Fail-safeness in a multiprocessor system. A distributed strategy based on backward error recovery

A method for fault handling is presented, designed for multiprocessor systems supporting concurrent processes co-operating through message exchange. The proposal is described in reference to a specific system, i.e. the MuTEAM prototype developed in Pisa. The requirement was that no erroneous output should be generated by the system under a single fault hypotesis. The fault-handling model adopted is based on backward error recovery. The set of all the application processes is partitioned into disjoint subset (called families), which represent the atomic unit of recovery. Recovery points are established on communications among families. A single consistent recovery line is manteined, thereby avoiding the domino effect. The model does not rely on the use of mass storage devices; rather, the recovery information pertinent to all the processes in kept in the distributed main memory of the system.