Fault-Tolerant Swarms

Safety-critical systems must be engineered to be ultra-reliable. Redundancy is critical to tolerate faults that cannot be eliminated by using ruggedized or hardened computing. The use of small satellites allows new missions to be cost-effective, but it also introduces new problems in terms of robustness and fault handling. Apart from the inherent problems of working in a distributed setting, small sats normally lack the redundancy needed to deal with pernicious faults due to constraints on weight, cost and complexity. This paper presents and evaluates fault tolerance mechanisms in a swarm of satellites considered as a whole, making it robust to the failure of one or more satellites. The evaluation is performed with a computer model augmented with the properties desired from our system. We use a random testing tool to inject faults in different parts of our model and evaluate the fault detection and fault correction mechanisms we propose. Our results support the suitability of the proposed fault model, fault tolerant architecture, and evaluation methodology.