• Via E. D'Onofrio, 304 - 00155 Rome ITALY
  • +39 06 94 53 63 87


Complex safety critical systems currently being designed and built are often difficult multi-disciplinary undertakings. Part of these systems is often a computer control system. In order to ensure that these systems perform as specified, even under extreme conditions, it is important to have a fault tolerant computing system, both hardware and software.

In order to guarantee the safety of a system based on our computers we generally propose a 2oo2 architecture with the definition of a secure state which is entered whenever a fault is detected.

In order to increase the reliability of a safety related system based on our computers we generally propose a dual 2oo2 architecture in conjunction with a cross-channel data link. In both cases, both 2oo2 systems have access to the system inputs and can drive the system outputs.
The 2oo2 architecture – based on the GEMINI engine and running GEMINI-OS – assures that if a failure is detected by the on-line diagnostics on one module, that module will automatically enter the system safe-state and release the control of the outputs.

However, the overall system functionality would not be compromised as being guaranteed by the remaining module. Development of SW application also includes fault tolerance techniques like defensive programming, fault detection & diagnosis, N-version programming, error detecting codes, self-checking software, failure assertion programming, etc.