Rigorous Design and Implementation of Fault Tolerant Ambient Systems Technical report series

摘要

Building fault tolerant ambient systems is an even more challenging task than building fault tolerant distributed systems, as their components are loosely synchronised, can move, become disconnected, and their behaviour may depend on the changing context. In this paper, we demonstrate how to build such a system using an ambient lecture scenario. The approach we are putting forward relies on using a combination of formal methods applied for rigorous development of the critical parts of the system and a set of design abstractions proposed specifically for the ambient applications and supported by a special middleware. Our middleware provides system structuring through the concepts of roles, agents, locations and scopes, making it easier for the developers to achieve fault tolerance. In addition to these, the middleware facilitates recovery by detecting a set of predefined abnormal situations (such as disconnections). The paper outlines our experience in developing the lecture scenario using this approach, focusing specifically on designing and implementing the fault tolerance mechanisms.