The purpose of this glossary is to provide an easily searchable overview of definitions that may not be readily available elsewhere on the internet. It is constantly being updated in collaboration with leading industry experts.
This index of technical terms is based on the glossary found in the publication "Real-Time Systems: Design Principles for Distributed Embedded Applications" written by Hermann Kopetz and Wilfried Steiner. It is a standard text in so-called real-time embedded systems* or cyber-physical systems, a field of computer science that is as complex as it is fascinating.
*Terms formatted in italics have their own individual entry.
A B C D E F G H I J L M N O P R S T U V W
A
Absolute Timestamp: An absolute timestamp of an event e is the timestamp of this event that is generated by the reference clock.
Accuracy Interval: The maximum permitted time interval between the point of observation of a real-time entity and the point of use of the corresponding real-time image.
Accuracy of a Clock: The accuracy of a clock denotes the maximum offset of a given clock from the external time reference during the time interval of interest.
Action: An action is the execution of a program or a communication protocol.
Action Delay: The action delay is the maximum time interval between the start of sending a message and the instant when this message becomes permanent at the receiver.
Actuator: A transducer that accepts data and trigger information from a gateway component and realizes the intended physical effect in the controlled object.
Advanced Encryption Standard (AES): An international standard for the encryption of data.
Audio Video Bridgingus (AVB): The IEEE 802.1 audio/video bridging (AVB) task force has developeds a set of protocols based on the Ethernet standard that meets the requirements of multimedia systems.
Agreed Data: An agreed data element is a measured data element that has been checked for plausibility and related to other measured data elements, e.g., by the use of model of the controlled object. An agreed data element has been judged to be a correct image of the corresponding real-time entity (→ raw data, → measured data).
Agreement Protocol: An agreement protocol is a protocol that is executed among a set of components of a distributed system to come to a common (agreed) view about the state of the world, both in the discrete value domain and in the sparse time domain.
Alarm Monitoring: Alarm monitoring refers to the continuous observation of the RT entities to detect an abnormal behavior of the controlled object.
Alarm Shower: An alarm shower is a correlated set of alarms that is caused by a single primary event.
Analytic Rational Subsystem: A conscious human problem-solving subsystem that operates according to the laws of causality and logic.
Anytime Algorithm: An anytime algorithms consist of a root segment that calculates a first approximation of the result of sufficient quality and a periodic segment that improves the quality of the previously calculated result. The periodic segment is executed repeatedly until the deadline is reached.
Aperiodic Task: An aperiodic task is a task where neither the task request times nor the minimum time interval between successive requests for activation are known (→ periodic task, → sporadic task).
Application Programming Interface (API): The interface between an application program and the operating system within a component.
A Priori Knowledge: Knowledge about the future behavior of a system that is available ahead of time.
Assumption Coverage: Assumption coverage is the probability that assumptions that are made in the model building process hold in reality. The assumption coverage limits the probability that conclusions derived from a perfect model will be valid in the real world.
Atomic Action: An atomic action is an action that has the all-or-nothing property. It either completes and delivers the intended result or does not have any effect on its environment.
Atomic Data Structure: An atomic data structure is a data structure that has to be interpreted as a whole.
Availability: Availability is a measure of the correct service delivery regarding the alternation of correct and incorrect service, measured by the fraction of time that the system is ready to provide the service.
B
Babbling Idiot: A component of a distributed computer system that sends messages outside the specified time interval is called a babbling idiot.
Back-Pressure Flow Control: In back-pressure flow control the receiver of a sequence of messages exerts back pressure on the sender so that the sender will not outpace the receiver.
Basic Message Transport Service (BMTS): The basic message transport service transports a message from a sending component to one or more receiving components.
Benign Failure: A failure is benign if the worst-case failure costs are of the same order of magnitude as the loss of the normal utility of the system.
Best Effort: A real-time system is a best-effort system if it is not possible to establish the temporal properties by analytical methods, even if the load- and fault hypothesis holds (→ guaranteed timeliness).
Bit-length of a Channel: The bit length of a channel denotes the number of bits that can traverse the channel within one propagation delay.
Bus Guardian: The independent hardware unit of a TTP controller that ensures fail silence in the temporal domain.
Byzantine Error: A Byzantine error occurs if a set of receivers observes different (conflicting) values of a RT entity. Some or all of these values are incorrect (synonym: malicious error, two-faced error, inconsistent error).
C
Causal Order: A causal order among a set of events is an order that reflects the cause-effect relationships between the events.
Causality: The causality relationship between a cause C and an event E is defined as follows: If C happens, then E is always produced by it.
Clock: A clock is a device for time measurement that contains a counter and a physical oscillation mechanism that periodically generates an event, the → tick or → microtick of the clock, to increase the counter.
Cluster: A cluster is a subsystem of a real-time system. Examples of clusters are the real-time computer system, the operator, or the controlled object.
Cognitive Complexity: The elapsed time needed to → understand a model by a given observer is a measure of the cognitive effort and thus of the cognitive complexity of a model relative to the observer. We assume that the given observer is representative of the intended user group of the model.
Complex Task (C-task): A complex task (C-task) is a task that contains a blocking synchronization statement (e.g., a semaphore operation wait) within the task body.
Component: A component is a hardware-software unit, i.e., a self-contained computer including system- and application software that performs a well-defined function within a distributed computer system.
Composability: An architecture is composable regarding a specified property if the system integration will not invalidate this property, provided it has been established at the subsystem level.
Computational Cluster: A subsystem of a real-time system that consists of a set of components interconnected by a real-time communication network.
Concept: A concept is a category that is augmented by a set of beliefs about its relations to other categories. The set of beliefs relates a new concept to already existing concepts and provides for an implicit theory.
Conceptual Landscape: The conceptual landscape refers to the personal knowledge base that has been built up and maintained by an individual in the experiential and rational subsystem of the mind.
Concrete World Interface: The concrete world interface is the physical I/O interface between an interface component and an external device or another external component.
Concurrency Control Field (CCF): The concurrency control field (CCF) is a single-word data field that is used in the NBW protocol.
Consistent Failure: A consistent failure occurs if all users see the same erroneous result in a multi-user system.
Contact Bounce: The random oscillation of a mechanical contact immediately after closing.
Control Area Network (CAN): The control area network (CAN) is a low-cost event-triggered communication network that is based on the carrier-sense multiple-access collision-avoidance technology.
Controlled Object: The controlled object is the industrial plant, the process, or the device that is to be controlled by the real-time computer system.
Convergence Function: The convergence function denotes the maximum offset of the local representations of the global time within an ensemble of clocks.
D
Deadline: A deadline is the instant when a result should/must be produced (→ soft deadline, firm deadline, and hard deadline).
Deadline Interval: The deadline interval is the interval between the task request time and the deadline.
Determinism: A physical system behaves deterministically if given an initial state at instant t and a set of future timed inputs, then the future states and the values and times of future outputs are entailed. In a deterministic distributed computer system, we must assume that all events, e.g., the observation of the initial state at instant t and the timed inputs, are sparse events on a sparse global time base.
Drift: The drift of a physical clock k between microtick i and microtick i+1 is the frequency ratio between this clock k and the reference clock at the time of microtick i.
Drift Offset: The drift offset denotes the maximum deviation between any two good clocks if they are free running during the resynchronization interval.
Duration: A duration is a section of the timeline.
Dynamic Scheduler: A dynamic scheduler is a scheduler that decides at run time after the occurrence of a significant event which task is to be executed next.
E
Earliest-Deadline-First (EDF) Algorithm: An optimal dynamic preemptive scheduling algorithm for scheduling a set of independent tasks.
Electro-Magnetic Interference (EMI): The disturbance of an electronic system by electromagnetic radiation.
Electronic Product Code (EPC): A code designed by the RFID community that can be used to uniquely identify every product on the globe.
Embedded System: A real-time computer that is embedded in a well specified larger system, consisting in addition to the embedded computer of a mechanical subsystem and, often, a man-machine interface (→ intelligent product).
Emergence: We speak of emergence when the interactions of subsystems give rise to unique global properties at the system level that are not present at the level of the subsystems.
End-to-End Protocol: An end-to-end protocol is a protocol between the users (machines or humans) residing at the end points of a communication channel.
Environment of a Computational Cluster: The environment of a given computational cluster is the set of all clusters that interact with this cluster, either directly or indirectly.
Error: An error is that part of the state of a system that deviates from the intended specification.
Error-Containment Region: A subsystem of a computer system that is encapsulated by error-detection interfaces such that there is a high probability (the → error containment coverage) that the consequences of an error that occurs within this subsystem will not propagate outside this subsystem without being detected.
Event: An event is a happening at a cut of the time-line. Every change of state is an event.
Event Message: A message is an event message if it contains information about events and if every new version of the message is queued at the receiver and consumed on reading (→ state message).
Event-triggered (ET) Observation: An observation is event-triggered if the point of observation is determined by the occurrence of an event other than a tick of a clock.
Event-Triggered (ET) System: A real-time computer system is event-triggered (ET) if all communication and processing activities are triggered by events other than a clock tick.
Exact Voting: A voter that considers two messages the same if they contain the exactly same sequence of bits (→ inexact voter).
Execution Time: The execution time is the duration it takes to execute an action by a computer. If the speed of the oscillator that drives a computer is increased, the execution time is decreased. The worst-case execution time is called → WCET.
Explicit Flow Control: When a sender or multiple senders aim to exceed the resource capacities of the network or the receiver, messages will be lost. Explicit flow control prevents these situations by (the receiver or the communication system) signaling all or some senders to pause and resume their message transmissions (→ flow control, → implicit flow control).
External Clock Synchronization: The process of synchronization of a clock with a reference clock.
F
Fail-Operational System: A fail-operational system is a real-time system where a safe state cannot be reached immediately after the occurrence of a failure.
Fail-Safe System: A fail-safe system is a real-time system where a safe state can be identified and quickly reached after the occurrence of a failure.
Fail-Silence: A subsystem is fail-silent if it either produces correct results or no results at all, i.e., it is quiet in case it cannot deliver the correct service.
Failure: A failure is an event that denotes a deviation of the actual service from the intended service.
Fault: A fault is the cause of an error.
Fault Hypothesis: The fault hypothesis identifies the assumptions that relate to the type and frequency of faults that a fault-tolerant computer system is supposed to handle.
Fault-Tolerant Average Algorithm (FTA): A distributed clock synchronization algorithm that handles Byzantine failures of clocks.
Fault-Containment Unit (FCU): A unit that contains the direct consequences of a fault. Different FCUs must fail independently. A component should be an FCU.
Fault-Tolerant Unit (FTU): A unit consisting of a number of replica deterministicminate → FCUs that provides the specified service even if some of its constituent FCUs (components) fail.
Field Replaceable Unit (FRU): An FRU is a subsystem that is considered atomic from the point of view of a repair action.
Firm Deadline: A deadline for a result is firm if the result has no utility after the deadline has passed.
FIT: A FIT is a unit for expressing the failure rate. 1 FIT is 1 failure in /10-9 hours.
Flow Control: Flow control assures that the speed of the information flow between a sender and a receiver is such that the receiver can keep up with the sender (→ explicit flow control, → implicit flow control).
G
Gateway component: A component of a distributed real-time system that is a member of two clusters and implements the relative views of these two interacting clusters.
Global Time: The global time is an abstract notion that is approximated by a properly selected subset of the microticks of each synchronized local clock of an ensemble. The selected microticks of a local clock are called the ticks of the global time.
Granularity of a Clock: The granularity of a clock is the nominal number of microticks of the reference clock between two microticks of the clock.
Ground (g) State: The ground state of a component of a distributed system at a given level of abstraction is a state at an instant where there is a minimal dependency of future behavior on past behavior. At the ground state instant all information of the past that is considered relevant for the future behavior is contained in a declared ground state data structure. At the ground state instant no task is active and all communication channels are flushed. The instants of the ground state are ideal for reintegrating components.
Guaranteed Timeliness: A real-time system is a guaranteed timeliness system if it is possible to reason about the temporal adequacy of the design without reference to probabilistic arguments, provided the assumptions about the load- and fault hypothesis hold (→ best effort).
H
Hamming Distance: The Hamming distance is one plus the maximum number of bit errors in a codeword that can be detected by syntactic means.
Hard Deadline: A deadline for a result is hard if a catastrophe can occur in case the deadline is missed.
Hard Real-Time Computer System: A real-time computer system that must meet at least one hard deadline (Synonym: safety-critical real-time computer system).
Hazard: A hazard is an undesirable condition that has the potential to cause or contribute to an accident.
Hidden Channel: A communication channel outside the given computational cluster.
I
Idempotency: Idempotency is a relation between a set of replicated messages arriving at the same receiver. A set of replicated messages is idempotent if the effect of receiving more than one copy of a message is the same as receiving only a single copy.
Implicit Flow Control: In implicit flow control, the sender and receiver agree a priori, i.e., before the start of a communication session, about the instants when when messages will be sentsent, or the message send rate. The sender commits to send only messages at the agreed instants or rate, and the receiver commits to accept all messages sent by the sender, as long as the sender fulfills its obligation (→ explicit flow control, → flow control).
Inexact Voting: A voter that considers two messages the "same" if both of them conform to some application specific "sameness" criterion (→ exact voter).
Instant: An instant is a cut of the timeline.
Instrumentation Interface: The instrumentation interface is the interface between the real-time computer system and the controlled object.
Intelligent Actuator: An intelligent actuator consists of an actuator and a microcontroller, both mounted together in a single housing.
Intelligent Product: An intelligent product is a self-contained system that consists of a mechanical subsystem, a user interface, and a controlling embedded real-time computer system (→ embedded system).
Intelligent Sensor: An intelligent sensor consists of a sensor and a microcontroller such that measured data is produced at the output interface. If the intelligent sensor is fault-tolerant, agreed data is produced at the output interface.
Interface: An interface is a common boundary between two subsystems.
Interface Component: A component with an interface to the external environment of a component. An interface component is a gateway.
Internal Clock Synchronization: The process of mutual synchronization of an ensemble of clocks in order to establish a global time with a bounded precision.
International Atomic Time (TAI): An international time standard, where the second is defined as 9 192 631 770 periods of oscillation of a specified transition of the Cesium atom 133.
Intrusion: the successful exploitation of a vulnerability.
Intuitive Experiential Problem Solving System: A human preconscious emotionally-based problem-solving subsystem that operates holistically, automatically, and rapidly, and demands minimal cognitive resources for its execution.
Internet of Things (IoT): The direct connection of physical things to the Internet such that remote access and control of physical devices is enabled.
Irrevocable action: An action that cannot be undone, e.g., drilling a hole, activation of the firing mechanism of a firearm.
J
Jitter: The jitter is the difference between the maximum and the minimum duration of an action (processing action, communication action).
L
Laxity: The laxity of a task is the difference between the deadline interval minus the execution time (the WCET) of the task.
Least-Laxity (LL) Algorithm: An optimal dynamic preemptive scheduling algorithm for scheduling a set of independent tasks.
Logical Control: Logical control is concerned with the control flow within a task. The logical control is determined by the given program structure and the particular input data to achieve the desired data transformation (→ temporal control).
M
Maintainability: The Maintainability M(d) is the probability that the system is restored to its operational state and restarted within a time interval d after a failure.
Malicious Code Attack: A malicious code attack is an attack where an adversary inserts malicious code, e.g., a virus, a worm, or a Trojan horse, into the software in order that the attacker gets partial or full control over the system.
Measured Data: A measured data element is a raw data element that has been preprocessed and converted to standard technical units. A sensor that delivers measured data is called an intelligent sensor (→ raw data, agreed data).
Membership Service: A membership service is a service in a distributed system that generates consistent information about the operational state (operating or failed) of all components at agreed instants (membership points). The length of the interval between a membership point and the moment when the consistent membership information is available at the other components is a quality of service parameter of the membership service.
Message Structure Declaration (MSD): A specification that explains how the data field of a message is structured into syntactic units and assigns names to these syntactic units. The names identify the concepts that explain the meaning of the data.
Microtick: A microtick of a physical clock is a periodic event generated by this clock (→ tick).
N
Non-Blocking Write Protocol (NBW): The non-blocking write protocol (NBW) is a synchronization protocol between a single writing task and many reading tasks that achieves data consistency without blocking the writer.
Non-Deterministic Design Construct (NDDC): A non-deterministic design construct is a design construct that produces unpredictable results either in the value domain or the temporal domain.
O
Observation: An observation of a real-time entity is an atomic triple consisting of the name of the real-time entity, the instant of the observation, and the value of the real-time entity.
Offset: The offset between two events denotes the time difference between these events.
P
Periodic Finite State Machine (PFSM): A PFSM is an extension of the finite state machine model to include the progression of real time.
Periodic Task: A periodic task is a task that has a constant time interval between successive task request times (→ aperiodic task, → sporadic task).
Permanence: Permanence is a relation between a given message and all related messages that have been sent to the same receiver before this given message has been sent. A particular message becomes permanent at a given component at the moment when it is known that all earlier sent related messages have arrived (or will never arrive).
Phase-Aligned Transaction: A phase-aligned transaction is a real-time transaction where the constituting processing and communication actions are synchronized.
Point of Observation: The instant when a real-time entity is observed.
Precision: The precision of an ensemble of clocks denotes the maximum offset of respective ticks of any two clocks of the ensemble over the period of interest. The precision is expressed in the number of ticks of the reference clock.
Primary Event: A primary event is the cause of an alarm shower.
Priority Ceiling Protocol: A scheduling algorithm for scheduling a set of dependent periodic tasks.
Process Lag: The delay between applying a step function to an input of a controlled object and the start of response of the controlled object.
Propagation Delay: The propagation delay of a communication channel denotes the time interval it takes for a single bit to traverse the channel.
Protocol: A protocol is a set of rules that governs the communication among partners.
R
Radio Frequency Identification (RFID): A technology for the identification of objects by electronic means.
Rare Event: A rare event is a seldomly occurring event that is of critical importance. In a number of applications, the predictable performance of a real-time computer system in rare event situations is of overriding concern.
Rate-Monotonic Algorithm: A dynamic preemptive scheduling algorithm for scheduling a set of independent periodic tasks.
Raw Data: A raw data element is an analog or digital data element as it is delivered by an unintelligent sensor (→ measured data, agreed data).
Real-Time (RT) Entity: A real-time (RT) entity is a state variable, either in the environment of the computational cluster, or in the computational cluster itself, that is relevant for the given purpose. Examples of RT entities are: the temperature of a vessel, the position of a switch, the setpoint selected by an operator, or the intended valve position calculated by the computer.
Real-Time (RT) Image: A real-time (RT) image is a current picture of a real-time entity.
Real-Time Computer System: A real-time computer system is a computer system, in which the correctness of the system behavior depends not only on the logical results of the computations, but also on the physical time when these results are produced. A real-time computer system can consist of one or more computational clusters.
Real-time Data Base: The real-time database is formed by the set of all temporally accurate real-time images.
Real-Time Object: A real-time (RT) object is a container inside a computer for a RT entity or a RT image. A clock with a granularity that is in agreement with the dynamics of the RT object is associated with every RT object.
Real-Time Transaction: A real-time (RT) transaction is a sequence of computational and communication actions between a stimulus from the environment and a response to the environment of a computational cluster.
Reasonableness Condition: The reasonableness condition of clock synchronization states that the granularity of the global time must be larger than the precision of the ensemble of clocks.
Reference Clock: The reference clock is an ideal clock that ticks always in perfect agreement with the international standard of time.
Reliability: The reliability R (t) of a system is the probability that a system will provide the specified service until time t, given that the system was operational at t =to.
Replica Determinism: Replica Determinism is a desired relation between replicated RT objects. A set of replicated RT objects is replica determinate if all objects of this set have the same visible state and produce the same output messages at instants that are at most an interval of d time units apart.
Resource Adequacy: A real-time computer system is resource adequate if there are enough computing resources available to handle the specified peak load and the faults specified in the fault hypothesis. Guaranteed response systems must be based on resource adequacy (→ guaranteed timeliness).
Rise Time: The rise time is the time required for the output of a system to rise to a specific percentage of its final equilibrium value as a result of step change on the input.
Risk: Risk is the product of hazard severity and hazard probability. The severity of a hazard is the worst-case damage of a potential accident related to the hazard.
S
Safety: Safety is reliability regarding critical failure modes.
Safety Case: A safety case is a combination of a sound set of arguments supported by analytical and experimental evidence substantiating the safety of a given system.
Safety Critical Real-Time Computer System: Synonym to hard real-time computer system.
Sampling: In sampling, the state of a RT entity is periodically interrogated by the computer system at instants that are in the sphere of control of the computer system. If a memory element is required to store the effect of an event, the memory element is outside the sphere of control of the computer system.
Schedulability Test: A schedulability test determines whether there exists a schedule such that all tasks of a given set will meet their deadlines.
Semantic Agreement: An agreement among measured variables is called semantic agreement if the meanings of the different measured values are related to each other by a process model that is based on a priori knowledge about the physical characteristics and the dynamics of the controlled object.
Semantic Content: The essential meaning of a statement or variable as understood by an end-user. The same semantic content can be represented in different syntactic forms.
Signal Conditioning: Signal conditioning refers to all processing steps that are required to generate a measured data element from a raw data element.
Soft Deadline: A deadline for a result is soft if the result has utility even after the deadline has passed.
Soft Real-Time Computer System: A real-time computer system that is only hat concerned with any soft deadlines only.
Sparse Event: an event that occurs in the active interval of a → sparse time base.
Sparse Time Base: a time-base in a distributed computer systems where the physical time is partitioned into an infinite sequence of active and silent intervals and where sparse events may be generated only in the active intervals.
Sphere of Control (SOC): The sphere of control of a subsystem is defined by the set of RT entities the values of which are established within this subsystem.
Sporadic Task: A sporadic task is a task where the task request times are not known but where it is known that a minimum time interval exists between successive requests for execution (→ periodic task, → aperiodic task).
Spoofing Attack: A security attack where an adversary masquerades as a legitimate user in order to gain unauthorized access to a system.
State: The state of a component at a given instant is a data structure that contains all information about the past that is considered relevant for the future operation of the component.
State Estimation: State estimation is the technique of building a model of a RT entity inside a RT object to compute the probable state of a RT entity at a selected future instant, and to update the related RT image accordingly.
State Message: A message is a state message if it contains information about states, if a new version of the message replaces the previous version, and the message is not consumed on reading (→ event message).
Synchronization Condition: The synchronization condition is a necessary condition for the synchronization of clocks. It relates the convergence function, the drift offset and the precision.
System of Systems (SoS): A system consisting of a set of nearly autonomous constituent systems that decide to cooperate in order to achieve a common objective.
T
Task Descriptor List (TADL): The task descriptor list (TADL) is a static data structure in a time-triggered operating system that contains the instants when the tasks have to be dispatched.
Task Request Time: The task request time is the instant when a task becomes ready for execution.
Task: A task is the execution of a program (→ simple task, → complex task).
Temporal Accuracy: A real-time image is temporally accurate if the time interval between the moment "now" and instant when the current value of the real-time image was the value of the corresponding RT entity is smaller than an application specific bound.
Temporal Control: Temporal control is concerned with the determination of the real-time instants when a task must be activated or when a task must be blocked (→ logical control).
Temporal Failure: A temporal failure occurs when a value is presented at the system-user interface outside the intended interval of real-time. Temporal failures can only exist if the system specification contains information about the expected temporal behavior of the system (Synonym timing failure).
Temporal Order: The temporal order of a set of events is the order of events as they occurred on the time line.
Thrashing: The phenomenon that a system's throughput decreases abruptly with increasing load is called thrashing.
Tick: A tick (synonym: macrotick) of the global time is a selected microtick of the local clock. The offset between any two respective global ticks of an ensemble of synchronized clocks must always be less than the precision of the ensemble (→ microtick, reasonableness condition).
Time Stamp: A timestamp of an event with respect to a given clock is the state of the clock at the instant of occurrence of the event.
Time-Division Multiple Access (TDMA): Time-Division Multiple Access is a time-triggered communication technology where the time axis is statically partitioned into slots. Each slot is statically assigned to a component. A component is only allowed to send a message during its slot.
Time-Triggered Architecture (TTA): A distributed computer architecture for real-time applications, where all components are aware of the progression of the global time and where most actions are triggered by the progression of this global time.
Time-Triggered Ethernet (TTEthernet): An extension of standard Ethernet that supports deterministic message transport.
Time-Triggered Protocol (TTP): A communication protocol where the instant of starting a message transmission is derived from the progression of the global time.
Time-Sensitive Networking (TSN): A set of protocols and mechanisms for real-time communication, standardized within the IEEE 802.1, including time-triggered communication.
Timed Message: A timed message is a message that contains the timestamp of an event (e.g., point of observation) in the data field of the message.
Timing Failure: → Temporal Failure
Transducer: A device converting energy from one domain into another. The device can either be a sensor or an actuator.
Transient Fault: A transient fault is a fault that exists only for a short period of time after which it disappears. The hardware is not permanently affected by a transient fault.
Trigger: A trigger is an event that causes the start of some action.
Trigger Task: A trigger task is a time-triggered task that evaluates a condition on a set of temporally accurate variables and generates a trigger for an application task.
Triple-Modular Redundancy (TMR): A fault-tolerant system configuration where a fault-tolerant unit (FTU) consists of three synchronized replica deterministic components. A value or timing failure of one component can be masked by the majority (→ voting).
U
Understanding: Understanding develops if the concepts and relationships that are employed in the representation a model have been adequately linked with the → conceptual landscape and the methods of reasoning of the observer.
Universal Time Coordinated (UTC): An international time standard that is based on astronomical phenomena (→ International Atomic Time).
V
Value Failure: A value failure occurs if an incorrect value is presented at the system-user interface.
Voter: A voter is a unit that detects and masks errors by comparing a number of independently computed input messages and delivers an output message that is based on the analysis of the inputs (→ exact voting, → inexact voting).
Vulnerability: A deficiency in the design or operation of a computer system that can lead to a security incident, such as an intrusion.
W
Watchdog: A watchdog is an independent external device that monitors the operation of a computer. The computer must send a periodic signal (life sign) to the watchdog. If this life sign fails to arrive at the watchdog within the specified time interval, the watchdog assumes that the computer has failed and takes some action (e.g., the watchdog forces the controlled object into the safe state).
Worst-Case Administrative Overhead (WCAO): The worst-case execution time of the administrative services provided by an operating system.
Worst-Case Communication Delay (WCCOM): The worst-case communication delay is the maximum duration it may take to complete a communication action under the stated load- and fault hypothesis.
Worst-Case Execution Time (WCET): The worst-case execution time (WCET) is the maximum duration it may take to complete an action under the stated load- and fault hypothesis, quantified over all possible input data.