Software fault tolerance in architectures with hierarchical protection levels

Abstract

The effect on software fault tolerance of hardware features such as hierarchical privilege levels (rings), the use of descriptors for memory protection, separated virtual address spaces, and ring crossings that enforce specific energy points is considered. A strategy that uses a separate programming layer, the recovery layer, to handle fault-tolerant aspects of process interactions is discussed. The recovery metaprogram (RPM) which monitors the run-time behavior of the application program and coordinates error detection, recovery, and reconfiguration, is examined, focusing on privilege levels, which provide protection against error propagation, RMP implementation, and conversations. The intel 80286 has been used as a sample implementation vehicle, but most of the discussion applies to any machine with a similar range of features. Extension to multiprocessor systems is indicated.