Malicious fault list generation method
First Claim
1. A method for selecting and responding to a malicious fault in a reconfigurable electronic apparatus, said apparatus for performing a plurality of tasks and having a first configuration and fault processes for counteracting a class of faults generally causing said apparatus to fail if said fault processor is unavailable, said malicious fault belonging to said class, occurring during execution of a preselected task by said apparatus, and causing said apparatus to fail during such execution, said preselected task being selected from said plurality of tasks, said method comprising the steps of:
- a. constructing an information flow representation of at least a portion of said apparatus executing said preselected task;
b. applying a preselected fault representation to said information flow representation and producing a plurality of input error conditions corresponding to at least one preselected output condition;
c. selecting from said plurality of input error conditions at least one fault condition corresponding to said class of faults;
d. injecting said at least one fault condition into said information flow representation and producing a malicious fault condition representative of said malicious fault, said malicious fault belonging to said class of faults occurring during execution of said preselected task by said apparatus and causing said apparatus to fail during such execution; and
e. modifying said apparatus from said first configuration to a second configuration responsive to said malicious fault condition and counteracting said malicious fault thereby.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for selecting and responding to a malicious fault in a reconfigurable electronic apparatus that can perform multiple tasks, and that has fault processing for counteracting a class of faults which can generally cause the apparatus to fail during the execution of a preselected task if the fault processor is unavailable and to which class the malicious fault can belong. The reconfigurable electronic apparatus can be a fault processing system, which can be an interlocking control circuit, or a combinational circuit. The method includes constructing an information flow representation of at least a portion of the apparatus executing the preselected task of interest; applying a preselected fault representation to the information flow representation and producing multiple input error conditions corresponding to at least one preselected output condition, the preselected fault representation including recursive reverse implication and, where reconvergent fanout occurs, a forward consistency check; selecting from the aforementioned multiple input error conditions at least one fault condition corresponding to the class of faults; injecting the at least one fault condition into the information flow representation and producing a malicious fault condition representative of said malicious fault; and modifying the apparatus responsive to the malicious fault condition, thereby counteracting the malicious fault. The malicious fault can belong to the class of faults occurring during execution of the preselected task by the apparatus and causing the apparatus to fail during such execution.
73 Citations
32 Claims
-
1. A method for selecting and responding to a malicious fault in a reconfigurable electronic apparatus, said apparatus for performing a plurality of tasks and having a first configuration and fault processes for counteracting a class of faults generally causing said apparatus to fail if said fault processor is unavailable, said malicious fault belonging to said class, occurring during execution of a preselected task by said apparatus, and causing said apparatus to fail during such execution, said preselected task being selected from said plurality of tasks, said method comprising the steps of:
-
a. constructing an information flow representation of at least a portion of said apparatus executing said preselected task; b. applying a preselected fault representation to said information flow representation and producing a plurality of input error conditions corresponding to at least one preselected output condition; c. selecting from said plurality of input error conditions at least one fault condition corresponding to said class of faults; d. injecting said at least one fault condition into said information flow representation and producing a malicious fault condition representative of said malicious fault, said malicious fault belonging to said class of faults occurring during execution of said preselected task by said apparatus and causing said apparatus to fail during such execution; and e. modifying said apparatus from said first configuration to a second configuration responsive to said malicious fault condition and counteracting said malicious fault thereby. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for responding to a malicious fault in a reconfigurable electronic apparatus, said apparatus for performing a plurality of tasks and having a first configuration and a fault processor for counteracting a class of faults generally causing said apparatus to fail if said fault processor is unavailable, said malicious fault belonging to said class of faults, occurring during execution of a preselected task by said apparatus, and causing said apparatus to fail during such execution, said preselected task being selected from said plurality of tasks, said method comprising the steps of:
-
a. isolating said preselected task from others of said plurality of tasks; b. generating a simulation file representative of said apparatus executing said preselected task; c. generating an information flow representation of said apparatus executing said preselected task from said simulation file; d. applying a preselected fault representation to said information flow representation and producing a plurality of input error conditions corresponding to at least one preselected output condition; e. selecting from said plurality of input error conditions at least one fault condition corresponding to said class of faults; f. injecting said at least one fault condition into said information flow representation and producing a malicious fault condition representative of said malicious fault, said malicious fault belonging to said class of faults generally causing said apparatus to fail if said fault processor is unavailable, said malicious fault occurring during execution of said preselected task by said apparatus and causing said apparatus to fail during such execution; and g. modifying said apparatus from said first configuration to a second configuration responsive to said malicious fault condition and counteracting said malicious fault thereby. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
Specification