Browse Prior Art Database

Fail Safe Determining of System Availability Within a Multisystem Configuration

IP.com Disclosure Number: IPCOM000079600D
Original Publication Date: 1973-Aug-01
Included in the Prior Art Database: 2005-Feb-26
Document File: 3 page(s) / 33K

Publishing Venue

IBM

Related People

Davis, MI: AUTHOR

Abstract

Maximum probability of detection of hardware or software malfunctions within one system of a multisystem configuration is achieved by an intersystem coupling network, which is regularly energized by the primary system. The malfunction alert is propagated through the network from the primary system to the secondary or backup systems, so that appropriate recovery action can be taken. Undetected hardware malfunctions leading to spurious operating modes without a full malfunction alert are detected as can software malfunction conditions, such as iterative repetition of incorrect software routines or executions of incorrect sequences of software commands.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 3

Fail Safe Determining of System Availability Within a Multisystem Configuration

Maximum probability of detection of hardware or software malfunctions within one system of a multisystem configuration is achieved by an intersystem coupling network, which is regularly energized by the primary system. The malfunction alert is propagated through the network from the primary system to the secondary or backup systems, so that appropriate recovery action can be taken. Undetected hardware malfunctions leading to spurious operating modes without a full malfunction alert are detected as can software malfunction conditions, such as iterative repetition of incorrect software routines or executions of incorrect sequences of software commands.

Processing system 10 is the primary system and includes means such that the software may change the state of a signal at its digital output (D/O) interface 11 through terminals 12 and 13. Software executed in 10 involves the iteration at a predetermined repetition rate of a given software routine, scattered within the normal software routines being executed. The iterative routine causes terminal 12 to be changed in value between "0" and "1" levels periodically. Processing system 14 is a secondary or backup system capable of taking corrective action in the event of failure of 10, such as assuming control of I/O data transfers, process control functions and the like. Pulses from terminal 12 are coupled through resistance 16 and capacitance 17 network to node 18, where diode 19 ensures that only one polarity of signals are coupled through capacitor 20 to the RC network made up of capacitor 21 and resistor 22. Resistor 22 provides a discharge path for capacitor 21. The potential at digital input (D/I) interface 15 of system 14 at terminals 23 and 24 remains at a level so that 14 continues to recognize an apparent logical 1 at terminal 23, as long as regularly spaced pulses are produced at 12 by 10. Use of coupling capacitor 17 ensures that failure of terminal 12 to drop from a 1 level is detected as a malfunction by system 14.

Software within system 14 measures the potential by terminal 23 periodically. Thus, means are furnished to each processor whereby the presence of...