BB-RTE: a Budget-Based RunTime Engine for Mixed and Safety Critical Systems

International audienceThe safety critical industry is considering a shift from single-core COTS to multi-core COTS processor for safety and time critical computers in order to maximize performance while reducing costs.In a domain where time predictability is a major concern due to the regulation standards, multi-core processors are introducing new sources of time variations due to the electronic competition when the software is accessing shared hardware resources, and characterized by timing interference.The solutions proposed in the literature to deal with timing interference are all proposing a trade-off between performance efficiency, time predictability and intrusiveness in the software. Especially, none of them is able to fully exploit the multi-core efficiency while allowing untouched, already-certified legacy software to run.In this paper, we introduce and evaluate BB-RTE, a Budget-Based RunTime Engine for Mixed and Safety Critical Systems, that especially focuses on mixed critical systems. BB-RTE guarantees the deadline of high-critical tasks 1) by computing for each shared hardware resource a budget in terms of extra accesses that the critical tasks can support before their runtime is significantly impacted; 2) by temporarily suspending low-critical tasks at runtime once this budget as been consumed

METrICS: a Measurement Environment For Multi-Core Time Critical Systems

International audienceWith the upcoming shift from single-core to multi-core COTS processor for safety critical products such as avionics, railway or space computer subsystems, the safety critical industry is facing a trade-off in term of performance versus predictability.In multi-core processors, concurrent accesses to shared hardware resources are generating inter-task or inter-application timing interference, breaking the timing isolation principles required by the standards for such critical software. Several solutions have been proposed in the literature to control or regulate these timing interferences, but most of these solutions require to perform some level of profiling, monitoring or dimensioning.As time-critical software is running on top of Real Time Operating Systems (ROTS), classical profiling techniques relying on interrupts, multi-threading, or OS modules are either not available or prohibited for predictability, safety or security reasons.In this paper we present METrICS, a measurement environment for multi-core time-critical systems running on top of the industry-standard PikeOS RTOS. Our framework proposes an accurate real-time runtime and resource usage measurement while having a negligible impact on timing behaviour, allowing us to fully observe and characterize timing interference.Beyond being able to characterize timing interference, we evaluated METrICS in term of accuracy of the timing and resource usage measurements, intrusiveness both in term of timing and impact on the legacy code, as well as adherence to the hardware. We also present a portfolio of the kind of measurements METrICS provides

De-RISC: A complete RISC-V based space-grade platform

The H2020 EIC-FTI De-RISC project develops a RISC-V space-grade platform to jointly respond to several emerging, as well as longstanding needs in the space domain such as: (1) higher performance than that of monocore and basic multicore space-grade processors in the market; (2) access to an increasingly rich software ecosystem rather than sticking to the slowly fading SPARC and PowerPC-based ones; (3) freedom (or drastic reduction) of export and license restrictions imposed by commercial ISAs such as Arm; and (4) improved support for the design and validation of safety-related real-time applications, (5) being the platform with software qualified and hardware designed per established space industry standards. De-RISC partners have set up the different layers of the platform during the first phases of the project. However, they have recently boosted integration and assessment activities. This paper introduces the De-RISC space platform, presents recent progress such as enabling virtualization and software qualification, new MPSoC features, and use case deployment and evaluation, including a comparison against other commercial platforms. Finally, this paper introduces the ongoing activities that will lead to the hardware and fully qualified software platform at TRL8 on FPGA by September 2022.This project has received funding from the European Union’s Horizon 2020 Research and Innovation programme under Grant Agreement EIC-FTI 869945. BSC work has also been partially supported by the Spanish Ministry of Science and Innovation under grant PID2019-07255GBC21/AEI/10.13039/501100011033.Peer ReviewedPostprint (author's final draft

A Flexible Operating System for Dynamic Applications

International audienceAn autonomous robot finding its way on an unknown terrain, a video decoder changing decompression format according to signal strength, a broadband electronic counter-measure system, an adaptive image tracking algorithm for automotive ... Many emerging embedded or mission-critical applications show dynamic behavior, with strong dependency on the unpredictable environment. Where statically resolved worst-case allocation was an answer to strong real time constraints, flexibility is now a requirement. At the same time, the needs for computing power never slow down, both in terms of reactivity and data throughput, while the pressure on power consumption is stronger than ever

De-RISC – Dependable Real-Time Infrastructure for Safety-Critical Computer Systems

Publicat en accés amb el permís de l'editor / Published in open access with the permission of the publisher.The space domain demands increased performance, reliable and easy to verify and validate platforms tomatch the requirements of highly autonomous missions and systems that need to undergo qualification and certification against safety guidelines, and be commercialized worldwide minimizing export restrictions. Unfortunately, commercial platforms either fail to match domainspecific requirements for space (e.g. safety requirements), are limited by US export regulations, or simply fail both sets of requirements. This paper introduces De-RISC, a novel HW/SW platform meeting space requirements for safety- and mission-critical applications by construction, with explicit support to ease performance validation and diagnosis, and based on the RISC-V instruction set architecture. The De-RISC platform, which builds upon fentISS’ XtratuM hypervisor and a Cobham Gaisler (CG) NOEL-V based MPSoC, will reach commercial maturity in 2022, and will be assessed against a space use case.This project has received funding from the European Union’s Horizon 2020 Research and Innovation programme under Grant Agreement EIC-FTI 869945.Peer ReviewedPostprint (published version

De-RISC: the First RISC-V space-grade platform for safety-critical systems

The increasing needs for performance in the space domain for highly autonomous systems calls for more powerful space MPSoCs and appropriate hypervisors to master them. These platforms must adhere to strict reliability, verifiability and validation requirements since spacecraft for deep space missions are exposed to a harsh environment. Systems must undergo screening and tests against standards for electronic components and software. Unfortunately, currently available space-grade processor components do not meet requirements related to safety that are becoming increasingly important in space applications. This paper presents the De-RISC platform, consisting of Cobham Gaisler’s RISC-V based SoC, and fentISS’ XtratuM Next Generation hypervisor. The platform implements the open RISC-V Instruction Set Architecture, and leverages space SoC IP by Cobham Gaisler, space hypervisor technology by fentISS, multicore interference management solutions by the Barcelona Supercomputing Center, and end user experience and requirement guidance by Thales Research and Technology. At its current state, the platform is already complete and integrated, and starting its validation phase prior to reaching commercial maturity by early 2022. In this paper, we provide details of the platform and some preliminary evidence of its operation.This project has received funding from the European Union’s Horizon 2020 Research and Innovation programme under Grant Agreement EIC-FTI 869945. BSC work has also been partially supported by the Spanish Ministry of Science and Innovation under grant PID2019-107255GB.Peer ReviewedPostprint (author's final draft

Enhancing Reconfigurable Platforms Programmability for Synchronous Data-Flow Applications

International audienceRecent FPGAs allow the design of efficient and complex Heterogeneous Systems-on-Chip (HSoC). Namely, these systems are composed of several processors, hardware accelerators as well as communication media between all these components. Performances provided by HSoCs make them really interesting for data-flow applications, especially image processing applications. The use of this kind of architecture provides good performances but the drawback is an increase of the programming complexity. This complexity is due to the heterogeneous deployment of the application on the platform. Some functions are implemented in software to run on a processor, whereas other functions are implemented in hardware to run in a reconfigurable partition of the FPGA. This article aims to define a programming model based on the Synchronous Data-Flow model, in order to abstract the heterogeneity of the implementation and to leverage the communication issue between software and hardware actors