-23, Toulouse, F, Jun. 1993, pp. 218-227
[19] D. T. Smith, B. W. Johnson, J. A. Profeta Ⅱ, D. G. Bozzolo, A Fault-List Generation Algorithm for the Evaluation of System Coverage, IEEE Annual Reliability and Maintainability Symposium, 1995, pp. 425-432
[20] Z. Segall, D. Vrsalovic, D. Siewiorek, D. Yaskin, J. Kownacki, J. Barton, R. Dancey, A. Robinson, T. Lin, FIAT: Fault injection Based Automated Testing Enviroment, Proc. FTCS-18, Jun. 1988, Tokyo, pp. 102-107
[22] A.M. Amendola, A. Benso, F. Corno, etc. Fault Behavior of a Microprocessor System through a VHDL Simulation-Based Fault Injection Experiment, IEEE EURO-VHDL'96, Geneva (Switzerland), Sep. 1996
[23] Kwang-Ting Cheng, Shi-Yu Huang, and Wei-Jin Dai. Fault Emulation: A New Methodology for Fault Grading, IEEE Trans. On Computer-aided Design of Intergrated Circuits and Systems, Vol. 18, No. 10, Oct. 1999, pp. 1487-1495
[24] P. Agrawal, V. D. Agrawal, and K.-T. Cheng, Fault simulation in a pipelined multiprocessor system, in Proc. Int. Test Conf., Aug. 1989, pp. 727-734.
[25] L. Burgun, F. Reblewski, G. Fenelon, J. Barbier, and O. Lepape, Serial fault simulation, in Proc. Design Automation Conf., June 1996, pp.801-806.
[26] P. A. Duba, R. K. Roy, J. A. Abraham, and W. A. Rogers, Fault simulation in a distributed environment, in Proc. 25th Design Automation Conf., June 1988, pp. 686-691.
[27] A. Benso, P. L. Civera, M. Rebaudengo, M. Sonza Reorda, A. Ferro, A Hybrid Fault Injection Methodology for Real Time Systems, Digest of FastAbstracts: FTCS-28, The 28th Annual International Symposium on Fault-Tolerant Computing, June 23-25, Munich (Germany), pp. 74-75
[28] E. Jenn, J. Arlat, M. Rimen, J. Ohlsson, J. Karllson, Fault injection into VHDL Models: the MEFISTO Tool, Proc. FTCS-24, 1994, pp. 66-75
[29] P. K. Lala, Fault Tolerant and Fault Testable Hardware Design, Prentice Hall Int. New York, 1985
[30] J. Christmansson, M. Hiller, et al. An Experimental Comparison of Fault and Error Injection
[31] R. Chillarege, N. S. Bowen, Understanding Large System Failures-A Fault Injection Experiment, Proc. 19th Int. Symp. On Fault Tolerant Computing, pp. 356-363, Jun. 1989.
[32] J.C. Laprie (ed.), Dependability: Basic Concepts and Terminology, Dependable Computing and Fault-Tolerant Systems series, Vol. 5, Springer-Verlag, 1992.
[33] J. Karlsson, P. Liden, P. Dahlgren, R. Johansson, U. Gunneflo, Using Heavy-ion Radiation to Validate Fault-Handling Mechanism, Proc. Int. Test Conference, pp. 140-149, 1991.
[34] J. Hudak, B.H. Suh, D. Siewiorek, Z. Segall, Evaluation & Comparison of Fault-Tolerant Software Techniques, IEEE Trans, on Reliability, Vol. 42, No. 2, pp. 190-204, June 1993.
[35] L. Young, R.K. Iyer, K. Goswami, and C. Alonso, Hybrid Monitor Assisted Fault Injection Environment, Proc. Third IFIP Working Conference on Dependable Computing for Critical Applications, pp. 163-174, September, 1992
[36] T.K. Tsai, R.K. Iyer, An approach towards Benchmarking of Fault-Tolerant Commercial Systems, Proc. 26th Int. Symp. On Fault Tolerant Computing, pp. 314-325, June,1996
[37] J. Carreira, et al., Xception: Software Fault Injection and Monitoring in Processor Functional Units, Proc. Fifth IFIP Working Conference on Dependable Computing for Critical Applications, pp. 135-149, September, 1995
[38] S. Han, K.G. Shin, H.A. Rosenberg, DOCTOR: An IntegrateD Software Fault InjeCTiOn EnviRonment for Distributed Real-Time System, Proc. IPDS'95, pp. 204-213, 1995
[39] R. Chillarege, I. Bhandari, J. Chaar, M. Halliday, D. Moebus, B. Ray, M. Wong, Orthogonal Defect Classification-A Concept for In-Process Measurements, IEEE Trans. On Software Eng., Vol. 18, No. 11, pp. 943-956, November, 1992.
[40] G. J. Myers, The Art of Software Testing, John Wiley & Sons, New York, 1 976.
[41] S. Rapps and E. J. Weyuker, Selecting Software Test Data Using Dataflow Information, IEEE Trans. Software Eng., Vol. 11, No. 4, Arp. 1985, pp. 367-375
[42] J. A. Whittaker and M. G. Thomason, A Markov Chain Model for Statistical Software Testing, IEEE Trans. Software Eng., Vol. 20, No. 10, Oct. 1994, pp. 812-814
[43] D. K. Peters and D. L. Parnas, Using Test Oracles Generated from Program Documentation, IEEE Trans. Software Eng., Vol. 24, No. 3, Mar. 1998, pp. 161-173
[44] G. Rothermel and M. J. Harrold, "A Safe, Efficient Algorithm for Regression Test Selection", Proc. IEEE Software Maintenance Conf., IEEE Computer Soc. Press, Los Alamitos, Calif. 1993, pp. 358-367
[45] J. B. Goodenough and S. L. Gerhart, Toward a Theory of Test Data Selection, IEEE Trans. Eng., Vol. 2, No. 2, Jun. 1975, pp. 156-173
[46] J. D. Musa, Software Reliability Engineered Testing, Computer, Vol.29, No. 11, Nov. 1996, pp. 61-68
[47] J. M. Voas, PIE: A Dynamic Failure-Based Technique, IEEE Trans. Software Eng., Vol. 18, Aug. 1992, pp. 717-727
[48] Dr. Linda Rosenberg, Ted Hammer, Jack Shaw, Software Metrics and Reliability
[49] W. Carter and J. Abraham, Design and evaluation tools for fault-tolerant systems, Proc. AIAA Computers in Aerospace Conference, 1987, pp. 70-77.
[50] R. Iyer and D. Rossetti, A measurement-based model for workload dependance of CPU errors, IEEE Transactions on Computers, vol. C-35, pp. 511-519, June 1986.
[51] Y. Crouzet and B. Decouty, Measurements of fault detection mechanisms efficiency: results, Proc. of FTCS-12, Santa Monica, Ca., June 1982, pp. 373-376.
[52] J. Lala, Fault detection isolation and reconfiguration in FTMP: methods and experimental results, 5th AIAA/IEEE Digital Avionics Systems Conf., 1983, pp.2 1. 3. 1-21. 3. 9.
[53] P. Duba and R. Iyer, Transient fault behavior in a microprocessor: a case study, Proceedings of ICCD, October 1988, p. 272-276.
[54] J. Karlsson, U. Gunneflo, P Lid.n e J. Torin, Two Fault Injection Techniques for Test of Fault Handling Mechanisms, Proc. of International Test Conference, 1991, p. 140-149.
[55] Dromey, R. Geoff, A Model for Software Product Quality, IEEE Transactions on Software
Engineering, Feb. 1995, pp. 146-162
[56] Kitchenham, B., and Pfleeger, S., Software Quality: The Elusive Target, IEEE Software, Jan. 1996, pp. 12-21
[57] Kitchenham, B., Walker, J., A Quantitative Approach to Monitoring Software Development, Software Engineering Journal, Jan. 1989
[58] Banker, R., Datar, S., Kemerer, C., Zweig, D., Software Complexity and Maintenance Costs, Communications of the ACM, Nov. 1993, pp. 81-93
[59] A. Benso, P.L. Civera, M. Rebaudengo, M. Sonza Reorda, A low-cost programmable board for speeding-up Fault Injection in microprocessorbased systems, RAMS'99: Annual Reliability and Maintainability Symposium, Washington, DC (USA), Jan. 1999, pp. 171-177
[60] J. Clark, D. Pradhan, Fault Injection: A method for Validating Computer-System Dependability, IEEE Computer, June 1995, pp. 47-56
[61] M.C. Hsueh, T. Tsai, R.K. Iyer, Fault Injection Techniques and Tools, IEEE Computer, Apr. 1997, pp. 75-82
[62] T.A. Delong, B.W. Johnson, J.A. Profeta Ⅲ, A Fault Injection Technique for VHDL Behavioral-Level Models, IEEE Design & Test of Computers, Winter 1996, pp. 24-33
[63] Dimitri Avresky, Jean Arlat, Jean-Claude Laprie, and Yves Crouzet, Fault Injection for the Formal Testing of Fault Tolerance, 22th International Symposium on Fault-Tolerant Computing, pp. 345-354
[64] Ghassem Miremadi, and Jan Torin, Effects of Physical Injection of Transient Faults on Control Flow and Evaluation of Some Software-Implemented Error Detection Techniques, 4th Intern. Conference on Dependable Computing for Critical Applications, pp. 435-457
[65] Joakim Ohlsson, Marcus Rimen, and Ulf Gunneflo, A Study of the Effects of Transient Fault Injection into a 32-bit RISC with Built-in Watchdog, 22th International Symposium on Fault-Tolerant Computing, pp. 316-325
[66] David Powell, Eliane Martins, Jean Arlat, and Yves Crouzet, Estimators for Fault Tolerance Coverage Evaluation, 23th International Symposium on Fault-Tolerant Computing, pp. 228-237
[67] Marcus Rimen and Joakim Ohlsson, A Study of the Error Behavior of a 32-bit RISC Subjected to Simulated Transient Fault Injection, Predictable Dependable Computing Systems 2, pp. 445-460
[68] Marcus Rimen, Joakim Ohlsson, and Jan Torin, On Microprocessor Error Behavior Modeling, 24th International Symposium on Fault-Tolerant Computing, pp. 76-85
[69] M.A. Schuette, J.P. Shen, D.P. Siewiorek and Y.X. Zhu, Experimental Evaluation of Two Concurrent Error Detection Schemes, 16th International Symposium on Fault-Tolerant Computing, pp. 138-143
[70] Algirdas Avizienis, The N-Version Approach to Fault-Tolerant Software, IEEE Transactions on Software Engineering, Vol. SE-11, No. 12, December 1985, pp. 290-300.
[71] A. Avizienis and L. Chen, On the Implementation of N-Version Programming, for Software
Fault Tolerance During Execution, Proceedings of the IEEE COMPSAC'77, November 1977, pp. 149~155.
[72]Algirdas Avizienis, The Methodology of N-Version Programming, in R. Lyu, editor,Software Fault Tolerance, John Wiley & Sons, 1995.
[73]Dave E. Eckhardt and Larry D. Lee, Fundamental Differences in the Reliability of N-Modular Redundancy and N-Version Programming, The Journal of Systems and Software 8, 1988, pp. 313~318.
[74]Susan S. Brilliant, et al, The Consistent Comparison Problem in N-Version Software, IEEE Transactions on Software Engineering, Vol. 15, No. 11, November 1989, pp. 1481~1485.
[75]Stacy A. Doyle and Jane Latin Mackey, Comparative Analysis of Two Architectural Alternatives for the N-Version Programming (NVP) System, Proceedings of the 1995 Annual Reliability and Maintainability Symposium, 1995, pp. 275~282.
[76]L. Boi, et al, Exception Handling and Error Recovery Techniques in Modular Systems-An Application to the ISAURE System, Digest of Papers FTCS-11: The Eleventh Annual International Symposium on Fault-Tolerant Computing, 1981, pp. 62~64.
[77]Dave E. Eckhardt, et al, An Experimental Evaluation of Software Redundancy as a Strategy for Improving Reliability, IEEE Transactions on Software Engineering, Vol. 17, No. 7, July 1991, pp. 692~702.
[78]Herbert Hecht, Fault-Tolerant Software, IEEE Transactions on Reliability, Vol. R-28, No. 3,August 1979, pp. 227~232.
[79]Cem Kaner, Jack Falk, Hung Qudoc Nguyen, Testing Computer Software (Second Edtion),International Thomson Computer Press.
[80]Howden, W., The Theory and Practice of Functional Testing, IEEE Software, Vol. 2, No. 5,1985, pp. 6~17.
[81]孙峻朝,王建莹,杨孝宗.容错机制评测中的故障注入模型及应用算法.计算机研究与发展,1999,36(11)
[82]刘超.程序交互执行流程图及其测试覆盖准则.软件学报.1998,9(6)
[83]曾芷德,曾献君.基于故障划分的并行测试生成算法.软件学报.1999,10(11)
[84]李璇君,辛季龄,张天宏,刘国钢.RAM 的故障模型及自测试算法.南京航空航天大学学报.1999,1
[85]刘东艳,申功勋.嵌入式软件可靠性测试平台仿真器分系统研究.北京航空航天大学学报.1999,25(6)
[86]刘久文,罗志强.容错计算机故障注入系统.航空电子技术.2000,99(2)
[87]孙峻朝,杨孝宗,刘嘉林.总线级故障模型的分析与生成.计算机工程,2000,26(2)
[88]王建莹,孙峻朝,杨孝宗.容错计算机系统可靠性评估工具:HFI—2故障注入器.电子学报.1999,27(11)
[89]阮镰,刘斌,陈雪松.软件可靠性测试及测试环境.测控技术.2000,19(2)
[90]刘斌,高小鹏,陆民燕,阮镰.嵌入式软件可靠性仿真测试系统研究.北京航空航天大学学报.2000,26(4)
[91]王志言,刘椿年.区间算术在软件测试中的应用.软件学报.1998,9(6)
[92]陆民艳,陈雪松.软件可靠性测试及其实践,测控技术.2000,19(5)
[93]陈雪松,陆民燕,阮镰.基于面向对象技术的实时软件可靠性测试数据生成方法研究.测控技术,2000,19(9)
[94]刘超,张茂林,晏海华,杨峰,何智涛.软件集成测试的群体协同工作模式及其特性.软件学报.2000,11(6)
[95]胡世亮,臧斌宇,凌冰,朱传琪.数据流分析中的区域覆盖技术.软件学报.2000,11(3)
[96]李伯虎,王行仁,黄柯棣等.综合仿真测试系统研究.系统仿真学报,2000,12(5)
[97]黄四牛,熊新平.DIS中时钟同步问题研究.系统仿真学报.2000,12(5)
[98]熊新平,肖江剑.DIS系统集成技术研究.系统仿真学报.2000,12(5)
[99]冯博琴,徐景民,李波.计算机时间同步问题的研究.西安交通大学学报.1999,33(5)
[100]马静远.科学—1卫星星上轨道预报方案.内部资料.1999,9
[101]章仁为.卫星轨道姿态动力学与控制.北京航空航天大学出版社.1998
[102]林来兴,何英姿.现代小卫星的重力梯度姿态稳定系统.航天控制.1995
[103]James R. Wertz & Wiley J. Larson, Space Mission Analysis and Design. Kluwer Academic Publisher, 1991
[104]Wilfredo Torres-Pomales, Software Fault Tolerance: A Tutorial, Langley Research Center, Hampton, Virginia, Oct. 2000
[105]Authur H. Watson, Thomas J. McCabe, Structured Testing: A Testing Methodology Using The Cyclomatic Complexity Metic, NIST Special Publication, September 1996
[106]陆延孝,郑鹏渊等.可靠性设计与分析.国防工业出版社.1995
[107]James A. Whittaker, What Is Software Testing? And Why Is It So Hard?, IEEE Software,Jan/Feb, 2000
[108]张鸿宾,郭建军.遗传算法在曲线多边形近似中的应用.计算机学报,1999,10:1100~1104.
[109]苏广平.CASCOM-1 小卫星姿控系统分析和仿真及地面测试控制软件的研制.硕士学位论文.2000,1
[110]NASA Software Assurance guidebook, NASA GSFC MD, Office of Safety and Mission Assurance, 1989.
[111]Musa, J.D., A. lannino and K. Okumoto, Software Reliability: Measurement, Prediction, Application, Professional Edition: Software Engineering Series, McGraw-Hill, New York,NY., 1990.
[112]刘海涛,小卫星OBDH模块可行性报告(内部、秘密),1998
[113]刘海涛,赵宏坤等,小卫星星载软件设计报告(内部、秘密),2000