932 research outputs found
Leveraging virtualization technologies for resource partitioning in mixed criticality systems
Multi- and many-core processors are becoming increasingly popular in embedded systems. Many of these processors now feature hardware virtualization capabilities, such as the ARM Cortex A15, and x86 processors with Intel VT-x or AMD-V support. Hardware virtualization offers opportunities to partition physical resources, including processor cores, memory and I/O devices amongst guest virtual machines. Mixed criticality systems and services can then co-exist on the same platform in separate virtual machines. However, traditional virtual machine systems are too expensive because of the costs of trapping into hypervisors to multiplex and manage machine physical resources on behalf of separate guests. For example, hypervisors are needed to schedule separate VMs on physical processor cores. Additionally, traditional hypervisors have memory footprints that are often too large for many embedded computing systems. This dissertation presents the design of the Quest-V separation kernel, which partitions services of different criticality levels across separate virtual machines, or sandboxes. Each sandbox encapsulates a subset of machine physical resources that it manages without requiring intervention of a hypervisor. In Quest-V, a hypervisor is not needed for normal operation, except to bootstrap the system and establish communication channels between sandboxes. This approach not only reduces the memory footprint of the most privileged protection domain, it removes it from the control path during normal system operation, thereby heightening security
Scheduling policies and system software architectures for mixed-criticality computing
Mixed-criticality model of computation is being increasingly
adopted in timing-sensitive systems. The model not only
ensures that the most critical tasks in a system never fails,
but also aims for better systems resource utilization in normal condition. In this report, we describe the widely used
mixed-criticality task model and fixed-priority scheduling
algorithms for the model in uniprocessors. Because of the
necessity by the mixed-criticality task model and scheduling
policies, isolation, both temporal and spatial, among tasks is
one of the main requirements from the system design point
of view. Different virtualization techniques have been used
to design system software architecture with the goal of isolation. We discuss such a few system software architectures
which are being and can be used for mixed-criticality model
of computation
Mixed-Criticality Scheduling with I/O
This paper addresses the problem of scheduling tasks with different
criticality levels in the presence of I/O requests. In mixed-criticality
scheduling, higher criticality tasks are given precedence over those of lower
criticality when it is impossible to guarantee the schedulability of all tasks.
While mixed-criticality scheduling has gained attention in recent years, most
approaches typically assume a periodic task model. This assumption does not
always hold in practice, especially for real-time and embedded systems that
perform I/O. For example, many tasks block on I/O requests until devices signal
their completion via interrupts; both the arrival of interrupts and the waking
of blocked tasks can be aperiodic. In our prior work, we developed a scheduling
technique in the Quest real-time operating system, which integrates the
time-budgeted management of I/O operations with Sporadic Server scheduling of
tasks. This paper extends our previous scheduling approach with support for
mixed-criticality tasks and I/O requests on the same processing core. Results
show the effective schedulability of different task sets in the presence of I/O
requests is superior in our approach compared to traditional methods that
manage I/O using techniques such as Sporadic Servers.Comment: Second version has replaced simulation experiments with real machine
experiments, third version fixed minor error in Equation 5 (missing a plus
sign
Distributed real-time fault tolerance in a virtualized separation kernel
Computers are increasingly being placed in scenarios where a computer error
could result in the loss of human life or significant financial loss. Fault
tolerant techniques must be employed to prevent an error from resulting in a
fault causing such losses. Two types of errors that are common in real-time and
embedded system are soft errors, i.e. data bit corruption, and timing errors,
such as missed deadlines. Purely software based techniques to address these
types of errors have the advantage of not requiring specialized hardware and are
able to use more readily available commercial off-the-shelf hardware. Timing
errors are addressed using Adaptive Mixed-Criticality, a scheduling technique
where higher criticality tasks are given precedence over those of lower
criticality when it is impossible to guarantee the schedulability of all tasks.
While mixed-criticality scheduling has gained attention in recent years, most
approaches assume a periodic task model and that the system has a single
criticality level which dictates the available budget to all tasks. In practice
these assumptions do not hold: different types of tasks are better served by
different scheduling approaches and only a subset of high critical tasks might
require additional capacity to meet deadlines. In the latter case, this occurs
when a process has experienced a fault and requires additional capacity to
perform the recovery.
In this thesis, soft errors are addressed using a novel real-time fault
tolerance method based on a virtualized separation kernel. Instead of executing
redundant copies of an application on separate machines, the applications are
consolidated onto one multi-core processor and use hardware virtualization
extensions to partition the applications. This allows new recovery schemes to
be explored. In addition, the maximum recovery time is sufficiently bounded to
ensure recovery occurs in a timely manner without affecting the normal execution
of the application. A virtualized separation kernel in combination with
Adaptive Mixed-Criticality techniques creates a fault tolerant system that
predictably detects and recovers from timing and soft errors
MARACAS: a real-time multicore VCPU scheduling framework
This paper describes a multicore scheduling and load-balancing framework called MARACAS, to address shared cache and memory bus contention. It builds upon prior work centered around the concept of virtual CPU (VCPU) scheduling. Threads are associated with VCPUs that have periodically replenished time budgets. VCPUs are guaranteed to receive their periodic budgets even if they are migrated between cores. A load balancing algorithm ensures VCPUs are mapped to cores to fairly distribute surplus CPU cycles, after ensuring VCPU timing guarantees. MARACAS uses surplus cycles to throttle the execution of threads running on specific cores when memory contention exceeds a certain threshold. This enables threads on other cores to make better progress without interference from co-runners. Our scheduling framework features a novel memory-aware scheduling approach that uses performance counters to derive an average memory request latency. We show that latency-based memory throttling is more effective than rate-based memory access control in reducing bus contention. MARACAS also supports cache-aware scheduling and migration using page recoloring to improve performance isolation amongst VCPUs. Experiments show how MARACAS reduces multicore resource contention, leading to improved task progress.http://www.cs.bu.edu/fac/richwest/papers/rtss_2016.pdfAccepted manuscrip
MCS-IOV : Real-time I/o virtualization for mixed-criticality systems
In mixed-criticality systems, timely handling of I/O is a key for the system being successfully implemented and functioning appropriately. The criticality levels of functions and sometimes the whole system are often dependent on the state of the I/O. An I/O system for a MCS must provide simultaneously isolation/separation, performance/efficiency and timing-predictability, as well as being able to manage I/O resource in an adaptive manner to facilitate efficient yet safe resource sharing among components of different criticality levels. Existing approaches cannot achieve all of these requirements simultaneously. This paper presents a MCS I/O management framework, termed MCS-IOV. MCS-IOV is based on hardware assisted virtualisation, which provides temporal and spatial isolation and prohibits fault propagation with small extra overhead in performance. MCS-IOV extends a real-time I/O virtualisation system, by supporting the concept of mixed criticalities and customised interfaces for schedulers, which offers good timing-preditability. MCS-IOV supports I/O driven criticality mode switch (the mode switch can be triggered by detection of unexpected I/O behaviors, e.g., a higher I/O utilization than expected) and timely I/O resource reconfiguration up on that. Finally, We evaluated and demonstrate MCS-IOV in different aspects
- …