563 research outputs found
Safe Schedulability of Bounded-Rate Multi-Mode Systems
Bounded-rate multi-mode systems (BMMS) are hybrid systems that can switch
freely among a finite set of modes, and whose dynamics is specified by a finite
number of real-valued variables with mode-dependent rates that can vary within
given bounded sets. The schedulability problem for BMMS is defined as an
infinite-round game between two players---the scheduler and the
environment---where in each round the scheduler proposes a time and a mode
while the environment chooses an allowable rate for that mode, and the state of
the system changes linearly in the direction of the rate vector. The goal of
the scheduler is to keep the state of the system within a pre-specified safe
set using a non-Zeno schedule, while the goal of the environment is the
opposite. Green scheduling under uncertainty is a paradigmatic example of BMMS
where a winning strategy of the scheduler corresponds to a robust
energy-optimal policy. We present an algorithm to decide whether the scheduler
has a winning strategy from an arbitrary starting state, and give an algorithm
to compute such a winning strategy, if it exists. We show that the
schedulability problem for BMMS is co-NP complete in general, but for two
variables it is in PTIME. We also study the discrete schedulability problem
where the environment has only finitely many choices of rate vectors in each
mode and the scheduler can make decisions only at multiples of a given clock
period, and show it to be EXPTIME-complete.Comment: Technical report for a paper presented at HSCC 201
Weak Singular Hybrid Automata
The framework of Hybrid automata, introduced by Alur, Courcourbetis,
Henzinger, and Ho, provides a formal modeling and analysis environment to
analyze the interaction between the discrete and the continuous parts of
cyber-physical systems. Hybrid automata can be considered as generalizations of
finite state automata augmented with a finite set of real-valued variables
whose dynamics in each state is governed by a system of ordinary differential
equations. Moreover, the discrete transitions of hybrid automata are guarded by
constraints over the values of these real-valued variables, and enable
discontinuous jumps in the evolution of these variables. Singular hybrid
automata are a subclass of hybrid automata where dynamics is specified by
state-dependent constant vectors. Henzinger, Kopke, Puri, and Varaiya showed
that for even very restricted subclasses of singular hybrid automata, the
fundamental verification questions, like reachability and schedulability, are
undecidable. In this paper we present \emph{weak singular hybrid automata}
(WSHA), a previously unexplored subclass of singular hybrid automata, and show
the decidability (and the exact complexity) of various verification questions
for this class including reachability (NP-Complete) and LTL model-checking
(PSPACE-Complete). We further show that extending WSHA with a single
unrestricted clock or extending WSHA with unrestricted variable updates lead to
undecidability of reachability problem
A Lazy Bailout Approach for Dual-Criticality Systems on Uniprocessor Platforms
© 2019 by the authors. Licensee MDPI, Basel, Switzerland.A challenge in the design of cyber-physical systems is to integrate the scheduling of tasks of different criticality, while still providing service guarantees for the higher critical tasks in case of resource-shortages caused by faults. While standard real-time scheduling is agnostic to the criticality of tasks, the scheduling of tasks with different criticalities is called mixed-criticality scheduling. In this paper we present the Lazy Bailout Protocol (LBP), a mixed-criticality scheduling method where low-criticality jobs overrunning their time budget cannot threaten the timeliness of high-criticality jobs while at the same time the method tries to complete as many low-criticality jobs as possible. The key principle of LBP is instead of immediately abandoning low-criticality jobs when a high-criticality job overruns its optimistic WCET estimate, to put them in a low-priority queue for later execution. To compare mixed-criticality scheduling methods we introduce a formal quality criterion for mixed-criticality scheduling, which, above all else, compares schedulability of high-criticality jobs and only afterwards the schedulability of low-criticality jobs. Based on this criterion we prove that LBP behaves better than the original {\em Bailout Protocol} (BP). We show that LBP can be further improved by slack time exploitation and by gain time collection at runtime, resulting in LBPSG. We also show that these improvements of LBP perform better than the analogous improvements based on BP.Peer reviewedFinal Published versio
Securing Real-Time Internet-of-Things
Modern embedded and cyber-physical systems are ubiquitous. A large number of
critical cyber-physical systems have real-time requirements (e.g., avionics,
automobiles, power grids, manufacturing systems, industrial control systems,
etc.). Recent developments and new functionality requires real-time embedded
devices to be connected to the Internet. This gives rise to the real-time
Internet-of-things (RT-IoT) that promises a better user experience through
stronger connectivity and efficient use of next-generation embedded devices.
However RT- IoT are also increasingly becoming targets for cyber-attacks which
is exacerbated by this increased connectivity. This paper gives an introduction
to RT-IoT systems, an outlook of current approaches and possible research
challenges towards secure RT- IoT frameworks
Reasoning About the Reliability of Multi-version, Diverse Real-Time Systems
This paper is concerned with the development of reliable real-time systems for use in high integrity applications. It advocates the use of diverse replicated channels, but does not require the dependencies between the channels to be evaluated. Rather it develops and extends the approach of Little wood and Rush by (for general systems) by investigating a two channel system in which one channel, A, is produced to a high level of reliability (i.e. has a very low failure rate), while the other, B, employs various forms of static analysis to sustain an argument that it is perfect (i.e. it will never miss a deadline). The first channel is fully functional, the second contains a more restricted computational model and contains only the critical computations. Potential dependencies between the channels (and their verification) are evaluated in terms of aleatory and epistemic uncertainty. At the aleatory level the events ''A fails" and ''B is imperfect" are independent. Moreover, unlike the general case, independence at the epistemic level is also proposed for common forms of implementation and analysis for real-time systems and their temporal requirements (deadlines). As a result, a systematic approach is advocated that can be applied in a real engineering context to produce highly reliable real-time systems, and to support numerical claims about the level of reliability achieved
Response time analysis of memory-bandwidth- regulated multiframe mixed-criticality systems
The multiframe mixed-criticality task model eliminates the pessimism in many systems where the worst-case execution times (WCETs) of successive jobs vary greatly by design, in a known pattern. Existing feasibility analysis techniques for multiframe mixed-criticality tasks are shared-resource-oblivious, hence un-safe for commercial-o -the-shelf (COTS) multicore platforms with a memory controller shared among all cores. Conversely, the feasibility analyses that account for the interference on shared resource(s) in COTS platforms do not leverage theWCET variation in multiframe tasks. This paper extends the state-of-the-art by presenting analysis that incorporates the memory access stall in memory-bandwidth-regulated multiframe mixed-criticality multicore systems.
An exhaustive enumeration approach is proposed for this analysis to further enhance the schedulability success ratio. The running time of the exhaustive analysis is improved by proposing a pruning mechanism that eliminates the combinations of interfering job sequences that subsume others. Experimental evaluation, using synthetic task sets, demonstrates up to 72% improvement in terms of schedulability success ratio, compared to frame-agnostic analysis.This work was partially supported by National Funds through FCT/MCTES
(Portuguese Foundation for Science and Technology), within the CISTER Research Unit (UIDP/UIDB/04234/2020); by the Operational Competitiveness
Programme and Internationalization (COMPETE 2020) under the PT2020 Partnership Agreement, through the European Regional Development Fund (ERDF),
and by national funds through the FCT, within project PREFECT (POCI01-0145-FEDER-029119); by FCT through the European Social Fund (ESF)
and the Regional Operational Programme (ROP) Norte 2020, under grant
2020.08045.BD.info:eu-repo/semantics/publishedVersio
Precise energy efficient scheduling of mixed-criticality tasks & sustainable mixed-criticality scheduling
In this thesis, the imprecise mixed-criticality model (IMC) is extended to precise scheduling of tasks, and integrated with the dynamic voltage and frequency scaling (DVFS) technique to enable energy minimization. The challenge in precise scheduling of MC systems is to simultaneously guarantee the timing correctness for all tasks, hi and lo, under both pessimistic and optimistic (less pessimistic) assumptions. To the best of knowledge this is the first work to address the integration of DVFS energy conserving techniques with precise scheduling of lo-tasks of the MC model.
In this thesis, the utilization based schedulability tests and sufficient conditions for such systems under Earliest Deadline First EDF-VD scheduling policy are presented. Quantitative study in the forms of speedup bound and approximation ratio are also proved for the unified model. Extensive experimental studies are conducted to verify the theoretical results as well as the effectiveness of the proposed algorithm.
In safety- critical systems, it is essential to perform schedulability analysis prior to run-time. Parameters characterizing the run-time workload are generated by pessimistic techniques; hence, adopting conservative estimates may result in systems performing much better than anticipated during run-time. This thesis also addresses the following questions associated to the better performance of the task system: (i) How does parameter change affect the schedulability of a task set (system)? (ii) In the event that a mixed-criticality system design is deemed schedulable and specific part/parts of the system are reassigned to be of low-criticality, is the system still safe to run? (iii) If a system is presumed to be non-schedulable, does it invariably benefit to reduce the criticality of some task?
To answer these questions, in this thesis, we not only study the property of sustainability with regards to criticality levels, but also revisit sustainability of several uniprocessor and multiprocessor scheduling policies with respect to other parameters --Abstract, page iii
Bounded-rate multi-mode systems based motion planning
Bounded-rate multi-mode systems are hybrid systems that can switch among a
finite set of modes. Its dynamics is specified by a finite number of
real-valued variables with mode-dependent rates that can vary within given
bounded sets. Given an arbitrary piecewise linear trajectory, we study the
problem of following the trajectory with arbitrary precision, using motion
primitives given as bounded-rate multi-mode systems. We give an algorithm to
solve the problem and show that the problem is co-NP complete. We further prove
that the problem can be solved in polynomial time for multi-mode systems with
fixed dimension. We study the problem with dwell-time requirement and show the
decidability of the problem under certain positivity restriction on the rate
vectors. Finally, we show that introducing structure to the multi-mode systems
leads to undecidability, even when using only a single clock variable.Comment: 14 pages, 12 figures, HSCC - 201
- …