面向软错误的故障恢复和验证技术研究
|
摘要
随着集成电路制造工艺的发展,现代微处理器的性能在大幅度提高的同时,面临软错误的威胁也越来越严重。软错误是由外部环境中的高能粒子辐照或电压扰动、地磁干扰等因素诱发的一种硬件瞬态故障现象。它不破坏电路的内部结构,但是却可以通过改变处理器状态或者存储单元值等方式影响程序的正常运行,从而对系统可靠性造成严重影响。
为提高系统可靠性,国内外纷纷开展了容错技术的研究。从实现方式来看,面向软错误的容错技术主要可以分为硬件实现的和软件实现的容错技术。与硬件实现的容错技术相比,软件实现的容错技术无需改造或重新设计硬件,具有实现成本低、开发周期短、可灵活配置等优势而备受关注。从软错误的处理过程来看,软件实现的容错技术主要包括这几个方面的研究内容:软错误的影响分析和评估、错误检测、错误恢复、容错优化配置和容错算法验证。由于目前的研究大都集中在软错误的影响分析和错误检测方面,本文主要针对错误恢复和容错算法验证展开研究。本文的主要贡献可分为以下四个方面:
1.本文提出一种基于格式化标签分析的控制流恢复技术,使得错误检测后程序状态能恢复至故障发生前的一个正确状态,确保程序继续执行且输出正确结果。该方法首先在汇编语言级上将程序代码划分为无存基本块,并为每个无存基本块分配格式化的静态标签;然后基于分配的静态标签添加控制流检测和恢复指令,其中检测指令主要负责控制流检测而恢复指令主要负责恢复由控制流错误导致的程序数据流错误;最后定义分层故障处理例程,即为每个过程单独定义一个过程错误处理例程和为整个程序定义一个全局错误处理例程。该方法首次解决了过程间的控制流错误检测和恢复问题,能检测和恢复所有的基本块间的控制流错误,并能检测和恢复绝大部分的基本块内部的控制流错误。与纯控制流检测算法相比,该方法在控制流错误检测的基础上以相对较少的性能开销实现了错误恢复。
2.本文提出一种源代码级的数据流错误容错处理机制,主要包括三个方面:(1)基于基本块的概念给出包含块的定义,该错误处理机制以包含块为基本单位对数据流错误进行检测和恢复,确保包含块内发生的数据流错误不会传播至块外。(2)提出一种基于差异转换和冗余复算的错误检测机制,其基本思想是基于一组差异转换规则,将原程序转换为功能完全一致的冗余程序,通过在特定位置插入比较检测语句来判断程序运行过程中是否发生软错误。(3)提出一种应用级检查点备份的数据流错误恢复机制,即通过求解数据流分析方程得出检查点包含的变量集合,以此为依据插入恢复代码。为自动生成容错程序,本文设计并实现一个源到源的转换工具。故障注入实验和性能开销实验结果表明:与其它源代码级数据流错误容错方法相比,该方法能以相对较少的性能开销达到较高的错误覆盖率。
3.本文根据模型检验原理,提出一种通用的针对基于标签分析的控制流检测算法的形式化验证方法。该方法首先对待验证目标——基于标签分析的控制流检测算法进行概述;在此基础上将容错程序建模为控制流状态机,并给出其语法和语义的定义;然后对控制流状态机进行进一步具体化,通过定义一个状态转换系统来描述控制流检测过程状态的转移;并基于状态转换系统和模型检验工具的对应关系,将状态转换系统转换为模型检验工具的输入程序,以进行自动验证;最后以代表性的控制流检测算法CFCSS算法和DSM算法为例,说明该方法的实用性。验证结果表明:该验证方法首次发现了DSM算法的检测盲点,以及与CFCSS算法中标签设计相关的一些检测盲点。
4.针对数据流容错算法的有效性验证,本文提出一种基于汇编语言类型系统的形式化验证方法。它的基本思想是给汇编语言加上静态类型属性,通过类型安全性来保证程序的容错属性。本文以典型的数据流恢复算法SWIFT_R为例,首先给出类型化的容错汇编语言TFAL的语法,通过将一条指令的执行建模为状态的一次转移,对TFAL的操作语义进行解释;在此基础上对TFAL的指令进行类型检查,得出了SWIFT_R算法的检测盲点;在假定排除这些检测盲点的前提下,首先证明了TFAL系统的类型安全性——前进和保持属性。然后在此基础上定义状态的相似关系,进一步证明了SWIFT_R算法的容错属性,即原程序在无错环境下运行的输出结果与容错程序在错误环境下运行的输出结果一致,且状态转移过程相似。
With the development of the VLSI fabrication technologies, the performance of themodern microprocessors has been increasing exponentially, while their sensitivity to softerrors also increases dramatically. Soft errors are intermittent faults caused by externalevents, such as the radiation of energetic particles, voltage disturbance and electromag-netic interference. Soft errors do not cause permanent damage but may result in incorrectprogram execution by altering signal transfers or stored values, thus having in a seriousimpact on system reliability.
In order to improve system reliability, fault-tolerant technologies have been pro-posed. Accordingtotheirimplementation,fault-toleranttechnologiescanbeclassifiedin-to hardware-implemented technology and software-implemented technology. Comparedwith the hardware-implemented technology, software-implemented technology does notneed to alter or re-design hardware architecture, with the advantages of low cost, short de-velopment life cycle, and flexible configuration. Therefore, software-implemented tech-nology has been an efficient solution to deal with soft errors. According to the fault pro-cessing, software-implemented technologies include: soft error analysis and assessmen-t, error detection, error recovery, fault-tolerant optimal configuration and fault-tolerantverification. The earlier researches mainly focus on soft error impact analysis and errordetection, so our study concentrates on error recovery and fault-tolerant verification. Themain contributions are as follows:
1. We present a pure-software method based on encoded signatures to recover fromcontrol-flow errors(CFEs). After error detection, both the program control-flowand data-flow transfer back to a correct state before the error occurrence, ensuringthat the program continues executing and produces correct output. In this study, theassembly program code is firstly partitioned into storeless basic block and a staticencoded signature is assigned to each storeless basic block. Then, checking instruc-tions and recovery instructions are inserted in each storeless basic block based onthe assigned signatures. Checking instructions are designed to detect CFEs, whilerecovery instructions are designed to recover the data errors caused by the CFEpropagation. Finally, CFE-handlers are defined to handle CFEs. To the best of ourknowledge, this is the first time to solve the problem of inter-function CFEs’ detec- tion and recovery. Moreover, all the inter-block and most of the intra-block CFEscanbedetectedandrecovered. ComparedwiththecurrentCFEdetectiontechnique,our method achieves the goal of error recovery on the basis of error detection at arelatively lower performance overhead.
2. Weproposeafault-toleranttechniqueatthesourceleveltodealwithdataflowerrorscaused by soft errors, which consists of three parts:(1)A definition of containmentblock based on the concept of basic block. The proposed technique deals with da-ta flow errors at the granularity of containment block, so that the data flow errorswithin a containment block don’t propagate to other blocks.(2) An error detectionmechanismbased ondata diversitytransformation andredundancy computing. Thebasic principle of error detection is that a redundant fault-tolerant program with thesame function as the original program is generated based on a set of diversity trans-formation rules, and some comparison statements are inserted at certain positionsto check whether an error occurs during the execution.(3) An error recovery mech-anism based on application-level checkpoint. Data flow analysis is introduced toobtain the variables of each checkpoint, and the statements for error recovery areadded as well. A source to source transformation tool is implemented to generatethe fault-tolerant program automatically. Fault injection and performance overheadexperimental results show that most control flow errors can be recovered with rel-atively low performance overhead.
3. Wepresentageneralapproachtoevaluatetheeffectivenessofsignature-monitoringmechanism based on model checking principle. At first, we make an abstract sum-maryofsignature-monitoringmechanisms. Thenthefault-tolerantprogramismod-eled as a control-flow machine state, and its syntax and semantics are defined usinga step-operational semantics. The control-flow machine is refined into a state tran-sition system, which is translated into the input program of the model checker inorder to perform the verification automatically. At last, our approach is appliedto two representative techniques, DSM and CFCSS, to demonstrate the practica-bility. The verification results show that the undetected errors of DSM algorithmare revealed and some undetected errors due to the signature association of CFCSSalgorithm are revealed for the first time.
4. We propose a formal verification technique based on typed assembly system to ver-ify the correctness of data flow error tolerance technique. The basic principle of typed assembly system is to add some static type property to the assembly languageso that the target property can be proved through the verification of the soundnessof the typed system. We take a representative data flow error recovery technique-SWIFT_R as an example to illustrate the verification process. At first, the syntaxof TFAL is defined and the operational semantics is given as a step operation bymodeling the execution of an instruction as a step transition. Based on the defini-tions of syntax and semantics, all the instructions of TFAL are type-checked, andthe undetected errors of SWIFT_R are obtained. Suppose that all the undetectederrors are excluded, the type safety of TFAL, including progress and preservation,is verified. Then, the similarity relation is defined. Based on the similarity relation,the property of fault tolerance is proved. A program is fault-tolerant when the out-put of the original program under normal environment is the same as the output ofthe fault-tolerant program under fault environment. Moreover, the state transitionsof the original program and the fault-tolerant program are similar.
为提高系统可靠性,国内外纷纷开展了容错技术的研究。从实现方式来看,面向软错误的容错技术主要可以分为硬件实现的和软件实现的容错技术。与硬件实现的容错技术相比,软件实现的容错技术无需改造或重新设计硬件,具有实现成本低、开发周期短、可灵活配置等优势而备受关注。从软错误的处理过程来看,软件实现的容错技术主要包括这几个方面的研究内容:软错误的影响分析和评估、错误检测、错误恢复、容错优化配置和容错算法验证。由于目前的研究大都集中在软错误的影响分析和错误检测方面,本文主要针对错误恢复和容错算法验证展开研究。本文的主要贡献可分为以下四个方面:
1.本文提出一种基于格式化标签分析的控制流恢复技术,使得错误检测后程序状态能恢复至故障发生前的一个正确状态,确保程序继续执行且输出正确结果。该方法首先在汇编语言级上将程序代码划分为无存基本块,并为每个无存基本块分配格式化的静态标签;然后基于分配的静态标签添加控制流检测和恢复指令,其中检测指令主要负责控制流检测而恢复指令主要负责恢复由控制流错误导致的程序数据流错误;最后定义分层故障处理例程,即为每个过程单独定义一个过程错误处理例程和为整个程序定义一个全局错误处理例程。该方法首次解决了过程间的控制流错误检测和恢复问题,能检测和恢复所有的基本块间的控制流错误,并能检测和恢复绝大部分的基本块内部的控制流错误。与纯控制流检测算法相比,该方法在控制流错误检测的基础上以相对较少的性能开销实现了错误恢复。
2.本文提出一种源代码级的数据流错误容错处理机制,主要包括三个方面:(1)基于基本块的概念给出包含块的定义,该错误处理机制以包含块为基本单位对数据流错误进行检测和恢复,确保包含块内发生的数据流错误不会传播至块外。(2)提出一种基于差异转换和冗余复算的错误检测机制,其基本思想是基于一组差异转换规则,将原程序转换为功能完全一致的冗余程序,通过在特定位置插入比较检测语句来判断程序运行过程中是否发生软错误。(3)提出一种应用级检查点备份的数据流错误恢复机制,即通过求解数据流分析方程得出检查点包含的变量集合,以此为依据插入恢复代码。为自动生成容错程序,本文设计并实现一个源到源的转换工具。故障注入实验和性能开销实验结果表明:与其它源代码级数据流错误容错方法相比,该方法能以相对较少的性能开销达到较高的错误覆盖率。
3.本文根据模型检验原理,提出一种通用的针对基于标签分析的控制流检测算法的形式化验证方法。该方法首先对待验证目标——基于标签分析的控制流检测算法进行概述;在此基础上将容错程序建模为控制流状态机,并给出其语法和语义的定义;然后对控制流状态机进行进一步具体化,通过定义一个状态转换系统来描述控制流检测过程状态的转移;并基于状态转换系统和模型检验工具的对应关系,将状态转换系统转换为模型检验工具的输入程序,以进行自动验证;最后以代表性的控制流检测算法CFCSS算法和DSM算法为例,说明该方法的实用性。验证结果表明:该验证方法首次发现了DSM算法的检测盲点,以及与CFCSS算法中标签设计相关的一些检测盲点。
4.针对数据流容错算法的有效性验证,本文提出一种基于汇编语言类型系统的形式化验证方法。它的基本思想是给汇编语言加上静态类型属性,通过类型安全性来保证程序的容错属性。本文以典型的数据流恢复算法SWIFT_R为例,首先给出类型化的容错汇编语言TFAL的语法,通过将一条指令的执行建模为状态的一次转移,对TFAL的操作语义进行解释;在此基础上对TFAL的指令进行类型检查,得出了SWIFT_R算法的检测盲点;在假定排除这些检测盲点的前提下,首先证明了TFAL系统的类型安全性——前进和保持属性。然后在此基础上定义状态的相似关系,进一步证明了SWIFT_R算法的容错属性,即原程序在无错环境下运行的输出结果与容错程序在错误环境下运行的输出结果一致,且状态转移过程相似。
With the development of the VLSI fabrication technologies, the performance of themodern microprocessors has been increasing exponentially, while their sensitivity to softerrors also increases dramatically. Soft errors are intermittent faults caused by externalevents, such as the radiation of energetic particles, voltage disturbance and electromag-netic interference. Soft errors do not cause permanent damage but may result in incorrectprogram execution by altering signal transfers or stored values, thus having in a seriousimpact on system reliability.
In order to improve system reliability, fault-tolerant technologies have been pro-posed. Accordingtotheirimplementation,fault-toleranttechnologiescanbeclassifiedin-to hardware-implemented technology and software-implemented technology. Comparedwith the hardware-implemented technology, software-implemented technology does notneed to alter or re-design hardware architecture, with the advantages of low cost, short de-velopment life cycle, and flexible configuration. Therefore, software-implemented tech-nology has been an efficient solution to deal with soft errors. According to the fault pro-cessing, software-implemented technologies include: soft error analysis and assessmen-t, error detection, error recovery, fault-tolerant optimal configuration and fault-tolerantverification. The earlier researches mainly focus on soft error impact analysis and errordetection, so our study concentrates on error recovery and fault-tolerant verification. Themain contributions are as follows:
1. We present a pure-software method based on encoded signatures to recover fromcontrol-flow errors(CFEs). After error detection, both the program control-flowand data-flow transfer back to a correct state before the error occurrence, ensuringthat the program continues executing and produces correct output. In this study, theassembly program code is firstly partitioned into storeless basic block and a staticencoded signature is assigned to each storeless basic block. Then, checking instruc-tions and recovery instructions are inserted in each storeless basic block based onthe assigned signatures. Checking instructions are designed to detect CFEs, whilerecovery instructions are designed to recover the data errors caused by the CFEpropagation. Finally, CFE-handlers are defined to handle CFEs. To the best of ourknowledge, this is the first time to solve the problem of inter-function CFEs’ detec- tion and recovery. Moreover, all the inter-block and most of the intra-block CFEscanbedetectedandrecovered. ComparedwiththecurrentCFEdetectiontechnique,our method achieves the goal of error recovery on the basis of error detection at arelatively lower performance overhead.
2. Weproposeafault-toleranttechniqueatthesourceleveltodealwithdataflowerrorscaused by soft errors, which consists of three parts:(1)A definition of containmentblock based on the concept of basic block. The proposed technique deals with da-ta flow errors at the granularity of containment block, so that the data flow errorswithin a containment block don’t propagate to other blocks.(2) An error detectionmechanismbased ondata diversitytransformation andredundancy computing. Thebasic principle of error detection is that a redundant fault-tolerant program with thesame function as the original program is generated based on a set of diversity trans-formation rules, and some comparison statements are inserted at certain positionsto check whether an error occurs during the execution.(3) An error recovery mech-anism based on application-level checkpoint. Data flow analysis is introduced toobtain the variables of each checkpoint, and the statements for error recovery areadded as well. A source to source transformation tool is implemented to generatethe fault-tolerant program automatically. Fault injection and performance overheadexperimental results show that most control flow errors can be recovered with rel-atively low performance overhead.
3. Wepresentageneralapproachtoevaluatetheeffectivenessofsignature-monitoringmechanism based on model checking principle. At first, we make an abstract sum-maryofsignature-monitoringmechanisms. Thenthefault-tolerantprogramismod-eled as a control-flow machine state, and its syntax and semantics are defined usinga step-operational semantics. The control-flow machine is refined into a state tran-sition system, which is translated into the input program of the model checker inorder to perform the verification automatically. At last, our approach is appliedto two representative techniques, DSM and CFCSS, to demonstrate the practica-bility. The verification results show that the undetected errors of DSM algorithmare revealed and some undetected errors due to the signature association of CFCSSalgorithm are revealed for the first time.
4. We propose a formal verification technique based on typed assembly system to ver-ify the correctness of data flow error tolerance technique. The basic principle of typed assembly system is to add some static type property to the assembly languageso that the target property can be proved through the verification of the soundnessof the typed system. We take a representative data flow error recovery technique-SWIFT_R as an example to illustrate the verification process. At first, the syntaxof TFAL is defined and the operational semantics is given as a step operation bymodeling the execution of an instruction as a step transition. Based on the defini-tions of syntax and semantics, all the instructions of TFAL are type-checked, andthe undetected errors of SWIFT_R are obtained. Suppose that all the undetectederrors are excluded, the type safety of TFAL, including progress and preservation,is verified. Then, the similarity relation is defined. Based on the similarity relation,the property of fault tolerance is proved. A program is fault-tolerant when the out-put of the original program under normal environment is the same as the output ofthe fault-tolerant program under fault environment. Moreover, the state transitionsof the original program and the fault-tolerant program are similar.
引文
[1] Mcnulty P. J., Farrell G. E., Wyatt R. C. Upset Phenomena Induced by EnergeticProtons and Electrons. IEEE Transactions on Nuclear Science.1980,27(6):1516-1522.
[2] Binder D., Smith E. C., Holman A. B. Satellite Anomalies from Galactic CosmicRays. IEEE Transactions on Nuclear Science.1975,22(6):2675-2680.
[3] Baumann R. C. Soft errors in commercial semiconductor technology: Overviewand scaling trends. IEEE2002Reliability Physics Tutorial Notes-Reliability Fun-damentals.2002,12(1):1-14.
[4] Ziegler J. F., Puchner H. SER-History, Trends, and Challenges: A Guide forDesigning with Memory ICs. Cypress Semiconductor,2004.
[5] MichalakS.E.,HarrisK.W.,HengartnerN.W.Predictingthenumberoffatalsofterrors in Los Alamos National Laboratory’s ASC Q computer. IEEE Transactionson Device and Materials Reliability.2005,5(3):329–335.
[6] Anchordoqui L., Paul T., Reucroft S., et al. Ultrahigh Energy Cosmic Rays:The state of the art before the Auger Observatory. International Journal of ModernPhysics A.2003,18(13):22-29
[7] http://news.nationalgeographic.com/news/2003/08/0827_030827_kyotoprizeparker.html.
[8] http://zh.wikipedia.org/wiki/File:Van_Allen_radiation_belt.svg.
[9] Ziegler J. F., et al. IBM experiments in soft fails in computer electronics (1978-1994). IBM Journal on Research and Development.1996,40(1):3-18
[10] Normand E. Single Event Effects in Avionics. IEEE Transactions on Nuclear Sci-ence.1996,43(2):461-474.
[11] May T. C., Woods M. H. Alpha Particle-Induced Soft Errors in Dynamic Memo-ries. IEEE Transactions on Electronic Devices,1979,26(1):2-9.
[12] Mukherjee M. Architecture Design for Soft Errors. Elsevier,2008.
[13]史保华.微电子器件可靠性.西安电子科技大学出版社,2001.
[14] http://www.intel.com/cd/corporate/home/apac/zho/346894.htm
[15] Shivakumar P., Kistler M., Keckler S. W., et al. Modeling the Effect of Tech-nology Trends on the Soft Error Rate of Combinational Logic. Proc. of the32thInternational Conference on Dependable Systems and Networks.2002,389-399.
[16] Tang H. K. Nuclear physics of cosmic ray interaction with semiconductor mate-rials: Particle-induced soft errors from a physicist’s perspective. IBM Journal ofResearch and Development.1996,40(1):91-108.
[17] Freeman L. B. Critical charge calculations for a bipolar SRAM array. IBM Journalof Research and Development.1996,40(1):119-130.
[18] Hareland S., Maiz J., Alavi M., et a1.Impact of CMOS scaling and SOI on softerror rates of logic processes.In Digest of Technical Papers of Symposium onVLSI Technology.2001,73-74.
[19] Kamik T., Bloechel B., Soumyanath K., et a1.Scaling trends of cosmic raysinduced soft errors in static latches beyond0.18.In Digest of Technical Papers ofSymposium on VLSI Technology.2001,61-62.
[20] ShuguangF.,ShantanuG.,AminA.,etal.Encore:Low-Cost,Fine-GrainedTran-sient Fault Recovery. Proc. of the44th Annual IEEE/ACM International Sympo-sium on Microarchitecture.2011,398-409.
[21] Baumann R. C. Soft Errors in Commercial Semiconductor Technology: overviewand Scaling Trends. Proc. of the IEEE2002Reliability Physics Tutorial Notes-Reliability Fundamentals.2002,12101.1-12101.14.
[22]吴艳霞.基于汇编语言的控制流错误检测算法研究.博士学位论文.哈尔滨工业大学,2008.
[23]富弘毅,杨学军.大规模并行计算机系统硬件故障容错技术综述.计算机工程与科学.2010,32(10):38-53.
[24] Clark J. A., Pradhan D. K. Fault injection: a method for validating computer-system dependability. IEEE Transaction on Computer.1995,28(6):47-56.
[25] Gaisler J. A portable and fault tolerant microprocessor based on the SPARC V8architecture. Proc. of IEEE International Conference on Dependable Systems andNetworks.2002,409-415.
[26] http://www03.ibm.com/ibm/history/exhibits/space/space saturn.html,2010.
[27] Wu K., Karri R. Algorithm level recomputing with shifted operands-a registertransferlevelconcurrenterrordetectiontechnique.Proc.ofInternationalTestCon-ference.2000,971-978.
[28] Sohi G. S., Franklin M., Saluja K. K. A study of time-redundant fault tolerancetechniques for high performance pipelined computers. Proc. of IEEE InternationalFault Tolerant Computing Symposium.1989,436-443.
[29] Li J., Swartzlander E. E. Concurrent error detection in ALUs by recomputingwithrotatedoperands.Proc.ofIEEEInternationalSymposiumonDefectandFaultTolerance in VLSI Systems.1992,109-116.
[30]陈微.高可靠微处理器设计关键技术研究与实现.硕士学位论文,国防科技大学,2006.
[31] Berger J. M. A note on error detection codes for asymmetric channels. InformControl.1961,4(1):68-73.
[32] Mendelson A., Suri N. Designing high performance and reliable superscalararchitectures-the out of order reliable superscalar(03RS)approach. Proc. of IEEEInternational Conference on Dependable Systems and Networks.2000,473-481.
[33] Sato T., Arita I. In search of efficient reliable processor design. Proc. of IEEEInternational Conference on Parallel Processing.2001,525-532.
[34] Oh N. Software Implemented Hardware Fault Tolerance. Ph. D. dissertation. Stan-ford:Stanford University,2000.
[35] Mahmood A., McCluskey E. J. Concurrent error detection using watchdogprocessors-a survey. IEEE Transactions on Computers.1988,37(2):160-174.
[36] Majzik I., Hohl W., Pataricza A., et a1. Multiprocessor checking using watchdogprocessors. International Journal of Computer Systems Science and Engineering.1996,11(5):301-310.
[37] Austin T. M. DIVA:a reliable substrate for deep submicron microarchitecturedesign.Proc.ofIEEE/ACMInternationalSymposiumonMicroarchitecture.1999,196-207.
[38] Chatterjee S., Weaver C., Austin T. Efficient checker processor design. Proc. ofIEEE/ACM International Symposium on Microarchitecture.2000,87-97.
[39] Weaver C., Austin T. A fault tolerant approach to microprocessor design. Proc.of IEEE International Conference on Dependable Systems and Networks.2001,41l-420.
[40] Rao T. R. N., Fujiwara E. Error-Control Coding for Computer Systems. New Jer-sey: Prentice-Hall,1989.
[41] Kessler R. E. The Alpha21264microprocessor. IEEE Micro.1999,19(2):24-36.
[42] Ando H., Yoshida Y., Inoue A., et a1.A1.3GHz fifth generation SPARC64microprocessor. Proc. of IEEE International Conference on Design Automation.2003,246-491.
[43] De Lima F.G., Cota E., Carro L., et a1. Designing a radiation hardened8051-likemicrocontroller. Proc. of Symposium on Integrated Circuits and Systems Design.2000,255-260.
[44] Lima F., Carro L., et a1. A multiple bit upset tolerant SRAM memory. ACMTransactions on Design Automation of Electronic Systems.2003,8(4):577-590.
[45] Cota E., Lima F., Rezgui S., et a1. Synthesis of an8051like microcontroller tol-erant to transient faults. Journal of Electronic Testing:Theory and Applications.2001,17(2):149—161.
[46] Michael R. L. Software Fault Tolerance. New York: John Wiley&Sons,1995.
[47] Laura L. P. Software Fault Tolerance Techniques and Implementation. ArtechHouse.2001
[48] Turner J. B., Agardy F. J. The Advanced Research and Global Observation Satel-lite Program (ARGOS). Proc. of the Space Programs and Technologies Confer-ence.1994,1994-4580.
[49]徐建军.面向寄存器软错误的容错编译技术研究.博士学位论文,国防科技大学,2010.
[50]杨学军,高珑.错误流模型:硬件故障的软件传播建模与分析.软件学报.2007,18(4):808-820.
[51]李爱国,洪炳镕,王司.基于错误传播分析的软件脆弱点识别方法研究.计算机学报.2007,18(4):808-820
[52] Jianjun X., Rui S., Qingping T. PRASE: An Approach for Program ReliabilityAnalysis with Soft Errors. Proc. of the14th IEEE Pacific Rim International Sym-posium on Dependable Computing.2008,240-247.
[53]熊磊.面向程序级的软错误容错研究.博士学位论文,国防科技大学,2012.
[54] Huang K. H., Abraham J. A. Algorithm-based fault tolerance for matrix opera-tions. IEEE Transactions on Computers.1984,33(6):518-528
[55] Wang S. J., Nira J., Jha K. Algorithm-Based Fault Tolerance for FFT Networks.IEEE Transaction on Computer.1994,43(7):849-854.
[56] Chen G. A data-centric approach to checksum reuse for array-intensive applica-tions.Proc.oftheInternationalConferenceonDependableSystemsandNetworks.2005,316-325.
[57] Hiller M. Executable Assertions for Detecting Data Errors in Embedded ControlSystems. Proc. of the30th International Conference on Dependable Systems andNetworks.2000,24-36.
[58] Oh N., Shirvani P. P., McCluskey E. J. Error detection by duplicated instructionsin super-scalar processors. IEEE Transactions on Reliability.2002,51(1):63-75.
[59] Oh N., Shirvani P. P., McCluskey E. J. Control-flow checking by software sig-natures. IEEE Transactions on Reliability.2002,51(1):111-122.
[60] ReisG.A.,ChangJ.,VachharajaniN.,RanganR.,AugustD.I.SWIFT:Softwareimplemented fault tolerance. Proc. of International Symposium on Code Genera-tion and Optimization.2005,243-254.
[61] Shu L., Daniel J., Costello J. Error Control Coding: Fundamentals and Applica-tions (2nd Edition). Prentice Hall,2004.
[62] https://en.wikipedia.org/wiki/Parity_bit
[63] Benso A., Chiusano S., Primtto P., Tagliaferro L. A C/C++Source-to-SourceCompiler for Dependable Applications. Proc. of the International Conference onDependable Systems and Networks.2000,71-78.
[64] Rebaudengo M., Sonza R. M., Violante M., Torchiano M. A Source-to-SourceCompilerforGeneratingDependableSoftware.Proc.ofthe1stIEEEInternationalWorkshop on Source Code Analysis and Manipulation.2001,35-44.
[65] WangC.,KimH.,WuY.,YingV.Compiler-ManagedSoftware-BasedRedundantMulti-Threading for Transient Fault Detection. Proc. of International Symposiumon Code Generation and Optimization.2007,244-258.
[66] Shye A., Blomstedt J., Moseley T., et al. PLR: A software Approach to TransientFault Tolerance for Multicore Architectures. IEEE Transactions on Dependableand Secure Computing.2009,6(2):135-148.
[67] Jonathan C., George A. R., David I. A. Automatic Instruction-Level Software-Only Recovery. Proc. of the International Conference on Dependable Systems andNetworks.2006,83-92.
[68] Vemu R., Gurumurthy S., Abraham J. A. ACCE: Automatic Correction ofControl-flowErrors.Proc.ofthe4thInternationalSymposiumonTest.2007,1-10.
[69] Zarandi H. R., Maghsoudloo M., Khoshavi N. Two Efficient Software Tech-niques to Detect and Correct Control-flow Errors. Proc. of the16th Pacific RimInternational Symposium on Dependable Computing.2010,141-148.
[70] Peterson W. W., Weldon E. J. Error-correcting Codes. Cambridge, MIT Press,1972.
[71]高珑.面向硬件故障的软件容错——模型,算法和实验.博士学位论文,国防科学技术大学,2006.
[72] Borodin D., Juurlink B., Vassiliadis S. Instruction level fault tolerance configura-bility. Proc. of International Conference on Embedded Computer Systems: Archi-tectures, Modeling and Simulation.2007,110-117.
[73] Li X., Yeung D. Application-Level Correctness and its Impact on Fault Tolerance.Proc. of the IEEE13th International Symposium on High Performance ComputerArchitecture.2007,181-192.
[74] SundaramA.,AakelA.,LockhartD.,etal.Efficientfaulttoleranceinmultimediaapplications through selective instruction replication. Proc. of the2008workshoponRadiationeffectsandfaulttoleranceinnanometertechnologies.2008,339-346.
[75] Cong J., Gurara j. K. Assuring application-level correctness against soft errors.Proc. of the2011IEEE/ACM International Conference on Computer-Aided De-sign.2011,150-157.
[76] SatoT.,Arita.I.Evaluatinglowcostfaulttolerancemechnismformicroprocessorsonmultimediaapplication.Proc.ofthe2001PacificRimInternationalSymposiumon Dependable Computing.2001,225-232.
[77]孙峻朝,王建莹,杨孝宗.容错机制测评中的故障注入模型及应用算法.计算机研究与发展.1999,36(11):1135-1141.
[78]刘宏泰.基于软件实现的故障注入系统设计与仿真.硕士学位论文,哈尔滨工业大学,2003.
[79] Barton J. H. Fault injection experiments using FIAT. IEEE Transaction on Com-puters.1990,39(4):575-582.
[80] Kanawati G. A. FERRARI: A Flexible software-Based fault and error injectionsystem. IEEE Transaction on Computers.1995,44(2):248-260.
[81] Han S. Experiment evaluation of failure-detection schemes in real-time communi-cationnetworks.Proc.ofthe27thFaultTolerantComputing.1997,34(6):122-131.
[82] Carreira J., Silva J. G. Xception: A technique for the experimental evaluation ofdependability in Modern computers. IEEE Transaction on Software Engineering.1998,24(2):125-136.
[83]彭俊杰,黄庆成,洪炳熔,李瑞.一种可用于星载系统可靠性测评的软件故障注入工具.宇航学报.2005,26(6):823-827.
[84] TomoyukiY.,TatsuhiroT.,TsuchiyaK.AutomaticVerificationofFaultToleranceUsing Model Checking. Proc. of the2001Pacific Rim International Symposiumon Dependable Computing.2001,95-102.
[85] Clarke E. M., Grumberg O., Peled D. A. Model Checking. MIT Press,1999.
[86] Arora A., Mohamed G. Closure and Convergence: A foundation of fault-tolerantComputing. IEEE Transactions on Software Engineering.19(11):1015-1027.
[87] http://nusmv.irst.itc.it
[88] Yeung W. L., Schneider S. A. Design and Verification of Distributed RecoveryBlocks with CSP. Journal Formal Methods in System Design.2003,22(3):225-248.
[89] Brookes S. D., Hoare C. A. R., Roscoe A. W. A theory of communicating se-quential processes. Journal of the ACM.1984,31(3):560–599.
[90]郭亮,唐稚松.基于XYZ/E描述和验证容错系统.软件学报.2002,13(5):913-920.
[91]唐稚松.时序逻辑程序设计与软件工程.北京:科学出版社,1999.
[92] Nicolescu B., Gorse N., Savaria Y., et al. On the Use of Model Checking for theVerification of a Dynamic Signature Monitoring Approach. IEEE Transactions onNuclear Science.2005,52(5):1555-1561.
[93] Nicolescu B., Savaria Y., Velazco R. Software Detection Mechanisms Provid-ing Full Coverage against Single Bit-Flip Faults. IEEE Transactions on NuclearScience.2004,51(6):3510-3518.
[94] David W., Lester W. M., Jay L., et al. Static typing for a faulty lambda calculus.Proc. of the11th ACM SIGPLAN International Conference on Functional Pro-gramming.2006,38-49.
[95] Frances P., Lester W. M., George A. R. Fault-tolerant typed assembly language.Proc. of the ACM SIGPLAN2007Conference on Programming Language Designand Implementation.2007,42-53.
[96] Ohlsson J., Rimen M., Gunneflo U. A study of the effects of transient fault in-jection into a32-bit risc with built-in watchdog. Proc. of the FTCS22nd FaultTolerant Computing Symposium.1992:316–325.
[97] Schuette M., Shen J. Processor control flow monitoring using signatured instruc-tion streams. IEEE Transactions on Computers.1987:36(3):264–276.
[98] Namjoo M., McCluskey E. J. Watchdog processors and capability checking. Proc.ofthe12thInternationalSymposiumonFaultTolerantComputing.1982:245-248.
[99] Namjoo N., Cerberus. An architecture for a general purpose watchdog processor.Proc. of the13rd International Symposium on Fault Tolerant Computing.1983,216-219.
[100] Madeira H., Camoes J., Silva J. G. A watchdog processor for concurrent error de-tection in multiple processor systems. Microprocessors and Microsystems.1991,15(3):123-131.
[101] Saxena N. R., McCluskey E. J. Control-Flow Checking Using Watchdog Assist-s and Extended-Precision Checksums. IEEE Transactions on Computers.1990,39(4):554-559.
[102] Michel E. Concurrent error detection using watchdog processors in the muttipro-cessor system MEMSY. Proc. of the21st of International Symposium on FaultTolerant Computing.1991,54-64.
[103] Benso A., Di Carlo S., Natale G. D., et al. A watchdog processor to detect dataandcontrolflowerrors.Proc.ofthe9thIEEEInternationalConferenceonOn-LineTesting.2003,144-148.
[104] Lu D. J. Watchdog processors and structural integrality checking. IEEE Transac-tions on Computer.1982,31(7):681-685.
[105] Alkhalifa Z., Nair V. S., Krislmamurthy N., et al. Design and Evaluation ofSystem-level Checks for On-line Control Flow Error Detection. IEEE Transactionon Parallel and Distributed Systems.1999,10(6):627-641.
[106]李爱国,洪炳熔,王司.一种软件实现的程序控制流错误检测方法.宇航学报.2006,27(6):1424-1430.
[107] Aiguo L., Bingrong H., Si W. Software Implemented transient fault detection inspace computer. Aerospace Science and Technology.2007,11(23):245-252.
[108]徐建军,谭庆平,李建立.一种基于格式化标签的可扩展控制流检测方法.计算机研究与发展.2011,48(4):638-646.
[109] Goloubeva O., Rebaudengo M., Sonza R. M., et al. Soft-Error Detection Us-ing Control Flow Assertions. Proc. of the18th IEEE International Symposium onDefect and Fault Tolerance in VLSI Systems.2003,57-62.
[110] VemuR.,AbrahamJ.A.CEDA:Control-flowErrorDetectionthroughAssertions.Proc. of the12th IEEE International On-Line Testing Symposium.2006,151–158.
[111] Goloubeva O., Rebaudengo M., Sonza R. M. et al. Improved software-basedprocessor control flow errors detection technique. Proc. of the2005InternationalSymposium on Reliability and Maintainability.2005,583-589.
[112] Borin E., Wang C., Wu Y. F., et al. Software-Based Transparent and Compre-hensive Control-Flow Error Detection. Proc. of the4th International Symposiumon Code Generation and Optimization.2006.
[113] Makoto S. A Dynamic Continuous Signature Monitoring Technique for ReliableMicroprocessors. IEICE Transactions on Electronics.2011,94(4):1-10.
[114] Chang J., Vachharajani N., Rangan R., et al. SWIFT: Software ImplementedFault Tolerance. Proc. Of the International Symposium on Code Generation andOptimization.2005.
[115] Nicolescu B., Velazco R. Detecting soft errors by a purely software approach:method, tools and experimental results. Proc. of the Conference on Design Au-tomation and Testing in Europe.2003,57-62.
[116] Aho A., Sethi R., Ullman J. Compilers: Principles, Techniques and Tools.Addison-Welsey,2006.
[117]陈火旺,刘春林,谭庆平等.程序设计语言编译原理.北京:国防工业出版社,2009.
[118] Barigazzi G., Strigini L. Application-Transparent Setting of Recovery Points.Proc. of the13th International Symposium on Fault-Tolerant Computing.1983,48-55.
[119] Li C. J., Fuchs W. K. CATCH-compiler assisted techniques for checkpointing.Proc. of the20th International Symposium on Fault Tolerant Computing.1990,74-81.
[120] Marques D. et al. Optimizing checkpoint sizes in the c3system. Proc. of the19thIEEE International Conference on Parallel and Distributed Processing Sympo-sium.2005.
[121] PlankJ.S.eta1.Memoryexclusion,Optimizingtheperformanceofcheckpointingsystems. Software Practice and Experience.1999,29(2):125-142.
[122]李平华.过程间数据流分析技术研究.硕士学位论文,东南大学,2004.
[123] Reis G. A., Chang J., August D. I. Configurable transient fault detection viadynamicbinarytranslation.Proc.ofthe2ndWorkshoponArchitecturalReliability.2006.
[124] Burger D. C., Austin T. M. The SimpleScalar Tool Set (Version2.0). TechnicalReport CS-Tr-97-1423. University of Wisconsin,1997,12(8):34-67.
[125] Christel B., Joost P. K. Principles of model checking. MIT Press,2007.
[126] Dams D. Flat Fragments of CTL and CTL l Separating the expressive and distin-guishing powers. Logic Journal of the lGPL.1999,7(1):55—78.
[127] Cornelia V. W. An LTL Verification Based on Automata Theory[MSc Thesis].University of Stellenbosch,1999.
[128] Greg M., David W., Karl C., Neal G. From system F to typed assembly language.ACM Transactions on Programming Languages and Systems.1999,21(3):527-568.
[129] Karl C. Toward a foundational typed assembly language. Proc. of the30th ACMSIGPLAN-SIGACT symposium on Principles of programming languages.2003,198-212.
[130] Morrisett G., Crary K., Glew N., et al. Stack-based Typed Assembly Language.Journal of Functional Programming.2002,12(1):43-88.
[131] Nicolescu B., Velazco R. Detecting soft errors by a purely software approach:method, tools and experimental results. Proc. of the Conference on Design Au-tomation and Testing in Europe.2003,57-62.
[132]刘金阳.太阳风系统仿真中分布式数据库数据同步的研究与实现.硕士学位论文,成都理工大学,2011.
[133] http://baike.baidu.com/view/30563.html
[134] http://www.itrs.net/Links/2007ITRS/Home2007.htm
[135]谭兰芳.面向单粒子效应的软件故障注入技术研究.硕士学位论文,国防科技大学,2008.
[2] Binder D., Smith E. C., Holman A. B. Satellite Anomalies from Galactic CosmicRays. IEEE Transactions on Nuclear Science.1975,22(6):2675-2680.
[3] Baumann R. C. Soft errors in commercial semiconductor technology: Overviewand scaling trends. IEEE2002Reliability Physics Tutorial Notes-Reliability Fun-damentals.2002,12(1):1-14.
[4] Ziegler J. F., Puchner H. SER-History, Trends, and Challenges: A Guide forDesigning with Memory ICs. Cypress Semiconductor,2004.
[5] MichalakS.E.,HarrisK.W.,HengartnerN.W.Predictingthenumberoffatalsofterrors in Los Alamos National Laboratory’s ASC Q computer. IEEE Transactionson Device and Materials Reliability.2005,5(3):329–335.
[6] Anchordoqui L., Paul T., Reucroft S., et al. Ultrahigh Energy Cosmic Rays:The state of the art before the Auger Observatory. International Journal of ModernPhysics A.2003,18(13):22-29
[7] http://news.nationalgeographic.com/news/2003/08/0827_030827_kyotoprizeparker.html.
[8] http://zh.wikipedia.org/wiki/File:Van_Allen_radiation_belt.svg.
[9] Ziegler J. F., et al. IBM experiments in soft fails in computer electronics (1978-1994). IBM Journal on Research and Development.1996,40(1):3-18
[10] Normand E. Single Event Effects in Avionics. IEEE Transactions on Nuclear Sci-ence.1996,43(2):461-474.
[11] May T. C., Woods M. H. Alpha Particle-Induced Soft Errors in Dynamic Memo-ries. IEEE Transactions on Electronic Devices,1979,26(1):2-9.
[12] Mukherjee M. Architecture Design for Soft Errors. Elsevier,2008.
[13]史保华.微电子器件可靠性.西安电子科技大学出版社,2001.
[14] http://www.intel.com/cd/corporate/home/apac/zho/346894.htm
[15] Shivakumar P., Kistler M., Keckler S. W., et al. Modeling the Effect of Tech-nology Trends on the Soft Error Rate of Combinational Logic. Proc. of the32thInternational Conference on Dependable Systems and Networks.2002,389-399.
[16] Tang H. K. Nuclear physics of cosmic ray interaction with semiconductor mate-rials: Particle-induced soft errors from a physicist’s perspective. IBM Journal ofResearch and Development.1996,40(1):91-108.
[17] Freeman L. B. Critical charge calculations for a bipolar SRAM array. IBM Journalof Research and Development.1996,40(1):119-130.
[18] Hareland S., Maiz J., Alavi M., et a1.Impact of CMOS scaling and SOI on softerror rates of logic processes.In Digest of Technical Papers of Symposium onVLSI Technology.2001,73-74.
[19] Kamik T., Bloechel B., Soumyanath K., et a1.Scaling trends of cosmic raysinduced soft errors in static latches beyond0.18.In Digest of Technical Papers ofSymposium on VLSI Technology.2001,61-62.
[20] ShuguangF.,ShantanuG.,AminA.,etal.Encore:Low-Cost,Fine-GrainedTran-sient Fault Recovery. Proc. of the44th Annual IEEE/ACM International Sympo-sium on Microarchitecture.2011,398-409.
[21] Baumann R. C. Soft Errors in Commercial Semiconductor Technology: overviewand Scaling Trends. Proc. of the IEEE2002Reliability Physics Tutorial Notes-Reliability Fundamentals.2002,12101.1-12101.14.
[22]吴艳霞.基于汇编语言的控制流错误检测算法研究.博士学位论文.哈尔滨工业大学,2008.
[23]富弘毅,杨学军.大规模并行计算机系统硬件故障容错技术综述.计算机工程与科学.2010,32(10):38-53.
[24] Clark J. A., Pradhan D. K. Fault injection: a method for validating computer-system dependability. IEEE Transaction on Computer.1995,28(6):47-56.
[25] Gaisler J. A portable and fault tolerant microprocessor based on the SPARC V8architecture. Proc. of IEEE International Conference on Dependable Systems andNetworks.2002,409-415.
[26] http://www03.ibm.com/ibm/history/exhibits/space/space saturn.html,2010.
[27] Wu K., Karri R. Algorithm level recomputing with shifted operands-a registertransferlevelconcurrenterrordetectiontechnique.Proc.ofInternationalTestCon-ference.2000,971-978.
[28] Sohi G. S., Franklin M., Saluja K. K. A study of time-redundant fault tolerancetechniques for high performance pipelined computers. Proc. of IEEE InternationalFault Tolerant Computing Symposium.1989,436-443.
[29] Li J., Swartzlander E. E. Concurrent error detection in ALUs by recomputingwithrotatedoperands.Proc.ofIEEEInternationalSymposiumonDefectandFaultTolerance in VLSI Systems.1992,109-116.
[30]陈微.高可靠微处理器设计关键技术研究与实现.硕士学位论文,国防科技大学,2006.
[31] Berger J. M. A note on error detection codes for asymmetric channels. InformControl.1961,4(1):68-73.
[32] Mendelson A., Suri N. Designing high performance and reliable superscalararchitectures-the out of order reliable superscalar(03RS)approach. Proc. of IEEEInternational Conference on Dependable Systems and Networks.2000,473-481.
[33] Sato T., Arita I. In search of efficient reliable processor design. Proc. of IEEEInternational Conference on Parallel Processing.2001,525-532.
[34] Oh N. Software Implemented Hardware Fault Tolerance. Ph. D. dissertation. Stan-ford:Stanford University,2000.
[35] Mahmood A., McCluskey E. J. Concurrent error detection using watchdogprocessors-a survey. IEEE Transactions on Computers.1988,37(2):160-174.
[36] Majzik I., Hohl W., Pataricza A., et a1. Multiprocessor checking using watchdogprocessors. International Journal of Computer Systems Science and Engineering.1996,11(5):301-310.
[37] Austin T. M. DIVA:a reliable substrate for deep submicron microarchitecturedesign.Proc.ofIEEE/ACMInternationalSymposiumonMicroarchitecture.1999,196-207.
[38] Chatterjee S., Weaver C., Austin T. Efficient checker processor design. Proc. ofIEEE/ACM International Symposium on Microarchitecture.2000,87-97.
[39] Weaver C., Austin T. A fault tolerant approach to microprocessor design. Proc.of IEEE International Conference on Dependable Systems and Networks.2001,41l-420.
[40] Rao T. R. N., Fujiwara E. Error-Control Coding for Computer Systems. New Jer-sey: Prentice-Hall,1989.
[41] Kessler R. E. The Alpha21264microprocessor. IEEE Micro.1999,19(2):24-36.
[42] Ando H., Yoshida Y., Inoue A., et a1.A1.3GHz fifth generation SPARC64microprocessor. Proc. of IEEE International Conference on Design Automation.2003,246-491.
[43] De Lima F.G., Cota E., Carro L., et a1. Designing a radiation hardened8051-likemicrocontroller. Proc. of Symposium on Integrated Circuits and Systems Design.2000,255-260.
[44] Lima F., Carro L., et a1. A multiple bit upset tolerant SRAM memory. ACMTransactions on Design Automation of Electronic Systems.2003,8(4):577-590.
[45] Cota E., Lima F., Rezgui S., et a1. Synthesis of an8051like microcontroller tol-erant to transient faults. Journal of Electronic Testing:Theory and Applications.2001,17(2):149—161.
[46] Michael R. L. Software Fault Tolerance. New York: John Wiley&Sons,1995.
[47] Laura L. P. Software Fault Tolerance Techniques and Implementation. ArtechHouse.2001
[48] Turner J. B., Agardy F. J. The Advanced Research and Global Observation Satel-lite Program (ARGOS). Proc. of the Space Programs and Technologies Confer-ence.1994,1994-4580.
[49]徐建军.面向寄存器软错误的容错编译技术研究.博士学位论文,国防科技大学,2010.
[50]杨学军,高珑.错误流模型:硬件故障的软件传播建模与分析.软件学报.2007,18(4):808-820.
[51]李爱国,洪炳镕,王司.基于错误传播分析的软件脆弱点识别方法研究.计算机学报.2007,18(4):808-820
[52] Jianjun X., Rui S., Qingping T. PRASE: An Approach for Program ReliabilityAnalysis with Soft Errors. Proc. of the14th IEEE Pacific Rim International Sym-posium on Dependable Computing.2008,240-247.
[53]熊磊.面向程序级的软错误容错研究.博士学位论文,国防科技大学,2012.
[54] Huang K. H., Abraham J. A. Algorithm-based fault tolerance for matrix opera-tions. IEEE Transactions on Computers.1984,33(6):518-528
[55] Wang S. J., Nira J., Jha K. Algorithm-Based Fault Tolerance for FFT Networks.IEEE Transaction on Computer.1994,43(7):849-854.
[56] Chen G. A data-centric approach to checksum reuse for array-intensive applica-tions.Proc.oftheInternationalConferenceonDependableSystemsandNetworks.2005,316-325.
[57] Hiller M. Executable Assertions for Detecting Data Errors in Embedded ControlSystems. Proc. of the30th International Conference on Dependable Systems andNetworks.2000,24-36.
[58] Oh N., Shirvani P. P., McCluskey E. J. Error detection by duplicated instructionsin super-scalar processors. IEEE Transactions on Reliability.2002,51(1):63-75.
[59] Oh N., Shirvani P. P., McCluskey E. J. Control-flow checking by software sig-natures. IEEE Transactions on Reliability.2002,51(1):111-122.
[60] ReisG.A.,ChangJ.,VachharajaniN.,RanganR.,AugustD.I.SWIFT:Softwareimplemented fault tolerance. Proc. of International Symposium on Code Genera-tion and Optimization.2005,243-254.
[61] Shu L., Daniel J., Costello J. Error Control Coding: Fundamentals and Applica-tions (2nd Edition). Prentice Hall,2004.
[62] https://en.wikipedia.org/wiki/Parity_bit
[63] Benso A., Chiusano S., Primtto P., Tagliaferro L. A C/C++Source-to-SourceCompiler for Dependable Applications. Proc. of the International Conference onDependable Systems and Networks.2000,71-78.
[64] Rebaudengo M., Sonza R. M., Violante M., Torchiano M. A Source-to-SourceCompilerforGeneratingDependableSoftware.Proc.ofthe1stIEEEInternationalWorkshop on Source Code Analysis and Manipulation.2001,35-44.
[65] WangC.,KimH.,WuY.,YingV.Compiler-ManagedSoftware-BasedRedundantMulti-Threading for Transient Fault Detection. Proc. of International Symposiumon Code Generation and Optimization.2007,244-258.
[66] Shye A., Blomstedt J., Moseley T., et al. PLR: A software Approach to TransientFault Tolerance for Multicore Architectures. IEEE Transactions on Dependableand Secure Computing.2009,6(2):135-148.
[67] Jonathan C., George A. R., David I. A. Automatic Instruction-Level Software-Only Recovery. Proc. of the International Conference on Dependable Systems andNetworks.2006,83-92.
[68] Vemu R., Gurumurthy S., Abraham J. A. ACCE: Automatic Correction ofControl-flowErrors.Proc.ofthe4thInternationalSymposiumonTest.2007,1-10.
[69] Zarandi H. R., Maghsoudloo M., Khoshavi N. Two Efficient Software Tech-niques to Detect and Correct Control-flow Errors. Proc. of the16th Pacific RimInternational Symposium on Dependable Computing.2010,141-148.
[70] Peterson W. W., Weldon E. J. Error-correcting Codes. Cambridge, MIT Press,1972.
[71]高珑.面向硬件故障的软件容错——模型,算法和实验.博士学位论文,国防科学技术大学,2006.
[72] Borodin D., Juurlink B., Vassiliadis S. Instruction level fault tolerance configura-bility. Proc. of International Conference on Embedded Computer Systems: Archi-tectures, Modeling and Simulation.2007,110-117.
[73] Li X., Yeung D. Application-Level Correctness and its Impact on Fault Tolerance.Proc. of the IEEE13th International Symposium on High Performance ComputerArchitecture.2007,181-192.
[74] SundaramA.,AakelA.,LockhartD.,etal.Efficientfaulttoleranceinmultimediaapplications through selective instruction replication. Proc. of the2008workshoponRadiationeffectsandfaulttoleranceinnanometertechnologies.2008,339-346.
[75] Cong J., Gurara j. K. Assuring application-level correctness against soft errors.Proc. of the2011IEEE/ACM International Conference on Computer-Aided De-sign.2011,150-157.
[76] SatoT.,Arita.I.Evaluatinglowcostfaulttolerancemechnismformicroprocessorsonmultimediaapplication.Proc.ofthe2001PacificRimInternationalSymposiumon Dependable Computing.2001,225-232.
[77]孙峻朝,王建莹,杨孝宗.容错机制测评中的故障注入模型及应用算法.计算机研究与发展.1999,36(11):1135-1141.
[78]刘宏泰.基于软件实现的故障注入系统设计与仿真.硕士学位论文,哈尔滨工业大学,2003.
[79] Barton J. H. Fault injection experiments using FIAT. IEEE Transaction on Com-puters.1990,39(4):575-582.
[80] Kanawati G. A. FERRARI: A Flexible software-Based fault and error injectionsystem. IEEE Transaction on Computers.1995,44(2):248-260.
[81] Han S. Experiment evaluation of failure-detection schemes in real-time communi-cationnetworks.Proc.ofthe27thFaultTolerantComputing.1997,34(6):122-131.
[82] Carreira J., Silva J. G. Xception: A technique for the experimental evaluation ofdependability in Modern computers. IEEE Transaction on Software Engineering.1998,24(2):125-136.
[83]彭俊杰,黄庆成,洪炳熔,李瑞.一种可用于星载系统可靠性测评的软件故障注入工具.宇航学报.2005,26(6):823-827.
[84] TomoyukiY.,TatsuhiroT.,TsuchiyaK.AutomaticVerificationofFaultToleranceUsing Model Checking. Proc. of the2001Pacific Rim International Symposiumon Dependable Computing.2001,95-102.
[85] Clarke E. M., Grumberg O., Peled D. A. Model Checking. MIT Press,1999.
[86] Arora A., Mohamed G. Closure and Convergence: A foundation of fault-tolerantComputing. IEEE Transactions on Software Engineering.19(11):1015-1027.
[87] http://nusmv.irst.itc.it
[88] Yeung W. L., Schneider S. A. Design and Verification of Distributed RecoveryBlocks with CSP. Journal Formal Methods in System Design.2003,22(3):225-248.
[89] Brookes S. D., Hoare C. A. R., Roscoe A. W. A theory of communicating se-quential processes. Journal of the ACM.1984,31(3):560–599.
[90]郭亮,唐稚松.基于XYZ/E描述和验证容错系统.软件学报.2002,13(5):913-920.
[91]唐稚松.时序逻辑程序设计与软件工程.北京:科学出版社,1999.
[92] Nicolescu B., Gorse N., Savaria Y., et al. On the Use of Model Checking for theVerification of a Dynamic Signature Monitoring Approach. IEEE Transactions onNuclear Science.2005,52(5):1555-1561.
[93] Nicolescu B., Savaria Y., Velazco R. Software Detection Mechanisms Provid-ing Full Coverage against Single Bit-Flip Faults. IEEE Transactions on NuclearScience.2004,51(6):3510-3518.
[94] David W., Lester W. M., Jay L., et al. Static typing for a faulty lambda calculus.Proc. of the11th ACM SIGPLAN International Conference on Functional Pro-gramming.2006,38-49.
[95] Frances P., Lester W. M., George A. R. Fault-tolerant typed assembly language.Proc. of the ACM SIGPLAN2007Conference on Programming Language Designand Implementation.2007,42-53.
[96] Ohlsson J., Rimen M., Gunneflo U. A study of the effects of transient fault in-jection into a32-bit risc with built-in watchdog. Proc. of the FTCS22nd FaultTolerant Computing Symposium.1992:316–325.
[97] Schuette M., Shen J. Processor control flow monitoring using signatured instruc-tion streams. IEEE Transactions on Computers.1987:36(3):264–276.
[98] Namjoo M., McCluskey E. J. Watchdog processors and capability checking. Proc.ofthe12thInternationalSymposiumonFaultTolerantComputing.1982:245-248.
[99] Namjoo N., Cerberus. An architecture for a general purpose watchdog processor.Proc. of the13rd International Symposium on Fault Tolerant Computing.1983,216-219.
[100] Madeira H., Camoes J., Silva J. G. A watchdog processor for concurrent error de-tection in multiple processor systems. Microprocessors and Microsystems.1991,15(3):123-131.
[101] Saxena N. R., McCluskey E. J. Control-Flow Checking Using Watchdog Assist-s and Extended-Precision Checksums. IEEE Transactions on Computers.1990,39(4):554-559.
[102] Michel E. Concurrent error detection using watchdog processors in the muttipro-cessor system MEMSY. Proc. of the21st of International Symposium on FaultTolerant Computing.1991,54-64.
[103] Benso A., Di Carlo S., Natale G. D., et al. A watchdog processor to detect dataandcontrolflowerrors.Proc.ofthe9thIEEEInternationalConferenceonOn-LineTesting.2003,144-148.
[104] Lu D. J. Watchdog processors and structural integrality checking. IEEE Transac-tions on Computer.1982,31(7):681-685.
[105] Alkhalifa Z., Nair V. S., Krislmamurthy N., et al. Design and Evaluation ofSystem-level Checks for On-line Control Flow Error Detection. IEEE Transactionon Parallel and Distributed Systems.1999,10(6):627-641.
[106]李爱国,洪炳熔,王司.一种软件实现的程序控制流错误检测方法.宇航学报.2006,27(6):1424-1430.
[107] Aiguo L., Bingrong H., Si W. Software Implemented transient fault detection inspace computer. Aerospace Science and Technology.2007,11(23):245-252.
[108]徐建军,谭庆平,李建立.一种基于格式化标签的可扩展控制流检测方法.计算机研究与发展.2011,48(4):638-646.
[109] Goloubeva O., Rebaudengo M., Sonza R. M., et al. Soft-Error Detection Us-ing Control Flow Assertions. Proc. of the18th IEEE International Symposium onDefect and Fault Tolerance in VLSI Systems.2003,57-62.
[110] VemuR.,AbrahamJ.A.CEDA:Control-flowErrorDetectionthroughAssertions.Proc. of the12th IEEE International On-Line Testing Symposium.2006,151–158.
[111] Goloubeva O., Rebaudengo M., Sonza R. M. et al. Improved software-basedprocessor control flow errors detection technique. Proc. of the2005InternationalSymposium on Reliability and Maintainability.2005,583-589.
[112] Borin E., Wang C., Wu Y. F., et al. Software-Based Transparent and Compre-hensive Control-Flow Error Detection. Proc. of the4th International Symposiumon Code Generation and Optimization.2006.
[113] Makoto S. A Dynamic Continuous Signature Monitoring Technique for ReliableMicroprocessors. IEICE Transactions on Electronics.2011,94(4):1-10.
[114] Chang J., Vachharajani N., Rangan R., et al. SWIFT: Software ImplementedFault Tolerance. Proc. Of the International Symposium on Code Generation andOptimization.2005.
[115] Nicolescu B., Velazco R. Detecting soft errors by a purely software approach:method, tools and experimental results. Proc. of the Conference on Design Au-tomation and Testing in Europe.2003,57-62.
[116] Aho A., Sethi R., Ullman J. Compilers: Principles, Techniques and Tools.Addison-Welsey,2006.
[117]陈火旺,刘春林,谭庆平等.程序设计语言编译原理.北京:国防工业出版社,2009.
[118] Barigazzi G., Strigini L. Application-Transparent Setting of Recovery Points.Proc. of the13th International Symposium on Fault-Tolerant Computing.1983,48-55.
[119] Li C. J., Fuchs W. K. CATCH-compiler assisted techniques for checkpointing.Proc. of the20th International Symposium on Fault Tolerant Computing.1990,74-81.
[120] Marques D. et al. Optimizing checkpoint sizes in the c3system. Proc. of the19thIEEE International Conference on Parallel and Distributed Processing Sympo-sium.2005.
[121] PlankJ.S.eta1.Memoryexclusion,Optimizingtheperformanceofcheckpointingsystems. Software Practice and Experience.1999,29(2):125-142.
[122]李平华.过程间数据流分析技术研究.硕士学位论文,东南大学,2004.
[123] Reis G. A., Chang J., August D. I. Configurable transient fault detection viadynamicbinarytranslation.Proc.ofthe2ndWorkshoponArchitecturalReliability.2006.
[124] Burger D. C., Austin T. M. The SimpleScalar Tool Set (Version2.0). TechnicalReport CS-Tr-97-1423. University of Wisconsin,1997,12(8):34-67.
[125] Christel B., Joost P. K. Principles of model checking. MIT Press,2007.
[126] Dams D. Flat Fragments of CTL and CTL l Separating the expressive and distin-guishing powers. Logic Journal of the lGPL.1999,7(1):55—78.
[127] Cornelia V. W. An LTL Verification Based on Automata Theory[MSc Thesis].University of Stellenbosch,1999.
[128] Greg M., David W., Karl C., Neal G. From system F to typed assembly language.ACM Transactions on Programming Languages and Systems.1999,21(3):527-568.
[129] Karl C. Toward a foundational typed assembly language. Proc. of the30th ACMSIGPLAN-SIGACT symposium on Principles of programming languages.2003,198-212.
[130] Morrisett G., Crary K., Glew N., et al. Stack-based Typed Assembly Language.Journal of Functional Programming.2002,12(1):43-88.
[131] Nicolescu B., Velazco R. Detecting soft errors by a purely software approach:method, tools and experimental results. Proc. of the Conference on Design Au-tomation and Testing in Europe.2003,57-62.
[132]刘金阳.太阳风系统仿真中分布式数据库数据同步的研究与实现.硕士学位论文,成都理工大学,2011.
[133] http://baike.baidu.com/view/30563.html
[134] http://www.itrs.net/Links/2007ITRS/Home2007.htm
[135]谭兰芳.面向单粒子效应的软件故障注入技术研究.硕士学位论文,国防科技大学,2008.