A recon gurable fault tolerant system achieves the attributes of dependability of operations through fault detection, fault isolation and recon guration, typically referred to as the FDIR paradigm. Fault diagnosis is a key component of this approach, requiring an accurate determination of the health and state of the system. An imprecise state assessment can lead to catastrophic failure due to an optimistic diagnosis, or conversely, result in underutilization of resources because of a

more »

... diagnosis. Di ering from classical testing and other o -line diagnostic approaches, we develop procedures for maximal utilization of the system state information to provide for continual, on-line diagnosis and recon guration capabilities as an integral part of the system operations. Our diagnosis approach, unlike existing techniques, does not require administered testing to gather syndrome information but is based on monitoring the system message tra c among redundant system functions. We present comprehensive on-line diagnosis algorithms capable of handling a continuum of faults of varying severity a t t h e n o d e and link level. Not only are the proposed algorithms on-line in nature, but are themselves tolerant to faults in the diagnostic process. Formal analysis is presented for all proposed algorithms. These proofs o er both insight into the algorithm operations and facilitate a rigorous formal veri cation of the developed algorithms.