Common use of Single Source Clause in Contracts

Single Source. Single-source state exchange mechanisms such as Leader/Follower and Master/Shadow are par- ticularly well-suited for systems that are constrained to only benign faults. For this to be true, though, hosts as well as the network must be constrained to the benign failure class. When this is achieved, the Leader or Master can broadcast the definitive applications state without broadcasting any errors (i.e., all state that is transferred will be correct, but delivery is not guaranteed). In the Leader/Follower case, a leader is elected from a set of candidates and holds tenure until it fails. During its tenure, the Leader is the definitive source of state and broadcasts that state with sufficient frequency to meet system requirements. Detection of the Leader’s failure is simplified in time-triggered networks. All the Leader needs to do is to transmit a periodic heartbeat. When any of the nodes that are capable of voting for a new leader detect that the heartbeat has failed, they cast a vote for a new leader. If the threshold for electing a new leader is based on the total number of eligible voters rather than the total number of voters participating in any particular election, the voting mechanism itself can mask potential problems with inconsistent observations of the current leader’s failure. That is, if only a minority of the eligible voters observes that the heartbeat has failed, they cannot cast enough votes to elect a new leader. Some bandwidth can be saved if the state transfer acts as the heartbeat. In the Master/Shadow case, the current Master and all shadows form a priority ordered set. The highest priority fault-free participant in that set is the current Master. To save bandwidth in ARINC 659, there are Master/Shadow slots in the schedule that allow up to four nodes to use the same bandwidth. Using a mini-slotting protocol within those slots, the highest priority participant is allowed the first chance to transmit. If it doesn’t begin to transmit within it mini-slot, the next higher priority participant attempts to transmit, ... and so on through the fourth priority. For state exchanges, all the participants would send the required state in that slot using the same format regardless of the source. Thus, any receiver needing this state can use the data transferred in this slot without needing to know the source. This can accommodate participants with omission failures, but not manifest failures. A similar thing can be done for TTEthernet, with the additional benefit that these mechanisms on TTEthernet can also tolerate manifest failures. The way that this can be done for TTEthernet is to have the potential Leaders or Masters (collectively call them contenders) share the same Bandwidth Allocation Gap (BAG) resources. If the current Leader or Master is alive, it consumes the allocation. This consumption can be used to hold off the other contenders. For the Leader/Follower case, the consumption is the heartbeat that is used to hold off the vote for a new Leader. For the Master/Shadow case, the contenders are scheduled to have contiguous transmission windows with the temporal ordering of these windows being the priority for which contender takes over if the current Master fails to consume their shared BAG allocation.

Appears in 5 contracts

Samples: ntrs.nasa.gov, ntrs.nasa.gov, ntrs.nasa.gov

AutoNDA by SimpleDocs
Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!