Adaptability and Survivability in Spaceborne Time-and Space-Partitioned Systems

Abstract-Future space missions call for innovative computing system architectures, meeting strict requisites of size, weight, power consumption (SWaP), cost, safety and timeliness. To answer the aerospace industry interests, especially the European Space Agency (ESA), the AIR (ARINC 653 in Space Real-Time Operating System) architecture has been defined, following the advanced notion of time and space partitioning (TSP). In order to achieve adaptability and survivability in the face of environmental changes or new mission requirements, it is of paramount importance that onboard computing systems are reconfigurable. In this paper we present recent and ongoing developments on AIR Technology to achieve adaptability and survivability of AIRbased systems, and a methodology for onboard software update in order to add new features to the mission plan

An Architecture Pattern Enabling Safety at Lower Cost and with Higher Performance

International audienceIn both avionic and automotive systems, it might become very costly and/or restricting the functional performance, to prove functions safe in all operational conditions and for 100% of the mission time. This is especially true if the quality of sensor data and of communication data may vary very much. One way to solve this trade-off paradox is to leave part of the safety assessment from design-time to run-time. This paper proposes a general architectural pattern for this, and also how to instantiate this pattern in Integrated Modular Avionics (IMA) for the avionic domain, and in AUTOSAR for the automotive domain. The solutions imply some extensions of ARINC 653 and of AUTOSAR respectively, but they are not in conflict with the existing concepts. The proposed solutions are also fully in-line what is prescribed by the standards for functional safety of the two domains

Schedulability Analysis for Certification-friendly Multicore Systems

This paper presents a new schedulability test for safety-critical software undergoing a transition from single-core to multicore systems - a challenge faced by multiple industries today. Our migration model, consisting of a schedulability test and execution model, is distinguished by three aspects consistent with reducing transition cost. First, it assumes externally-driven scheduling parameters, such as periods and deadlines, remain fixed (and thus known), whereas exact computation times are not. Second, it adopts a globally synchronized conflict-free I/O model that leads to a decoupling between cores, simplifying the schedulability analysis. Third, it employs global priority assignment across all tasks on each core, irrespective of application, where budget constraints on each application ensure isolation. These properties enable us to obtain a utilization bound that places an allowable limit on total task execution times. Evaluation results demonstrate the advantages of our scheduling model over competing resource partitioning approaches, such as Periodic Server and TDMA.Ope

Design and implementation of a modular scheduling simulator for aerospace applications

Tese de mestrado em Engenharia Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2012Sistemas tempo-real têm de produzir os resultados esperados de cada tarefa atempadamente de acordo com a urgência de cada uma. Desde os anos 70 tentam-se obter formas de coordenar a execução das tarefas para cumprir todos os prazos através de algoritmos de escalonamento. Na sua maioria estes algoritmos apesar de terem requerido um extensivo trabalho por parte de quem os criou são simples de compreender. Um dos mais antigos é o algoritmo “Earliest Deadline First”, que consiste em dar maior prioridade às tarefas mais urgentes. Alguns sistemas devido às suas características particulares obedecem a modelos mais complexos. É o caso dos sistemas aeronáuticos onde é necessário manter o isolamento entre as funcionalidades. As funções são agrupadas logicamente em contentores denominados partições. Para garantir essa separação no domínio do tempo introduz-se um esquema de escalonamento a dois níveis. Um primeiro que determina as janelas temporais a dar a cada partição e um segundo nível onde estão as partições e respectivas funções. Os algoritmos de escalonamento utilizados em cada nível não tem de ser iguais; no segundo nível, cada partição pode usar um algoritmo diferente. Após estudar o que actualmente existe decidimos orientar o nosso trabalho para partições e escalonamento hierárquico pois é de onde poderemos vir a obter melhores resultados e soluções para sistemas futuros. Fazendo uso de padrões de desenho, bem como características do Java, tais como herança e polimorfismo conseguimos obter uma solução que após implementada permite aos seus utilizadores simularem a execução de um sistema que estes definam. Permite também obter os eventos e com estes mostrar ao utilizador o que o simulador fez em cada momento do sistema podendo estes resultados ser exibidos em formato textual ou fazer uso de outras aplicações de visualização de resultados.Real-time systems are required to produce results from each task in time, according to the urgency of each one. Since the 1970s researchers try to obtain ways to coordinate the execution of tasks to meet all deadline, by using scheduling algorithms. Although the majority of these algorithms required an extensive work from those who created them, they are simple to understand. One of the oldest is the Earliest Deadline First algorithm, which attributes higher priority to the most urgent tasks. Due to their characteristics, some systems obey to more complex models; this is the case of aerospace systems. These systems require full isolation between functionalities. The functions, composed of tasks (processes), are logically grouped into partitions. To ensure separation in the time domain, a two level scheduling scheme is introduced. The first level determinates the time windows to assign to each partition; in the second level, tasks in each partition compete among them for the execution time assigned to the latter. The scheduling algorithms used in each level do not need to be the same; in the second level, each partition may even employ a different algorithm to schedule its tasks. After studying what currently exists we have decided to guide our work to partitions and hierarchical scheduling because it is where we see producing better results and solutions for future systems. Using design patterns as well as Java properties such as inheritance and polymorphism we were able to obtain a solution that after implemented allows users to simulate the execution of a system defined by them. The tool allows obtaining events and showing them to the user and giving feedback, these events represent the basic functionalities of a real-time system, such as, job launch and job deadline miss and others. These results can be shown in textual form or use other applications of results visualization

Towards Compositional Hierarchical Scheduling Frameworks on Uniform Multiprocessors

In this report, we approach the problem of defining and analysing compositional hierarchical scheduling frameworks (HSF) upon uniform multiprocessor platforms. For this we propose the uniform multiprocessor periodic resource (UMPR) model for a component interface. We extend previous work by fellow researchers (for dedicated uniform multiprocessors, and for compositional HSFs on identical multiprocessors), by providing mechanisms for the multiple aspects of compositional analysis: a sufficient test for local schedulability of sporadic task sets under global Earliest Deadline First (GEDF) and guidelines for the complex problem of selecting the virtual platform when abstracting a component. Finally, we present experimental results that provide evidence for the need of future developments within the realm of compositional HSFs on uniform multiprocessors.FCT/Égide (PESSOA programme, project SAPIENT); European Commission (project IST-FP7-STREP-288195, KARYON); FCT (LaSIGE research unit strategic project,UI 408); FCT (Individual Doctoral Grant SFRH/BD/60193/2009)

Real-time scheduling in multicore : time- and space-partitioned architectures

Tese de doutoramento, Informática (Engenharia Informática), Universidade de Lisboa, Faculdade de Ciências, 2014The evolution of computing systems to address size, weight and power consumption (SWaP) has led to the trend of integrating functions (otherwise provided by separate systems) as subsystems of a single system. To cope with the added complexity of developing and validating such a system, these functions are maintained and analyzed as components with clear boundaries and interfaces. In the case of real-time systems, the adopted component-based approach should maintain the timeliness properties of the function inside each individual component, regardless of the remaining components. One approach to this issue is time and space partitioning (TSP)—enforcing strict separation between components in the time and space domains. This allows heterogeneous components (different real-time requirements, criticality, developed by different teams and/or with different technologies) to safely coexist. The concepts of TSP have been adopted in the civil aviation, aerospace, and (to some extent) automotive industries. These industries are also embracing multiprocessor (or multicore) platforms, either with identical or nonidentical processors, but are not taking full advantage thereof because of a lack of support in terms of verification and certification. Furthermore, due to the use of the TSP in those domains, compatibility between TSP and multiprocessor is highly desired. This is not the present case, as the reference TSP-related specifications in the aforementioned industries show limited support to multiprocessor. In this dissertation, we defend that the active exploitation of multiple (possibly non-identical) processor cores can augment the processing capacity of the time- and space-partitioned (TSP) systems, while maintaining a compromise with size, weight and power consumption (SWaP), and open room for supporting self-adaptive behavior. To allow applying our results to a more general class of systems, we analyze TSP systems as a special case of hierarchical scheduling and adopt a compositional analysis methodology.Fundação para a Ciência e a Tecnologia (FCT, SFRH/BD/60193/2009, programa PESSOA, projeto SAPIENT); the European Space Agency Innovation (ESA) Triangle Initiative program through ESTEC Contract 21217/07/NL/CB, Project AIR-II; the European Commission Seventh Framework Programme (FP7) through project KARYON (IST-FP7-STREP-288195)