handling mixed-criticality in soc-based real-time embedded systems
DESCRIPTION
Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems. Rodolfo Pellizzoni , Patrick Meredith , Min - Young Nam, Mu Sun, Marco Caccamo , Lui Sha Presented by Rafael Olaechea. Platform Based Design for Safety Critical Systems. Platform-Based Design of Embedded Systems - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/1.jpg)
1
Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems
Rodolfo Pellizzoni, Patrick Meredith, Min-Young Nam, Mu Sun, Marco Caccamo, Lui Sha
Presented by Rafael Olaechea
![Page 2: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/2.jpg)
2
Platform Based Design for Safety Critical Systems
• Platform-Based Design of Embedded Systems– Reuse of a set of libraries and components– Automatic Generation of implementation– Help perform model checking on generated
systems
![Page 3: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/3.jpg)
3
Platform Based Design for Safety Critical Systems
• Platform-Based Design of Embedded Systems– Reuse of a set of libraries and components– Automatic Generation of implementation– Help perform model checking on generated
systems• But Safety Critical Systems have special needs– Isolation of safety critical from non-safety critical
processes– Ensures isolation at runtime
![Page 4: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/4.jpg)
4
Architecture Description Language
• Specifies logical functionality and requirements– Processes • Computation (Period, Deadline, Execution)• Communication Requests (number of frames, and
deadline)
![Page 5: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/5.jpg)
5
Architecture Description Language
• Specifies logical functionality and requirements– Processes
• Computation (Period, Deadline, Execution)• Communication Requests (number of frames, and
deadline)
• Specifies Hardware Platform– Processor– Memory– Bus
![Page 6: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/6.jpg)
6
Enforcing Safety of low criticality tasks
• Based on AADL specified requirements– Functional Certificate• Runtime Monitoring of Events
– Example with Programmer and Pacer interface
– Timing Certificate• Ensuring Communication and computation bounds
![Page 7: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/7.jpg)
7
Pacemaker Platform
![Page 8: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/8.jpg)
8
Pacemaker Platform
Timing Constraints will be enforced by process scheduler
![Page 9: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/9.jpg)
9
Wrappers Enforcing Communication Safety
• Bus Safety– A timeslot is assigned to each process– Hardware wrapper prevents data being sent if
frame is not for the process
![Page 10: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/10.jpg)
10
Wrappers Enforcing Communication Safety
![Page 11: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/11.jpg)
11
Wrappers Enforcing Communication Safety
![Page 12: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/12.jpg)
12
Wrappers Enforcing Communication Safety
![Page 13: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/13.jpg)
13
Runtime Monitoring of tasks
Task (HW or CPU) Event Specification
Corrective Action or Disabling of Action
![Page 14: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/14.jpg)
14
Runtime Monitoring of tasks
Task (HW or CPU) Event Specification
Corrective Action or Disabling of Action
Specification Logic:
![Page 15: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/15.jpg)
15
Runtime Monitoring of tasks
Task (HW or CPU) Event Specification
Corrective Action or Disabling of Action
Specification Logic:Extended Regular ExpressionsPast Time Linear Temporal Logic
![Page 16: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/16.jpg)
16
Runtime Monitoring of tasks
Task (HW or CPU) Event Specification
Corrective Action or Disabling of Action
Specification Logic:Extended Regular ExpressionsPast Time Linear Temporal LogicSymbolic names for queues and read/writes
![Page 17: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/17.jpg)
17
Programmer Process updating heartbeat rate
Programmer process will update parameters based on RF module input
![Page 18: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/18.jpg)
18
Programmer Process updating heartbeat rate
Programmer process will update parameters based on RF module inputBut Pacer and Rate Adapter are more critical
![Page 19: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/19.jpg)
19
Programmer Process updating heartbeat rate parameters
Programmer process will update parameters based on RF module inputBut Pacer and Rate Adapter are more critical
![Page 20: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/20.jpg)
20
Programmer Process updating heartbeat rate parameters
Programmer Rate Adapter PacerParameter + Check
![Page 21: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/21.jpg)
21
Programmer Process updating heartbeat rate parameters
Programmer Rate Adapter PacerParameter + Check
Success
![Page 22: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/22.jpg)
22
Programmer Process updating heartbeat rate parameters
Programmer Rate Adapter PacerParameter + Check
Success
Parameter + Check
Success
![Page 23: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/23.jpg)
23
Programmer Process updating heartbeat rate parameters
Programmer Rate Adapter PacerParameter + Check
Success
Parameter + Check
Success
Commit
![Page 24: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/24.jpg)
24
Programmer Process updating heartbeat rate parameters
Programmer Rate Adapter PacerParameter + Check
Success
Parameter + Check
Success
CommitCommit
But Programmer could fail after one commit causing discomfort to patient
![Page 25: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/25.jpg)
25
Solution: Extract the commits logic into the certified monitors
• Events are specified in terms of values read/writes to/from symbolic queues
![Page 26: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/26.jpg)
26
Solution: Extract the commits logic into the certified monitors
• Monitor sends the commit commands once success are received
![Page 27: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/27.jpg)
27
Solution: Extract the commits logic into the certified monitors
• Prevent Programmer from sending commits or checks before receiving an answer
![Page 28: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/28.jpg)
28
Programmer Process updating heartbeat rate parameters
Programmer Rate Adapter PacerParameter + Check
Success
Parameter + Check
Success
Monitor
Commit
Commit
![Page 29: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/29.jpg)
29
Platform controlling Battery life
![Page 30: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/30.jpg)
30
Schedule Generation and Timing Isolation
• Communication Requests– Periodic task to be assigned to the communication
bus• Computation Requests– Periodic task to its processor
• Earliest Deadline Schedule Generated– Statically for hyper-period
![Page 31: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/31.jpg)
31
Schedule Generation and Timing Isolation
Rate Data and SignalBuffer write are part of the communication infrastructure processor
![Page 32: Handling Mixed-Criticality in SoC-based Real-Time Embedded Systems](https://reader036.vdocument.in/reader036/viewer/2022062315/568160ae550346895dcfce80/html5/thumbnails/32.jpg)
32
Conclusions
• Helps combining low and high criticality tasks– Low Priority task safe behavior enforced• Timing• Logically
• Model tasks requirements on AADL– Computation– Communication– Generate Safe Schedules