Communication Paradigms for High-Integrity Distributed Systems with Hard Real-Time Requirements

The development and maintenance of high-integrity software is very expensive, and a specialized development process is required due to its distinctive characteristics. Namely, safety-critical systems usually execute over a distributed embedded platform with few hardware resources which must provide real-time communication and fault-tolerance. This work discusses the adequate communication paradigms for high-integrity distributed applications with hard real-time requirements, and proposes a restricted middleware based on the current schedulability theory which can be certified and capable to obtain the required predictability and timeliness of this kind of systems

Reusable Models for Timing and Liveness Analysis of Middleware for Distributed Real-Time and Embedded Systems

Distributed real-time and embedded (DRE) systems have stringent constraints on timeliness and other properties whose assurance is crucial to correct system behavior. Formal tools and techniques play a key role in verifying and validating system properties. However, many DRE systems are built using middleware frameworks that have grown increasingly complex to address the diverse requirements of a wide range of applications. How to apply formal tools and techniques effectively to these systems, given the range of middleware configuration options available, is therefore an important research problem. This paper makes three contributions to research on formal verification and validation of middleware-based DRE systems. First, it presents a reusable library of formal models we have developed to capture essential timing and concurrency semantics of foundational middleware building blocks provided by the ACE framework. Second, it describes domain-specific techniques to reduce the cost of checking those models while ensuring they remain valid with respect to the semantics of the middleware itself. Third, it presents a verification and validation case study involving a gateway service, using our models

Memory access classification for vertical task parallelism

International audienceWe present a paradigm and implementation of a parallel control flow model for algorithmic patterns of two nested loops; an outer iteration loop and an inner data traversal loop. It is centered around memory access patterns. Other than dataflow programming it emphasizes on upholding the sequential modification order of each data object. As a consequence the visible side effects on any object can be guaranteed to be identical to a sequential execution. Thus the set of optimizations that are performed are compatible with C's abstract state machine and compilers could perform them, in principle, automatically and unobserved. We present two separate implementations of this model. The first in C++ uses overloading of the operator[] to instrument the memory accesses. The second in Modular C uses annotations and code transformations for the two nested loops. Thereby the code inside the loops may stay as close as possible to the original code such that optimization of that code is not impacted unnecessarily. These implementations show promising results for appropriate benchmarks from polybench and rodinia

Classification d’accès mémoire pour la parallélisation verticale en tâches

We present a paradigm and implementation of a parallel control flow model for algorithmic patterns of two nested loops; an outer iteration loop and an inner data traversal loop. It is centered around memory access patterns. Other than dataflow programming it emphasizes on upholding the sequential modification order of each data object. As a consequence the visible side effects on any object can be guaranteed to be identical to a sequential execution. Thus the set of optimizations that are performed are compatible with C’s abstract state machine and compilers could perform them, in principle, automatically and unobserved. We present two separate implementations of this model. The first in C++ uses overloading of the operator[] to instrument the memory accesses. The second in Modular C uses annotations and code transformations for the two nested loops. Thereby the code inside the loops may stay as close as possible to the original code such that optimization of that code is not impacted unnecessarily. These implementations show promising results for appropriate benchmarks from polybench and rodinia.Nous présentons un paradigme et une implémentation d’un modèle deflot de contrôle parallèle pour des motifs algorithmiques de deux nids de bouclesimbriqués; une boucle externe d’itération et une boucle interne de parcours dedonnées. Ce paradigme est basé sur les motifs d’accès mémoire. Contrairementà la programmation par flot de données, il assure l’ordre séquentiel des modificationsde chaque objet. Par conséquent, les effets de bords visibles sur tousles objets sont garantis identiques à une exécution séquentielle. Ainsi l’ensemble des optimisations effectuées sont compatibles avec la machine abstraite d’état de C, et les compilateurs peuvent les effectuer, en principe, de façon automatique et non-observée. Nous présentons deux implémentations distinctes de ce modèle. La premiere, effectuée en C++, utilise la surcharge de l’opérateur [] pour instrumenter les accès mémoire. La seconde, effectuée en Modular C, utilise des annotations et transformations de code pour les deux boucles imbriquées. Ainsi le code à l’intérieur des boucles peut rester aussi proche que possible de l’original pour ne pas impacter inutilement son optimisation. Ces implémentations montrent des résultats prometteurs pour des codes de référence tirés de polybench et rodinia

On Efficient Distributed Deadlock Avoidance for Real-time and Embedded Systems

Abstract Thread allocation is an important problem in dis-tributed real-time and embedded (DRE) systems. A too liberal thread allocation policy may cause deadlock, atoo conservative policy limits potential parallelism, thus wasting resources. However, achieving (global) optimalthread utilization, while avoiding deadlock, has been proven impractical in distributed systems: it requirestoo much communication between components. In previous work we showed that efficient local threadallocation protocols are possible if the protocols are parameterized by global static data, in particular, an an-notation of the global call graph of all tasks to be performed by the system. We proved that absence of cyclicdependencies in this annotation guarantees absence of deadlock. In this paper we present an algorithm to computeoptimal annotations, that is annotations that maximiz

Timed Automata Models for Principled Composition of Middleware

Middleware for Distributed Real-time and Embedded (DRE) systems has grown more and more complex in recent years due to the varying functional and temporal requirements of complex real-time applications. To enable DRE middleware to be configured and customized to meet the demands of different applications, a body of ongoing research has focused on applying model-driven development techniques to developing QoS-enabled middleware. While current approaches for modeling middleware focus on easing the task of as-assembling, deploying and configuring middleware and middleware-based applications, a more formal basis for correct middleware composition and configuration in the context of individual applications is needed. While the modeling community has used application-level formal models that are more abstract to uncover certain flaws in system design, a more fundamental and lower-level set of models is needed to be able to uncover more subtle safety and timing errors introduced by interference between application computations, particularly in the face of alternative concurrency strategies in the middleware layer. In this research, we have examined how detailed formal models of lower-level middle-ware building blocks provide an appropriate level of abstraction both for modeling and synthesis of a variety of kinds of middleware from these building blocks. When combined with model checking techniques, these formal models can help developers in composing correct combinations of middleware mechanisms, and configuring those mechanisms for each particular application