IEEE TRANSACTIONS ON COMPUTERS, VOL. C-25, NO. 11, NOVEMBER 1976 Algebraic Properties of Functions Affecting Optimum Fault- Tolerant Realizations F. GAIL GRAY, MEMBER, IEEE, AND JOHN F. MEYER, SENIOR MEMBER, IEEE Abstract-When a specific type of network is required, the function to be realized limits the amount of fault tolerance that can be achieved. Parameters of functions that affect the maximum obtainable fault tolerance and the maximum obtainable diag- nosability are investigated for several types of combinational (memoryless) networks. Networks are modeled by directed graphs. Each node performs a mapping from its input set to its output set. The lines of the graph define the interconnection of functional units and is assumed fault-free. An ordered sequence of combinational functions defines the behavior of the network at any given time. One such ordered sequence represents the "fault-free" network. Other ordered se- quences represent "faulty" networks. Collectively, the set of all possible ordered sequences for a given network interconnection pattern are the allowed "faults" of the network. No restrictions are placed on the node functions, i.e., any node may fail to any combi- national function of its inputs. This permits modeling complex faults in large-scale devices where few terminals are available for observation. The theory is applicable to multiple-valued logic systems and, in fact, to any discrete-time system. Based on algebraic properties of various functions associated with a fault-free network in general form, necessary and sufficient conditions for fault tolerance are established. Applying this characterization to all possible faults at a given node, the number of tolerated faults is formulated directly in terms of constants as- sociated with the fault-free structure and behavior of the network. This in turn yields conditions necessary and sufficient for all faults to be tolerated. Similar results are obtained for faults which are detectable (i.e., not tolerated). Design techniques for tolerant- optimum realizations of arbitrary behaviors are also investigated and it is shown that functions with small range sizes are inherently more fault-tolerant relative to series realizations than are functions with large range sizes. When restricted to two-level realizations, the "unbalance" of the equivalence kernel of a function is directly proportional to inherent fault tolerance. Finally, a classification scheme is developed to describe inherent fault tolerance in com- binational behaviors. Index Terms-Algebraic structure, combinational networks, directed graphs, fault detection, fault tolerance, large fault classes, large-scale integration, mathematical models, multiple faults. I. INTRODUCTION T HIS paper investigates fault tolerance and fault de- tection in combinational (memoryless) networks in which allowed faults are relatively unrestricted. In par- ticular, the common restriction to stuck-at-one (s-a-1) or Manuscript received August 14, 1973; revised March 7, 1975 and Au- gust 28, 1975. F. G. Gray is with the Department of Electrical Engineering, Virginia Polytechnic Institute and State University, Blacksburg, VA 24061. J. F. Meyer is with the Department of Electrical and Computer Engi- neering and the Department of Computer and Communication Sciences, University of Michigan, Ann Arbor, MI 48104. stuck-at-zero (s-a-O) type faults, investigated by many authors [1]-[5], is removed as is the widely employed re- striction to single-line faults [6]-[8]. These assumptions, reasonably valid for discrete networks, may not apply to medium-scale or large-scale integrated systems where many complex failures can occur. For this reason, a theory describing more general types of faults is needed. As the fault class increases in size, the large number of possible faults makes any attempt to describe each faulty network individually quite cumbersome. This paper con- centrates on information about fault tolerance and fault detection that may be obtained directly from the fault-free mode of operation without the necessity of investigating any faulty structures or behaviors. The amount of infor- mation available is surprisingly diverse in nature. This investigation is not directly concerned with the problem of generating efficient testing sequences, but with more fundamental questions relating to the existence of such tests. Also, the results establish upper limits on the percentage of functional faults that can be tolerated and provide design specifications that must be met in order to tolerate the maximum possible percentage of faults. Network Model The model used was first described in [9], where several extensive examples are presented. The properties essential to the present discussion are briefly reviewed in the context of fault tolerance. Basically, the model allows local varia- tions in structure (faults) of any functional type including short-circuit (bridging) faults between inputs to a func- tional node. Short-circuit faults from the output to the input of a functional node are also covered provided that the feedback path does not make the network behavior sequential in nature. The basis of the model is a directed graph G having a labeled point for each network input, a labeled point for each network output, and a labeled point for each func- tional node in the system. A directed line from point a to point b indicates a signal path from element a to element b. If n is the number of input terminals, m is the number of output terminals, and k is the number of functional nodes, then the graph will be referred to as an (n,m,k)- graph. This graph describes the network components and the signal flow paths. An underlying signal set S is speci- fied where S is a finite nonempty set. (In modeling digital switching networks S = 10f,1.) The functional description of the fault-free network is 1078