Extensiones a los métodos de planificación de sistemas de tiempo real críticos basados en prioridades

Los sistemas de tiempo real tienen un papel cada vez más importante en nuestra sociedad. Constituyen un componente fundamental de los sistemas de control, que a su vez forman parte de diversos sistemas de ingeniería básicos en actividades industriales, militares, de comunicaciones, espaciales y médicas. La planificación de recursos es un problema fundamental en la realización de sistemas de tiempo real. Su objetivo es asignar los recursos disponibles a las tareas de forma que éstas cumplan sus restricciones temporales. Durante bastante tiempo, el estado de la técnica en relación con los métodos de planificación ha sido rudimentario. En la actualidad, los métodos de planificación basados en prioridades han alcanzado un nivel de madurez suficiente para su aplicación en entornos industriales. Sin embargo, hay cuestiones abiertas que pueden dificultar su utilización. El objetivo principal de esta tesis es estudiar los métodos de planificación basados en prioridades, detectar las cuestiones abiertas y desarrollar protocolos, directrices y esquemas de realización práctica que faciliten su empleo en sistemas industriales. Una cuestión abierta es la carencia de esquemas de realización de algunos protocolos con núcleos normalizados. El resultado ha sido el desarrollo de esquemas de realización de tareas periódicas y esporádicas de tiempo real, con detección de fallos de temporización, comunicación entre tareas, cambio de modo de ejecución del sistema y tratamiento de fallos mediante grupos de recuperación. Los esquemas se han codificado en Ada 9X y se proporcionan directrices para analizar la planificabilidad de un sistema desarrollado con esta base. Un resultado adicional ha sido la identificación de la funcionalidad mínima necesaria para desarrollar sistemas de tiempo real con las características enumeradas. La capacidad de adaptación a los cambios del entorno es una característica deseable de los sistemas de tiempo real. Si estos cambios no estaban previstos en la fase de diseño o si hay módulos erróneos, es necesario modificar o incluir algunas tareas. La actualización del sistema se suele realizar estáticamente y su instalación se lleva a cabo después de parar su ejecución. Sin embargo, hay sistemas cuyo funcionamiento no se puede detener sin producir daños materiales o económicos. Una alternativa es diseñar el sistema como un conjunto de unidades que se pueden reemplazar, sin interferir con la ejecución de otras unidades. Para tal fin, se ha desarrollado un protocolo de reemplazamiento dinámico para sistemas de tiempo real crítico y se ha comprobado su compatibilidad con los métodos de planificación basados en prioridades. Finalmente se ha desarrollado un esquema de realización práctica del protocolo.---ABSTRACT---Real-time systems are very important now a days. They have become a relevant issue in the design of control systems, which are a basic component of several engineering systems in industrial, telecommunications, military, spatial and medical applications. Resource scheduling is a central issue in the development of real-time systems. Its purpose is to assign the available resources to the tasks, in such a way that their deadlines are met. Historically, hand-crafted techniques were used to develop real-time systems. Recently, the priority-based scheduling methods have reached a sufficient maturity level to be feasible its extensive use in industrial applications. However, there are some open questions that may decrease its potential usefulness. The main goal of this thesis is to study the priority-based scheduling methods, to identify the remaining open questions and to develop protocols, implementation templates and guidelines that will make more feasible its use in industrial applications. One open question is the lack of implementation schemes, based on commercial realtime kernels, of some of the protocols. POSIX and Ada 9X has served to identify the services usually available. A set of implementation templates for periodic and sporadic tasks have been developed with provisión for timing failure detection, intertask coraraunication, change of the execution mode and failure handling based on recovery groups. Those templates have been coded in Ada 9X. A set of guidelines for checking the schedulability of a system based on them are also provided. An additional result of this work is the identification of the minimal functionality required to develop real-time systems based on priority scheduling methods, with the above characteristics. A desirable feature of real-time systems is their capacity to adapt to changes in the environment, that cannot be entirely predicted during the design, or to misbehaving software modules. The traditional maintenance techniques are performed by stopping the whole system, installing the new application and finally resuming the system execution. However this approach cannot be applied to non-stop systems. An alternative is to design the system as a set of software units that can be dynamically replaced within its operative environment. With this goal in mind, a dynamic replacement protocol for hard real-time systems has been defined. Its compatibility with priority-based scheduling methods has been proved. Finally, a execution témplate of the protocol has been implemented

Tools for mixed-criticality partitioned systems: partitioning algorithm and extensibility support

The development of mixed-criticality virtualized multicore systems poses new challenges that are being subject of active research work. There is an additional complexity: it is now required to identify a set of partitions, and allocate applications to partitions. In this job, a number of issues have to be considered, such as the criticality level of the application, security and dependability requirements, operating system used by the application, time requirements granularity, specific hardware needs, etc. MultiPARTES [6] toolset relies on Model Driven Engineering (MDE) [12], which is a suitable approach in this setting. In this paper, it is described the support provided for automatic system partitioning generation and toolset extensibility

MultiPARTES: Multicore Virtualization for Mixed-Criticality Systems

Modern embedded applications typically integrate a multitude of functionalities with potentially different criticality levels into a single system. Without appropriate preconditions, the integration of mixed-criticality subsystems can lead to a significant and potentially unacceptable increase of engineering and certification costs. A promising solution is to incorporate mechanisms that establish multiple partitions with strict temporal and spatial separation between the individual partitions. In this approach, subsystems with different levels of criticality can be placed in different partitions and can be verified and validated in isolation. The MultiPARTES FP7 project aims at supporting mixed- criticality integration for embedded systems based on virtualization techniques for heterogeneous multicore processors. A major outcome of the project is the MultiPARTES XtratuM, an open source hypervisor designed as a generic virtualization layer for heterogeneous multicore. MultiPARTES evaluates the developed technology through selected use cases from the offshore wind power, space, visual surveillance, and automotive domains. The impact of MultiPARTES on the targeted domains will be also discussed. In a number of ongoing research initiatives (e.g., RECOMP, ARAMIS, MultiPARTES, CERTAINTY) mixed-criticality integration is considered in multicore processors. Key challenges are the combination of software virtualization and hardware segregation and the extension of partitioning mechanisms to jointly address significant non-functional requirements (e.g., time, energy and power budgets, adaptivity, reliability, safety, security, volume, weight, etc.) along with development and certification methodology

A dual-band priority assignment algorithm for dynamic QoS resource management

Future high-quality consumer electronics will contain a number of applications running in a highly dynamic environment, and their execution will need to be efficiently arbitrated by the underlying platform software. The multimedia applications that currently execute in such similar contexts face frequent run-time variations in their resource demands, originated by the greedy nature of the multimedia processing itself. Changes in resource demands are triggered by numerous reasons (e.g. a switch in the input media compression format). Such situations require real-time adaptation mechanisms to adjust the system operation to the new requirements, and this must be done seamlessly to satisfy the user experience. One solution for efficiently managing application execution is to apply quality of service resource management techniques, based on assigning and enforcing resource contracts to applications. Most resource management solutions provide temporal isolation by enforcing resource assignments and avoiding any resource overruns. However, this has a clear limitation over the cost-effective resource usage. This paper presents a simple priority assignment scheme based on uniform priority bands to allow that greedy multimedia tasks incur in safe overruns that increase resource usage and do not threaten the timely execution of non-overrunning tasks. Experimental results show that the proposed priority assignment scheme in combination with a resource accounting mechanism preserves timely multimedia execution and delivery, achieves a higher cost-effective processor usage, and guarantees the execution isolation of non-overrunning tasks

Mixed-criticality design of a satellite software system

The continuous increment of processors computational power and the requirements on additional functionality and services are motivating a change in the way embedded systems are built. Components with different criticality level are allocated in the same processor, which give rise to mixed-criticality systems. The use of partitioned systems is a way of preventing undesirable interferences between components with different criticality level. An hypervisor provides these partitions or virtual machines, ensuring spatial, temporal and fault isolation between them. The purpose of this paper is to illustrate the development of a mixed-critical system. The attitude control subsystem is used for showing the different steps, which are supported by a toolset developed in the context of the MultiPARTES research project

Resource Management for Enhancing Predictability in Systems with Limited Processing Capabilities.

There is an increasing demand for computing systems composed by heterogeneous computers, connected by different types of networks, and that allow for accessing a wide range of services in a seamless way. Some of those computers are mobile or embedded and have limited resources, and can be overloaded when trying to handle their users demands. Then it is not possible to ensure a proper behaviour of the running applications. This can be an important problem when dealing with critical events in healthcare, home surveillance, or forest monitoring. Resource reservation is a valid basis for handling this issue. It allows for guaranteeing a certain resource share for applications that are important for the proper behavior of a given system. This paper describes an implementation of a resource management component and its integration in the Linux kernel. This piece of software has allowed to assign CPU budgets to standard Java threads, which is an important facility, given the widespread of this programming language. This implementation has been validated on service oriented middleware, where relevant services are executed by thread with guaranteed budget, to improve its predictability

Partitioning algorithm for mixed criticality systems

Mixed criticality systems are composed of a set of applications with di erent criticality levels. The interest relies on the possibility of running these applications on a single processor, with advantages on cost, size, weight and energy consumption. The use of partitioning for developing these kinds of systems is a suitable approach. A related issue is how to partition a system. This paper describes an automatic partitioning al- gorithm. It relies on restrictions to state requirements that the system partitioning must meet. They provide great exibility for meeting require- ments derived from the user or from speci c functional and non-functional requirement

Diseño de un software de intermediación de comunicación para sistemas distribuidos de tiempo real críticos en Java

Las facilidades e independencia de plataforma de Java han generado un gran interés en la comunidad de tiempo real. Dicho interés se ha reflejado en la especificación RTSJ (Real-Time Specification for Java), que extiende y adapta el lenguaje Java para permitir el desarrollo de sistemas de tiempo real. Adicionalmente, se han desarrollado perfiles de RTSJ para garantizar la predecibilidad en sistemas de tiempo real críticos. Sin embargo, RTSJ y sus perfiles no proporcionan facilidades para sistemas distribuidos. El objetivo de este trabajo es afrontar dicha limitación definiendo un nuevo modelo de RMI (Remote Method Invocation) basado en los principales perfiles de RTSJ para sistemas de tiempo real crítico. Este trabajo presenta el diseño y la implementación de RMI-HRT (RMI-Hard Real-Time) que está enfocado a sistemas de tiempo real crítico con requisitos de alta integridad

A toolset for the development of mixed-criticality partitioned systems

The development of mixed-criticality virtualized multi-core systems poses new challenges that are being subject of active research work. There is an additional complexity: it is now required to identify a set of partitions, and allocate applications to partitions. In this job, a number of issues have to be considered, such as the criticality level of the application, security and dependability requirements, time requirements granularity, etc. MultiPARTES [11] toolset relies on Model Driven Engineering (MDE), which is a suitable approach in this setting, as it helps to bridge the gap between design issues and partitioning concerns. MDE is changing the way systems are developed nowadays, reducing development time. In general, modelling approaches have shown their benefits when applied to embedded systems. These benefits have been achieved by fostering reuse with an intensive use of abstractions, or automating the generation of boiler-plate code

Diseño e implementación del software del UPMSat-2 en el entorno de desarrollo TASTE.

Como respuesta a a necesidad de modernizar y homogeneizar el proceso de diseño y desarro llo de software par a el segmento de vuelo de sus misiones, la Agencia Espacial Europea puso en marcha en 2004 el proyecto ASSERT El resultado de este proyecto fue una nueva metodología basada en el desarrollo basado en modelo. Posteriormente, la propia Agencia promovió un nuevo proyecto, TASTE, con el objetivo de desarrollar un entorno de desarrollo que permitiera la puesta en práctica de la metodología propuesta en ASSERT. En el presente artículo se describen las principales características de este entorno de desarrollo, así como la experiencia en su uso en el ámbito del proyecto UPMSat-