A non-intrusive fault tolerant framework for mission critical real-time systems

Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Aeronautics and Astronautics, 2005.Includes bibliographical references (p. 85-87).The need for dependable real-time systems for embedded application is growing, and, at the same time, so does the amount of functionality required from these systems. As testing can only show the presence of errors, not their absence, higher levels of system dependability may be provided by the implementation of mechanisms that can protect the system from faults. We present a framework for the development of fault tolerant mission critical real-time systems that provides a structure for flexible, efficient and deterministic design. The framework leverages three key knowledge domains: firstly, a software concurrency model, the Ada Ravenscar Profile, which guarantees deterministic behavior; secondly, the design of a hardware scheduler, the RavenHaRT kernel, which further provides deadlock free inter-task communication management; and finally, the design of a hardware execution time monitor, the Monitoring Chip, which provides non-intrusive error detection. To increase service dependability, we propose a fault tolerance strategy that uses multiple operating modes to provide system-level handling of timing errors. The hierarchical set of operating modes offers different gracefully degraded levels of guaranteed service. This approach relies on the elements of the framework discussed above and is illustrated through a sample case study of a generic navigation system.by Sébastien Gorelov.S.M

EXTENSIONES AL LENGUAJE ADA Y A LOS SERVICIOS POSIX PARA PLANIFICACIÓN EN SISTEMAS DE TIEMPO REAL ESTRICTO

Esta tesis se ha centrado en el estudio de las políticas basadas en la extracción de holgura y en la asignación dual de prioridades, ambas orientadas a dar servicio a tareas aperiódicas en sistemas real estricto. Estas políticas constituyen una interesante alternativa a las políticas basadas en servidores de carga aperiódicas y han sido ampliamente estudiadas en numerosos trabajos. No obstante, la posibilidad de ser aplicables en la práctica todavía no había sido evaluada en detalle, y éste ha sido el principal objetivo de esta tesis. En este trabajo, ambas políticas son revisadas en profundidad. En el caso de la política basada en la extracción de holgura, algunas de sus principales debilidades han sido corregidas. En particular, se muestra que es posible compartir recursos entre tareas críticas y aperiódicas de una forma sencilla y eficiente, utilizando para ello los mismos protocolos de herencia de prioridad que pueden aplicarse en sistemas en los que sólo existen tareas críticas. La aplicabilidad de estas políticas ha sido valorada incorporándolas en los dos entornos más relevantes hoy en día para la programación de sistemas de tiempo real estricto, el lenguaje de programación Ada y los servicios POSIX. Con este fin se han definido nuevas interfaces para ambas políticas en estos entornos, coherentes con sus principios de diseño y con los servicios que actualmente ofrecen. El diseño de estas interfaces ha supuesto una adaptación de ambas políticas buscando, en todo momento, un equilibrio entre prestaciones y eficiencia. Como parte de este diseño, estas interfaces han sido implementadas en el sistema operativo MaRTE OS. El proceso de implementación ha servido para validar las distintas alternativas qu ehan sido consideradas. Un aspecto importante de una política de planificación en su eficiencia, por lo que este aspecto ha sido evaluado en detalle. Se ha caracterizado de forma analítica el efectoABSTRACT: This thesis is centered on the study of slack stealing and dual priority scheduling policies, both oriented to serve aperiodic tasks in hard real-time systems. These polices, largely studied in previous work, constitute an interesting alternative to policies based on aperiodic servers. However, the possibility of actually being put into practice had not been yet exhaustively evaluated. This has been the main objective of this thesis. Both policies are profoundly revised in this dissertation. In the case of the slack stealing policy, some of its weaknesses have been solved. In particular, this thesis shows that it is possible to share resources between hard and aperiodic tasks in a simple and efficient manner. This can be done by using the same priority inheritance protocols which are used in systems comprising hard tasks only. The applicability of these scheduling policies has been evaluated by means of their incorporation into the two most relevant hard real-time programming environments in use nowadays, the Ada programming language and the POSIX set of services. In order to fulfill this purpose, new interfaces for both policies have been defined in these two environments. These interfaces have been designed in order to be coherent with the environments¿ design principles and the services they currently support. This design has involved the adaptation of the original scheduling policies, trying to optimize the balance between performance and efficiency. As a part of this design, both interfaces have been implemented in the MaRTE OS operating system. These implementations have been useful for validating the different alternatives which have been considered throughout the design process. Since efficiency is an important aspect of any scheduling policy, this aspect has been extremely evaluated in this work. The effect of the implementation of both policies to the task response times has been analytically characterized. This effect has also been quantified, and then the efficiency of both policies has been compared with the fixed-priority preemptive scheduling policy, which is the one normally used in hard real-time systems. The results of this comparative study show that, although the overhead introduced by any VIII ABSTRACT of the two new policies is significant, this overhead lies in a reasonable range. The recently approved POSIX trace services have also been studied in this thesis. The necessity of having some analysis and measurement tools available for the efficiency studies carried out in this thesis led to the incorporation of these services into MaRTE OS. Related to this, a new POSIX/Ada interface for the trace services has also been proposed. In addition, the problem of obtaining temporal metrics of the system from the information of the traces has also been covered.Espinosa Minguet, AR. (2003). EXTENSIONES AL LENGUAJE ADA Y A LOS SERVICIOS POSIX PARA PLANIFICACIÓN EN SISTEMAS DE TIEMPO REAL ESTRICTO [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/1774