Evaluating Latency in Multiprocessing Embedded Systems for the Smart Grid

Smart grid endpoints need to use two environments within a processing system (PS), one with a Linux-type operating system (OS) using the Arm Cortex-A53 cores for management tasks, and the other with a standalone execution or a real-time OS using the Arm Cortex-R5 cores. The Xen hypervisor and the OpenAMP framework allow this, but they may introduce a delay in the system, and some messages in the smart grid need a latency lower than 3 ms. In this paper, the Linux thread latencies are characterized by the Cyclictest tool. It is shown that when Xen hypervisor is used, this scenario is not suitable for the smart grid as it does not meet the 3 ms timing constraint. Then, standalone execution as the real-time part is evaluated, measuring the delay to handle an interrupt created in programmable logic (PL). The standalone application was run in A53 and R5 cores, with Xen hypervisor and OpenAMP framework. These scenarios all met the 3 ms constraint. The main contribution of the present work is the detailed characterization of each real-time execution, in order to facilitate selecting the most suitable one for each application.This work has been supported by the Ministerio de Economía y Competitividad of Spain within the project TEC2017-84011-R and FEDER funds as well as by the Department of Education of the Basque Government within the fund for research groups of the Basque university system IT978-16. It has also been supported by the Basque Government within the project HAZITEK ZE-2020/00022 as well as the Ministerio de Ciencia e Innovación of Spain through the Centro para el Desarrollo Tecnológico Industrial (CDTI) within the project IDI-20201264; in both cases, they have been financed through the Fondo Europeo de Desarrollo Regional 2014-2020 (FEDER funds). It has also been supported by the University of the Basque Country within the scholarship for training of research staff with code PIF20/135

Improving the performance of a dismounted Future Force Warrior by means of C4I2SR

This thesis comprises seven peer-reviewed articles and examines systems and applications suitable for increasing Future Force Warrior performance, minimizing collateral damage, improving situational awareness and Common Operational Picture. Based on a literature study, missing functionalities of Future Force Warrior were identified and new ideas, concepts and solutions were created as part of early stages of Systems of Systems creation. These introduced ideas have not yet been implemented or tested in combat and for this reason benefit analyses are excluded. The main results of this thesis include the following: A new networking concept, Wireless Polling Sensor Network, which is a swarm of a few Unmanned Aerial Vehicles forming an ad-hoc network and polling a large number of fixed sensor nodes. The system is more robust in a military environment than traditional Wireless Sensor Networks. A Business Process approach to Service Oriented Architecture in a tactical setting is a concept for scheduling and sharing limited resources. New components to military Service Oriented Architecture have been introduced in the thesis. Other results of the thesis include an investigation of the use of Free Space Optics in tactical communications, a proposal for tracking neutral forces, a system for upgrading simple collaboration tools for command, control and collaboration purposes, a three-level hierarchy of Future Force Warrior, and methods for reducing incidents of fratricide

Adaptive Mid-term and Short-term Scheduling of Mixed-criticality Systems

A mixed-criticality real-time system is a real-time system having multiple tasks classified according to their criticality. Research on mixed-criticality systems started to provide an effective and cost efficient a priori verification process for safety critical systems. The higher the criticality of a task within a system and the more the system should guarantee the required level of service for it. However, such model poses new challenges with respect to scheduling and fault tolerance within real-time systems. Currently, mixed-criticality scheduling protocols severely degrade lower criticality tasks in case of resource shortage to provide the required level of service for the most critical ones. The actual research challenge in this field is to devise robust scheduling protocols to minimise the impact on less critical tasks. This dissertation introduces two approaches, one short-term and the other medium-term, to appropriately allocate computing resources to tasks within mixed-criticality systems both on uniprocessor and multiprocessor systems. The short-term strategy consists of a protocol named Lazy Bailout Protocol (LBP) to schedule mixed-criticality task sets on single core architectures. Scheduling decisions are made about tasks that are active in the ready queue and that have to be dispatched to the CPU. LBP minimises the service degradation for lower criticality tasks by providing to them a background execution during the system idle time. After, I refined LBP with variants that aim to further increase the service level provided for lower criticality tasks. However, this is achieved at an increased cost of either system offline analysis or complexity at runtime. The second approach, named Adaptive Tolerance-based Mixed-criticality Protocol (ATMP), decides at runtime which task has to be allocated to the active cores according to the available resources. ATMP permits to optimise the overall system utility by tuning the system workload in case of shortage of computing capacity at runtime. Unlike the majority of current mixed-criticality approaches, ATMP allows to smoothly degrade also higher criticality tasks to keep allocated lower criticality ones

Trustworthiness in Mobile Cyber Physical Systems

Computing and communication capabilities are increasingly embedded in diverse objects and structures in the physical environment. They will link the ‘cyberworld’ of computing and communications with the physical world. These applications are called cyber physical systems (CPS). Obviously, the increased involvement of real-world entities leads to a greater demand for trustworthy systems. Hence, we use "system trustworthiness" here, which can guarantee continuous service in the presence of internal errors or external attacks. Mobile CPS (MCPS) is a prominent subcategory of CPS in which the physical component has no permanent location. Mobile Internet devices already provide ubiquitous platforms for building novel MCPS applications. The objective of this Special Issue is to contribute to research in modern/future trustworthy MCPS, including design, modeling, simulation, dependability, and so on. It is imperative to address the issues which are critical to their mobility, report significant advances in the underlying science, and discuss the challenges of development and implementation in various applications of MCPS

A Multi-core processor for hard real-time systems

The increasing demand for new functionalities in current and future hard real-time embedded systems, like the ones deployed in automotive and avionics industries, is driving an increment in the performance required in current embedded processors. Multi-core processors represent a good design solution to cope with such higher performance requirements due to their better performance-per-watt ratio while maintaining the core design simple. Moreover, multi-cores also allow executing mixed-criticality level workloads composed of tasks with and without hard real-time requirements, maximizing the utilization of the hardware resources while guaranteeing low cost and low power consumption. Despite those benefits, current multi-core processors are less analyzable than single-core ones due to the interferences between different tasks when accessing hardware shared resources. As a result, estimating a meaningful Worst-Case Execution Time (WCET) estimation - i.e. to compute an upper bound of the application's execution time - becomes extremely difficult, if not even impossible, because the execution time of a task may change depending on the other threads running at the same time. This makes the WCET of a task dependent on the set of inter-task interferences introduced by the co-running tasks. Providing a WCET estimation independent from the other tasks (time composability property) is a key requirement in hard real-time systems. This thesis proposes a new multi-core processor design in which time composability is achieved, hence enabling the use of multi-cores in hard real-time systems. With our proposals the WCET estimation of a HRT is independent from the other co-running tasks. To that end, we design a multi-core processor in which the maximum delay a request from a Hard Real-time Task (HRT), accessing a hardware shared resource can suffer due to other tasks is bounded: our processor guarantees that a request to a shared resource cannot be delayed longer than a given Upper Bound Delay (UBD). In addition, the UBD allows identifying the impact that different processor configurations may have on the WCET by determining the sensitivity of a HRT to different resource allocations. This thesis proposes an off-line task allocation algorithm (called IA3: Interference-Aware Allocation Algorithm), that allocates tasks in a task set based on the HRT's sensitivity to different resource allocations. As a result the hardware shared resources used by HRTs are minimized, by allowing Non Hard Real-time Tasks (NHRTs) to use the rest of resources. Overall, our proposals provide analyzability for the HRTs allowing NHRTs to be executed into the same chip without any effect on the HRTs. The previous first two proposals of this thesis focused on supporting the execution of multi-programmed workloads with mixed-criticality levels (composed of HRTs and NHRTs). Higher performance could be achieved by implementing multi-threaded applications. As a first step towards supporting hard real-time parallel applications, this thesis proposes a new hardware/software approach to guarantee a predictable execution of software pipelined parallel programs. This thesis also investigates a solution to verify the timing correctness of HRTs without requiring any modification in the core design: we design a hardware unit which is interfaced with the processor and integrated into a functional-safety aware methodology. This unit monitors the execution time of a block of instructions and it detects if it exceeds the WCET. Concretely, we show how to handle timing faults on a real industrial automotive platform.La creciente demanda de nuevas funcionalidades en los sistemas empotrados de tiempo real actuales y futuros en industrias como la automovilística y la de aviación, está impulsando un incremento en el rendimiento necesario en los actuales procesadores empotrados. Los procesadores multi-núcleo son una solución eficiente para obtener un mayor rendimiento ya que aumentan el rendimiento por vatio, manteniendo el diseño del núcleo simple. Por otra parte, los procesadores multi-núcleo también permiten ejecutar cargas de trabajo con niveles de tiempo real mixtas (formadas por tareas de tiempo real duro y laxo así como tareas sin requerimientos de tiempo real), maximizando así la utilización de los recursos de procesador y garantizando el bajo consumo de energía. Sin embargo, a pesar los beneficios mencionados anteriormente, los actuales procesadores multi-núcleo son menos analizables que los de un solo núcleo debido a las interferencias surgidas cuando múltiples tareas acceden simultáneamente a los recursos compartidos del procesador. Como resultado, la estimación del peor tiempo de ejecución (conocido como WCET) - es decir, una cota superior del tiempo de ejecución de la aplicación - se convierte en extremadamente difícil, si no imposible, porque el tiempo de ejecución de una tarea puede cambiar dependiendo de las otras tareas que se estén ejecutando concurrentemente. Determinar una estimación del WCET independiente de las otras tareas es un requisito clave en los sistemas empotrados de tiempo real duro. Esta tesis propone un nuevo diseño de procesador multi-núcleo en el que el tiempo de ejecución de las tareas se puede componer, lo que permitirá el uso de procesadores multi-núcleo en los sistemas de tiempo real duro. Para ello, diseñamos un procesador multi-núcleo en el que la máxima demora que puede sufrir una petición de una tarea de tiempo real duro (HRT) para acceder a un recurso hardware compartido debido a otras tareas está acotado, tiene un límite superior (UBD). Además, UBD permite identificar el impacto que las diferentes posibles configuraciones del procesador pueden tener en el WCET, mediante la determinación de la sensibilidad en la variación del tiempo de ejecución de diferentes reservas de recursos del procesador. Esta tesis propone un algoritmo estático de reserva de recursos (llamado IA3), que asigna tareas a núcleos en función de dicha sensibilidad. Como resultado los recursos compartidos del procesador usados por tareas HRT se reducen al mínimo, permitiendo que las tareas sin requerimiento de tiempo real (NHRTs) puedas beneficiarse del resto de recursos. Por lo tanto, las propuestas presentadas en esta tesis permiten el análisis del WCET para tareas HRT, permitiendo así mismo la ejecución de tareas NHRTs en el mismo procesador multi-núcleo, sin que estas tengan ningún efecto sobre las tareas HRT. Las propuestas presentadas anteriormente se centran en el soporte a la ejecución de múltiples cargas de trabajo con diferentes niveles de tiempo real (HRT y NHRTs). Sin embargo, un mayor rendimiento puede lograrse mediante la transformación una tarea en múltiples sub-tareas paralelas. Esta tesis propone una nueva técnica, con soporte del procesador y del sistema operativo, que garantiza una ejecución analizable del modelo de ejecución paralela software pipelining. Esta tesis también investiga una solución para verificar la corrección del WCET de HRT sin necesidad de ninguna modificación en el diseño de la base: un nuevo componente externo al procesador se conecta a este sin necesidad de modificarlo. Esta nueva unidad monitorea el tiempo de ejecución de un bloque de instrucciones y detecta si se excede el WCET. Esta unidad permite detectar fallos de sincronización en sistemas de computación utilizados en automóviles

One solution for TTEthernet synchronization analysis using genetic algorithm

Bezbjednosno-kritični sistemi poput aviona ili automobila zahtijevaju visoko-pouzdanu razmjenu poruka između uređaja u sistemu, što se postiže primjenom determinističkih mreža. Pravilno uspostavljanje međusobne usklađenosti časovnika, kao i konstantno održavanje vremenske usklađenosti, svrstavaju se među najbitnije aspekte determinističkih mreža među kojima su i TTEthernet mreže. Ukoliko časovnici mrežnih uređaja nisu vremenski usklađeni, deterministička razmjena poruka u mreži nije izvodljiva. S obzirom da se informacije o najkritičnijim funkcijama sistema prenose preko determinističke klase poruka, očigledno je da ovakvi servisi neće biti dostupni sve dok se časovnici ne usklade. Teza se bavi procjenom najgoreg slučaja vremena koje je potrebno da protekne da bi se časovnici mrežnih uređaja međusobno uskladili, u slučaju da u mreži postoji jedan uređaj pod otkazom. Procjene su vršene pomoću OMNeT++ simulacija uz primjenu genetskog algoritma. Simulacije pokazuju da se vrijeme neophodno da se uspostavi usklađenost časovnika u TTEthernet mreži značajno povećava pod uticajem uređaja pod otkazom, a samim tim se produžava i vrijeme nedostupnosti najkritičnijih servisa mreže. Simulacije pokazuju da se za mrežu posmatranu u tezi, za izabrane parametre mreže dobija procijenjena vrijednost medijane jednaka 489579μs za najgori slučaj uspostavljanja vremenske usklađenosti u mreži.Safety-critical systems like airplanes and cars demand high-reliable communication between components within the system, which is achieved by using deterministic networks. Proper establishing and maintenance of synchronization of device clocks in the network components represents one of crucial aspects in deterministic networks where belong TTEthernet as well. If device clocks are not synchronized, deterministic communication is not feasible. Keeping in mind that most critical information has been exchanged between the network components using deterministic traffic class, it is obvious that such services will not be available until the clocks in the network are synchronized. The thesis deals with estimation of worst-case startup time for observed TTEthernet network, in case that one device in the network is under failure. The estimation is performed by OMNeT++ simulations and using genetic algorithm. The simulations show that startup time of the network is extended significantly under impact of faulty component. Also, unavailability of most critical services in the network is extended for the same time. For the network simulated in this thesis, estimated median value equals 489579 μs for worst-case startup time

An Information-Theoretic Framework for Consistency Maintenance in Distributed Interactive Applications

Distributed Interactive Applications (DIAs) enable geographically dispersed users to interact with each other in a virtual environment. A key factor to the success of a DIA is the maintenance of a consistent view of the shared virtual world for all the participants. However, maintaining consistent states in DIAs is difficult under real networks. State changes communicated by messages over such networks suffer latency leading to inconsistency across the application. Predictive Contract Mechanisms (PCMs) combat this problem through reducing the number of messages transmitted in return for perceptually tolerable inconsistency. This thesis examines the operation of PCMs using concepts and methods derived from information theory. This information theory perspective results in a novel information model of PCMs that quantifies and analyzes the efficiency of such methods in communicating the reduced state information, and a new adaptive multiple-model-based framework for improving consistency in DIAs. The first part of this thesis introduces information measurements of user behavior in DIAs and formalizes the information model for PCM operation. In presenting the information model, the statistical dependence in the entity state, which makes using extrapolation models to predict future user behavior possible, is evaluated. The efficiency of a PCM to exploit such predictability to reduce the amount of network resources required to maintain consistency is also investigated. It is demonstrated that from the information theory perspective, PCMs can be interpreted as a form of information reduction and compression. The second part of this thesis proposes an Information-Based Dynamic Extrapolation Model for dynamically selecting between extrapolation algorithms based on information evaluation and inferred network conditions. This model adapts PCM configurations to both user behavior and network conditions, and makes the most information-efficient use of the available network resources. In doing so, it improves PCM performance and consistency in DIAs

Kevoree (Model@Runtime pour le développement continu de systèmes adaptatifs distribués hétérogènes)

La complexité croissante des systèmes d'information modernes a motivé l'apparition de nouveaux paradigmes (objets, composants, services, etc), permettant de mieux appréhender et maîtriser la masse critique de leurs fonctionnalités. Ces systèmes sont construits de façon modulaire et adaptable afin de minimiser les temps d'arrêts dus aux évolutions ou à la maintenance de ceux-ci. Afin de garantir des propriétés non fonctionnelles (par ex. maintien du temps de réponse malgré un nombre croissant de requêtes), ces systèmes sont également amenés à être distribués sur différentes ressources de calcul (grilles). Outre l'apport en puissance de calcul, la distribution peut également intervenir pour distribuer une tâche sur des nœuds aux propriétés spécifiques. C'est le cas dans le cas des terminaux mobiles proches des utilisateurs ou encore des objets et capteurs connectés proches physiquement du contexte de mesure. L'adaptation d'un système et de ses ressources nécessite cependant une connaissance de son état courant afin d'adapter son architecture et sa topologie aux nouveaux besoins. Un nouvel état doit ensuite être propagé à l'ensemble des nœuds de calcul. Le maintien de la cohérence et le partage de cet état est rendu particulièrement difficile à cause des connexions sporadiques inhérentes à la distribution, pouvant amener des sous-systèmes à diverger. En réponse à ces défi scientifiques, cette thèse propose une abstraction de conception et de déploiement pour systèmes distribués dynamiquement adaptables, grâce au principe du Model@Runtime. Cette approche propose la construction d'une couche de réflexion distribuée qui permet la manipulation abstraite de systèmes répartis sur des nœuds hétérogènes. En outre, cette contribution introduit dans la modélisation des systèmes adaptables la notion de cohérence variable, permettant ainsi de capturer la divergence des nœuds de calcul dans leur propre conception. Cette couche de réflexion, désormais cohérente "à terme", permet d'envisager la construction de systèmes adaptatifs hétérogènes, regroupant des nœuds mobiles et embarqués dont la connectivité peut être intermittente. Cette contribution a été concrétisée par un projet nommé ''Kevoree'' dont la validation démontre l'applicabilité de l'approche proposée pour des cas d'usages aussi hétérogènes qu'un réseau de capteurs ou une flotte de terminaux mobiles.The growing complexity of modern IT systems has motivated the development of new paradigms (objects, components, services,...) to better cope with the critical size of their functionalities. Such systems are then built as a modular and dynamically adaptable compositions, allowing them to minimise their down-times while performing evolutions or fixes. In order to ensure non-functional properties (i.e. request latency) such systems are distributed across different computation nodes. Besides the added value in term of computational power (cloud), this distribution can also target nodes with dedicated properties such as mobile nodes and sensors (internet of things), physically close to users for interactions. Adapting a system requires knowledge about its current state in order to adapt its architecture to its evolving needs. A new state must be then disseminated to other nodes to synchronise them. Maintaining its consistency and sharing this state is a difficult task especially in case of sporadic connexions which lead to divergent state between sub-systems. To tackle these scientific problems, this thesis proposes an abstraction to design and deploy distributed adaptive systems following the Model@Runtime paradigm. From this abstraction, the proposed approach allows defining a distributed reflexive layer to manipulate heterogeneous distributed nodes. In particular, this contribution introduces variable consistencies in model definition and divergence in system conception. This reflexive layer, eventually consistent allows the construction of distributed adapted systems even on mobile nodes with intermittent connectivity. This work has been realized in an open source project named Kevoree, and validated on various distributed systems ranging from sensor networks to cloud computing.RENNES1-Bibl. électronique (352382106) / SudocSudocFranceF

The Virtual Bus: A Network Architecture Designed to Support Modular-Redundant Distributed Periodic Real-Time Control Systems

The Virtual Bus network architecture uses physical layer switching and a combination of space- and time-division multiplexing to link segments of a partial mesh network together on schedule to temporarily form contention-free multi-hop, multi-drop simplex signalling paths, or 'virtual buses'. Network resources are scheduled and routed by a dynamic distributed resource allocation mechanism with self-forming and self-healing characteristics. Multiple virtual buses can coexist simultaneously in a single network, as the resources allocated to each bus are orthogonal in either space or time. The Virtual Bus architecture achieves deterministic delivery times for time-sensitive traffic over multi-hop partial mesh networks by employing true line-speed switching; delays of around 15ns at each switching point are demonstrated experimentally, and further reductions in switching delays are shown to be achievable. Virtual buses are inherently multicast, with delivery skew across multiple destinations proportional to the difference in equivalent physical length to each destination. The Virtual Bus architecture is not a purely theoretical concept; a small research platform has been constructed for development, testing and demonstration purposes