Fault tolerant approach for verified software: Case of natural gas purification simulator

Abstract

Well logically verified and tested software may fail because of undesired physical phenomena provoking transient faults during its execution. While being the most frequent kind of faults, transient faults are difficult to localize because they have a very short life, but they may cause the failure of software. A fault tolerant method against transient faults under the hypothesis of statically verified software is presented. In order to ensure the right experimental environment, first the specification of the application is validated by Alloy analyzer, second a JML annotated Java code is statically verified. The proposed approach is based on some rules transforming basic Java statements like assignments, conditional and iterative statements into equivalent fault tolerant ones. The current research has exhibited some natural redundancy in any code, and the corrective power of repetitive statements. It also proved that the proposed method makes more efficient fault tolerant versions compared with natural error recovery, i.e. without inserting any additional code for detecting or repairing the damaged state. Illustrated by Gas purification simulator, one can see the natural error recovery in case of fault injection in the code, and how fault tolerant rules recover more errors in less time compared to the natural recovery. The proposed approach is preventive because it avoids the propagation of errors at early stages by repeating low level statements until some "stability" of their behavior. © 2013 IEEE.