Skip to Main Content
In a distributed hard real-time system based on a broadcast bus for inter-node communication, it is important to prevent a single faulty node from monopolizing the communication bus. In a time-triggered system, in which messages are broadcast according to a pre-determined transmission pattern, this kind of failure is characterized by the faulty node transmitting messages at arbitrary points in time, thus corrupting the transmissions on the bus. This type of failure is known as the babbling-idiot failure. Within the presented approach, a special device, the bus guardian, is added to each node to protect the communication bus from the babbling-idiot failure. The regular transmission pattern of a time-triggered system is exploited in order to enforce a fail-silent behaviour of the node in the time domain. The paper describes the requirements imposed on the bus guardian to enforce fail-silent behaviour of the node. The mechanisms of the bus guardian are presented, along with the node architecture necessary for implementing the presented technique.