Ing. Martin Kohlík, Ph.D.

Proceedings paper

10.1109/DSD57027.2022.00097

Department of Digital Design

Dependability models allow calculating the rate of events leading to a hazard state – a situation, where the safety of the modeled dependable system is violated, thus the system may cause material loss, serious injuries, or casualties. The calculation of the hazard rate of the complex non-homogeneous Markov chains is time-consuming and the accuracy of the results is questionable. We have presented two methods able to calculate the hazard rate of the complex non-homogeneous Markov chains in previous papers. Both methods achieved very accurate results, thus we compare four Monte-Carlo based simulation methods (both accuracy and time-consumption) with our methods in this paper. A simple Triple Modular Redundancy (TMR) model is used in this paper since its hazard rate can be calculated analytically.

Proceedings paper

10.1109/DSD51259.2020.00108

Department of Digital Design

Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system is violated, thus the system may cause material loss, serious injuries or casualties. This paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different sets of homogeneous differential equations for several hundreds small time intervals (using default parameters settings - the number of the intervals can be adjusted to balance accuracy/time-consumption ratio). The method is compared to a previous version based on probability matrices and used to calculate the hazard rate of the hierarchical Markov chain. The hierarchical Markov chain allows us to calculate the hazard rates of the blocks independently and the non-homogeneous approach allows us to use them to calculate the hazard rate of the whole system. This method will allow us to calculate the hazard rate of the non-homogeneous Markov chain very accurately compared to methods based on homogeneous Markov chains.

Article

10.1016/j.micpro.2020.103206

Department of Digital Design

This paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different homogeneous probability matrices for several hundreds small time intervals (using default parameters settings — the number of the intervals can be adjusted to balance accuracy/time-consumption ratio). The method is compared to a pessimistic method based on homogeneous Markov chains and used to calculate the hazard rate of the hierarchical Markov chain. The hazard rates of the blocks are calculated independently and the non-homogeneous approach allows us to use them to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks.

Proceedings paper

10.1109/DSD.2019.00074

Department of Digital Design

Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system is violated, thus the system may cause material loss, serious injuries or casualties. Hierarchical dependability models allow expressing multiple redundancies made at multiple levels of a system consisting of multiple cooperating blocks. The hazard rates of the blocks are calculated independently and, when combined, they are used to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks. The paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different homogeneous probability matrices for several hundreds small time intervals. This method will allow us to calculate the hazard rate of the non-homogeneous Markov chain very accurately compared to methods based on homogeneous Markov chains.

Proceedings paper

10.1109/DTIS.2019.8735006

Department of Digital Design

This paper shows a method of calculating the hazard rate of the non-homogeneous Markov chains using different homogeneous probability matrices for several hundreds small time intervals. The proposed method is applied on hierarchical dependability models allowing independent calculations of the hazard rates of multiple cooperating blocks of the system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks and the proposed method is very accurate compared to methods based on homogeneous Markov chains.

Article

10.1016/j.micpro.2017.06.015

Department of Digital Design

This paper proposes a method improving the fault-coverage capabilities of Field Programmable Gate Array (FPGA) designs. Faults are mostly Single Event Upsets (SEUs) in the configuration memory of SRAM-based FPGAs and they can change the functionality of an implemented design. These changes may lead to crucial mistakes and cause damage to people and environment. The proposed method utilizes Concurrent Error Detection techniques and the basic architectures of actual modern FPGAs - the Look-Up Table (LUT) with two outputs. The main part of the paper is the description of the proposed method (Parity Waterfall) based on a cascade - waterfall - of several waves of inner parity generating the final parity of outputs of the whole circuit. The proposed Parity Waterfall (PWtf) method utilizes the (mostly) unused output of a two-output LUT to cover any single possible routing or LUT fault with a small area overhead. The encapsulation of the proposed PWtf method into a Duplication with Comparison scheme is presented in the second part of the paper. This encapsulation allows us to create a system containing two independent copies of all parts able to detect and localize any single fault (like common Triple Modular Redundancy method). Experiments are performed on the standard set of IWLS2005 benchmarks in our simulator. The results demonstrate differences between our proposed method and a similar existing technique - Duplication with Comparison (DwC), and between the encapsulated PWtf method and TMR. The proposed method has a lower relative overhead and requires a lower number of inputs and outputs.

Proceedings paper

10.1109/QRS.2017.43

Department of Digital Design
Department of Applied Mathematics

In the presented work we predict the life expectancy of multi-part railway fail-safe signaling systems. The monitored electronic track circuits detect train locations and movement in real time, and issue alerts and warnings to prevent collisions. Based on 10 years of failure reports from the manufacturer of systems used by Czech railroads, we establish estimates of time-to-failure distributions of their components. We modify and apply survival models for censored data with various parameters for which we propose and compare new estimators. Both left and right time-based censoring of the data is considered. This approach allows us to include in the analysis components that were in operation before the study started, as well as components that were functional after the end of the study. Special attention is paid to the correct treatment of missing and incomplete data in the analyzed reports. We compare models with constant and variable failure rates. Hypotheses testing methodology is used to select a model with the best fit for the analyzed data.

Proceedings paper

10.1109/DSD.2016.91

Department of Digital Design

This paper proposes a method improving the faultcoverage capabilities of Field Programmable Gate Array (FPGA) designs. Faults are mostly single event upsets (SEUs) in the configuration memory of SRAM-based FPGAs and they can change the functionality of an implemented design. These changes may lead to crucial mistakes and cause damage to people and environment. The proposed method utilizes Concurrent Error Detection (CED) techniques and the basic architectures of actual modern FPGAs – the Look-Up Table (LUT) with two outputs. The Parity Waterfall method (based on a cascade – waterfall – of several waves of inner parity generating the final parity of outputs of the whole circuit) presented in our previous paper has been encapsulated into a Duplication scheme in this paper. This encapsulation allows us to create a system containing two independent copies of all parts able to detect and localize any single fault (like common Triple Modular Redundancy (TMR) method). Experiments are performed on the standard set of IWLS2005 benchmarks in our simulator. The results demonstrate differences between our proposed method in comparison with TMR – the proposed method has a lower relative overhead and requires a lower number of inputs and outputs.

Proceedings paper

10.1109/DDECS.2016.7482441

Department of Digital Design

This paper proposes a method for improvement of the fault-coverage capabilities of Field Programmable Gate Array (FPGA) designs. It utilizes Concurrent Error Detection (CED) techniques and the basic architectures of actual modern FPGAs the Look-Up Table (LUT) with two outputs. Proposed Parity Waterfall method is based on a cascade (waterfall) of several waves of inner parity generating the final parity of outputs of the whole circuit. The utilization of the (mostly) unused output of a two-output LUT allows the proposed method to cover any single possible routing or LUT fault with a small area overhead. The method is experimentally evaluated using the standard set of IWLS2005 benchmarks and using our simulator/emulator. The experimental results of the proposed parity waterfall method are compared with a similar existing technique (duplication with comparison). These results show that the area overhead is smaller than the overhead of the duplication with comparison method for all of the tested circuits and 100% fault coverage is achieved.

Proceedings paper

10.1109/DSD.2014.54

Department of Digital Design

This paper presents the method of dependability parameters improvement for systems based on unreliable components such as Field Programmable Gate Arrays (FPGAs). It combines Concurrent Error Detection (CED) techniques [4], FPGA dynamic reconfigurations and our previously designed Modified Duplex System (MDS) architecture. The methodology is developed with respect to the minimal area overhead and high availability. It is aimed for mission critical practical applications of modular systems. Therefore it is applied and tested on the safety railway station system, where all these parameters are required. This Fault-Tolerant (FT) design is modeled and tested to fulfill strict Czech standards [7]. The proposed method is based on static and partial dynamic reconfiguration [5] of totally self-checking blocks which allows a full recovery from a Single Even Upset (SEU). This method is compared with triple module redundancy technique.

Proceedings paper

10.5755/e01.9786090210819

Department of Digital Design

Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system (e.g. railway station signalling and interlocking equipment, automotive systems, etc.) is violated, thus the system may cause material loss, serious injuries or casualties. A hierarchical dependability model based on multiple Markov chains allows expressing multiple redundancies made at multiple levels of a system consisting of multiple cooperating blocks. The hazard rates of the blocks are calculated independently and, when combined, they are used to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks. The paper shows a method of reducing Markov chains and using them to create hierarchical dependability models and its extensions allowing more accurate results to be achieved. An example study is used to demonstrate the improvements obtained by the extensions when compared to the original method.

Proceedings paper

Department of Digital Design

Dependability models allow calculating the rate of events leading to a hazard state - a situation, where safety of the modeled dependable system (e.g. railway station signaling and interlocking equipment, automotive systems, etc.) is violated, thus the system may cause material loss, serious injuries or casualties. A hierarchical dependability model based on multiple Markov chains allows expressing multiple redundancies made at multiple levels of a system consisting of multiple cooperating blocks. The hazard rates of the blocks are calculated independently and, when combined, they are used to calculate the hazard rate of the whole system. The independent calculations are significantly faster than the calculation of a single model composed of all models of the blocks.

Proceedings paper

Department of Digital Design

A dependability model allows calculating the rate of an event leading to a hazard state - a situation, where safety of the modeled system is violated, thus the system may cause material loss, serious injuries or casualties. A hierarchical dependability model allows expressing multiple redundancies made at multiple levels of a system decomposed to multiple cooperating blocks. A hierarchical dependability model based on Markov chains allows each block and its relation to the other blocks to be expressed independently by a Markov chain. This allows a decomposition of a complex dependability model into multiple small models to be made. The decomposed model is easier to read, understand and modify. A hazard rate is calculated significantly faster using hierarchical model, because the decomposition allows exponential calculation-time explosion to be avoided. The hazard rate of the system is the key value to specify the Safety Integrity Level (SIL).

Proceedings paper

10.1109/LATW.2013.6562660

Department of Digital Design

Dependability models allow calculating the rate of an event leading to a hazard state – a situation, where safety of the modeled dependable system (e.g. railway station signaling and interlocking equipment, automotive systems, etc.) is violated, thus the system may cause material loss, serious injuries or casualties. A hierarchical dependability model allows expressing multiple redundancies made at multiple levels of a system decomposed to multiple cooperating blocks. A hierarchical dependability model based on Markov chains allows each block and relations between these blocks to be expressed independently by Markov chains. This allows a decomposition of a complex dependability model into multiple small models to be made. The decomposed model is easier to read, understand and modify. A hazard rate is calculated significantly faster using hierarchical model, because the decomposition allows exponential calculation-time explosion to be avoided. The paper shows a method how to reduce Markov chains and use them to create hierarchical dependability models. An example study is used to demonstrate the advantages of the hierarchical dependability models (the decomposition of the complex model into multiple simple models and the speedup of the hazard rate calculation).

Proceedings paper

Department of Digital Design

This paper presents the structure of the dissertation concerning two main topics. The first one is about the partial duplication - a method allowing the improvement of the fault coverage of the system based on dependable blocks implemented in FPGA (Field-programmable gate array). This method uses fault simulation to determine which part of the block that will be duplicated to obtain improvement of the fault security at the low overhead cost. The block-based design rewuires a dependability model able to make multiple levels of dependability improvements into account. There are models capable to deal with multiple levels of dependability imrpovements, but their capabatilies are limited. A new hierarchical models based on Markov chains are concerned as the second and the main topic of the dissertation thesis and this paper.

Proceedings paper

10.1109/DSD.2012.86

Department of Digital Design

This paper compares four different redundancy methods, which includes parity code, partial duplication and their combinations, with two standard methods (Duplex and Triple Module Redundancy). Two main attributes are observed: the Total size of system including overhead caused by redundancy addition and steady-state availability - dependability parameter defining the readiness for correct service of a system.

Proceedings paper

10.1109/DDECS.2012.6219050

Department of Digital Design

This paper presents a method how to reduce safety models based on Markov chains.The safety models is used to calculate the probability and rate of an event leading to the hazard state - situation, where safety of a modeled system is violated, so the system may cause material loss ot mortality. The reduction method allows us to prove that the rate of the event is sufficiently small hence the hazard state may be neglectede. The real safety model of railway station signaling and interlocking equipments is used as a case study.

Proceedings paper

10.1109/DSD.2011.42

Department of Digital Design

FPGAs are susceptible to many environment effects that can cause soft errors (errors which can be corrected by the reconfiguration ability of the FPGA). Two different fault models are discussed and compared in this paper. The first one - Stuck-at model - is widely used in many applications and it is not limited to the FPGAs. The second one - Bit-flip model - can affect SRAM cells that are used to configure the internal routing of the FPGA and to set up the behavior of the Look-Up Tables (LUTs). The change of the LUT behavior is the only Bit-flip effect considered in this paper. A fault model analysis has been performed on small example designs in order to find the differences between the fault models. This paper discusses the relevance of using two types of models Stuck-at and Bit-flip with respect to the dependability characteristics Fault Security (FS) and Self-Testing (ST). The fault simulation using both fault models has been performed to verify the analysis

Proceedings paper

10.1109/DSD.2010.112

Department of Digital Design

A method how to improve the coverage of single faults in combinational circuits is proposed. The method is based on Concurrent Error Detection, but uses a fault simulation to find Critical points - the places, where faults are difficult to detect. The partial duplication of the design with regard to these critical points is able to increase the faults coverage with a low area overhead cost. Due to higher fault coverage we can increase the dependability parameters. The proposed modification is tested on the railway station safety devices designs implemented in the FPGA.

Proceedings paper

Department of Digital Design

Our aim is to create a methodology for FPGA industrial applications with respect to area, speed, power consumption and reliability optimizations (both fail safe and fault-tolerant). We take into account different types of faults, the way they affect the circuit (Single Event Upset, Single Event Latchup, Delay faults etc.) and their injection into design (insertion into bitstream, edif, behavioral description or saboteur method). We need to create formal dependability models that are able to model mentioned faults and reconfifiguration ability of FPGAs. We use well-known Markov Chains and Stochastic Petri nets. The usage of both types of models is similar and they are mutually convertible. This paper describes the main problems how to obtain relevant and comparable results.

Proceedings paper

Department of Digital Design

A method how to calculate the steady-state availability of designs composed of two cooperating secured modules is proposed. Our main goal is to create a dependability model that is able to be used to describe designs containing cooperating secured reconfigurable modules.

Proceedings paper

Department of Digital Design

This paper shows the impact of the trade-off between reconfigurable and non-reconfigurable parts of the FPGA to the dependability characteristics of the whole design. Stochastic Petri nets have been used to compute reliability and dependability characteristics in a simple FPGA design with dynamically reconfigurable modules. Some parts of the design are not possible or proper to reconfigure dynamically (e.g. module interconnections, module-pin connections...). A non-reconfigurable overhead may have a significant effect to the availability of the design. The granularity of reconfigurable parts and their number can also affect dependability parameters. The method how to enumerate these effects via a formal dependability model is shown in this paper.