A data recovery (DR) system where local backup (for example, synchronized snapshotting) is performed based on one or more recovery parameters including at least one of the following recovery data objective (RDO) type and/or recovery data block objective (RDBO) type. A recovery point objective (RPO) type parameter may additionally and concurrently used as an alternative local backup trigger.

A system, method, and computer readable medium for asynchronous live migration of applications between two or more servers. The computer readable medium includes computer-executable instructions for execution by a processing system. Primary applications runs on primary hosts and one or more replicated instances of each primary application run on one or more backup hosts. Asynchronous live migration is provided through a combination of process replication, logging, barrier synchronization, checkpointing, reliable messaging and message playback. The live migration is transparent to the application and requires no modification to the application, operating system, networking stack or libraries.

A railway safety critical application system substitutes commercial off-the-shelf (COTS) hardware and/or software for railway-domain specific product components, yet is validated to conform to railway safety critical system failure-free standards. The safety critical system uses a pair of tasks executed on a controller of a COTS personal computer or within a virtual environment with asymmetric communications capability. Both tasks receive and verify safety critical systems input message data and security code integrity and separately generate output data responsive to the input message. The first task has sole capability to send complete safety critical system output messages, but only the second task has the capability of generating the output security code. A failure of any of systems hardware, software or processing capability results failure to transmit a safety critical system output message or an output message that cannot be verified by other safety critical systems.

A family of software-hardware cooperative mechanisms to accelerate intra-thread duplication leverage the register file error detection hardware to implicitly check the data from duplicate instructions, avoiding the overheads of instruction checking and enforcing low-latency error detection with strict error containment guarantees.

A method and device for performing failsafe computation, and a method of compiling code to perform a failsafe computation are provided. The method includes performing a first calculation (212) to generate a first result (214). A second calculation (218) is performed using a scalar (216) and the first calculation (212) to generate a second result (220). The second calculation (218) includes multiplying the first calculation (212) by the scalar (216) to generate a scaled result, and dividing the scaled result by the scalar (216) to generate the second result (220). The first result (214) and the second result (220) are compared to determine if they are equivalent.

A graphics processing system for operation with a data store includes processing units for processing tasks. A check unit forms a signature which is characteristic of an output from processing a task on a processing unit, and a fault detection unit compares signatures formed at the check unit. The graphics processing system processes each task first and second times at the processing units so as to generate first and second processed outputs. The graphics processing system write outs the first processed output to the data store, reads back the first processed output from the data store and forms at the check unit a first signature characteristic of the first processed output as read back from the data store; forms at the check unit a second signature characteristic of the second processed output, compares the first and second signatures at the fault detection unit, and raises a fault signal if the signatures do not match.

An operating method of a vehicle watchdog circuit is provided. The method includes monitoring whether communication with a vehicle controller through a preset protocol is enabled and when a communication fault does not occur by monitoring whether communication is enabled, transmitting an error detection query to the vehicle controller every preset period. A response to the error detection query is received, and an operation of the vehicle controller is monitored, and upon determining that the operation of the vehicle controller is normal, a plurality of preset reset signals are sequentially transmitted to the vehicle controller.

Herein is disclosed an integrated input/output (I/O) processing system, comprising an I/O port, configured to receive I/O data and to deliver the I/O data to one or more processors; one or more processors, further comprising a first processing logic and a second processing logic, wherein the one or more processors are configured to deliver the received I/O data to the first processing logic and to the second processing logic, and wherein the first processing logic and the second processing logic are configured to redundantly process the I/O data; and a comparator, configured to compare an output of the first processing logic and an output of the second processing logic.

A microprocessor comprises a timer capable of resetting the device and a plurality of hardware registers (4) arranged logically so that a collective predetermined state of the registers (4) prevents the device from resetting. The device further comprises software (2) with a plurality of functions arranged to place said registers (4) in said predetermined state if each of said functions has executed properly.

In one aspect, a method for metric payloads ingestion and playback is disclosed. The method includes receiving time series of metric payloads for a plurality of performance metrics indicating performance of a node or machine and storing the received time series of metric payloads in a payload tracking table of a database. The storing includes storing the received time series of metric payloads in different layers and partitioned regions of the payload tracking table. The layers represent time ranges corresponding to time points when the time series of metric payloads are received. The partitioned regions are assigned to received certain ones of the received time series of metric payloads. The method includes replaying the stored time series of metric payloads from a select one or more of the partitioned region or layer or both.