Showing papers in "ACM Sigbed Review in 2016"
TL;DR: A search-space reduction technique and a Greedy Randomized Adaptive Search Procedure-based heuristic are proposed for this routing optimization problem of the AVB streams such that all frames are schedulable and their worst-case end-to-end delay is minimized.
Abstract: In this paper we are interested in safety-critical real-time applications implemented on distributed architectures using the Time-Sensitive Networking (TSN) standard. The ongoing standardization of TSN is an IEEE effort to bring deterministic real-time capabilities into the IEEE 802.1 Ethernet standard supporting safety-critical systems and guaranteed Quality-of-Service. TSN will support Time-Triggered (TT) communication based on schedule tables, Audio-Video-Bridging (AVB) streams with bounded end-to-end latency as well as Best-Effort messages. We consider that we know the topology of the network as well as the routes and schedules of the TT streams. We are interested to determine the routing of the AVB streams such that all frames are schedulable and their worst-case end-to-end delay is minimized. We have proposed a search-space reduction technique and a Greedy Randomized Adaptive Search Procedure (GRASP)-based heuristic for this routing optimization problem. The proposed approaches has been evaluated using several test cases.
70 citations
TL;DR: ATabu Search-based metaheuristic is proposed to solve the optimization problem of mixed-criticality applications, which have functions with different timing requirements, i.e., hard real-time (HRT), soft real- time (SRT) and functions that are not time-critical (NC).
Abstract: In this paper we are interested in mixed-criticality applications, which have functions with different timing requirements, i.e., hard real-time (HRT), soft real-time (SRT) and functions that are not time-critical (NC). The applications are implemented on distributed architectures that use the TTEthernet protocol for communication. TTEthernet supports three traffic classes: Time-Triggered (TT), where frames are transmitted based on static schedule tables; Rate Constrained (RC), for dynamic frames with a guaranteed bandwidth and bounded delays; and Best Effort (BE), for which no timing guarantees are provided. HRT messages have deadlines, whereas for SRT messages we capture the quality-of-service using "utility functions". Given the network topology, the set of application messages and their routing, we are interested to determine the traffic class of each message, such that all HRT messages are schedulable and the total utility for SRT messages is maximized. For the TT frames we decide their schedule tables, and for the RC frames we decide their bandwidth allocation. We propose aTabu Search-based metaheuristic to solve this optimization problem. The proposed approach has been evaluated using several benchmarks, including two realistic test cases.
17 citations
TL;DR: An open source model and simulator is presented for the evaluation of the real-time performance of automotive networks implementing security measures and application perspectives on how the open source simulator can be used in different domains for the analysis of automotive network architectures are presented.
Abstract: With the increasing interconnection of vehicles, security challenges have moved into focus. Attacks on in-vehicle networks can cause accidents resulting in financial damages and even loss of life. The impact of an attack can be mitigated by secure internal vehicle networks, employing authentication of ECUs and authorization of messages. However, quantifying the real-time performance of additional security measures is difficult due to the high number of nodes and messages. In this paper, we present an open source model and simulator for the evaluation of the real-time performance of automotive networks implementing security measures. Applying parameters from hardware measurements, we evaluate our model and simulator with realistic test cases and a case study. We further present application perspectives on how the open source simulator can be used in different domains for the analysis of automotive network architectures.
15 citations
TL;DR: This work extends a multicore operating system running on a time-predictable multicore processor to support the logical execution time (LET) model, which increases the compositionality of real-time task sets and reduces the costs in terms of memory and execution time.
Abstract: The logical execution time (LET) model increases the compositionality of real-time task sets. Removal or addition of tasks does not influence the communication behavior of other tasks. In this work, we extend a multicore operating system running on a time-predictable multicore processor to support the LET model. For communication between tasks we use message passing on a time-predictable network-on-chip to avoid the bottleneck of shared memory. We report our experiences and present results on the costs in terms of memory and execution time.
14 citations
TL;DR: The Stacked Scheduling Approach (SSA) is presented for time-triggered networks to enable mode changes and implicit adaptation in such networks by enabling reuse of network bandwidth reservations.
Abstract: Time-triggered networks are widely used for safety-critical applications. Being offline scheduled, flexibility and adaptivity typically come at the price of very low resource utilization, if possible at all. In this paper, we present the Stacked Scheduling Approach (SSA) for time-triggered networks to enable mode changes and implicit adaptation in such networks by enabling reuse of network bandwidth reservations. We describe SSA in detail and conduct a case study to show that SSA can be implemented in COTS time-triggered network hardware and validate the approach by implementing an example in a COTS TTEthernet network.
10 citations
TL;DR: The synchronous programming models are described, which implements a weaker version of time-determinism, still providing a form of timing-predictability sufficient in many applications while remaining closer to mainstay software development practices.
Abstract: Our work is a contribution towards addressing what Thomas Henziger called the grand challenge in embedded software design [5]: "offering high-level programming models that exposes the execution properties of a system in a way that permits the programmer to express desired reaction and execution requirements, permits the compiler and run-time systems to ensure that these requirements are satisfied". In the programming model we describe here, the developer states the permissible timing behavior of the system, a system synthesis step involving both analysis and optimization generates a scheduling solution which at run-time is enforced by the execution environment. With respect to the synchronous programming models, our approach implements a weaker version of time-determinism, still providing a form of timing-predictability sufficient in many applications while remaining closer to mainstay software development practices. This approach is currently being implemented and experimented in the CPAL language development tools and associated runtime environment.
9 citations
TL;DR: This paper collects SoS properties and characteristics from the literature in order to understand common integration problems in IoT better, and shows that in particular for safety critical systems there must be means to compute and predict integrated behavior based on specifications at interfaces.
Abstract: The Internet of Things (IoT) refers to extending the reach of the Internet into the physical world. The realization of IoT applications involves the integrated operation of many subsystems that retain their private function. This makes IoT application deployment and integration a Systems of Systems (SoS) problem. In this paper we collect SoS properties and characteristics from the literature in order to understand common integration problems in IoT better, for which we use two running examples. We show that in particular for safety critical systems there must be means to compute and predict integrated behavior based on specifications at interfaces. We give a general coordination architecture that supports this.
9 citations
TL;DR: This paper's aim is to study how FTT (Flexible Time Triggered) principles could be applied to OpenFlow, allowing its usage in a hard real-time context and which benefits OpenFlow can bring to the FTT paradigm.
Abstract: Software-defined networking proposes a new paradigm to operate computer networks. Where routers and switches execute predetermined distributed protocols, OpenFlow offers to replace them with devices where the logic that determines the flows of packets is freely programmable and centralized. Applied to the field of real-time networks, this freedom would allow design networks to overcome existing standards and to make experimentation easier. However, neither OpenFlow nor Ethernet were designed having real-time constraints in mind. FTT-Ethernet is a master-slave protocol allowing the meeting of real-time constraints using commodity Ethernet hardware. This paper's aim is to study: (i) how FTT (Flexible Time Triggered) principles could be applied to OpenFlow, allowing its usage in a hard real-time context; (ii) which benefits OpenFlow can bring to the FTT paradigm.
9 citations
TL;DR: This paper proposes a methodology for model-based design of CPSs where, logic programming extended with coinduction, constraints over reals, and coroutining is used for modeling CPSs.
Abstract: Model-based design and development has been applied successfully to design and development of complex systems, including safety critical systems. It is also a promising approach for designing cyber-physical systems (CPSs). In this paper we propose a methodology for model-based design of CPSs where, logic programming extended with coinduction, constraints over reals, and coroutining is used for modeling CPSs. This logic programming realization can be used for verifying interesting properties as well as generating implementations of CPSs. We use the reactor temperature control system as a running example to illustrate the various steps of our methodology. We present a model of the system using our framework and verify the safety property of the system. We also show how parametric analysis can be performed in our framework.
7 citations
TL;DR: The work in this article examines the necessary changes to a modern Standard ML compiler, MLton, to provide basic support for real-time execution, including a threading model that supports priorities, a chunked object model to support realtime garbage collection, and low level modification to execute on top of a realtime operating system.
Abstract: There has been much recent interest in adopting functional and reactive programming for use in real-time system design. Moving toward a more declarative methodology for developing real-time systems purports to improve the fidelity of software. To study the benefits of functional and reactive programming for real-time systems, real-time aware functional compilers and language runtimes are required. In this paper we examine the necessary changes to a modern Standard ML compiler, MLton, to provide basic support for real-time execution. We detail our current progress in modifying MLton with a threading model that supports priorities, a chunked object model to support real-time garbage collection, and low level modification to execute on top of a real-time operating system. We present preliminary numbers and our work in progress prototype, which is able to boot ML programs compiled with MLton on x86 machines.
6 citations
TL;DR: This paper proposes a novel segmentation algorithm targeting RRA-based NoCs in order to improve the schedulability of real-time traffic without modifying the hardware architecture and according to the evaluation results, the proposed segmentation solution can significantly improve the scheduling of the whole network.
Abstract: Network-on-Chip (NoC) is the interconnect of choice for many-core processors and system-on-chips in general. Most of the existing NoC designs focus on the performance with respect to average throughput, which makes them less applicable for real-time applications especially when applications have hard timing requirements on the worst-case scenarios. In this paper, we focus on a Round-Robin Arbitration (RRA) based wormhole-switched NoC which is a common architecture used in most of the existing implementations. We propose a novel segmentation algorithm targeting RRA-based NoCs in order to improve the schedulability of real-time traffic without modifying the hardware architecture. According to the evaluation results, the proposed segmentation solution can significantly improve the schedulability of the whole network.
TL;DR: This work provides two new supply bound functions which provides tighter bounds on the resource requirements of individual components in a model-based schedulability framework for hierarchical scheduling systems realized as Uppaal models.
Abstract: Compositional reasoning on hierarchical scheduling systems is a well-founded formal method that can construct schedulable and optimal system configurations in a compositional way. However, a compositional framework formulates the resource requirement of a component, called an interface, by assuming that a resource is always supplied by the parent components in the most pessimistic way. For this reason, the component interface demands more resources than the amount of resources that are really sufficient to satisfy sub-components. We provide two new supply bound functions which provides tighter bounds on the resource requirements of individual components. The tighter bounds are calculated by using more information about the scheduling system.We evaluate our new tighter bounds by using a model-based schedulability framework for hierarchical scheduling systems realized as Uppaal models. The timed models are checked using model checking tools Uppaal and Uppaal SMC, and we compare our results with the state of the art tool CARTS.
TL;DR: The potential of non-intrusive runtime verification (RV) mechanisms, currently being included in AIR, to improve system safety and to decrease the computational cost of timeliness adaptability and of the corresponding overhead on the system are explored.
Abstract: Unmanned autonomous systems (UAS) avionics call for advanced computing system architectures fulfilling strict size, weight and power consumption (SWaP) requisites, decreasing the vehicle cost and ensuring the safety and timeliness of the system. The AIR (ARINC 653 in Space Real-Time Operating System) architecture defines a partitioned environment for the development and execution of aerospace applications, following the notion of time and space partitioning (TSP), preserving application timing and safety requisites.The plan for a UAS mission may vary with the passage of time, according to its mode/phase of operation, and the vehicle may be exposed to unpredictable (environmental) events and failures, calling for the advanced adaptability and reconfigurability features included in the AIR architecture. This paper explores the potential of non-intrusive runtime verification (RV) mechanisms, currently being included in AIR, to improve system safety and to decrease the computational cost of timeliness adaptability and of the corresponding overhead on the system.
TL;DR: To extend the automotive DSMS in a distributed environment and facilitate the testing of the real-time constraints of stream processing on the various placements of entities, a framework to automatically generate execution files on multiple processors is designed.
Abstract: Modern automotive systems incorporate a range of data from on-board sensors and outside the vehicle. This results in complex data processing and rising software development costs. To address these issues, we investigated the adaptation of a general-purpose data stream management system (DSMS) use in automotive applications. Existing DSMSs cannot be applied directly in automotive systems, since they are not designed for stream processing in a distributed environment with an architecture of mixed single- and multi-core processors. This makes it difficult to optimize the placement of communicating entities on multiple processors when the parallel processing of massive amounts of streamed data is required. In this study, we investigated distributed and parallel stream processing on mixed single- and multi-core processors for an automotive DSMS. To extend the automotive DSMS in a distributed environment and facilitate the testing of the real-time constraints of stream processing on the various placements of entities, we designed a framework to automatically generate execution files on multiple processors. Our experimental results validated an architecture of mixed single- and multi-core processors and demonstrated the effectiveness of the framework.
TL;DR: Performance and profiling results from high-speed storage devices attached to a Linux-based embedded system are presented, showing that the kernel's standard file I/O operations are inadequate for such a set-up, and that `direct I/W' may be preferable for certain situations.
Abstract: With recent advances in non-volatile memory technologies and embedded hardware, large, high-speed persistent-storage devices can now realistically be used in embedded systems. Traditional models of storage systems, including the implementation in the Linux kernel, assume the performance of storage devices to be far slower than CPU and system memory speeds, encouraging extensive caching and buffering over direct access to storage hardware. In an embedded system, however, processing and memory resources are limited while storage hardware can still operate at full speed, causing this balance to shift, and leading to the observation of performance bottlenecks caused by the operating system rather than the speed of storage devices themselves.In this paper, we present performance and profiling results from high-speed storage devices attached to a Linux-based embedded system, showing that the kernel's standard file I/O operations are inadequate for such a set-up, and that `direct I/O' may be preferable for certain situations. Examination of the results identifies areas where potential improvements may be made in order to reduce CPU load and increase maximum storage throughput.
TL;DR: This paper utilizes hierarchical scheduling to provide a resource based allocation scheme while using a fuzzy logic based feedback scheduler to react to environmental changes within the application.
Abstract: In this paper, we present a new scheduling approach for real-time tasks in an embedded system. Our method utilizes hierarchical scheduling to provide a resource based allocation scheme while using a fuzzy logic based feedback scheduler to react to environmental changes within the application. The primary goal is to provide a scheduling mechanism that can adapt to overload conditions but still present a level of service while enforcing the temporal isolation between independent applications. The scheduler then considers this level of service to make scheduling decisions based upon a task's service requirements, such as criticality or timeliness. Implemented in VxWorks on a uniprocessor-based platform results show that our adaptive approach provides significant advantages, during overload conditions, over traditional fixed-priority scheduling schemes.
TL;DR: A virtual multiprocessor platform where each component can be dynamically allocated to any set of processors of the platform with a maximum concurrency level is considered, and intra-component resource sharing for this platform is enabled using a spin-based resource sharing protocol.
Abstract: Component-based software development facilitates the development process of large and complex software systems. By the advent of multiprocessors, the independently developed components can be integrated on a multi-core platform to achieve an efficient use of system hardware and a decrease in system power consumption and costs. In this paper, we consider a virtual multiprocessor platform where each component can be dynamically allocated to any set of processors of the platform with a maximum concurrency level. Global-EDF is used for intra-component scheduling. The existing analysis for such systems have assumed that tasks are independent. In this paper, we enable intra-component resource sharing for this platform. We investigate using a spin-based resource sharing protocol with the accompanying analysis that extends the existing analysis for independent tasks. We briefly illustrate and evaluate our initial results with an example.
TL;DR: This article presents a tool to investigate and evaluate scheduling analysis of RTES with cache memory and various scheduling parameters, and consists in modeling guidelines and implementation of a cache-aware scheduling simulator.
Abstract: Evaluating cache related preemption delay (CRPD) in preemptive scheduling context of Real-Time Embedded System (RTES) stays an open issue despite of its practical importance. Indeed, various parameters should be taken into account such as memory layout, cache utilization, processor utilization, priority assignment and scheduling algorithm. In state-of-the-art work, dependencies amongst those parameters are not investigated with precision because of the lack of scheduling analysis tool taking them into account. In this article, we present a tool to investigate and evaluate scheduling analysis of RTES with cache memory and various scheduling parameters. The work consists in modeling guidelines and implementation of a cache-aware scheduling simulator. Implementation is made in Cheddar, an open-source scheduling analyzer, which is freely available to researchers and practitioners. Experiments are conducted in order to illustrate applicability and performance of our tool. Furthermore, we discuss about implementation issues, problems raised and lessons learned from those experiments.
TL;DR: This paper introduces a parameter the remainder factor m, formally derive an exact WCRT for a 2-task set on STM systems using lazy conflict detection (LCD), and proposes an exact schedulability test for a 1- task set and a new necessary condition and new sufficient condition to schedule an n- Task set.
Abstract: Software transactional memory (STM) is a transactional mechanism of controlling access to shared resources in memory. This transactional mechanism is similar to the abort-and-restart execution model in a functional reactive system (FRS). Due to its abort-and-restart nature, the execution semantics of STM are different from the classic preemptive or nonpreemptive model. Some research has strong constraints for its worst case response time (WCRT) analysis. In this paper, we research on worst case response time and schedulability analysis for real-time software transactional memory-lazy conflict detection (STM-LCD). Specifically, we introduce a parameter the remainder factor m, formally derive an exact WCRT for a 2-task set on STM systems using lazy conflict detection (LCD), propose an exact schedulability test for a 2-task set. Also, we present a near-exact WCRT for an n-task set on STM-LCD, and propose a new necessary condition and a new sufficient condition to schedule an n-task set. Finally, we show that experimental results are accordant with the aforementioned analysis.
TL;DR: The device driver of the standardized virtual network device, called virtio, is designed and implemented over RTEMS real-time operating system and can be portable across different Virtual Machine Monitors (VMMs) because the implementation is compliant with the standard.
Abstract: The virtualization technology is attractive for modern embedded systems in that it can ideally implement resource partitioning but also can provide transparent software development environments. Although hardware emulation overheads for virtualization have been reduced significantly, the network I/O performance in virtual machine is still not satisfactory. It is very critical to minimize the virtualization overheads especially in real-time embedded systems, because the overheads can change the timing behavior of real-time applications. To resolve this issue, we aim to design and implement the device driver of the standardized virtual network device, called virtio, over RTEMS real-time operating system. Our virtio device driver can be portable across different Virtual Machine Monitors (VMMs) because our implementation is compliant with the standard. The measurement results clearly show that our virtio can achieve comparable performance to the virtio implemented in Linux while reducing memory consumption for network buffers.
TL;DR: An algorithm, called A, is able to schedule all considered non-preemptive independent tasks on a multi-processor platform, while EDF and LLF fail to sometimes provide a feasible schedule, while A gives the schedule with a 60% execution time overhead.
Abstract: The abort-and-restart scheme from the Priority-based Functional Reactive Programming (PFRP) paradigm eliminates the priority inversion problem. This paper is similar by solving the priority inversion problem using the task order restrictions sets of relations. One of the core problems in real-time systems is finding a feasible schedule for a task set on a multiprocessor platform. While preemptive scheduling has benefited from a large number of significant results, the non-preemptive case has still room for improvement.Despite the fact that the well-known EDF and LLF scheduling techniques are optimal for preemptive uniprocessor platform there is no known optimal scheduling algorithm for non-preemptive task sets on a multi-processor platform. Our paper continues our previous works [1] and [2] by describing the experimental results together with their findings about our alternate scheduling method to the EDF and LLF techniques. Our algorithm, called A, is able to schedule all considered non-preemptive independent tasks on a multi-processor platform, while EDF and LLF fail to sometimes provide a feasible schedule. The experiments indicate no execution time overhead for the cases where all the scheduling algorithms were able to provide the schedule. However, when EDF and LLF fail to provide a schedule, A gives the schedule with a 60% execution time overhead.
TL;DR: The GCMA uses a reservation scheme and increases memory utilization by sharing the memory with immediately discardable data and is able to produce a 2.27x speedup over the existing Linux Contiguous Memory Allocator.
Abstract: While demand for physically contiguous memory allocation is still alive, especially in embedded system, existing solutions are insufficient. The most adapted solution is reservation technique. Though it serves allocation well, it could severely degrade memory utilization. There are hardware solutions like Scatter/Gather DMA and IOMMU. However, cost of these additional hardware is too excessive for low-end devices. CMA is a software solution of Linux that aims to solve not only allocation but also memory utilization problem. However, in real environment, CMA could incur unpredictably slow latency and could often fail to allocate contiguous memory due to its complex design.We introduce a new solution for the above problem, GCMA (Guaranteed Contiguous Memory Allocator). It guarantees not only memory space efficiency but also fast latency and success by using reservation technique and letting only immediately discardable to use the area efficiently. Our evaluation on Raspberry Pi 2 shows 15 to 130 times faster and more predictable allocation latency without system performance degradation compared to CMA.
TL;DR: Several variants of application independent time-division multiplexing to MPI primitives are applied and investigated and it is shown that none of the observed variants feature the lowest worst-case traversal time in all situations.
Abstract: This paper applies several variants of application independent time-division multiplexing to MPI primitives and investigates their applicability for different scopes of communication. Thereby, the scopes are characterized by the size of the network-on-chip, the number of participating nodes and the message size sent to each receiver or received from each sender, respectively. The evaluation shows that none of the observed variants feature the lowest worst-case traversal time in all situations. Instead there are multiple schedule variants which each perform best in a different scope of communication parameters.
TL;DR: In this paper, the authors propose task-level criticality-mode and reconsider temporal isolation in terms of compositional mixed-criticality scheduling for cyber-physical systems, and propose novel concepts for task level criticality modes.
Abstract: Although many cyber-physical systems are both mixed-criticality system and compositional system, there are little work on intersection of mixed-criticality system and compositional system. We propose novel concepts for task-level criticality-mode and reconsider temporal isolation in terms of compositional mixed-criticality scheduling.
TL;DR: This work proposes a dedicated approach for a tighter dimensioning of the AFDX (Avionics Full DupleX Switched Ethernet) and shows that this can lead to an overestimation of the buffer size.
Abstract: The AFDX (Avionics Full DupleX Switched Ethernet) is the backbone network of most recent avionic communication systems. These systems require deterministic buffer dimensioning for certification reasons. As in such systems, static design is often preferred over dynamic allocation, a dimensioning in terms of frames rather than in terms of bits can be required.A common approach consists in deriving the worst-case buffer size in terms of frames from the worst-case in bits. However, we show that this can lead to an overestimation of the buffer size. Thus, we propose a dedicated approach for a tighter dimensioning. Eventually, the two approaches are compared on a sample AFDX configuration.
TL;DR: This paper proposes a solution to detect abnormal flow profiles in a Network-on-Chip, that can result from a security attack and provides a mixed criticality approach to mitigate the impact of an attack.
Abstract: In this paper, we explore a new approach for the security of flow transmission in a Network-on-Chip. This approach is based on a dual mixed criticality approach where the criticality of a flow (HI or LO) is associated to timeliness and security constraints on flow transmission. Flow of HI criticality should be protected from Denial of Service (DoS) and side channel attacks while LO flows are assumed to be non secured. We propose a solution to detect abnormal flow profiles in a Network-on-Chip, that can result from a security attack and we provide a mixed criticality approach to mitigate the impact of an attack. This is done by switching the nodes of a Network-on-Chip subject to a security attack from LO to HI criticality and taking protection measures in HI mode to contain the security attack. Our solution relies on a mechanism, configured and managed by a hypervisor applied in all IPs connected to the Network-on-Chip.
TL;DR: In this paper, the authors propose a platform independent timer abstraction that relies on existing RTFM-kernel primitives, such as queuing and match compare/free running timers.
Abstract: Real-Time For the Masses (RTFM) is a set of languages and tools being developed to facilitate embedded software development and provide highly efficient implementations geared to static verification. The RTFM-kernel is an architecture designed to provide highly efficient and predicable Stack Resource Policy based scheduling, targeting bare metal (single-core) platforms.We contribute by introducing a platform independent timer abstraction that relies on existing RTFM-kernel primitives. We develop two alternative implementations for the ARM Cortex-M family of MCUs: a generic implementation, using the ARM defined SysTick/DWT hardware; and a target specific implementation, using the match compare/free running timers. While sacrificing generality, the latter is more flexible and may reduce overall overhead. Invariants for correctness are presented, and methods to static and run-time verification are discussed. Overhead is bound and characterized. In both cases the critical section from release time to dispatch is less than 2us on a 100MHz MCU. Queue and timer mechanisms are directly implemented in the RTFM-core language (-core in the following) and can be included in system-wide scheduling analysis.
TL;DR: This paper tackles the problem of dynamic resource management from the application point of view and presents a user space library to control application performance and seamlessly integrates with OpenMP.
Abstract: Over the last years embedded system industry faced a revolution thanks to the introduction of multicores and heterogeneous devices. The availability of these new platforms opens new paths for these devices that can be nowadays used for more high demand tasks, exploiting the parallelism made available by the muticore processors. Nonetheless the progresses of the HW technology are not backed up by improvements of the SW side, and runtime mechanisms to manage resource allocation and contention on resources are still lacking the proper effectiveness. This paper tackles the problem of dynamic resource management from the application point of view and presents a user space library to control application performance. The control knob exploited by the library is the possibility of scaling the number of threads used by an application and seamlessly integrates with OpenMP. A case study illustrates the benefits that this library has in a classic embedded system scenario, introducing an overhead of less than 0.5%.
TL;DR: The complexity of composing the two aspects of this integration problem on different possible target architectures for integrated modular Avionics is pointed out.
Abstract: Integrated modular Avionics (IMA or ARINC 651), as it is currently implemented in large aircrafts, uses a limited number of complex processors interconnected through a communication network (AFDX or ARINC 664). The allocation of avionics applications is done according a communicating partitions model (APEX or ARINC 653) needed for guaranteeing robust partitioning when sharing processors (TDMA like schedule) and communication network (APEX channel). On smaller aircrafts (such as helicopters) the objective (due to room and weight constraints) is to use les complex processors and consequently to increase their number. Implementing such a distributed IMA architecture leads to a global (more complex) integration problem, which is twofold. Allocation and scheduling of partitions on each shared processor as well as end-to-end communication delays among distributed partitions must be compatible in order to guarantee timing requirements of distributed avionics applications. This paper points out the complexity of composing the two aspects of this integration problem on different possible target architectures.
TL;DR: This paper derives system-level constraints for combined task-, virtualization-and network-level static scheduling enabling the end-to-end composition of schedules for systems featuring table-driven (guest) operating systems.
Abstract: In this paper we present a compositional model for distributed virtualized systems communicating over on-chip/off-chip deterministic networks implementing an end-to-end or partial time-triggered paradigm. We derive system-level constraints for combined task-, virtualization-and network-level static scheduling enabling the end-to-end composition of schedules for systems featuring table-driven (guest) operating systems. In the absence of a time-triggered run-time system, we analyze the composition problem with the aid of hierarchical scheduling methods for abstract resources. Moreover, we identify and discuss possible tradeoffs and optimization opportunities that arise when scheduling across multiple (virtualized) software layers in tandem with the deterministic network.