High assurance processing systems having safety and security requirements are commonly required in many commercial and military applications. In existing technology, high assurance systems specifying "fail safe" design constraints are often implemented using techniques of physical redundancy. While effective, physically replicating complex system elements is often times expensive in terms of hardware, complexity, power, and cost. A problem is providing the improved reliability benefits of physical redundancy while not requiring physical replication of complex system elements.
Because of non-separable system element interdependencies, a high assurance system is often evaluated as a group of non-separable system elements. It is a problem to determine the number of detectable faults (i.e., fault grade) for a high assurance system, when considering the system as a whole and not as a collection of freely separable elements where each element has only known effects on other elements. System elements may have individual fault grade ratings but when considered as part of an entire system, the fault grade does not account for interdependent system elements. Therefore, among other things, system behavior is effected by system elements and interdependencies of system elements. Design approaches where verification elements are added to check each system element inputs and outputs further reduces the system assurance because new interdependencies introduced for each newly added verification element. Interdependency of system elements causes a problem with considering separate system elements in high assurance analysis and testing. Unclear or unknown system element interdependencies also make it impractical or impossible to determine fault grades for processing paths where critical system functions are performed. High assurance evaluation techniques requiring complicated analysis or extensive system and element testing are subject to error when interdependencies are overlooked, not understood, and eliminated to simplify analysis and test complexity. Given the difficulty of understanding system element interdependencies, and the complexity when analyzing and testing high assurance systems, it would be desirable to have a method to specify and verify fault grade and separation of system elements using high assurance evaluation techniques. Furthermore, in cases where analysis of a high assurance design modeling is deterministic, the design implementation and hosting the design implementation in the target environment present a problem when attempting to preserve high assurance design constraints specified during design modeling. So, it is also desirable to specify and verify high assurance design constraints and separation of a system and its elements in phases of development.
Thus, what is needed is a processing system having high assurance characteristics. What has also needed is a method of processing data having fail safe assurances. Also needed is a method of optimizing a processing system having reliability enhanced processing characteristics.