基于四重化冗余技术的高可信性计算平台研究
|
摘要
现今的数字计算系统已经渗透到社会的各个领域,可信计算系统的开发和研究将成为今后数字计算系统发展的主要趋势。
在实现可信计算的各种途径中,论文将重点放在了对冗余技术的研究上。在对可信性理论和国内外现有的可信性实际系统进行调研后,经过各种冗余结构的比较,最终选定四重化冗余结构。针对四重化冗余结构热备切换输出端在实时性上的缺失,论文创新性地提出了四重化冗余竞争结构,在不减少原有结构性能的基础上,将两系同时晋升为工作系,输出端使用竞争输出的方式弥补这一缺失,实现切换时间的完全消除。在对四重化冗余竞争结构的可信性分析中,改进为原有分析方式对判别器和表决器模型建立的不足,使用瞬态失效和独立时间片累积求和的方法,计算及分析结果更加贴近实际系统。为验证理论分析,使用Matlab等仿真程序对可靠性结果进行仿真,与理论预期一致。
在上述理论支持下,论文设计并实现了一套高可信性的计算平台。这一平台的构架即采用四重化冗余竞争结构,计算模块使用可信性指标非常高的PowerPC系列处理器,并使用FPGA作为判别器和竞争输出单元的硬件载体。外部总线使用标准的MIL-STD-1553B总线,整体硬件板卡采用6U欧式标准结构,双DIN41612标准针孔插接,可作为组件插入到背板中与其他组件协同工作。判别器内部的系统级软件采用Altera公司推出的嵌入式软核NiosII,两套判别器在FPGA内部构成双核系统。输出端使用竞争输出模块实现无缝切换,并采用强制指定输出系的方式对竞争冒险的极端情况做出有效的屏蔽。计算模块内部的系统级软件配套地移植μC/OS-II作为平台使用的操作系统。所有的底层软件均进行模块化设计,完善软件构架,最终应用层软件只需调用系统级软件的模块库即可。
经实验验证,整个计算平台的可信性与实时性良好,适用于各种对可靠性和安全性要求很高的计算环境。
Nowadays, digital computing systems have penetrated into all fields of society.The development and research Dependability Computing system will become the maintrends of the future development of digital computing systems.
On the various ways of Dependability Computing systems for the realization, thethesis will focus on the research of redundancy technology. After the investigation onthe credibility of the theory and the existing domestic and international credibility ofthe actual system and redundance structure of various comparison, the QMR struc-ture is selected finally. The thesis put forward the innovative QMR of the competitionstructure based on the real-time missing. It can compensate this deficiency while noreducing the basis of performance. In the dependability analysis of the QMR compe-tition structure, taking into account the transient failure checker problem could makethe calculation and the results of the analysis closer to the actual system. To verify thetheoretical analysis, simulation program such as Matlab is adopted on the credibility ofthe results of simulation. The result is fully consistent with the theoretical expectations.
In the theoretical support as above, the thesis designed and implemented a set ofhigh-dependability computing platform. The framework of this platform is QMR com-petition structure. Calculation module uses PowerPC Series processors with very highdependability performance. Judgement uses FPGA as hardware modules. Externalbus uses the standard MIL-STD-1553B bus protocol. The overall hardware board ac-cord with 6U continental standard structure and dual-DIN41612 standard plug, it canbe used as components inserted into the backplane with the other components worktogether. The system-level software in judgement chooses Altera Company’s embed-ded soft-core Nios II. There would be two sets of judgements in one FPGA internalconstitute dual-core system. In addition the use of competition in the output modulewill switch seamlessly. Calculation module within the system-level software supportto transplant the uC /OS-II as a platform to use operating system. All of the underlying software is designed as modular design and improve the software architecture. Theapplication-layer software could call the system-level software module library simply.
After experimental verification, the entire computing platform has the advantageof dependability and real-time performance and could be applied to all kinds of relia-bility and security of demanding computing environments.
在实现可信计算的各种途径中,论文将重点放在了对冗余技术的研究上。在对可信性理论和国内外现有的可信性实际系统进行调研后,经过各种冗余结构的比较,最终选定四重化冗余结构。针对四重化冗余结构热备切换输出端在实时性上的缺失,论文创新性地提出了四重化冗余竞争结构,在不减少原有结构性能的基础上,将两系同时晋升为工作系,输出端使用竞争输出的方式弥补这一缺失,实现切换时间的完全消除。在对四重化冗余竞争结构的可信性分析中,改进为原有分析方式对判别器和表决器模型建立的不足,使用瞬态失效和独立时间片累积求和的方法,计算及分析结果更加贴近实际系统。为验证理论分析,使用Matlab等仿真程序对可靠性结果进行仿真,与理论预期一致。
在上述理论支持下,论文设计并实现了一套高可信性的计算平台。这一平台的构架即采用四重化冗余竞争结构,计算模块使用可信性指标非常高的PowerPC系列处理器,并使用FPGA作为判别器和竞争输出单元的硬件载体。外部总线使用标准的MIL-STD-1553B总线,整体硬件板卡采用6U欧式标准结构,双DIN41612标准针孔插接,可作为组件插入到背板中与其他组件协同工作。判别器内部的系统级软件采用Altera公司推出的嵌入式软核NiosII,两套判别器在FPGA内部构成双核系统。输出端使用竞争输出模块实现无缝切换,并采用强制指定输出系的方式对竞争冒险的极端情况做出有效的屏蔽。计算模块内部的系统级软件配套地移植μC/OS-II作为平台使用的操作系统。所有的底层软件均进行模块化设计,完善软件构架,最终应用层软件只需调用系统级软件的模块库即可。
经实验验证,整个计算平台的可信性与实时性良好,适用于各种对可靠性和安全性要求很高的计算环境。
Nowadays, digital computing systems have penetrated into all fields of society.The development and research Dependability Computing system will become the maintrends of the future development of digital computing systems.
On the various ways of Dependability Computing systems for the realization, thethesis will focus on the research of redundancy technology. After the investigation onthe credibility of the theory and the existing domestic and international credibility ofthe actual system and redundance structure of various comparison, the QMR struc-ture is selected finally. The thesis put forward the innovative QMR of the competitionstructure based on the real-time missing. It can compensate this deficiency while noreducing the basis of performance. In the dependability analysis of the QMR compe-tition structure, taking into account the transient failure checker problem could makethe calculation and the results of the analysis closer to the actual system. To verify thetheoretical analysis, simulation program such as Matlab is adopted on the credibility ofthe results of simulation. The result is fully consistent with the theoretical expectations.
In the theoretical support as above, the thesis designed and implemented a set ofhigh-dependability computing platform. The framework of this platform is QMR com-petition structure. Calculation module uses PowerPC Series processors with very highdependability performance. Judgement uses FPGA as hardware modules. Externalbus uses the standard MIL-STD-1553B bus protocol. The overall hardware board ac-cord with 6U continental standard structure and dual-DIN41612 standard plug, it canbe used as components inserted into the backplane with the other components worktogether. The system-level software in judgement chooses Altera Company’s embed-ded soft-core Nios II. There would be two sets of judgements in one FPGA internalconstitute dual-core system. In addition the use of competition in the output modulewill switch seamlessly. Calculation module within the system-level software supportto transplant the uC /OS-II as a platform to use operating system. All of the underlying software is designed as modular design and improve the software architecture. Theapplication-layer software could call the system-level software module library simply.
After experimental verification, the entire computing platform has the advantageof dependability and real-time performance and could be applied to all kinds of relia-bility and security of demanding computing environments.
引文
[1]徐拾义.可信计算系统设计和分析.清华大学出版社, 2006: 1–9, 24–111.
[2] Laprie J C. Dependability: Basic Concepts and Terminology. Vienna: Springer-Verlag,1990.
[3] Mitchell C, Stavridou V. Amthematics of Dependable Systems. Oxford: Clarendon Press,1995.
[4] Goldberg J, Baer J A, Minnick R C. Development of techniques for improving the reliabilityof digital systems through logical redundancy. Technical report, Jet Propulsion Laboratory,1963. http://www.nasa.org/.
[5] HA Thompson. Fault-tolerant transputer-based controller. IEE PROCEEDINGS, 1990,137(4).
[6]王敏,黄心汉.双机容错系统中仲裁器的设计.电气传动, 1998, (1):37–39.
[7]刘秀文.双机容错计算机系统的设计与实现.无线电工程, 1998, 28(1):50–53.
[8] Vairavan K. Redundancy techniques to improve the reliability of two level and three levellogic circuits[M]. India: The University of Madras, 1965.
[9]汪强,袁由光.高性能容错处理核心的研究.计算机与数字工程, 2000, 28(3):5–11.
[10]李毅力.二乘(二取二)计算机联锁系统.计算机工程, 2004, 30(12):482–484.
[11]马连川,穆建成.四模冗余结构在铁路信号控制系统中的应用.兰州交通大学学报(自然科学版),2005,24:106–108.
[12]齐志华,王海峰.一种嵌入式二乘二取二容错计算机联锁系统设计.北京交通大学学报,2006,30(5):46–49.
[13] W K Jenkins, B A Schnaufer, A J Mansen. Combined System-level Redundancy and Mod-ular Arithmetic for Fault Tolerant Digital Signal Processing. IEEE, 1993. 28–35.
[14] W K Jenkins, B A Schnaufer. Fault Tolerant Architectures for E?cient Realization ofCommon DSP Kernels. IEEE, 1992. 1320–1323.
[15] M A Bayoumi, C H Yang. Reconfigurable testable bit-serial multiplier for DSP applications.IEE PROCEEDINGS, 1989, 136(6):517–523.
[16] Todd A DeLong, D Todd Smith, Barry W Johnson. Dependability Metrics to Assess Safety-Critical Systems. IEE TRANSACTIONS ON RELIABILITY, 2005, 54(3):498–505.
[17] PFuhrman C. Comparison-based diagnosis in fault-tolerant, multiprcessor systems[D].Swiss: Swiss Federal Institute of Technology in Lausanne, July, 1996.
[18]裴彬.意大利安莎尔多微机联锁系统.国外信息, 1998. 43–46.
[19]靳红涛,焦宗夏,王少萍,等.高可靠三余度数字式作动器控制器设计与实现.北京航空航天大学学报,2006,32:548–552.
[20]臧永立. TYJL-III型国产容错计算机联锁系统研究.铁道科学技术新进展–铁道科学研究院55周年论文集.97–103.
[21]顾子天. NMR容错系统的一种故障恢复方法.镇江船舶学院学报, 1992, 6(4):34–38.
[22]张新明,王俊高.二科二取二冗余计算机联锁系统的结构与安全性分析.铁道科学技术新进展–铁道科学研究院55周年论文集.92–97.
[23]陈微,戴葵,刘芳.可靠性微处理器设计关键技术研究.华中科技大学学报(自然科学版),2005,33:111–113.
[24]冯立,王良勇,钱晓龙.冗余控制系统的原理及性能优化.仪器仪表学报, 2003,32:334–336.
[25]徐志根,王长林.三模冗余结构微机联锁系统的安全度分析.西南交通大学学报, 1999,34(6).
[26]宋红霞,王玉松,王利锋,等.列车自动防护系统安全计算机可靠性与安全性分析.工业控制计算机,2008,21:13–15.
[27] M A W NAHMOUD, M E MOSHREF. Probabilistic Analysis of a TWO-UNIT coldstandby Redundant System Subject to Failure of Controlled Weather Device. Microelec-tron Reliability, 1996, 37(4):623–628.
[28]曹晋化,程侃.两部件热贮备系统的可靠性分析.应用数学学报, 1980, (3):147–160.
[29]程侃,曹晋化.两部件并行系统的可靠性分析.应用数学学报, 1978, (1):341–352.
[30]刘芳,王海峰.二乘二取二与双机热备计算机联锁系统性能比较.铁道通信信号, 2008,44:27–29.
[31]张佳楠,王海峰,蒋大明.计算机联锁系统二乘二取二容错结构分析.铁路计算机应用,2006, 15(11):46–49.
[32]闫剑平,汪希时.铁路信号PES安全性定量分析的研究.中国安全科学学报, 2000,10(6):40–45.
[33] R Subramanian, V Anantharaman. Reliability analysis of a complex standby redundantsystem. Reliability Engineering and System Safety, 1995. 57–70.
[34] CHEN Bi-yun, REN Zhen. Multi-load model for reliability assessment of HVDC converter.Electric Power Automation Equipment, 2006, 26(3):12–17.
[35]管伟军,李丽兰,董昱.二乘二取二冗余结构微机联锁系统的安全度分析.大众科技,2006, 94(8):105–106.
[36] Semiconductor F. e200z6 PwerPC Core Reference Manual [EB/OL], 2004.6.http://www.freescale.com.
[37] Semiconductor F. Addendum e200z6 PwerPC Core Reference Manual, Rev. 0 [EB/OL],2006.3. http://www.freescale.com.
[38] Altera. Cyclone II Device Handbook [EB/OL], 2007.2. http://www.altera.com.
[39] Altera. Pin Information for the Cyclone II EP2C35 Device [EB/OL], 2006.5.http://www.altera.com.
[40]曹晋华,程侃.可靠性数学引论.高等教育出版社, 2005: 52–56, 182–240.
[41]朱起悦. FPGA器件的可靠性预计.铁道通信信号, 2008, 3:11–14.
[42]陈晓彤,赵廷弟.可靠性实用指南.北京航空航天大学出版社, 2005: 192–198.
[43] G Levitin, A Lisnianski. Structure optimization of multi-state system with two failuremodes. Reliability Engineering and System Safety, 2001. 75–79.
[44] Andrea Bobbio, Giuliana Franceschinis. Parametric Fault Tree for the Dependability Analy-sis of Redundant Systems and Its High-Level Petri Net Semantics. IEEE TRANSACTIONSON SOFTWARE ENGINEERING, 2003, 29(3):270–287.
[45] Kenneth WPHILP, Norman DDEANS. COMPARATIVE REDUNDANCY, AN ALTER-NATIVE TO TRIPLE MODULE REDUNDANT SYSTEM DESIGN. Microelectron Reli-ability, 1996, 37(4):581–585.
[46]林正炎,张立新,苏中根. Markov过程导论.高等教育出版社, 2007: 82–110.
[47]龚光鲁,钱敏平.应用随机过程教程――及在算法和智能计算中的随机模型.清华大学出版社,2003: 129–131.
[48]李晓举.微机化站间自动闭塞冗余控制系统研究[硕士学位论文].成都:西南交通大学,2007.
[49]高尚.基于Matlab语言的系统可靠性仿真.航天控制, 2001, 3:71–74.
[50]郭海丽,王紫婷.基于Matlab/Simulink的FIR数字滤波器的设计与实现.电气应用,2008, 27:73–75.
[51]彭博,马昕晖,杨洋.基于Simulink的冗余系统可靠性仿真.兵工自动化, 2007,26:37–39.
[52]左德承,张展,董剑.面向事务处理的容错计算机系统结构设计与实现.高技术通讯,2008, 18(2):111–115.
[53] Semiconductor F. EMC Guidelines for MPC5500-Based Systems [EB/OL], 2005.1.http://www.freescale.com.
[54]韩传冰,朱家强,朱纪洪.具有SDRAM容错和检错功能的PowerPC高性能处理单元设计.航天控制,2005,23(5):46–51.
[55] Aoudni, Y, Amor, N Ben, Gogniat, G, et al. Platform and architecture adequacy in SoCenvirennement: A case study. Proceedings of the International Conference on Microelec-tronics, 2004. 762–767.
[56] Hall, Tyson S, Hamblen, James O. System-on-a-programmable-chip development platformsin the classroom. IEEE Transactions on Education, 2004. 502–507.
[57] Feng, Dan, Liu, Xun, Li, Kaijun. Key technology for object-based storage controllers us-ing SOPC. Journal of Huazhong University of Science and Technology (Natural ScienceEdition), 2007, 35(6):50–53.
[58] Zhu, Lili, Fan, Xiliang. The SOPC design based-on nios CPU in EPON system. TheInternational Society for Optical Engineering, 2005. 959–966.
[59] Maxim. Quad LVDS Line Receivers with Integrated Termination and Flow-Through Pinout[EB/OL], 2001.6. http://www.maxim-ic.com.
[60] Maxim. Quad LVDS Line Driver with Flow-Through Pinout [EB/OL], 2001.2.http://www.maxim-ic.com.
[61] Linear. LT1765 Monolithic 3A, 1.25MHz Step-Down Switching Regulator [EB/OL],2007.6. http://www.linear.com.
[62] Texas-Instruments. 6A, 12V Input Non-isolated Wide-ouput Adjust Power Module[EB/OL], 2007.10. http://www.ti.com.
[63] MICREL. MIC37102 1A Low-Voltage uCap LDO [EB/OL], 2007.9.http://www.micrel.com.
[64] On-Semiconductor. NJD2873 Plastic Power Transistors [EB/OL], 2007.1.http://onsemi.com.
[65] Semiconductor F. Power Supplies on the MPC5500 [EB/OL], 2006.6.http://www.freescale.com.
[66] Semiconductor F. MPC5553/MPC5554 Microcontroller Reference Manual [EB/OL],2005.6. http://www.freescale.com.
[67] Semiconductor F. MPC5554 Microcontroller Data Sheet [EB/OL], 2006.6.http://www.freescale.com.
[68] Semiconductor F. Using the DSPI Module on the MPC5500 Family [EB/OL], 2004.10.http://www.freescale.com.
[69]安鹏.基于SOPC技术的医用呼吸机主控系统设计.电子产品世界, 2008, (6):117–119.
[70] Altera. Nios II Processor Reference Handbook [EB/OL], 2007.10. http://www.altera.com.
[71] Altera. Quartus II Version 7.2 Handbook [EB/OL], 2007.10. http://www.altera.com.
[72]李兰英. Nios II嵌入式软核SOPC设计原理及应用.北京航空航天大学出版社, 2006:111–179.
[73] Fei Sun, Srivaths Ravi, Anand Raghunathan, et al. Application-Specific HeterogeneousMultiprocessor Synthesis Using Extensible Processors. IEEE TRANSACTIONS ONCOMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, 2006,25(9).
[74] Hynix. HY57V561620(L)T Synchronous DRAM Datasheet [EB/OL], 2003.4.http://www.hynix.com.
[75] Intel. Intel StrataFlash Embedded Memory (P30) Family [EB/OL], 2006.5.http://www.intel.com.
[76] Altera. Configuration Handbook [EB/OL], 2008.2. http://www.altera.com.
[77] MAXIM. MAX3232 Datasheet REV 5 [EB/OL], 1999.3. http://www.maxim-ic.com.
[78] JG Choi, PH Seong. Dependability estimation of a digital system with consideration ofsoftware masking e?ects on hardware faults. Reliability Engineering and System Safety,2001. 45–55.
[79]邵贝贝.嵌入式实时操作系统uC/OS-II (第二版).北京航空航天大学出版社, 2003:5–117.
[80]邵贝贝.嵌入式软件的安全可靠性控制.电子产品世界, 2005, 3:38–40.
[81]任哲.嵌入式实时操作系统uC/OS-II原理及应用.北京航空航天大学出版社, 2005:207–220.
[82]蔡伟纲. Nios II软件架构解析.西安电子科技大学出版社, 2007: 5–122.
[83] Altera. Nios II Software Developder’s Handbook [EB/OL], 2007.10. http://www.altera.com.
[84] Semiconductor F. MPC5500 Flash Programming Through Nexus/JTAG [EB/OL], 2006.6.http://www.freescale.com.
[85] Semiconductor F. BDM Lighting Hardware Installation Guide [EB/OL], 2006.1.http://www.freescale.com.
[86]徐婕.二元线性回归分析法在牛顿第二定律验证实验中的应用.大学物理, 2004,23:37–39.
[87]唐太岗.基于ARM9的1553B与CAN总线转换接口技术的研究[硕士学位论文].绵阳:中国工程物理研究院电子工程研究所,2008.
[88]周金宇,谢里阳,王学敏.多状态系统共因失效分析及可靠性模型.机械工程学报,2005, 41(6):66–70.
[89]沈祖培,唐辉.有共因失效的系统可靠性的GO分析法.清华大学学报(自然科学版),2006, 46(6):829–832.
[90]王学敏,谢里阳,周金宇.考虑共因失效的系统可靠性模型.机械工程学报, 2005,41(1):24–28.
[2] Laprie J C. Dependability: Basic Concepts and Terminology. Vienna: Springer-Verlag,1990.
[3] Mitchell C, Stavridou V. Amthematics of Dependable Systems. Oxford: Clarendon Press,1995.
[4] Goldberg J, Baer J A, Minnick R C. Development of techniques for improving the reliabilityof digital systems through logical redundancy. Technical report, Jet Propulsion Laboratory,1963. http://www.nasa.org/.
[5] HA Thompson. Fault-tolerant transputer-based controller. IEE PROCEEDINGS, 1990,137(4).
[6]王敏,黄心汉.双机容错系统中仲裁器的设计.电气传动, 1998, (1):37–39.
[7]刘秀文.双机容错计算机系统的设计与实现.无线电工程, 1998, 28(1):50–53.
[8] Vairavan K. Redundancy techniques to improve the reliability of two level and three levellogic circuits[M]. India: The University of Madras, 1965.
[9]汪强,袁由光.高性能容错处理核心的研究.计算机与数字工程, 2000, 28(3):5–11.
[10]李毅力.二乘(二取二)计算机联锁系统.计算机工程, 2004, 30(12):482–484.
[11]马连川,穆建成.四模冗余结构在铁路信号控制系统中的应用.兰州交通大学学报(自然科学版),2005,24:106–108.
[12]齐志华,王海峰.一种嵌入式二乘二取二容错计算机联锁系统设计.北京交通大学学报,2006,30(5):46–49.
[13] W K Jenkins, B A Schnaufer, A J Mansen. Combined System-level Redundancy and Mod-ular Arithmetic for Fault Tolerant Digital Signal Processing. IEEE, 1993. 28–35.
[14] W K Jenkins, B A Schnaufer. Fault Tolerant Architectures for E?cient Realization ofCommon DSP Kernels. IEEE, 1992. 1320–1323.
[15] M A Bayoumi, C H Yang. Reconfigurable testable bit-serial multiplier for DSP applications.IEE PROCEEDINGS, 1989, 136(6):517–523.
[16] Todd A DeLong, D Todd Smith, Barry W Johnson. Dependability Metrics to Assess Safety-Critical Systems. IEE TRANSACTIONS ON RELIABILITY, 2005, 54(3):498–505.
[17] PFuhrman C. Comparison-based diagnosis in fault-tolerant, multiprcessor systems[D].Swiss: Swiss Federal Institute of Technology in Lausanne, July, 1996.
[18]裴彬.意大利安莎尔多微机联锁系统.国外信息, 1998. 43–46.
[19]靳红涛,焦宗夏,王少萍,等.高可靠三余度数字式作动器控制器设计与实现.北京航空航天大学学报,2006,32:548–552.
[20]臧永立. TYJL-III型国产容错计算机联锁系统研究.铁道科学技术新进展–铁道科学研究院55周年论文集.97–103.
[21]顾子天. NMR容错系统的一种故障恢复方法.镇江船舶学院学报, 1992, 6(4):34–38.
[22]张新明,王俊高.二科二取二冗余计算机联锁系统的结构与安全性分析.铁道科学技术新进展–铁道科学研究院55周年论文集.92–97.
[23]陈微,戴葵,刘芳.可靠性微处理器设计关键技术研究.华中科技大学学报(自然科学版),2005,33:111–113.
[24]冯立,王良勇,钱晓龙.冗余控制系统的原理及性能优化.仪器仪表学报, 2003,32:334–336.
[25]徐志根,王长林.三模冗余结构微机联锁系统的安全度分析.西南交通大学学报, 1999,34(6).
[26]宋红霞,王玉松,王利锋,等.列车自动防护系统安全计算机可靠性与安全性分析.工业控制计算机,2008,21:13–15.
[27] M A W NAHMOUD, M E MOSHREF. Probabilistic Analysis of a TWO-UNIT coldstandby Redundant System Subject to Failure of Controlled Weather Device. Microelec-tron Reliability, 1996, 37(4):623–628.
[28]曹晋化,程侃.两部件热贮备系统的可靠性分析.应用数学学报, 1980, (3):147–160.
[29]程侃,曹晋化.两部件并行系统的可靠性分析.应用数学学报, 1978, (1):341–352.
[30]刘芳,王海峰.二乘二取二与双机热备计算机联锁系统性能比较.铁道通信信号, 2008,44:27–29.
[31]张佳楠,王海峰,蒋大明.计算机联锁系统二乘二取二容错结构分析.铁路计算机应用,2006, 15(11):46–49.
[32]闫剑平,汪希时.铁路信号PES安全性定量分析的研究.中国安全科学学报, 2000,10(6):40–45.
[33] R Subramanian, V Anantharaman. Reliability analysis of a complex standby redundantsystem. Reliability Engineering and System Safety, 1995. 57–70.
[34] CHEN Bi-yun, REN Zhen. Multi-load model for reliability assessment of HVDC converter.Electric Power Automation Equipment, 2006, 26(3):12–17.
[35]管伟军,李丽兰,董昱.二乘二取二冗余结构微机联锁系统的安全度分析.大众科技,2006, 94(8):105–106.
[36] Semiconductor F. e200z6 PwerPC Core Reference Manual [EB/OL], 2004.6.http://www.freescale.com.
[37] Semiconductor F. Addendum e200z6 PwerPC Core Reference Manual, Rev. 0 [EB/OL],2006.3. http://www.freescale.com.
[38] Altera. Cyclone II Device Handbook [EB/OL], 2007.2. http://www.altera.com.
[39] Altera. Pin Information for the Cyclone II EP2C35 Device [EB/OL], 2006.5.http://www.altera.com.
[40]曹晋华,程侃.可靠性数学引论.高等教育出版社, 2005: 52–56, 182–240.
[41]朱起悦. FPGA器件的可靠性预计.铁道通信信号, 2008, 3:11–14.
[42]陈晓彤,赵廷弟.可靠性实用指南.北京航空航天大学出版社, 2005: 192–198.
[43] G Levitin, A Lisnianski. Structure optimization of multi-state system with two failuremodes. Reliability Engineering and System Safety, 2001. 75–79.
[44] Andrea Bobbio, Giuliana Franceschinis. Parametric Fault Tree for the Dependability Analy-sis of Redundant Systems and Its High-Level Petri Net Semantics. IEEE TRANSACTIONSON SOFTWARE ENGINEERING, 2003, 29(3):270–287.
[45] Kenneth WPHILP, Norman DDEANS. COMPARATIVE REDUNDANCY, AN ALTER-NATIVE TO TRIPLE MODULE REDUNDANT SYSTEM DESIGN. Microelectron Reli-ability, 1996, 37(4):581–585.
[46]林正炎,张立新,苏中根. Markov过程导论.高等教育出版社, 2007: 82–110.
[47]龚光鲁,钱敏平.应用随机过程教程――及在算法和智能计算中的随机模型.清华大学出版社,2003: 129–131.
[48]李晓举.微机化站间自动闭塞冗余控制系统研究[硕士学位论文].成都:西南交通大学,2007.
[49]高尚.基于Matlab语言的系统可靠性仿真.航天控制, 2001, 3:71–74.
[50]郭海丽,王紫婷.基于Matlab/Simulink的FIR数字滤波器的设计与实现.电气应用,2008, 27:73–75.
[51]彭博,马昕晖,杨洋.基于Simulink的冗余系统可靠性仿真.兵工自动化, 2007,26:37–39.
[52]左德承,张展,董剑.面向事务处理的容错计算机系统结构设计与实现.高技术通讯,2008, 18(2):111–115.
[53] Semiconductor F. EMC Guidelines for MPC5500-Based Systems [EB/OL], 2005.1.http://www.freescale.com.
[54]韩传冰,朱家强,朱纪洪.具有SDRAM容错和检错功能的PowerPC高性能处理单元设计.航天控制,2005,23(5):46–51.
[55] Aoudni, Y, Amor, N Ben, Gogniat, G, et al. Platform and architecture adequacy in SoCenvirennement: A case study. Proceedings of the International Conference on Microelec-tronics, 2004. 762–767.
[56] Hall, Tyson S, Hamblen, James O. System-on-a-programmable-chip development platformsin the classroom. IEEE Transactions on Education, 2004. 502–507.
[57] Feng, Dan, Liu, Xun, Li, Kaijun. Key technology for object-based storage controllers us-ing SOPC. Journal of Huazhong University of Science and Technology (Natural ScienceEdition), 2007, 35(6):50–53.
[58] Zhu, Lili, Fan, Xiliang. The SOPC design based-on nios CPU in EPON system. TheInternational Society for Optical Engineering, 2005. 959–966.
[59] Maxim. Quad LVDS Line Receivers with Integrated Termination and Flow-Through Pinout[EB/OL], 2001.6. http://www.maxim-ic.com.
[60] Maxim. Quad LVDS Line Driver with Flow-Through Pinout [EB/OL], 2001.2.http://www.maxim-ic.com.
[61] Linear. LT1765 Monolithic 3A, 1.25MHz Step-Down Switching Regulator [EB/OL],2007.6. http://www.linear.com.
[62] Texas-Instruments. 6A, 12V Input Non-isolated Wide-ouput Adjust Power Module[EB/OL], 2007.10. http://www.ti.com.
[63] MICREL. MIC37102 1A Low-Voltage uCap LDO [EB/OL], 2007.9.http://www.micrel.com.
[64] On-Semiconductor. NJD2873 Plastic Power Transistors [EB/OL], 2007.1.http://onsemi.com.
[65] Semiconductor F. Power Supplies on the MPC5500 [EB/OL], 2006.6.http://www.freescale.com.
[66] Semiconductor F. MPC5553/MPC5554 Microcontroller Reference Manual [EB/OL],2005.6. http://www.freescale.com.
[67] Semiconductor F. MPC5554 Microcontroller Data Sheet [EB/OL], 2006.6.http://www.freescale.com.
[68] Semiconductor F. Using the DSPI Module on the MPC5500 Family [EB/OL], 2004.10.http://www.freescale.com.
[69]安鹏.基于SOPC技术的医用呼吸机主控系统设计.电子产品世界, 2008, (6):117–119.
[70] Altera. Nios II Processor Reference Handbook [EB/OL], 2007.10. http://www.altera.com.
[71] Altera. Quartus II Version 7.2 Handbook [EB/OL], 2007.10. http://www.altera.com.
[72]李兰英. Nios II嵌入式软核SOPC设计原理及应用.北京航空航天大学出版社, 2006:111–179.
[73] Fei Sun, Srivaths Ravi, Anand Raghunathan, et al. Application-Specific HeterogeneousMultiprocessor Synthesis Using Extensible Processors. IEEE TRANSACTIONS ONCOMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, 2006,25(9).
[74] Hynix. HY57V561620(L)T Synchronous DRAM Datasheet [EB/OL], 2003.4.http://www.hynix.com.
[75] Intel. Intel StrataFlash Embedded Memory (P30) Family [EB/OL], 2006.5.http://www.intel.com.
[76] Altera. Configuration Handbook [EB/OL], 2008.2. http://www.altera.com.
[77] MAXIM. MAX3232 Datasheet REV 5 [EB/OL], 1999.3. http://www.maxim-ic.com.
[78] JG Choi, PH Seong. Dependability estimation of a digital system with consideration ofsoftware masking e?ects on hardware faults. Reliability Engineering and System Safety,2001. 45–55.
[79]邵贝贝.嵌入式实时操作系统uC/OS-II (第二版).北京航空航天大学出版社, 2003:5–117.
[80]邵贝贝.嵌入式软件的安全可靠性控制.电子产品世界, 2005, 3:38–40.
[81]任哲.嵌入式实时操作系统uC/OS-II原理及应用.北京航空航天大学出版社, 2005:207–220.
[82]蔡伟纲. Nios II软件架构解析.西安电子科技大学出版社, 2007: 5–122.
[83] Altera. Nios II Software Developder’s Handbook [EB/OL], 2007.10. http://www.altera.com.
[84] Semiconductor F. MPC5500 Flash Programming Through Nexus/JTAG [EB/OL], 2006.6.http://www.freescale.com.
[85] Semiconductor F. BDM Lighting Hardware Installation Guide [EB/OL], 2006.1.http://www.freescale.com.
[86]徐婕.二元线性回归分析法在牛顿第二定律验证实验中的应用.大学物理, 2004,23:37–39.
[87]唐太岗.基于ARM9的1553B与CAN总线转换接口技术的研究[硕士学位论文].绵阳:中国工程物理研究院电子工程研究所,2008.
[88]周金宇,谢里阳,王学敏.多状态系统共因失效分析及可靠性模型.机械工程学报,2005, 41(6):66–70.
[89]沈祖培,唐辉.有共因失效的系统可靠性的GO分析法.清华大学学报(自然科学版),2006, 46(6):829–832.
[90]王学敏,谢里阳,周金宇.考虑共因失效的系统可靠性模型.机械工程学报, 2005,41(1):24–28.