Reliable timing is an essential component of many applications. Prepaid telephone systems use timing to enforce call length. Authentication systems may use timers to ensure that authentication is completed within a fixed time or may require a user to re-authenticate after a certain amount of time has passed. Application servers may use timers to provide redundant services, accessing backup resources once a timeout has been reached.
All of these applications may fail if the timer relied on fails. Typically, applications that use timers use a single timer. Should that timer fail the application will not perform correctly. In the prepaid telephone system example given above, this may mean that hours worth of free telephone calls are made. With no timer to trigger the disconnect of a call, switches may leave the call active for well beyond the amount of time purchased. Similarly, security may suffer if a timer fails. An application that requires a user to re-authenticate after a certain time may allow access well past that time, increasing the chance that the trusted user has walked away and been replaced by an unauthorized user. A timer failure may result in lost profits or user dissatisfaction if an application fails to access alternative resources because it is not notified that it has waited too long for the primary resource.
Given that timing failures may result in great expense, weakened security, user dissatisfaction, lost profits, and other serious problems, it is essential to provide failure resistant timing. What is needed is a scalable method of employing multiple timers. Multiple timers would add needed redundancy and would protect against timer failures.