The Effectiveness of Checksums for Embedded Control Networks Theresa C - PDF document

TheEffectivenessofChecksumsforEmbeddedControlNetworksTheresaC.Maxino,,andPhilipJ.Koopman,SeniorMemberIEEE—Embeddedcontrolnetworkscommonlyusechecksumstodetectdatatransmissionerrors.However,designdecisionsaboutwhichchecksumtousearedifficultbecauseofalackofinformationabouttherelativeeffectivenessofavailableoptions.Westudytheerrordetectioneffectivenessofthefollowingcommonlyusedchecksumcomputations:exclusiveor(),two’scomplement Ç 1I T.C.MaxinoiswithLexmarkResearchandDevelopmentCorporation,Plaza,SamarLoopCornerPanayRoad,CebuBusinessPark,CebuCity,6000Philippines.E-mail:tmaxino@alumni.cmu.edu. computesaFrameCheckSequence(FCS)value,regardlessofthemathematicsactuallyemployed.)Wedescribechecksumperformanceforrandomindependentbiterrorsandbursterrorsinabinarysymmetricchannel.Inaddition,wedescribethetypesofdataanderrorpatternsthataremostproblematicforeachtypeofchecksumbasedonexaminationsofbothrandomandpatterneddatapayloads.Ourresultsindicatethatsomecommonpracticescanbeimproved,andsomepublishedresultsaremisleading.Weconcludethatone’scomplementadditionchecksumsshouldbeusedforverylightweightchecksums,thatFletcherchecksumsshouldbeusedinsteadofAdlerchecksumsformostintermediate-complexitycheck-sums,andthatCRCsofferperformancethatprovidesmuchsuperiorerrordetectiontoaFletcherchecksumformanyembeddednetworksthatcanaffordthecomputationalcost.ACKGROUNDANDAchecksumisanerrordetectionmechanismthatiscreatedby“summingup”allthebytesorwordsinadatawordtocreateachecksumvalue,oftencalledanFCSinnetworkingapplications.Thechecksumisappendedorprependedtothedataword(themessagepayload)andtransmittedwithit,makingthisasystematiccodeinwhichthedatabeingsentisincludedinthecodewordunchanged.Networkreceiversrecomputethechecksumofthereceiveddatawordandcompareittothereceivedchecksumvalue.Ifthecomputedandreceivedchecksummatch,thenitisunlikelythatthemessagesufferedatransmissionerror.Ofcourse,itispossiblethatsomepatternofalteredbitsinthetransmittedmessagejusthappenstoresultinanerroneousdatawordmatchingthetransmitted(andalsopotentiallyerroneous)checksumvalue.Thereisatrade-offamongthecomputingpowerusedonthechecksumcalculation,thesizeoftheFCSfield,andtheprobabilityofsuchundetectederrors.Commonlyusedchecksumsgenerallyfallintothreegeneralareasofcost/performancetrade-off.Thesimplestandleasteffectivechecksumsinvolveasimple“sum”functionacrossallbytesorwordsinamessage.Thethreemostcommonlyusedsimple“sum”functionsaretwo’scomplementaddition,andone’scomplementaddi-tion.Thesechecksumsprovidefairlyweakerrordetectioncoveragebuthaveverylowcomputationalcost.References[16],[17],[18],[19],and[20]haveanalyzedtheerrordetectioneffectivenessoftwo’scomplementadditionandone’scomplementadditionchecksums.Reference[21]providesananalyticcomparisonoftheerrordetectioneffectivenessof,two’scomplementaddition,one’scomplementaddition,andCRCbutdoesnotprovidequantitativedata.ThemostexpensivecommonlyusedchecksumisaCRC.Strictlyspeaking,aCRCisnotasumbutratheranerrordetectioncodecomputedusingpolynomialdivision.CRCcomputationcanbeasignificantCPUload,espe-ciallyforverysmallprocessorstypicalofmanyembeddedsystems.EarlyCRCeffectivenessstudieswerelistsofoptimalCRCpolynomialsforspecificlengths(forexam-ple,[22],[23],and[24]).Funk[25]andKoopman[26],[27]investigatedtheCRCpolynomialscurrentlyinuseandproposedalternativesthatprovidedbetterperformance.Thosepapersproposedapolynomialselectionprocessforembeddednetworksanddeterminedtheoptimumboundsfor3-to16-bitCRCsfordatawordsupto2,048bits.WeusetheseresultsasthesourceofourCRCdata.BecauseCRCcomputationissoexpensive,twointermediate-costchecksumshavebeenproposedforuseinnonembeddednetworks.TheFletcherchecksum[28]andthelaterAdlerchecksum[15]arebothdesignedwithagoalofgivingerrordetectionpropertiescompeti-tivewithCRCswithsignificantlyreducedcomputationalcost.Inthelate1980s,Nakassis[29]andSklower[30]publishedefficiencyimprovementsforFletcherchecksumimplementationsthatalsoareusefultospeedupone’scomplementadditionchecksums.AlthoughFletcherandAdlerchecksumerrordetectionpropertiesarealmostasgoodasarelativelyweakCRC,theyarefarworsethangoodCRCsforsomeimportantsituations.Fletcherpublishederrordetectioninformationinhisoriginalpaper[28],whereas[21]and[31]presentfurtheranalysis.Stoneetal.[32],[33],[34]measuredthenetworkchecksumeffectivenessoftheone’scomplementadditionchecksum,Fletcherchecksum,andCRC.Intheirstudy,theyfoundthattheone’scomplementadditionchecksumandFletcherchecksumhadmuchhigherprobabilitiesofundetectederrorsthantheyexpected,andonereasontheygavewasthenonuniformityofnetworkdata.Theyalsofoundthatthereweresourcesoffaultsthatseemedtobefromnetworkadapters,switches,andsourcesotherthanthetypesoffaultswemodelinthispaper.However,thereisnoexperiencetosuggestthedegreetowhichsuchfaultsarepresentinembeddedcontrolnetworks,whichhavemuchsimplernetworkadaptersandusuallydonothavestandard-componentswitches.Thus,thesefaultmodelsarenotconsideredinourwork.McAuley[35]hasproposedtheWeightedSumCode(WSC)algorithmasanalternativetotheFletcherchecksumandCRC.Feldmeier[36]conductedacomparisonofWSCagainsttheone’scomplementadditionchecksum,checksum,blockparity,Fletcherchecksum,andCRCandconcludedthatitwasanattractivealternativeforsomesituations.However,WSCdoesnotprovideguaranteeddetectionofasmanyerrorbitsinonemessageasmanycommonlyusedCRCsinsituationsofinteresttoembeddednetworkdesigners.Also,thealgorithmismorecomplexthanaCRC,andthespeedbenefitsareprimarilyattractivefor64-bitchecksumvalues[36],whicharegenerallytoolargetobeofinterestinembeddednetworks.Therefore,WSCsareconsideredoutofthescopeofthecurrentstudy.Inthebalanceofthispaper,wedescribeseveralalgorithmsforcomputingchecksumsinorderofincreasingcomputationalcost,fromthechecksumtoCRCs.Wehaveevaluatederrordetectioneffectivenessviaacombina-tionofanalysisandsimulationresults.Moreover,wegiveinsightintothestrengthsandweaknessesofeachchecksumapproach,withanemphasisonparticularvulnerabilitiestoundetectederrorsbasedondatavaluesandbiterrorpatterns.Wedescribeinaccuraciesinpublishedclaimsorcommonlyheldbeliefsabouttherelativeeffectivenessofchecksumsandexaminethecost-effectivenessofvariousIEEETRANSACTIONSONDEPENDABLEANDSECURECOMPUTING,VOL.6,NO.1,JANUARY-MARCH2009 alternatives.Wealsoconfirmsomecasesinwhichcom-monlyusedchecksumapproachesaregoodchoices.Theeffectivenessofdifferenterrordetectioncodesdependsontheoperatingenvironment,thedatabeingsentontheembeddednetwork,andthetypesofbiterrorscausedbynoiseandothersourcesoffaults.Ingeneral,thereisnocomprehensivemodeloffaultsavailableforembeddednetworks.Moreover,applyingfaultinformationfromenterprisenetworksislikelytobemisleadingbecauseofwidelydifferentoperatingenvironmentsandrequirements(forexample,itiscommonforembeddednetworkstouseunshieldedcablingasacostreductionmeasure).Therefore,theapproachtakeninthisstudyistousefaultmodelsthatarecommonlyusedinpracticeandnoteinstancesinwhichtherearespecificvulnerabilitiesinachecksumapproach.Themetricsusedaretheprobabilityofundetectedrandomindependentbiterrorsinabinarysymmetricchannel,theprobabilityofundetectedbursterrors,andthemaximumnumberofbiterrorsguaranteedtobedetectedinasinglemessage.Theevaluationoftheeffectivenessofchecksumstypicallyrequiresacombinationofanalyticandexperi-mentalapproaches.Finite-fieldoperations(forexample,)canoftenbeevaluatedanalytically.However,theinterbitcarriesinherentinintegeradditionoperationsmakeanalyticapproachestounderstandingerrordetectioneffectivenessverycomplex.Theapproachwetakeisusinganalysistoapproximatetheresultstothedegreepractical,withsimulationsusedtovalidatetheanalyticresultsandfillinotherwiseintractableareas.Tocarryouttheexperimentsinthispaper,weimplementedthevariouschecksumalgorithmsinC++.Theevaluationoftheperformanceofeachchecksumalgorithmwasperformedviasimulatedfaultinjection.Eachexperimentconsistedofgeneratingamessagepayload(dataword)withaspecificdatavalueandthencomputingachecksumacrossthatdataword.Theresultantcodeword(datawordpluschecksum)wassubjectedtoaspecificnumberofbitinversionfaults,simulatingbitinversionerrorsduringtransmission.Thechecksumofthefaultydatawordwasthencomputedandcomparedagainstthe(potentiallyalsofaulty)FCSvalueofthefaultycodeword.IftheFCSvalueofthefaultycodewordmatchedthechecksumcomputedacrossthefaultydataword,thatparticularsetofbitinversionswasundetectedbythechecksumalgorithmused.Identicaldatawordvalueswereusedforallchecksums,exceptforCRCs,whichareknowntobedataindependent[26](datawordvaluesdonotaffecterrordetectionperformance).Thedatausedineachexperimentvaried,includingrandomdata,aswellasallzeros,allones,andrepeateddatapatterns.Randomindependentbiterrorexperimentswerecon-ductedbypreselectingasetnumberofbiterrorstointroduceandtheninjectingtheseerrorsintothecodeword.(Differentnumbersofbiterrorswerechosenfordifferentexperiments,andgraphstakeintoaccountthedecreasingprobabilityofhighernumbersofbiterrorsinaparticularmessageofagivensize.)Thefaultsinjectedineachexperimentwereallpossible1-,2-,or3-biterrorsinthecodewordforeachdatawordvalueexamined.Wherenecessary,experimentswith4-biterrorsinthecodewordwerealsoconducted.Thetotalnumberofundetectederrorsforeachparticularexperimentwasthennoted.Atleast10trialsweremadeforeachtypeofexperiment,andthemeanforallthetrialswasobtained.Forexample,10experimentswereperformedwhereallpossible2-biterrorswereinjectedintoawordwithrandomdataandan8-bitchecksumsize.(Forexperimentswheretheratioofthestandarddeviationtothemeanwasgreaterthan5percent,weperformed100trials.Wedeterminedthenumber100bydeterminingthepointatwhichthestandard-deviation-to-meanratioreacheditsasymptoticvalue.)Bursterrorsarerandombiterrorsthatareconfinedtoaspanofnomorethanbitsforabursterrorwithinagivenmessage.Anynumberofbitsmaybecorruptedwithintheburst.Bursterrorexperimentswereconductedinasimilarmannertothebiterrorexperiments,exceptthatinsteadofsubjectingtheresultantcodewordtobitinver-sions,thecodewordwassubjectedtospecificbursterrorlengthswithallpossiblebiterrorpatternswithintheburstboundariesandallpossiblelocationsoftheburstposition.TheHammingDistance(HD)ofachecksumisthesmallestnumberofbiterrorsforwhichthereisatleastoneundetectedcase.Forexample,aCRCwithdetectallpossible1-,2-,and3-biterrorsbutwouldfailtodetectatleastone4-biterroroutofallpossible4-biterrors.Withtheassumptionofrandomindependentbiterrorsinabinarysymmetricchannel,themaincontributingfactortochecksumeffectivenessformostembeddednetworksisthefractionofundetectederrorsattheHD,becausetheprobabilityofmoreerrorsoccurringislow(forexample,3-biterrorsareapproximatelyamilliontimesmorecommonthan4-biterrorsassumingarandomindependentBitErrorRate(BER)of).Thus,theanalysisofundetectederrorsattheHDisperformedtogiveinsightintoexperimentalresults.SomeofthegraphsinthispapershowthepercentageofundetectederrorsPct,whichistheratioofundetectederrorswithrespecttothetotalnumberofallpossibleerrorsforthatparticularbiterrordegree.Othergraphsshowtheprobabilityofundetectederrorsaccountsforthedifferingprobabilityofeachnumberofbiterrors,withincreasingnumbersofrandomindependentbiterrorsbeingsubstantiallylessprobable.isoftenmoreusefulthanPct,becauseittakesintoaccounttheBERandpermitsthecomparisonofcodeswithdifferentHDs.canbecomputedasfollows:BERBERisthecodewordlengthinbits,andisthenumberofrandomindependentbiterrors.Thisequationfirstdeterminestheprobabilityofaparticularcodeworderrorhavingpreciselyerrorsonexactlyonepossiblecombinationofbits(whichmeansthatbitsareerroneousbitsarenonerroneous).ItthenmultipliesbyHammingWeight(HW),whichisthenumberofundetectableerrorswiththatnumberofbits,givingtheprobabilityofanundetectableerror.Forthesepurposes, MAXINOANDKOOPMAN:THEEFFECTIVENESSOFCHECKSUMSFOREMBEDDEDCONTROLNETWORKS 61Authorized licensed use limited to: IEEE Xplore. Downloaded on March 24, 2009 at 14:50 from IEEE Xplore. Restrictions apply. theHWofinterestistheHWattheHD.Forexample,iftherewerezeroundetectableerrorsfor2-bitand3-biterrorsbut173undetectable4-biterrors,thentheHDwouldbefour(givinginthisequation)andHWwouldbe173.HWvaluesforsuccessivelyhighernumbersofbiterrorsmustbesummedtogethertofindtheexactvalue.However,theHWattheHDforcodesexaminedinthispaper,makingthisapproximationsufficientforgraphingpurposes.Forbursterrorexperiments,bursterrorlengthsstartingfrom2bitsuptoatleastchecksumsizewereinjectedinthecodewordforeachdatawordvalueexamined.Foraparticularbursterrordegree,allpossiblebursterrorvalueswereinjected.Forexample,allpossible9-bitbursterrorswereinjectedintoawordwithrandomdataandan8-bitchecksumsize.Mostexperimentswerestoppedassoonastherewasoneundetectedbursterrorforthatbursterrordegreebecausetheusualbursterrormetricofinterestisthemaximumlengthatwhichbursterrorsareguaranteedtobedetected.TheexceptionstothisweretheexperimentsforFletcherandAdlerchecksums.Weperformedexperimentsuptoburstsforconsistencywithotherexperiments,eventhoughtherewerealreadyundetectedbursterrorschecksumsizeInsomeinstances,wefounditusefultoperformcomparisonsoftheprobabilityofundetectederrorstotestthecommonlyheldnotionofchecksumeffectivenessbeingapproximatelyequalto,whereisthechecksumsizeinbits.Theintuitiveargumentforthisbeliefisthatbecausetherearepossiblechecksumvaluesforaforrandomdataandrandomcorruption,thereisachanceoftheFCSjusthappeningtomatchthecorrupteddatavaluesbychance(forexample,aone-in-256probabilityofundetectederrorforan8-bitchecksum).Tosimplifycomparisons,onlydatawordlengthsthatweremultiplesofthechecksumsizewereusedinthisstudy,asiscommoninrealnetworks.Werefertochunksofthedatawordthesizeofthechecksumasblocks.Forexample,foratwo’scomplementadditionchecksum,a48-bitdatawordusedwitha16-bitchecksumwouldresultinacomputationthatdividesthe48-bitdatawordintothree16-bitblocksthatareaddedtocomputethe16-bitchecksum,formingacodeword.3.1ExclusiveOrChecksumchecksumsarecomputedbyingblocksofthedatawordtogether.Theorderinwhichblocksareprocesseddoesnotaffectthechecksumvalue.OnecanthinkofanXORchecksumasaparitycomputationperformedinparallelacrosseachbitpositionofdatablocks(bitthechecksumistheparityofallblockbits,forexample,bit3ofthechecksumistheparityofbit3ofallblocks).checksumisdataindependent(errordetectionperformanceisnotaffectedbydatawordvalues).Becauseitisaparitycomputation,thechecksumhasanHDoftwo,detectingall1-biterrorsbutnotsome2-biterrors.Inparticular,itfailstodetectanyevennumberofbiterrorsthatoccurinthesamebitpositionofthechecksumcomputationalblock.Itdetectsanybiterrorpatternthatresultsinanoddnumberoferrorsinatleastonebitposition,whichincludesallsituationsinwhichthetotalnumberofbiterrorsisodd.Italsodetectsallbursterrorsupbitsinlength(isequaltothechecksumsize),because2bitsmustaligninthesamepositionwithinablocktobecomeundetected.Bursterrorsgreaterthanbitsinlengtharedetectableiftheyresultinanoddnumberofactualbitsbeinginvertedorifpairsofinvertedbitsdonotaligninthesamebitpositionintheaffectedblocks.Forablocksizeofandchecksumsize,ineverypairofdatablocks,thereareexactlypossibleundetected2-biterrors(oneundetected2-biterrorforeachbitoftheblock,inwhicherrorshappentooccurtothesamebitpositioninthetwoblocks).Forancodeword,wemultiplybythenumberofcombinationsofblocksinthecodewordtakentwoatatime.Thus,thenumberofundetected2-biterrorsis k nk nkk2¼ Thetotalnumberofpossible2-biterrorsforanwordis Dividingthenumberofundetected2-biterrorsbythetotalnumberof2-biterrorsgivesusthefractionofundetected2-biterrorsas isthecodewordlengthinbits,andisthechecksumsizeinbits.Fromtheaboveequation,wecanseethatasinfinity,thepercentageofundetected2-biterrorsbecomesbeingchecksumsize),whichisratherpoorperformanceforachecksum(forexample,12.5percentundetectederrorsforan8-bitchecksumand3.125percentfora32-bitchecksum).Simulationresultsconfirmthisanalysis.(SeeFig.1.Notethatsubsequentfigureshaveadifferentverticalaxistohelpdistinguishcloselyspacedcurves.Fig.6providesacomparisonacrosschecksumtechniquesonasinglegraph.)Thechecksumhasthehighestprobabilityofundetectederrorsforallchecksumalgorithmsinthisstudyandisnotaseffectiveasaddition-basedchecksumsforgeneral-purposeerrordetectionuses.3.2Two’sComplementAdditionChecksumThetwo’scomplementadditionchecksum(“addchecksum”forshort)isobtainedbyperforminganintegertwo’scomplementadditionofallblocksinthedataword.Carry-outsoftheaccumulatedsumarediscarded,asinordinarysingle-precisionintegeraddition.Theorderinwhichblocksareprocesseddoesnotaffectthechecksumvalue.Theaddchecksumisdatadependent,withtheprobabilityofundetectederrorsvaryingwiththedatawordvalue.Theaddchecksumdetectsall1-biterrorsinthecodewordandhasanHDoftwoforallcodewordlengths.Anaddchecksumcanbethoughtofasanimprovementofchecksumsinthatbit“mixing”betweenbitpositionsofthedatablocksisaccomplishedviabit-by-bitcarriesofthebinaryaddition.TheeffectivenessofmixingdependsontheIEEETRANSACTIONSONDEPENDABLEANDSECURECOMPUTING,VOL.6,NO.1,JANUARY-MARCH2009 databeingadded,whichdeterminesthepatternofcarrybitsacrossvariousbitpositions.Asignificantcauseofundetectederrorsiswhenapairofbiterrorsindifferentdatablockslinesupatthesamebitpositionwithintheblocks,andthedatainthosebitpositionscontainsaoneinoneblockandazerointheotherblock.Theresultanterroneousdatablockshaveazerointhefirstblockandaoneintheotherblock,resultinginthesamesum.Asecondimportantsourceofundetectederrorsiswhenthemostsignificantbit(MSB)positionsofanytwodatablocksareinverted,regardlessofvalue.Thistypeoferrorisundetectedbecausethesumremainsthesame,andthecarry-outinformationfromthatpositionislostduringthecomputation,makingitimpossibletodetectapairofoneschangedtozerosorapairofzeroschangedtoonesintheMSBposition.Athirdsourceofundetectederrorsisanon-carry-generatingbitbeinginvertedinthedatawordandthebitinthecorrespondingbitpositioninthechecksumalsobeingBecausedata-dependenterrordetectionvulnerabilitiesinvolveaconcurrentinversionofoneandzerobitsinthesamebitposition,theaddchecksumperformsworstwheneachbitpositionhasanequalnumberofzerosandones.Forthisreason,randomdatagivesverynearlytheworstcaseforundetectederrorsbecauseittendstohavethesamenumberofzerosandonesineachbitposition.Giventhatrandomdataisoftenusedtoevaluatechecksumsbutrealdatasentinnetworkmessagesoftenhasastrongbiastowardzerosduetounuseddatafields(forexample,[33]mentionsthis,anditisalsocommoninembeddednetworks),therandomdataevaluationofaddchecksumscanbeconsideredpessimisticformanycases.Theaddchecksumperformsbestwhenthedataisallonesorallzeros,becauseinvertingapairofidenticalbitscausesacarry-biteffectthatisreadilydetected.Evenforworstcasedata,ascanbeseeninFig.1,theaddchecksumisalmosttwiceaseffectiveastheforlongdatawords.Thisisbecausetheprimarycauseofundetectederrorsisinvertedbitsthatarebothdifferingandinthesamebitposition,whereasundetectederrorsalsooccurforbitvaluesthatdonotnecessarilydiffer.Forworstcasedata,theaddchecksumhasanundetected2-biterrorpercentageapproximatelyequaltoisthechecksumsize.Thisequationcanbearrivedatbyaddingtogethertheundetectederrorpercentagesforeachbitposition.TheMSBhasanundetectederrorpercentageequaltothatof.Alltheotherbitshaveanundetectederrorpercentagethatishalfthatofbecauseonly0-1and1-0errorcombinationswillbeundetected.Multiplyingthetworatiosbythenumberofbitsineachblockandthenaddingthemtogethergivesus 1k 1kþ 12k k1k¼ 1k2þ k12k2¼ However,thisequationisjustanapproximationbecauseitdoesnottakeintoaccountthethirdsourceofundetectederrorsmentionedpreviouslynorthefactthatsomeofthe0-1and1-0errorcombinationswillbedetectableduetocarry-bitgeneration.Itisausefulapproximation,however,andcanbethoughtofasanapproximatebound,ascanbeseeninFig.2.Forlongdatawordswithall-zeroorall-onedata,theaddchecksumasymptoticallyfailstodetectapproximatelyof2-biterrors,whereisthechecksumsizeinbits.(SeeAppendixAforformuladerivations.)Fig.3showssimulationresultsforexactlyidenticalnumbersofzeroandonedata(alternating0xFFand0x00values),allzeros,andallones.Therandomlygenerateddatawordvalueswereveryclosetotheworstcaseasexpectedandareomittedfromthefigure.Theaddchecksumdetectsallbursterrorsuptobitsinlength,whereisthechecksumsize.Bursterrorsgreaterbitsmayormaynotbedetecteddependingonthenumberofbitsinvertedandtheirbitpositions.Thesame MAXINOANDKOOPMAN:THEEFFECTIVENESSOFCHECKSUMSFOREMBEDDEDCONTROLNETWORKS 63 Fig.1.Percentageofundetected2-biterrorsoverthetotalnumberof2-biterrorsfor8-,16-,and32-bit,two’scomplementaddition,andone’scomplementadditionchecksums.Two’scomplementadditionandone’scomplementadditiondatavaluesarethemeanof100trialsusingrandomdata. Fig.2.Percentageofundetected2-biterrorsfor16-bittwo’scomplementadditionandone’scomplementadditionchecksums.Thedatapointsforbothchecksumsarethemeanof100trialsusingrandomdata.Theworstcaseboundisfromthegivenformula. reasonsforundetectedbiterrorsapplytobursterrors.Thus,ifabursterrorgreaterthanbitsoccursbuttheinvertedbitsdonothavethesamebitpositionsorotherwisedonotfallintoanyofthethreecategoriesofundetectederrorsmentionedearlier,thenitisunlikelythatthebursterrorwillgoundetected.3.3One’sComplementAdditionChecksumTheone’scomplementadditionchecksumisobtainedbyperforminganintegerone’scomplementadditionofallblocksofthedataword.One’scomplementadditioncanbeperformedontwo’scomplementhardwareby“wrappingaround”thecarry-outoftheadditionoperationbackintothechecksum.Inparticular,ifaddingablocktotherunningchecksumtotalresultsinacarry-out,thentherunningchecksumisincremented.Speedoptimizationsareknownforhardwarethatdoesnotsupportcarrybits(forexample,[13]).Theorderinwhichblocksareprocesseddoesnotaffectthechecksumvalue.Themainperformancedifferencebetweenone’scomple-mentandtwo’scomplementadditionchecksumsisintheerrordetectioncapabilityofbitinversionsaffectingtheMSBofblocks.Becausethecarry-outinformationoftheMSBispreservedviabeingwrappedaroundandaddedbackintotheleastsignificantbit,bitinversionsthataffectapairofonesorapairofzerosintheMSBaredetectedbyone’scomplementadditionchecksumsbutareundetectedbytwo’scomplementadditionchecksums.(Reference[21]givesasimilarexplanation.)One’scomplementadditionchecksumsdetectallbursterrorsuptobitsinlength,isthechecksumsizeinbits.Somebursterrorsareundetectablebecauseofthewraparoundofcarry-outsbackintothelowbitsofthechecksum.Bursterrorsgreaterbitsinlengthwillbeundetectableiftheyfallintoanyofthecategoriesofundetectableerrorspreviouslydescribed.OtherthantheerrordetectionperformanceforbitsintheMSBposition,thebehaviorofone’sandtwo’scomplementadditionchecksumsisidentical,withtheone’scomplementadditionchecksumhavingaslightlylowerprobabilityofundetectederrorsforrandominde-pendentbiterrors(Fig.3).Atasymptoticlengths,theprobabilityofundetectederrorsforall-zeroandall-onedataapproaches,whereisthecodewordlengthinbits.(SeeAppendixBfortheformuladerivation.)Forworstcasedataatasymptoticlengths,approximatelyofallpossible2-biterrors,whereisthechecksumsize,aredetected.Thisishalfoftheratioofundetectederrorsforthechecksum.Theintuitivelogicbehindthisisthatforeachbitposition,only0-1and1-0errorcombinationswillbeundetected,unlikeintheXORchecksumwhere0-0and1-1errorcombinationsarealsoundetectable.LookingatFig.1,itcanbeseenthattheone’scomplementadditionchecksumisalmostasgoodasthechecksumathalfthechecksumsizeforrandomindependentbiterrorsonrandomdata.3.4One’sComplementFletcherChecksumTheFletcherchecksum[28],[14]isonlydefinedfor16-bitand32-bitchecksumsbut,inprinciple,couldbecomputedforanyblocksizewithanevennumberofbits.Weusetheone’scomplementadditionversion,whichprovidesbettererrordetectionthanthetwo’scomplementadditionversion[29].Weconfirmedthisexperimentally.(Throughoutthispaper,“Fletcherchecksum”means“one’scomplementadditionFletcherchecksum.”)AFletcherchecksumiscomputedwithablocksizeishalfthechecksumsize(forexample,a32-bitFletcherchecksumiscomputedwithablocksizeof16bitsacrossthedataword,yieldinga32-bitchecksumvalue).Thealgo-rithmusedtocomputethechecksumiteratingacrossasetofblocksfromInitialvalues:Forincreasingarebothcomputedusingthesameblocksize.Theresultingchecksumistoformachecksumthatistwicetheblocksize.Theaccumulationofmakesthechecksumsensitivetotheorderinwhichblocksareprocessed.Fletcherchecksumerrordetectionpropertiesaredatadependent.Aswithaddition-basedchecksums,thehighestprobabilityofundetectederroroccurswhenthedataineachbitpositionoftheblocksisequallydividedbetweenzerosandones.Randomdatawordvaluesalsogiveapproximatelyworstcaseerrordetectionperformanceduetoarelativelyequaldistributionofzerosandonesineachbitposition.Whenthedataisallzeros,theonlyundetectederrorisoneinwhichallbitsinasingleblockarechangedfromzerostoones.(Recallthat0xFFalsorepresentszeroin8-bitone’scomplementnotation.)TheFletcherchecksumcandetectallbursterrorsthatarelessthan)bitslong,whereistheblocksizethatishalfthechecksumsize.Asexpected,itisvulnerabletobursterrorsthatinvertbitsinablockfromallzerostoallonesorviceversa.(TheAdlerchecksumhasthesamevulnerability.Whethersuchanerrorislikelydependsonthebitencodingtechnique,with,forexample,Manchesterencodingbeingvulnerabletothissortoferrorifahalf-bit“slip”occursthatcausesa180-degreephaseshiftinreceiveddatawaveformedges.)Ourexperimentshaveverifiedthatexcludingthisspecialtypeofbursterror,theIEEETRANSACTIONSONDEPENDABLEANDSECURECOMPUTING,VOL.6,NO.1,JANUARY-MARCH2009 Fig.3.Probabilityofundetected2-biterrorsfor8-bitchecksumsusingdifferentdataandaBERof Fletcherchecksumcandetectallbursterrorslessthanisthechecksumsize.Reference[28]givesamoredetailedexplanationofbursterrordetectionproperties.TheFletcherchecksumhasuptoacertainmodulo-dependentcodewordlengthandforallremainingcodewordlengths.Wehaveconfirmedexperi-mentallythat2-biterrorsaredetectedfordatawordlengthslessthanÞðbits,whereisthechecksumsize,andisequaltotheFletcherchecksummodulus.Reference[28]statesfurtherthatall2-biterrorsaredetectedprovidedthattheyareseparatedbyfewerthanbits,withbeingthechecksumsize.Wehavealsoconfirmedexperimentallythatan8-bitFletcherchecksumhasforcodewordlengthsof68bitsandabove,withbelowthatlength.A16-bitFletcherchecksumhasstartingat2,056-bitcodewordlengths.Accordingtotheequation,a32-bitFletcherchecksumisexpectedtohavestartingatacodewordlengthof1,048,592bits.Fig.4showstheprobabilityofundetectederrorsoftheFletcherchecksum.Ingeneral,FletcherchecksumsaresignificantlyworsethanCRCs,evenwhenbothachievethesameHD.Inparticular,Fletcherchecksumshaveasignificantlyhigherprobabilityofundetectederrorthanforlonglengths,whereasCRCstypicallyhaveaslightlylowerprobabilityofundetectederrorthanbeingthechecksumsize.Thesignificanceofhereisthatitisacommonlyheldnotionthatallchecksumshavethesameerrordetectioneffectivenessequalto,whereisthechecksumsize.FurtherdiscussionofFletcherchecksumperformanceisgiveninSection4.2.TheCRCboundshowninthefigureisthelowestprobabilityofundetectederrorsofany8-bitCRC.Ofallthechecksumalgorithmsinthisstudy,theFletcherchecksumhasthenext-bestoverallerrordetectioncapabilityafterCRC,exceptforthespecialcaseofthe16-bitAdlerchecksumatshortlengths.3.5AdlerChecksumTheAdlerchecksum[15]isonlydefinedfor32-bitchecksumsbut,inprinciple,couldbecomputedforanyblocksizewithanevennumberofbits.TheAdlerchecksumissimilartotheFletcherchecksumandcanbethoughtofinthefollowingway.Byusingone’scomplementaddition,theFletcherchecksumisperformingintegeradditionmodulo255for8-bitblocksandmodulo65,535for16-bitblocks.TheAdlerchecksuminsteadusesaprimemodulusinanattempttogetbettermixingofthechecksumbits.ThealgorithmisidenticaltotheFletcheralgorithm,isinitializedtoone,andeachadditionisdonemodulo65,521(forthe32-bitAdlerchecksum)insteadofmodulo65,535.AswithaFletcherchecksum,theresultissensitivetotheorderinwhichblocksareprocessed.AlthoughtheAdlerchecksumisnotofficiallydefinedforotherdatawordlengths,weusedthelargestprimeintegerslessthanandlessthantoimplement8-and16-bitAdlerchecksumsforcomparisonpurposes.BecausethealgorithmissimilartothatforFletcherchecksums,Adlerchecksumshavesimilarperformanceproperties.(SeeFig.4.)Wehaveconfirmedexperimentallythat2-biterrorsaredetectedfordatawordlengthslessthanisthechecksumsizeandisequaltotheAdlerchecksummodulus.OurexperimentsshowthatAdler-8below60bits(usingmodulo13sums)andthatAdler-16hasbelow2,024bits(usingmodulo251sums).Fromtheequation,Adler-32isexpectedtohavebelow1,048,368bits.Forcodewordlengthsgreaterthanthosementionedabove,theAdlerchecksumhas.AswithFletcherchecksums,theworstcasefortheundetectederrorprobabilityiswithanequalnumberofzerosandonesineachdatablockbitposition,meaningthatrandomdatahasnearlyworstcaseundetectederrorAdler-8andAdler-16candetectallbursterrorsthatarelessthan)bitslong,whereistheblocksizethatisequaltohalfthechecksumsize.Adler-32detectsallbursterrorsupto7bitslong.(Reference[15]definesAdler-32blockstobe1byteor8bitswidewith16-bitrunningsums,soforAdler-32.)Excludingbursterrorsthatchangedatainthedatablocksfromallzerostoallonesorviceversa,allbursterrorslessthanaredetected.Thisis1-bitlessthantheFletcherchecksum,whichwasunexpectedsincetheyuseanalmostidenticalmathematicalbasis.(Reference[31]statesthattheAdlerchecksumhasahigherprobabilityofundetectedbursterrorsthantheFletcherchecksumbutdoesnotexplicitlystatethatthebursterrordetectioncoverageis1bitshorterinlength.)ThereasonforthisisthatAdlerchecksumsuseaprimemodulothatislessthanwhereasFletcherchecksumsuseamoduloequaltobeingthechecksumsize.AcomparisonofFletcherandAdlerchecksumperformanceisgiveninSection4.3.3.6CyclicRedundancyCodesThesimplestversionofaCRCcomputationusesashift-approachtocomputeachecksum[37].Fastermethodsofcomputationareavailable(forexample,[37],[38],and[39]basedoncompleteorpartiallookuptables)butarestillslowerthantheotherchecksumtechniquesdiscussed.Theselectionofagoodgeneratorpolynomialiscrucialtoobtaininggooderrordetectionpropertiesandisdiscussedin[27]. MAXINOANDKOOPMAN:THEEFFECTIVENESSOFCHECKSUMSFOREMBEDDEDCONTROLNETWORKS 65 Fig.4.Probabilityofundetectederrorsfor8-bitFletcherandAdlerchecksumsusingrandomdataandaBERof.DatavaluesforbothFletcherandAdlerchecksumsarethemeanof10trials.CRC-8boundvaluesareoptimalvaluesforall8-bitCRCpolynomials. AllCRCsaredataindependentandhaveanHDofatleasttwoforallcodewordlengths.Mostpolynomialshaveorhigherforsomelengthslessthan,wherethechecksumsize.Also,somepolynomialsdetectallodd-biterrors,attheexpenseofworseerrordetectionabilityforeven-biterrors.Allbursterrorsaredetecteduptobitsinlength,whereisthechecksumsizeinbits.Fig.5showstheboundsforthelowestprobabilityofundetectederrorsfor8-bitCRCsand16-bitCRCs.Inthissection,weexaminesomepublishedandfolk-wisdommisconceptionsaboutchecksumperformanceinlightofourexperiments.Ofcourse,thereareindividualswhodonotholdandpublicationsthatdonotcontainthesemisconceptions,butwehaveobservedtheseissuestoariseoftenenoughthattheywarrantspecificattention.4.1EffectofDataValueandErrorValueDistributionsonChecksumEffectivenessWhendataareuniformlydistributed,itiscommonforanassumptiontobemadethatallchecksumalgorithmshavethesameprobabilityofundetectederrorsisthechecksumsizeinbits.Theintuitiveargumentisthatbecausetherearepossiblechecksumvaluesforachecksum,givenmoreorlessrandomdataandrandomcorruption,thereisachanceoftheFCSjusthappeningtomatchthecorrupteddatavaluesbychance(forexample,aone-in-256probabilityofundetectederrorforan8-bitchecksum).Althoughthisistrueforcompletelyrandomdataandcorruption,mostdataisnotreallyrandom,andneitherdomanytypesofcorruptionresultintotalrandomdatascrambling.Moreoften,checksumeffectivenessiscontrolledbythelimitingcaseofpatterneddataandcorruptionthatispatternedoronlyaffectsafewbits.Asanexample,Stoneetal.[33]studiedthebehaviorofone’scomplementadditionchecksum(whichtheyexam-inedinthecontextofitsuseastheTCPchecksum),Fletcherchecksum,andCRCacrossrealnetworkdata.Theyobservedthattheone’scomplementadditionchecksumandtheFletcherchecksumhadathatwasfarworsethanthevalueofthattheyexpected.Theytheorizedthatoneofthereasonsforthiswasbecauseofthenonuniformdistributionofthedatatheywereusing,andintheirCorollary8,theyclaimthatifdatahadbeenuniformlydistributed,theIP(one’scomplementaddition)andFletcherchecksumswouldhavebeenequivalentlypowerful.Reference[31]furthersthispointofviewinitsanalysis.Althoughthismaybetrue,theexplanationisnotnecessarilyusefulinpredictingtheeffectivenessofchecksumsoperatingonnonrandomdata.Wethinkthatitisalsoimportanttoconsidertheeffectivenessofchecksumsatdetectingsmallnumbersofcorruptedbits.Thekeyistolookattheeffectivenessofachecksumintermsofhowmuchthechecksumvaluevariesbasedonrelativelysmallchangestothedatavalueusedasinput.Onewayoflookingatthisisevaluatingtheeffectivenessofachecksumcomputationintermsofitseffectivenessasapseudorandomnumbergenerator.Thebetterthegenerator,themorelikelythatmultiplebitsoftheoutputwillbeaffectedbyevenasinglebitchangeininputvalue.(Thiscriterionisaformoftheavalanchepropertythatischaracteristicofgoodcryptographicallysecurehashfunctions,forexampleasdiscussedin[40].“Better”hashfunctionsproducea“morerandom”output.)Anchecksum,forexample,changesonly1-bitofcomputedFCSvaluefora1-bitchangeindatavalue.One’scomplementandtwo’scomplementadditionchangeonly1bitoftheFCSvalueforasinglebitofdatavaluechangedintheworstcase(whentherearenocarrieschanged)andmanybitsofdatavalueinthebestcase.FletcherandAdlerchecksumstypicallychangeseveralbitsintheFCSforasingle-bitdatavaluechange,withthechangesmorepronouncedinthehighhalfoftheFCS.Asingle-bitchangeinthedatavalueforaCRCintypicalcaseshasthepotentialtoaffectallthebitsoftheFCS.Theresultsofeffectivenesscanbeseenwhenexaminingperformanceforsmallnumbersofbiterrors.Fig.6showsdifferentchecksumalgorithmsappliedtothesameuni-formlydistributedrandomdata.Thegraphclearlyshowsthatisdependentonthealgorithmused.The,two’scomplement,andone’scomplementadditionIEEETRANSACTIONSONDEPENDABLEANDSECURECOMPUTING,VOL.6,NO.1,JANUARY-MARCH2009 Fig.5.Boundsfortheprobabilityofundetectederrorsforall8-bitCRCsandall16-bitCRCs Fig.6.Performanceof16-bitchecksumswithrandomdataandrandomindependentbiterrors(BERof).Thedatavaluesfortwo’scomplementaddition,one’scomplementaddition,Fletcher,andAdlerchecksumsarethemeanof10trials. checksumsperformtheworst,whereasCRCperformsthebest.(Two’scomplementadditionchecksumresultsareverysimilartothoseoftheone’scomplementadditionchecksumwiththisverticalaxisscale.)Thisisaresultofthedifferenteffectivenessofchecksumsatgeneratingdifferentoutputsforsmallchangesininput.TheFletcher,Adler,andCRCalgorithmsattainbetterthanforshortmessagesduetotheirmathematicalproperties,butonlyagoodCRCdoesbetterthanforalldatalengthsinthisfigure.Theworstcaseforaweakchecksumalgorithmisasmallnumberofbiterrorsthatdonotmixtheresultsverymuch.Asthenumberofbiterrorsinasinglecodewordincreases,allchecksumsconvergetothelimitvalue,makingthechoiceofchecksumalgorithmmoot.(SeeFig.7.)Therefore,uptothedegreethatthecorruptionofdatadoesnotresultintotallyrandomerroneousdata,theselectionofchecksumalgorithmsisimportant.isfurtherinfluencedbythedatawordcontentwhendata-dependentchecksumssuchastwo’scomplementaddition,one’scomplementaddition,Fletcher,andAdlerareused.Datadependentheremeansthattheforthesechecksumsvariesdependingonthedatawordcontent,unlikeinthechecksumandCRCwherethesameregardlessofthedatawordcontent.Thepercentageofundetectederrorsisleastwhenthedataisallzerosorallones.Thepercentageincreaseswhenthenumberofzerosandonesineachbitpositioninthedataismoreequal.Inviewofthis,thehighestpercentageofundetectederrorsusuallyoccursforrandomdatahavinganevennumberofonesandzerosineverybitposition.Fig.8showsthiseffectfortheone’scomplementadditionchecksum.Inthisexperiment,thedifferentvalueswerealternatedwith0x00bytes.Inthefigure,theeffectofincreasingthenumberofbitpositionswherethereareanequalnumberofonesandzeroscanbeclearlyseen.Itcanalsobenotedthattheworstcaseboundcoincideswiththelineforthe0xFF-0x00datapattern.Fig.9showsthewhenthenumberofrandomlyplacedonesinthedatawordisincreasedfrom1to63ina64-bitdatawordmessage.Theprobabilityofundetectederrorsincreasesfromwhendatais100percentzerosoronestowhendatais50percentzerosand50percentonesineverybitpositioninthedataword.4.2FletcherChecksumComparedtoCyclicRedundancyCodesSomepreviouswork(forexample,[28]and[15])leadmanypractitionerstotheconclusionthattheFletcherchecksumandAdlerchecksumarecomparabletoCRCinerrordetectioncapabilitiesingeneraloratleastforshortdatawordlengths.(Thisisnotquitewhatthosepapersclaim,butitisnonethelesscommon“folkwisdom”thesemanyyearslaterandisinfacttruetoadegreeforsome“bad”CRCsinwidespreaduse.)However,inallcases,aissubstantiallybetteratthesameHDand,inmanyimportantcases,achievesbetterHDthaneitherFletcherorAdlerchecksums.Sheinwaldetal.[31]computedtheundetectederrorprobabilitiesforsomeCRC-32polyno-mialsandFletcher-32andAdler-32checksumsforalengthof8Kbytesor65,536bits.TheirresultsshowthatCRCoutperformsbothFletcher-32andAdler-32. MAXINOANDKOOPMAN:THEEFFECTIVENESSOFCHECKSUMSFOREMBEDDEDCONTROLNETWORKS 67 Fig.7.Percentageofundetectederrorsinrandomdataforincreasingnumbersofinjectedbiterrorsina64-bitdatawordusing8-bitchecksums.Thedatavaluesarethemeanof10trials. Fig.8.Probabilityofundetected2-biterrorsfor8-bitone’scomplementadditionchecksum(BERof)usingdifferentdatapatterns.ThedatapatternswerepairsofbytesoftheformXX-00,whereXXwasthefirstbyteofarepeatedpair,variedfrom00to0xFF,andthesecondbytewasalwayszero. Fig.9.Probabilityofundetectederrorsinrandomdatafora64-bitdatawordusing8-bitchecksumsandaBERof.Thedatavaluesarethemeanof100trials. Reference[28]statesthatforasymptoticallylongcodewords,theone’scomplementadditionFletcherchecksumofallpossibleerrors,whichisonlyslightlylessthanchecksumsize.“Allpossibleerrors”hereseemstomeanallbiterrorsregardlessofnumberandallbursterrorsregardlessoflength—ineffect,thisissimilartotherandomdataargument(isalwaysequalto)wementionedearlierunderwhichanychecksumperformsaboutthatwell.Mostembeddedsystemshavecodewordlengthsthataremuchshorterthanbits,withbeingthechecksumsize.EventhecomparativelylargeEthernetMaximumTransmissionUnit(MTU),forexample,isonly1,500bytes(or12,000bits),whichismuchshorterthan65,535bits.Attheselengths,CRCsoftenhavedistinctadvantages.ByusingFletcherandAdlerchecksumsattheselengths,theerrordetectioncapabilityisconsiderablysuboptimal—atleast1-bitofHDinerrordetectioncapabilityiseffectivelybeinggivenup,andoften,itismore.Fig.10showsacomparisonoftheFletcherchecksumtotwoCRCpolynomials,thecommonCCITT-16andthe0x8016polynomial,whichperformsbetterthanCCITT-16startingat32Kbits,whereithascomparedtoCCITT-16’s.Forshortcodewordlengths,theFletcherchecksumisatleast1bitofHDworsethanCRCs.Wewouldliketoreiteratewhatwassaidin[27],whichisthattheselectionofthebestCRCpolynomialforthedesiredchecksumsizeisofutmostimportance.Fig.11showsthattheincorrectselectionofaCRCpolynomialcanresultinworseerrordetectionperformancethantheFletcherchecksum.NetworksthatuseDARC-8wouldbebetteroffusingFletcher-8,whereasnetworksthatuseCRC-8andATM-8butdonotusecodewordsshorterthan128bitswouldgetcomparableperformancetoFletcher-8.However,polynomial0xA6wouldbeabetterchoicefornetworksthatwanttousean8-bitCRCabovea128-bitdatawordlength.AcomparisonoftheFletcherchecksumeffectivenesstothatofCRCswasalsoperformedonCRCchecksumsizeslessthantheFletcherchecksumsize(seeFig.12).OptimalCRCboundsfroman8-bitCRCtoa12-bitCRCwereplottedagainstthe16-bitFletcherchecksum.TheresultinggraphshowsthatitispossibleforanoptimalCRCpolynomialwithasmallerchecksumsizetooutper-formtheFletcherchecksum.CRC-8,CRC-9,andCRC-10allperformbetterthanFletcher-16forcodewordlengthslessthan128,256,and512bits,respectively.CRC-11performsbetterthanFletcher-16forcodewordlengthslessthan1,024bits,performsworseforlengthsgreaterthan1,024butlessthan2,048bits,andperformscomparablyforlengthsgreaterthan2,048bits.CRC-12consistentlyoutperformsFletcher-16forallcodewordlengths.OptimalCRCswithmorethan12bitswillperformevenbetterandthusareomittedfromthegraph.4.3One’sComplementFletcherChecksumComparedtotheAdlerChecksumTheAdlerchecksumhasbeenputforwardasanimprove-mentoftheFletcherchecksum[15],anditiscommonlybelievedthattheAdlerchecksumisunconditionallysuperiortotheFletcherchecksum(forexample,[41]and[42]).(Inaprivatecommunication,M.Adlerstatedthatwhat[15]meantwasthatAdler-32isanimprovementoverFletcher-16,whichistrue.Atthattime,hewasnotawareofFletcher-32,butthispointisnotwidelyknownandisnotapparentin[15].)ThebettermixingofbitsthattheAdlerchecksumprovidesduetoitsprimemodulushasbeenclaimedtoIEEETRANSACTIONSONDEPENDABLEANDSECURECOMPUTING,VOL.6,NO.1,JANUARY-MARCH2009 Fig.10.Probabilityofundetectederrorsfora16-bitFletcherchecksumandtwo16-bitCRCsataBERof.ThedatavaluesfortheFletcherchecksumarethemeanof10trialsusingrandomdata. Fig.11.ProbabilityofundetectederrorsforsomecommonCRCsandFletcher-8ataBERof.ThedatavaluesforFletcher-8arethemeanof10trialsusingrandomdata. Fig.12.ProbabilityofundetectederrorsforFletcher-16andCRCboundsfordifferentCRCwidthsataBERof.DatavaluesforFletcher-16arethemeanof10trialsusingrandomdata. providebettererrordetectioncapabilitiesthantheFletcherchecksum.Wehavefoundthatthisisoftennotthecase(seeFig.13).Reference[31]alsoshowsthatFletcher-32isbetterthanAdler-32for65,536-bitlengthsbutdoesnotcommentonshorterlengths.TheAdlerchecksumoutperformstheFletcherchecksumonlyfor16-bitchecksumsandonlyinthatchecksum’sperformanceregion(seeFig.13).TheissueisthatalthoughtheprimemodulusintheAdlerchecksumresultsinbettermixing,therearefewer“bins”(thatis,validFCSvalues)availableforcodewords.Inmostcases,thisreductioninbinsoutweighsthegainsmadebybettermixing.Thus,theFletcherchecksumissuperiortotheAdlerchecksuminallcasesexceptforAdler-16usedonshortdatawordlengths.Moreover,eventhen,theimprovementinerrordetectioneffectivenessmightnotbeworththeincreaseincomplexityandcomputationalcostofperformingmodularaddition.ETECTIONANDTheselectionofthebestchecksumforagivennetworkisusuallynotbasedonerrordetectionpropertiesalone.Otherfactorssuchascomputationalcostfrequentlycomeintoplayaswell.Feldmeier’sstudyonfastsoftwareimplemen-tationsforchecksumalgorithms[36]showedthattheone’scomplementadditionchecksumisapproximatelytwiceasfastastheFletcherchecksum,andtheFletcherchecksumisatleasttwiceasfastasCRC.Ourexperienceconfirmsthegeneralvalidityofthoseresults.Wesummarizetheerrordetectionversuscosttrade-offsbelowbasedonFeldmeier’sperformancefindings,whichwehavefoundtobegenerallyrepresentativeofembeddednetworktrade-offs.5.1CostPerformanceTrade-Offschecksumhasthesmallestcomputationalcostofallchecksumalgorithms.However,italsohastheworsterrordetectionpropertiesamongallthechecksumalgo-rithms.Itserrordetectionpropertiesdonotsignificantlychangewiththecodewordlength.Thetwo’scomplementadditionchecksum(“addchecksum”forshort)hasthesamecomputationalcostasthechecksuminsoftwareimplementations.Thecodewordlengthdoesnotsignifi-cantlyaffectitserrordetectionability.Insoftwareimplementations,theone’scomplementadditionchecksumhasacomputationalcostsimilartoorveryslightlyhigherthanthatoftheaddchecksumbecauseoftheMSBcarry-bitincorporation.(OptimizationssimilartothoseusedforFletcherandAdlerchecksums,suchas[29]and[30],areapplicabletoanychecksumoperationinvolvingone’scomplementadditionandmakethemalmostasfastasatwo’scomplementadditionchecksum.)Itmakesupforthisslightlyhighercostbybeingslightlybetteraterrordetectionthantheaddchecksum.Itserrordetectionpropertiesarenotsignificantlyaffectedbythecodewordlength.Theone’scomplementadditionchecksumshouldusuallybeusedinsteadofthechecksumandtheaddchecksum,unlesstherearecompellingreasonsfornotdoingso.TheFletcherchecksumhasapproximatelytwicethecomputationalcostoftheone’scomplementadditionchecksumduetoitshavingtworunningsumsinsteadofonebutisatleastanorderofmagnitudebetteraterrordetectionatlongcodewordlengths.Forshortcodewordlengths,itisanumberofordersofmagnitudebetterthantheone’scomplementadditionchecksumduetoitserrordetection.TheerrordetectionpropertiesoftheFletcherchecksumsharplydeteriorateafterthelengthlimitisreached.TheAdlerchecksumhasaslightlyhighercomputa-tionalcostthantheFletcherchecksumduetoitsuseofaprimemodulus.Ithas,atmost,acomparableerrordetectionpropertytotheFletcherchecksum.LiketheFletcherchecksum,itserrordetectionabilityalsodropsoffafteracertaincodewordlength.WhengivenachoicebetweenusingtheFletcherchecksumandtheAdlerchecksumforshortcodewordlengths,theFletcherchecksumisusuallybetter.Ithasnotonlyalowercomputationalcostbutalsobetteroverallerrordetectionproperties.TheCRChasthehighestcomputationalcostofallchecksumalgorithms.Itisgenerallydoublethecomputa-tionalcostoftheFletcherchecksum.However,italsohasthebesterrordetectionpropertiesofallthechecksumalgorithms.Forthesamechecksumsize,anoptimalCRCpolynomialisordersofmagnitudebetterthantheFletcherchecksumforcodewordlengthslessthanisthechecksumsize.Forcodewordlengthslongerthanthis,anoptimalCRCpolynomialisapproximatelyanorderofmagnitudebetterthantheFletcherchecksum.Amongallthechecksumalgorithmsstudied,theCRChasthegreatestvariationinerrordetectionabilitywithrespecttothecodewordlength.ThereareanumberofspeeduptechniquesavailableforCRCcomputations,especiallyforsmallembeddedprocessors.RayandKoopman[39]discussCRCperformanceoptions,includingthepossibilityoftable-lookupoptimizations.Theshorterthecodewordlength,thegreaterthebenefitofusingaCRCcomparedtootherchecksumalgorithms.Forcodewordlengthsgreaterthanequaltothechecksumsize,thebenefitofusinga MAXINOANDKOOPMAN:THEEFFECTIVENESSOFCHECKSUMSFOREMBEDDEDCONTROLNETWORKS 69 Fig.13.Comparisonof8-,16-,and32-bitFletcherandAdlerchecksumsusingrandomdataataBERof.Thedatapointvaluesarethemeanof10trials. CRCdropssharplybecauseitonlyprovidesdetectionperformance.(Resultsaresimilarforlargerchecksums,withthelengthsatwhichCRCsprovidebetterthanbeingsubstantiallylonger.)Thus,althoughitmaybedifficulttojustifytheincreasedcomputationalcostofusingaCRCforthelargedatawordsfoundintypicalenterpriseanddesktopcomputingenvironments,thestoryisquitedifferentforshortmessages(oftenlessthan100bits)typicallyfoundinembeddednetworks.Forembeddednetworks,usingaCRCcanbringordersofmagnitudebettererrordetectionperformanceforafactorofaboutfourperformancepenalty.(RayandKoopman[39]presentsomeCRCpolynomialsthathavegooderrordetectionperformancewithfastercomputationspeedsthanotherCRCs.)AlthoughFletcherandAdlerchecksumscanprovideatshortmessagelengths,theyareoutperformedbyagoodCRCatallmessagelengths.ThegeneralnotioninwidespreadcirculationthatFletcherandAdlerchecksumsaremoreorlessasgoodasaCRCatdramaticallylesscomputationcostisnotreallyaccurateforembeddednetworks.ChecksumsotherthanCRCgiveupordersofmagnitudeinerrordetectioneffectivenessinreturnforafactoroftwotofourspeedup.Moreover,networksthatuseanchecksumcouldhavesignificantlybettererrordetectionforessentiallythesamecomputationalcostsimplybyusingatwo’scomplementadditionor,preferably,aone’scomplementaddition5.2GeneralChecksumGuidelinesBelowaregeneralguidelinesforchecksumusebasedontheresultsdiscussedinthispaper.Ofcourse,eachindividualembeddednetworkapplicationwillhaveitsowncon-straintsandtrade-offs,buttheseguidelinesshouldserveasastartingpointformakinginformeddesignchoices:Neveruseanchecksumwhenitispossibletouseatwo’scomplementadditionchecksum(orsomethingevenbetter).Useaone’scomplementadditionchecksuminpreferencetoatwo’scomplementadditionchecksumforrandomindependentbiterrors.Useatwo’scomplementadditionchecksuminpreferencetoaone’scomplementadditionchecksumforbursterrors.Ifbothburstandrandomindepen-dentbiterrorsmatter,one’scomplementisprobablythebetterchoice.Ifcomputationalresourcesareavailable,useaFletcherchecksuminpreferencetoone’scomple-mentortwo’scomplementadditionchecksumstoprotectagainstrandomindependentbiterrors.DonotuseaFletcherchecksumifbursterrorsarethedominantfaultexpectedanddataconsistspre-dominantlyofcontinuousstringsofallzerosorallones.Ifcomputationalresourcesareavailable,useaCRCinsteadofanyoftheotherchecksumsmentioned.Itisgenerallybetterforbothrandomindependentbiterrorsandbursterrors.Takeintoaccountthelengthofthedatawordwhenevaluatingchecksumperformance.Performancecanvarydramaticallywiththesizeofthedataword,especiallyforCRCs.Theerrordetectionpropertiesofchecksumsvarygreatly.Theprobabilityofundetectederrorsforachecksumisnotalwaysinrealisticnetworksasissometimesthought.Rather,itisdependentonfactorssuchasthetypeofalgorithmused,thelengthofthecodeword,andthetypeofdatacontainedinthemessage.Thetypicaldeterminingfactoroferrordetectionperformanceisthealgorithmused,withdistinctdifferencesevidentforshortmessagestypicalofembeddednetworks.Evenformoderatelylongmessages,theerrordetectionperformanceforrandomindependentbiterrorsonarbitrarydatashouldbeconsideredasapotentiallybetter(andsimpler)modelthanafixedfractionofundetectederrorsof,whereisthechecksumsizeinbits.ThebehavioronsmallnumbersofbiterrorscaneasilybealimitingfactoroftheoverallerrordetectionBasedonourstudiesofundetectederrorprobabilities,fornetworkswhereitisknownthatbursterrorsarethedominantsourceoferrors,the,two’scomplementaddition,andCRCchecksumsprovidebettererrordetec-tionperformancethantheone’scomplementaddition,Fletcher,andAdlerchecksums.Forallnetworks,a“good”CRCpolynomial,wheneverpossible,shouldbeusedforerrordetectionpurposes.Itprovidesatleastoneadditionalbitoferrordetectioncapability(morebitsofHD)comparedtootherchecksumsanddoessoatonlyafactoroftwotofourtimeshighercomputationalcost.Innetworkswherecomputationalcostisasevereconstraint,theFletcherchecksumistypicallyagoodchoice.TheFletcherchecksumhasalowercomputa-tionalcostthantheAdlerchecksumand,contrarytopopularbelief,isalsomoreeffectiveinmostsituations.Inthemostseverelyconstrainednetworks,one’scomplementadditionchecksumsshouldbeusedifpossible,withtwo’scomplementadditionbeingalesseffectivealterna-tive.Thereisgenerallynoreasontocontinuethecommonpracticeofusinganchecksuminnewdesignsbecauseithasthesamesoftwarecomputationalcostasanaddition-basedchecksumbutisonlyabouthalfaseffectiveatdetectingerrors.Theformulasforthepercentageofundetectederrorsforall-zeroandall-onedataarederivedasfollows.A.1All-ZeroDataForancodewordwithall-zerodata,thenumberofundetected2-biterrorsisequaltothesumofthetotalnumberofbitsinthecodewordminusthechecksumsizeIEEETRANSACTIONSONDEPENDABLEANDSECURECOMPUTING,VOL.6,NO.1,JANUARY-MARCH2009 thecombinationofalltheMSBsinthedatawordtakentwoatatime: nkk2¼ðnkÞþ nkk n2kk2¼ 2ðnkÞþ nkk n2kk2¼ ÞþðThetotalnumberofpossible2-biterrorsforanwordis Dividingthenumberofundetected2-biterrorsbythetotalnumberof2-biterrorsgivesusthepercentageofundetected2-biterrorsas 2k2ðnkÞþðnkÞðn2kÞ2k2 nðn1Þ2¼ Þþðisthecodewordlengthinbits,andisthechecksumsizeinbits.A.2All-OneDataForancodewordwithall-onedata,theequationuseddependsonwhethertheMSBofthechecksumisoneorzero.TheMSBchangeseverybitsofdatawordlength.Forexample,inan8-bitchecksum,theMSBofthechecksumchangesafterevery1,024datawordbits.Lookingatthefirst,third,fifth,andsoon,setofdatawords,itcanbeseenthattheMSBofthechecksumisone.Forthiscase,ancodewordwillhaveanundetected2-biterrorequaltothechecksumsizeminusthenumberofonesinthebinaryformofmultipliedbydatawordlengthplusthecombinationofalltheMSBsinthedatawordtakentwoatatime: nkkþ nkk2¼ðkiÞ nkkþ Consideringthesecond,fourth,sixth,andsoon,setofdatawords,theundetected2-biterrorforanwordisequaltooneplusthechecksumsizeminusthenumberofonesinthebinaryformofpliedbydatawordlengthplusthecombinationofalltheMSBsinthedatawordtakentwoatatime: nkkþ nkk2¼ðkiþ1Þ nkkþ ThereasonfortheadditionofonetothesecondequationisthathavingavalueofzerointheMSBcausesthebitsintheMSBcolumntogenerateadditionalundetectederrors.Thetwoequationsabovewhendividedbythenumberofallpossible2-biterrors(bitcombinationstakentwoatatime)willyieldthefollowingequations.Forthefirst,third,fifth,andsoon,setofdatawords 2ðkiÞ nk1þ nk1 iscodewordlengthinbits,ischecksumsizeinbits,andisthenumberofzerosinthechecksumorthenumberofonesinthebinaryformofwithinthechecksumwidth.Forthesecond,fourth,sixth,andsoon,setofdatawords 2ðkiþ1Þ nk1þ nk1 iscodewordlengthinbits,ischecksumsizeinbits,andisthenumberofzerosinthechecksumorthenumberofonesinthebinaryformofwithinthechecksumwidth.Forall-zeroandall-onedata,onlyoneequationisneededbecausetherearenoundetected2-biterrorsduetotheMSB.Theequationisequaltotheonefromthetwo’scomplementadditionchecksumforall-zerodataminustheundetectedbiterrorscausedbytheMSB.Thus,thepercentageofundetectederrorsisequalto ðnkÞn2¼ ðnkÞ nðn1Þ2¼ isthecodewordlengthinbits,andisthechecksumsizeinbits.TheauthorswouldliketothankProfessorPriyaNarasim-han,MarkAdler,andtheanonymousreviewersfortheirhelpfulcommentsandsuggestions.ThisresearchwassupportedinpartbyagrantfromBombardierTransporta-tion,theGeneralMotorsCollaborativeResearchLaboratoryatCarnegieMellonUniversity,andthePennsylvaniaInfrastructureTechnologyAlliance(PITA).[1]R.BoschGmbH,CANSpecificationVersion2.0,Sept.1991.1991.FlexRayConsortium,FlexRayCommunicationsSystemProtocolSpecificationVersion2.1,May2005.2005.TTTechComputertechnikAG,TimeTriggeredProtocolTTP/CHigh-LevelSpecificationDocument,ProtocolVersion1.1,ed.1.4.3,Nov.2003.2003.TheHARTBook,TheHARTMessageStructure.WhatIsHART?http://www.thehartbook.com/technical.htm,Dec.2005.2005.ThalesNavigation,DataTransmissionProtocolSpecificationforMagellanProductsVersion2.7,Feb.2002. MAXINOANDKOOPMAN:THEEFFECTIVENESSOFCHECKSUMSFOREMBEDDEDCONTROLNETWORKS 71Authorized licensed use limited to: IEEE Xplore. Downloaded on March 24, 2009 at 14:50 from IEEE Xplore. Restrictions apply. MGEUPSSystems,SimplifiedSHUTandHIDSpecificationforUPS,Mar.2002.2002.VendapinLLC,APIProtocolSpecificationforCTD-202USBVersion&CTD-203RS-232VersionCardDispenser,Aug.2005.2005.Q.Lian,Z.Zhang,S.Wu,andB.Y.Zhao,“Z-Ring:FastPrefixRoutingviaaLowMaintenanceMembershipProtocol,”13thIEEEInt’lConf.NetworkProtocols(ICNP’05),pp.132-146,Nov.2005.2005.W.Christensen,ModemProtocolDocumentation,Revisedversion(1985),http://www.textfiles.com/apple/xmodem,Dec.2005.2005.Modicon,Inc.,ModbusProtocolReferenceGuide,Rev.J.,June1996.1996.McShaneInc.,“CalculatingtheChecksum,”Comm.Protocol,http://mcshaneinc.com/html/Library_CommProtocol.html,Dec.2005.2005.Opto22,OptomuxProtocolGuide,Aug.2005.2005.R.Braden,D.Borman,andC.Partridge,ComputingtheInternetChecksum,IETFRFC1071,Sept.1988.1988.J.ZweigandC.Partridge,TCPAlternateChecksumOptions,IETFRFC1146,Mar.1990.1990.P.DeutschandJ.-L.Gailly,ZLIBCompressedDataFormatSpecificationVersion3.3,IETFRFC1950,May1996.1996.N.R.SaxenaandE.J.McCluskey,“AnalysisofChecksums,Extended-PrecisionChecksums,andCyclicRedundancyChecks,”IEEETrans.Computers,vol.39,no.7,pp.969-975,July1990.1990.A.M.Usas,“ChecksumversusResidueCodesforMultipleErrorDetection,”Proc.EighthAnn.Int’lSymp.Fault-TolerantComputing(FTCS’78),p.224,1978.1978.S.C.TzouChenandG.S.Fang,“AClosed-FormExpressionfortheProbabilityofChecksumViolation,”IEEETrans.Systems,Man,andCybernetics,vol.10,no.7,pp.407-410,July1980.1980.C.JiaoandL.Schwiebert,“ErrorMaskingProbabilityof1’sComplementChecksums,”Proc.10thInt’lConf.ComputerComm.andNetworks(ICCCN’01),pp.505-510,Oct.2001.2001.Y.Desaki,K.Iwasaki,Y.Miura,andD.Yokota,“DoubleandTripleErrorDetectingCapabilityofInternetChecksumandEstimationofProbabilityofUndetectableError,”Proc.PacificRimInt’lSymp.Fault-TolerantSystems(PRFTS’97),pp.47-52,Dec.1997.1997.W.W.Plummer,“TCPChecksumFunctionDesign,”Comm.Rev.,vol.19,no.2,pp.95-101,Apr.1989.1989.T.Baicheva,S.Dodunekov,andP.Kazakov,“OntheCyclicRedundancy-CheckCodeswith8-BitRedundancy,”vol.21,pp.1030-1033,1998.1998.T.Baicheva,S.Dodunekov,andP.Kazakov,“UndetectedErrorProbabilityPerformanceofCyclicRedundancy-CheckCodesof16-BitRedundancy,”IEEEProc.Comm.,vol.147,no.5,pp.253-256,Oct.2000.2000.P.Kazakov,“FastCalculationoftheNumberofMinimum-WeightWordsofCRCCodes,”IEEETrans.InformationTheory,vol.47,3,pp.1190-1195,Mar.2001.2001.G.Funk,“DeterminationofBestShortenedLinearCodes,”Trans.Comm.,vol.44,no.1,pp.1-6,Jan.1996.1996.P.Koopman,“32-BitCyclicRedundancyCodesforInternetApplications,”Proc.Int’lConf.DependableSystemsandNetworks(DSN’02),pp.459-468,June2002.2002.P.KoopmanandT.Chakravarty,“CyclicRedundancyCode(CRC)PolynomialSelectionforEmbeddedNetworks,”Proc.Int’lConf.DependableSystemsandNetworks(DSN’04),pp.145-154,June2004.2004.J.G.Fletcher,“AnArithmeticChecksumforSerialTransmissions,”IEEETrans.Comm.,vol.30,no.1,pp.247-252,Jan.1982.1982.A.Nakassis,“Fletcher’sErrorDetectionAlgorithm:HowtoImplementItEfficientlyandHowtoAvoidtheMostCommonComputerComm.Rev.,vol.18,no.5,pp.63-88,Oct.1988.1988.K.Sklower,“ImprovingtheEfficiencyoftheOSIChecksumCalculation,”ComputerComm.Rev.,vol.19,no.5,pp.44-55,Oct.1989.1989.D.Sheinwald,J.Satran,P.Thaler,andV.Cavanna,ProtocolSmallComputerSystemInterface(iSCSI)CyclicRedundancyCheck(CRC)/ChecksumConsiderations,IETFRFC3385,Sept.2002.2002.C.Partridge,J.Hughes,andJ.Stone,“PerformanceofChecksumsandCRCsoverRealData,”ComputerComm.Rev.,Proc.ACMSIGCOMM’95,vol.25,no.4,pp.68-76,Oct.1995.1995.J.Stone,M.Greenwald,C.Partridge,andJ.Hughes,“PerformanceofChecksumsandCRC’soverRealData,”IEEE/ACMTrans.Networking,vol.6,no.5,pp.529-543,Oct.1998.1998.J.StoneandC.Partridge,“WhentheCRCandTCPChecksumComputerComm.Rev.,Proc.ACMSIGCOMM’00,vol.30,no.4,pp.309-319,Oct.2000.2000.A.J.McAuley,“WeightedSumCodesforErrorDetectionandTheirComparisonwithExistingCodes,”IEEE/ACMTrans.Networking,vol.2,no.1,pp.16-22,Feb.1994.1994.D.C.Feldmeier,“FastSoftwareImplementationofErrorDetectionIEEE/ACMTrans.Networking,vol.3,no.6,pp.640-651,Dec.1995.1995.T.RamabadranandS.Gaitonde,“ATutorialonCRCComputa-IEEEMicro,vol.8,no.4,pp.62-75,Aug.1988.1988.D.V.Sarwate,“ComputationofCyclicRedundancyChecksviaTableLook-Up,”Comm.ACM,vol.31,no.8,pp.1008-1013,Aug.1988.1988.J.RayandP.Koopman,“EfficientHighHammingDistanceCRCsforEmbeddedApplications,”Proc.Int’lConf.DependableSystemsandNetworks(DSN’06),June2006.2006.A.J.Menezes,P.C.vanOorschot,andS.A.Vanstone,HandbookofAppliedCryptography.CRCPress,1997.1997.Wikipedia,Adler-32,http://en.wikipedia.org/wiki/Adler-32,Dec.2005.2005.K.H.Fritsche,“TinyTorrent:CombiningBitTorrentandSensor-Nets,”TechnicalReportTCD-CS-2005-74,Univ.ofDublin,TrinityCollege,Dec.2005.TheresaC.MaxinoreceivedtheBSdegreeincomputerengineeringfromtheUniversityofSanCarlos,CebuCity,Philippines,in1995andtheMSdegreeinelectricalandcomputerngfromCarnegieMellonUniversity,Pittsburgh,in2006.ShewaswithAdvancedWorldSystems,Inc.,foranumberofyears,workingontheresearchanddevelopmentoflaserprinters,specificallyontheprinteroperat-ingsystemandtheprintercontroller.SheiscurrentlywithLexmarkResearchandDevelopmentCorporationandshewaspreviouslywithCarnegieMellonUniversity.Herresearchinterestslieinembeddedsystems,dependability,andsecurity.SheisamemberoftheIEEE.PhilipJ.KoopmanreceivedtheBSandMEngdegreesincomputerengineeringfromRensselaerPolytechnicInstitutein1982andthePhDdegreeincomputerengineeringfromCarnegieMellonUniversity,Pittsburgh,in1989.HewasaUSNavysubmarineofficer.Duringseveralyearsinindustry,hewasaCPUdesignerforHarrisSemiconductorandanembeddedsystemsresearcherforUnitedTechnologies.Since1996,hehasbeenwithCarnegieMellonUniversity,whereheiscurrentlyanassociateprofessor.Hisresearchinterestsincludedependability,safetycriticalsystems,distributedreal-timeembeddedsystems,andembeddedsystemseducation.HeisamemberoftheACMandaseniormemberoftheIEEE.Formoreinformationonthisoranyothercomputingtopic,pleasevisitourDigitalLibraryatwww.computer.org/publications/dlib.IEEETRANSACTIONSONDEPENDABLEANDSECURECOMPUTING,VOL.6,NO.1,JANUARY-MARCH2009 Authorized licensed use limited to: IEEE Xplore. Downloaded on March 24, 2009 at 14:50 from IEEE Xplore. Restrictions apply.