WO1994011820B1 - Efficient schemes for constructing reliable computing nodes in distributed systems - Google Patents
Efficient schemes for constructing reliable computing nodes in distributed systemsInfo
- Publication number
- WO1994011820B1 WO1994011820B1 PCT/GB1993/002225 GB9302225W WO9411820B1 WO 1994011820 B1 WO1994011820 B1 WO 1994011820B1 GB 9302225 W GB9302225 W GB 9302225W WO 9411820 B1 WO9411820 B1 WO 9411820B1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- node
- messages
- microprocessors
- microprocessor
- output
- Prior art date
Links
- 238000000034 method Methods 0.000 claims abstract 7
- 230000003019 stabilising Effects 0.000 claims 4
- 230000001276 controlling effect Effects 0.000 claims 3
- 230000003111 delayed Effects 0.000 claims 2
- 230000000875 corresponding Effects 0.000 claims 1
- 238000009792 diffusion process Methods 0.000 claims 1
- 230000000063 preceeding Effects 0.000 claims 1
- 230000001360 synchronised Effects 0.000 claims 1
Abstract
The invention relates to a computing system, a fail-silent node for use in a computing system and a method of organising information so that a number of microprocessors in a computing node, which are arranged to receive messages from other components in the computing system and to process the received messages so as to transmit the results of this processing to other components in the system, compare the results of their processing and send nothing out from the node unless either all the microprocessors in the node produce identical results or more than half of the microprocessors in the node produce identical results. This is achieved by manipulating the order in which messages are processed by each microprocessor so as to ensure that each microprocessor in the node receives the same messages, orders these same messages so that messages within each microprocessor are processed in the same order, thus ensuring, if all the microprocessors are functioning correctly that the same results are produced.
Claims
1. A computing system comprising a computing node arranged to receive messages from other components in the system, to process received messages, and to transmit messages to other components in the system; the computing node comprising; a) a plurality of microprocessors linked together and arranged to process received messages; b) means for ordering the messages which means is adapted to process messages which arrive at each microprocessor in an arbitary order such that similar messages in identical order are selected for processing by correctly functioning microprocessors which then produce identical outputs; and c) means for comparing the outputs produced by the microprocessors of the node and for controlling the output of the node so that nothing is output from the node unless all the microprocessors in the node give identical output, the node output then being the same as the identical outputs.
2. A computing system according to Claim 1 wherein the said means for comparing the outputs produced by the microprocessors of the node and for controlling the output of the node operates so that nothing is output from the node unless more than half of the number of microprocessors in the node give identical output, the node output then being the same as the identical outputs.
3. A fail-silent node in or for use in a microprocessing system comprising; a plurality of microprocessors having interface means for enabling communications with other components in the system and a link means to enable communication between said processors in said node, characterised in that; said microprocessors further include; a) authentication means so that each microprocessor can confirm the integrity of any message it receives; b) signature means so that each microprocessor can label a message with its own signature; c) ordering means so that each microprocessor can order authenticated messages in time-stamped order; d) diffusion means so that each microprocessor can send messages to other microprocessors; and e) comparison and control means so that the outputs produced by each microprocessor can be compared; whereby similar messages are processed in identical order and the same outputs are produced by each microprocessor so that nothing is output from the node unless all the microprocessors in the node give the same output, the node output then being then being the same as the said same output.
4. A fail-silent node according to Claim 3 wherein the said means for comparing and controlling the outputs produced by the microprocessors of the node are adapted to operate so that nothing is output from the node unless more than half of the number of microprocessors in the node give the same output, the node output then being the same as the said same output.
5. A computing system or a fail-silent node according to any preceding Claim wherein the ordering means comprises the provisions of clock means within each microprocessor which clock means are synchronised such that a measurable difference between readings of clocks at any instant is represented by a maximum known constant.
6. A computing system or a fail-silent node according to any preceeding Claim wherein the ordering means comprises a clock means which is at least one logical clock. 25
7. A computing system or a fail-silent node according to Claims 1-4 wherein the ordering means comprises the designation of at least one microprocessor as; a Leader microprocessor and at least another of said microprocessors is designated as a Follower microprocessor whereby the Leader receives messages from outside the node and sends said messages to the Follower such that the order in which messages are processed is dictated by the Leader microprocessor.
8. A computer system or a fail-silent node according to Claim 7 wherein the Leader is adapted to process the information and then sends the result of this processing to the Follower so that the Follower can compare this result with its own generated result and in the event that the two results are identical, the Follower is adapted to produce a multiple signed message which is transmitted through the system.
9. A computer system or a fail-silent node according to Claim 8 wherein the Follower is provided with means which enables it to monitor messages received from outside the node whereby faults can be detected in the Leader.
10. A computing system or a fail-silent node according to any preceding Claim wherein said comparison means of said computing system or said comparison and control means of said fail-silent node is adapted to compare incoming messages with those produced locally so that successful messages can be countersigned by the local microprocessor and a subsequently generated multiple signed message can be transmitted through the system.
11. A computing system or a fail-silent node according to any preceding Claim wherein said computing system or said fail-silent node includes receiving means which discards duplicate messages.
12. A computing system or fail-silent node according to Claims 1-6, 10 or 11, wherein said computing system or said fail-silent node includes microprocessors which are adapted to receive said messages in parallel. 26
13. A method for ordering messages to be processed within a fail-silent computer node comprising; a) receiving messages at a microprocessor; b) authenticating said messages so as to confirm the integrity of same; c) stamping said messages to be ordered with a time-stamp corresponding to a local clock reading at said microprocessor; d) signing said messages; e) diffusing either the signed, time-stamped message or a copy of this signed, time-stamped message via a link means to other microprocessors in the node; f) ordering a plurality of signed, time-stamped messages in time-stamped order; g) processing the ordered messages according to their time-stamped order; h) signing the processed message output; i) diffusing either this signed, processed message output or a copy of this signed, processed message output via a link means to other microprocessors in the node; and j) comparing the message outputs in the node and, where a pre¬ determined number of said message outputs are the same, releasing said same message outputs from said node.
14. A method in accordance with Claim 13 wherein said pre-determined number equals a number equal to all the number of microprocessors in the node.
15. A method according to Claim 13 wherein said pre-determined number equals a number equal to more than half of said microprocessors in said node.
16. A method according to Claims 13, 14 or 15 wherein the method further includes the step of receiving said messages at said microprocessors in a parallel manner.
17. A method according to Claims 13-16 wherein the method of ordering involves 27
a process of stabilisation whereby incoming messages are delayed for a pre-determined length of time before they are queued in the time-stamped order of messages.
18. A method according to Claim 17 wherein one of said microprocessors is designated a Leader microprocessor and at least one other of said microprocessors is designated a Follower microprocessor whereby the Leader receives messages from outside the node and sends said messages to the Follower such that the order in which messages are processed is dictated by the Leader microprocessor; and the pre-determined length of time for which incoming messages are delayed in the Leader microprocessor equals 0.
19. A method according to Claim 17 wherein two microprocessors are provided in said node and the process of ordering or stabilisation involves; a) diffusing messages according to a First In First Out policy; b) receiving a time-stamped message with a time-stamp equal to T; and c) where T is greater than the local clock value, advancing the local clock to a time T+ 1 and stabilising all messages with a time-stamp less than or equal to T; or d) where T is less than or equal to the local clock value, stabilising all messages with a time-stamp less than or equal to T.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB9509299A GB2288045B (en) | 1992-11-06 | 1993-10-28 | Efficient schemes for constructing reliablecomputing nodes in distributed systems |
AU53437/94A AU5343794A (en) | 1992-11-06 | 1993-10-28 | Efficient schemes for constructing reliable computing nodes in distributed systems |
US08/432,184 US5754757A (en) | 1992-11-06 | 1993-10-28 | Efficient schemes for constructing reliable computing nodes in distributed systems |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB929223323A GB9223323D0 (en) | 1992-11-06 | 1992-11-06 | Distributed processing systems |
GB9223323.8 | 1992-11-06 | ||
GB9319058.5 | 1993-09-15 | ||
GB939319058A GB9319058D0 (en) | 1993-09-15 | 1993-09-15 | Distributed processing systems |
Publications (2)
Publication Number | Publication Date |
---|---|
WO1994011820A1 WO1994011820A1 (en) | 1994-05-26 |
WO1994011820B1 true WO1994011820B1 (en) | 1994-07-07 |
Family
ID=26301926
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/GB1993/002225 WO1994011820A1 (en) | 1992-11-06 | 1993-10-28 | Efficient schemes for constructing reliable computing nodes in distributed systems |
Country Status (4)
Country | Link |
---|---|
US (1) | US5754757A (en) |
AU (1) | AU5343794A (en) |
GB (1) | GB2288045B (en) |
WO (1) | WO1994011820A1 (en) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6678840B1 (en) * | 2000-08-31 | 2004-01-13 | Hewlett-Packard Development Company, Lp. | Fault containment and error recovery in a scalable multiprocessor |
US6630872B1 (en) | 2001-07-20 | 2003-10-07 | Cmc Electronics, Inc. | Digital indirectly compensated crystal oscillator |
US20030202543A1 (en) * | 2002-04-25 | 2003-10-30 | Karlquist Richard K. | Aggregate processing of information during network transmission |
DE10325263B4 (en) * | 2003-06-03 | 2013-09-19 | Phoenix Contact Gmbh & Co. Kg | Ensuring maximum response times in complex or distributed secure and / or non-secure systems |
EP2442229A1 (en) * | 2010-07-28 | 2012-04-18 | Siemens Aktiengesellschaft | High reliability method of data processing, and controller unit |
US9201977B2 (en) * | 2013-03-12 | 2015-12-01 | Andrew K. Lukes | Automatic flowchart-based webpage generation for troubleshooting or task completion without manual programming |
DE102017208484A1 (en) * | 2017-05-19 | 2018-11-22 | Robert Bosch Gmbh | Method and device for detecting hardware errors in microprocessors |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4330826A (en) * | 1980-02-05 | 1982-05-18 | The Bendix Corporation | Synchronizer and synchronization system for a multiple computer system |
DE3208573C2 (en) * | 1982-03-10 | 1985-06-27 | Standard Elektrik Lorenz Ag, 7000 Stuttgart | 2 out of 3 selection device for a 3 computer system |
US5023779A (en) * | 1982-09-21 | 1991-06-11 | Xerox Corporation | Distributed processing environment fault isolation |
US4569015A (en) * | 1983-02-09 | 1986-02-04 | International Business Machines Corporation | Method for achieving multiple processor agreement optimized for no faults |
EP0246218B1 (en) * | 1986-05-14 | 1993-08-18 | Alcatel Austria Aktiengesellschaft | Fault-tolerant data processing system |
US4914657A (en) * | 1987-04-15 | 1990-04-03 | Allied-Signal Inc. | Operations controller for a fault tolerant multiple node processing system |
US4907232A (en) * | 1988-04-28 | 1990-03-06 | The Charles Stark Draper Laboratory, Inc. | Fault-tolerant parallel processing system |
US5210834A (en) * | 1988-06-01 | 1993-05-11 | Digital Equipment Corporation | High speed transfer of instructions from a master to a slave processor |
US5157780A (en) * | 1990-06-12 | 1992-10-20 | Advanced Micro Devices, Inc. | Master-slave checking system |
CA2068048A1 (en) * | 1991-05-06 | 1992-11-07 | Douglas D. Cheung | Fault tolerant processing section with dynamically reconfigurable voting |
US5428769A (en) * | 1992-03-31 | 1995-06-27 | The Dow Chemical Company | Process control interface system having triply redundant remote field units |
US5285381A (en) * | 1992-09-09 | 1994-02-08 | Vanderbilt University | Multiple control-point control system and method of use |
-
1993
- 1993-10-28 AU AU53437/94A patent/AU5343794A/en not_active Abandoned
- 1993-10-28 WO PCT/GB1993/002225 patent/WO1994011820A1/en active Application Filing
- 1993-10-28 US US08/432,184 patent/US5754757A/en not_active Expired - Fee Related
- 1993-10-28 GB GB9509299A patent/GB2288045B/en not_active Expired - Fee Related
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Pass et al. | The sleepy model of consensus | |
CN111445333B (en) | Block generation method, device, computer equipment and storage medium | |
CN111801910A (en) | System and method for authenticating off-chain data based on proof verification | |
US20220239496A1 (en) | Blockchain consensus method, device and system | |
AU629663B2 (en) | Distributed data processing system | |
US6141758A (en) | Method and system for maintaining client server security associations in a distributed computing system | |
EP1550315B1 (en) | Generation of mixed media streams | |
US8914637B2 (en) | System for enabling digital signature auditing | |
US20040230793A1 (en) | System and method for encrypting and authenticating messages in a collaborative work environment | |
JPS60500232A (en) | How to obtain multiprocessor consensus that is optimized in the absence of failures | |
CA2698356A1 (en) | Method and apparatus for pre-emptively arbitrating on an acyclic directed graph | |
CN111723406A (en) | Consensus algorithm and system of block chain | |
US20100180123A1 (en) | Procedure and architecture for the protection of real time data | |
CN111682942A (en) | Binary weighted Byzantine fault-tolerant consensus method applied to permit chain | |
EP0794640B1 (en) | Virtual authentication network for secure processors | |
WO1994011820B1 (en) | Efficient schemes for constructing reliable computing nodes in distributed systems | |
CN113807851B (en) | Block chain expandability realization method and system based on slicing | |
CA2237678C (en) | Secure flexible electronic submission acceptance system | |
Sagirlar et al. | On the design of co-operating blockchains for IoT | |
CN112003925A (en) | Block chain-based Internet of things data storage method and Internet of things system | |
CN111953546B (en) | Internet of things equipment management method based on block chain system and intelligent home system | |
US5754757A (en) | Efficient schemes for constructing reliable computing nodes in distributed systems | |
Li et al. | Sepow: Secure and efficient proof of work sidechains | |
Song et al. | Secure auctions in a publish/subscribe system | |
CN112416981A (en) | Data processing method and device based on block chain, electronic equipment and storage medium |