Restart-Based Fault-Tolerance: System Design and Schedulability Analysis

Embedded systems in safety-critical environments are continuously required to deliver more performance and functionality, while expected to provide verified safety guarantees. Nonetheless, platform-wide software verification (required for safety) is often expensive. Therefore, design methods that enable utilization of components such as real-time operating systems (RTOS), without requiring their correctness to guarantee safety, is necessary. In this paper, we propose a design approach to deploy safe-by-design embedded systems. To attain this goal, we rely on a small core of verified software to handle faults in applications and RTOS and recover from them while ensuring that timing constraints of safety-critical tasks are always satisfied. Faults are detected by monitoring the application timing and fault-recovery is achieved via full platform restart and software reload, enabled by the short restart time of embedded systems. Schedulability analysis is used to ensure that the timing constraints of critical plant control tasks are always satisfied in spite of faults and consequent restarts. We derive schedulability results for four restart-tolerant task models. We use a simulator to evaluate and compare the performance of the considered scheduling models

Design and Implementation of Smart Sensors with Capabilities of Process Fault Detection and Variable Prediction

A typical sensor consists of a sensing element and a transmitter. The major functions of a transmitter are limited to data acquisition and communication. The recently developed transmitters with ‘smart’ functions have been focused on easy setup/maintenance of the transmitter itself such as self-calibration and self-configuration. Recognizing the growing computational capabilities of microcontroller units (MCUs) used in these transmitters and underutilized computational resources, this thesis investigates the feasibility of adding additional functionalities to a transmitter to make it ‘smart’ without modifying its foot-print, nor adding supplementary hardware. Hence, a smart sensor is defined as sensing elements combined with a smart transmitter. The added functionalities enhance a smart sensor with respect to performing process fault detection and variable prediction. This thesis starts with literature review to identify the state-of-the-arts in this field and also determine potential industry needs for the added functionalities. Particular attentions have been paid to an existing commercial temperature transmitter named NCS-TT105 from Microcyber Corporation. Detailed examination has been made in its internal hardware architecture, software execution environment, and additional computational resources available for accommodating additional functions. Furthermore, the schemes of the algorithms for realizing process fault detection and variable prediction have been examined from both theoretical and feasibility perspectives to incorporate onboard NCS-TT105. An important body of the thesis is to implement additional functions in the MCUs of NCS-TT105 by allocating real-time execution of different tasks with assigned priorities in the real-time operating system (RTOS). The enhanced NCS-TT105 has gone through extensive evaluation on a physical process control test facility under various normal/fault conditions. The test results are satisfactory and design specifications have been achieved. To the best knowledge of the author, this is the first time that process fault detection and variable prediction have been implemented right onboard of a commercial transmitter. The enhanced smart transmitter is capable of providing the information of incipient faults in the process and future changes of critical process variables. It is believed that this is an initial step towards the realization of distributed intelligence in process control, where important decisions regarding the process can be made at a sensor level

Evaluating Reliability against SEE of Embedded Systems: A Comparison of RTOS and Bare-metal Approaches

Embedded processors are widely used in critical applications such as space missions, where reliability is mandatory for the success of missions. Due to the increasing application complexity, the number of systems using Real-Time Operating Systems (RTOSs) is quickly growing to manage the execution of multiple applications and meet timing constraints. However, whether operating systems or bare-metal applications provide higher reliability is still being determined. We present a comprehensive reliability analysis of software applications running on a device with bare-metal and FreeRTOS against the same faults based on fault models derived from a proton test. Additionally, the FreeRTOS system has been evaluated with a set of software applications dedicated to evaluating specific RTOS functions, providing an additional evaluation for operations crucial for a real-time operating system

Maruchi OS kankyo o shiensuru sofutowea oyobi hadowea kino no teian

制度:新 ; 報告番号:甲3534号 ; 学位の種類:博士(工学) ; 授与年月日:2012/2/25 ; 早大学位記番号:新587

Network-on-Chip -based Multi-Processor System-on-Chip: Towards Mixed-Criticality System Certification

L'abstract è presente nell'allegato / the abstract is in the attachmen

Embedded Virtual Machines for Robust Wireless Control Systems

Embedded wireless networks have largely focused on open loop sensing and monitoring. To address actuation in closed loop wireless control systems there is a strong need to re-think the communication architectures and protocols for reliability, coordination and control. As the links, nodes and topology of wireless systems are inherently unreliable, such time-critical and safety-critical applications require programming abstractions where the tasks are assigned to the sensors, actuators and controllers as a single component rather than statically mapping a set of tasks to a specific physical node at design time. To this end, we introduce the Embedded Virtual Machine (EVM), a powerful and flexible programming abstraction where virtual components and their properties are maintained across node boundaries. In the context of process and discrete control, an EVM is the distributed runtime system that dynamically selects primary-backup sets of controllers to guarantee QoS given spatial and temporal constraints of the underlying wireless network. The EVM architecture defines explicit mechanisms for control, data and fault communication within the virtual component. EVM-based algorithms introduce new capabilities such as predictable outcomes and provably minimal graceful degradation during sensor/actuator failure, adaptation to mode changes and runtime optimization of resource consumption. Through the design of a natural gas process plant hardware-in-loop simulation we aim to demonstrate the preliminary capabilities of EVM-based wireless networks

Toward the hardening of real-time operating systems

Safety and Mission-critical systems are evolving daily, requiring increasing levels of complexity in their design. While bare-metal single CPU systems were dedicated to such systems in the past, nowadays, multicore CPUs, GPUs, and other accelerators require more complex software management, with the need for an operating system controlling everything. The presence of the operating system opens more challenges to securing the final system’s full dependability. This paper analyses the hardening scenarios based on the evidence gathered by selective fault injection analysis of Real-Time Operating systems. While solutions might be delivered in different fashions, the emphasis on the paper is on the right approach to spot the sensitive part of the Operating system, saving the design from massive overheads