The Simplex Architecture has been implemented in demonstration, pilot
study, and application systems. The demonstrations were prepared by the
Simplex development team as proof of concept systems.
Pilot studies are customer-driven applications that demonstrate the
feasibility of applying the Simplex Architecture to a specific problem area.
The Simplex Applications have been developed by other organizations with
the cooperation of the SEI. These applications use the Simplex Architecture
to address a domain-specific problem.
Video introduction to the Simplex Demonstrations (1:12 minutes, 429 Kb,
RealNetworks™ RealVideo® format)
A RealVideo media player
can be downloaded from the RealNetworks web site.
Quick Index
Simplex Demonstrations
Singleton Demonstration
Overview
Using the Simplex Architecture, real-time control software is tested,
altered, and replaced without halting the application and without losing
control of an unstable inverted pendulum. This was the first Simplex
demonstration completed, serving as proof of concept.
System Characteristics
Single commercial-grade PC computer
- POSIX .1b compliant operating system - LynxOS
- Inverted pendulum
Simplex Features
- A single platform for simultaneous code development and test
- Software can be modified without halting operations
- Active system can switch between programming languages (C and Ada95)
- System tolerates faults in the modified control software
Singleton Demonstration detailed description
Video of the Singleton Demonstration
(2:31 minutes, 6.5 Mb, QuickTime® format)
Legacy Demonstration
Overview
The Simplex Architecture is applied to the problem of replacing an old,
undocumented legacy application, which has reached the end of its useful
life. In this demonstration the Simplex Architecture is used to replace
inverted pendulum control software without modification to the the legacy
application or the computer that runs it. The new real-time control software
is tested, altered, and replaced using the old software as a backup controller.
After testing, the old system can be completely removed.
Derived from the Singleton Demonstration, the Legacy Demonstration uses
the same inverted pendulum, with the vendor-supplied control software serving
as the legacy application. A custom switch circuit allows the two systems
to simultaneously share sensor data and to select one of the systems to
control the pendulum.
System Characteristics
- Legacy PC: 80286 CPU running a DOS real-time application
- Simplex PC: Commercial grade system running a real-time Unix based
operating system
- System switch
- Inverted pendulum
Simplex Features
- Faults in new system's control software are tolerated
- No modification to legacy hardware or software required
- Legacy system can be removed after testing
Legacy Demonstration detailed description
Multiprocessor Demonstration
Overview
The Multiprocessor Demonstration was developed to explore solutions to the
upgrade paradox problem in a multiprocessor, fault-tolerant system. The
upgrade paradox can occur when functionality is partially altered in a
multiprocessor system which determines correct behavior by comparing
processor output, expecting near or complete agreement. A three-way voting
system is a typical example: there is no way to safely introduce new software
for testing without risking system failure because there is no combination of
new and old software which allows the new software to run until it fails but
not after.
Like the single computer Simplex demonstrations, a real time control
system was developed. While an unstable inverted pendulum is continuously
controlled, the Multiprocessor Demonstration tolerates both software and
hardware faults. The Multiprocessor Demonstration also supports the repair
and alteration of hardware and software while maintaining control of the
pendulum. Using the leadership protocol and appropriate decision logic, system
hardware and software need not be identical and the individual systems run
asynchronously.
System Characteristics
- 3 PC-based computational nodes: commercial grade systems running a
real-time Unix based operating system
- Graphical user interface system
- Switch box for voting and data I/O
- Inverted pendulum
Simplex Features
- Software tolerates one arbitrary system failure on any member system
and a crash failure of a second system
- Support for on-line hardware and software upgrade and test
- Any software component may be upgraded
- New software may be safely tested without facing the upgrade paradox
- Support for systems with heterogeneous software and hardware
Multiprocessor Demonstration detailed description
Simplex Pilots
Distributed Demonstration
Overview
The Distributed Demonstration was developed to demonstrate a Simplex approach
for a submarine control system under U. S. Navy sponsorship. Emphasis is
placed on the use of COTS components in a fault-tolerant control system
with high reliability and availability requirements. The system topology
and functions replicate, in commercial grade components, the planned system.
In addition to the usual demonstration of fault tolerance and upgradeability,
consideration is given to the issues of software safety and certifiability
in the software design.
System Characteristics
- Heterogeneous computational nodes
- Separate, redundant data acquisition/voter nodes
- Network communications
- "Bubble Control" system
- User interface system
Simplex Features
- Support of safe commercial-grade COTS usage in high reliability systems
- Online replacement and upgrade support
- Effective solutions for interactive consistency problems
Distributed Demonstration detailed description
Video of the Distributed Demonstration (7:19 minutes, 2.5 Mb, RealNetworks
RealVideo format)
Coordinated Prototype
Overview
The Coordinated Prototype demonstrates an approach for constructing a fault
resistant system capable of performing coordinated motion in a hostile communications
environment. The demonstration uses two inverted pendulums to provide visual
feedback and as a tangible indication of failure.
System Characteristics
- Standard PCs used as system nodes
- Paired inverted pendulums for visual feedback
Simplex Features
- Uses separate movement and coordination controllers
- Implements fault-resistant communications
Coordinated Prototype detailed description
Video of the Coordinated Demonstration (5:07 minutes, 1.8 Mb, RealNetworks
RealVideo format)
Simplex Applications
PECVD Application
Overview:
The Plasma Enhanced-Controlled Vapor Deposition (PECVD) Apparatus is used
for the development of improved semiconductor production software and
techniques. Experimental software is frequently used to run the equipment, at
the risk of failed runs and time-consuming cleaning if the vacuum chamber is
contaminated. Application of the Simplex Architecture allows the safe
completion of experimental runs even in cases where new software is
defective.
PECVD Application detailed description
INSERT Autopilot Prototype
Overview:
The INSERT (INcremental Software Evolution for Real-Time applications) Project
used Simplex to insert new technology into an existing aircraft simulation.
The new autopilot software is fault resistant and allows the on line upgrade
and test of the autopilot subsystem.
System Characteristics
- Simplex Subsystem: PC running a real-time Unix based operating system
- Aircraft Simulator: Silicon Graphics 02
Simplex Features
- Simplex inserted as a subsystem
- Fault detection to ensure vehicle safety
INSERT detailed description
Video of the INSERT
Demonstration (6:30 minutes, 2.3 Mb, RealNetworks RealVideo format)
