Skip to Main Content
Fault containment between components is a significant property in embedded real-time systems in order to improve robustness, attain clear integration responsibilities and enable modular certification. This paper presents fault containment mechanisms, which are based on the time-triggered Network-on-a-Chip (NoC) of a reconfigurable MPSoC. Each component accesses this NoC via a communication interface that acts as a guardian of the component behavior in the time and value domain. The knowledge about the permitted behavior of a component is written into the communication interfaces by a trusted resource manager. We perform an evaluation of these fault containment capabilities using fault injection experiments. The experiments provide evidence that a faulty component cannot affect the timing or integrity of messages exchanged by other components.