Computing the exact worst-case End-to-end delays in a Spacewire network using Timed Automata

National audienceSpacewire is a real-time communication network for use onboard satellites. It has been designed to transmit both payload and control/command data. To guarantee that communications respect the real-time constraints, designers use tools to compute the worst-case end-to-end delays. Among these tools, recursive flow analysis and Network Calculus approaches have been studied. This paper proposes to use the model-checking approach based on timed automata to compute the exact worstcase end-to-end delays and two case studies are presented

Modeling a spacewire architecture using timed automata to compute worst-case end-to-end delays

International audienceSpacewire is a real-time communication network for use onboard satellites. It has been designed to transmit both payload and control/command data. To guarantee that communications respect the real-time constraints, designers use tools to compute the worst-case end-to-end delays. Among these tools, recursive flow analysis and Network Calculus approaches have been studied. This paper proposes to use the model-checking approach based on timed automata. A case study based on an industrial one is shown. Our approach is compared with recursive flow analysis and Network Calculus

TPAP An algebra of preemptive processes for verifying real-time systems with shared resources

AbstractThis paper describes a timed process algebra called TPAP. The aim of this algebra is to allow the modelisation of real time embedded processes sharing common resources, and which are sensitive to communication delays and scheduling strategies. Timed broadcasting and process preemption by interruption events are the two main fundamental notions of the algebra. They allow description of schedulers and asynchronous communication mediums, thus which can be taken into account when verifying the real time behaviour of the global system. We first present the process algebra and discuss its properties. A case study from the avionics area is then developed using TPAP, and formally verified by translation into the UPPAAL model checker

End-to-end latency and temporal consistency analysis in networked real-time systems

International audienceCritical embedded systems are often designed as a set of real-time tasks, running on shared computing modules, and communicating through networks. Because of their critical nature, such systems have to meet strict timing properties. To help the designers to prove the correctness of their system, the real-time systems community has developed numerous approaches for analysing the worst case scenarios either on the processors (e.g., worst case response time of a task) or on the networks (e.g., worst case traversal time of a message). These approaches provide results only for local components behaviours. However, there is a growing need for having a global view of the system, in order to determine end-to-end properties. Such a property applies to functional chains which describe the behaviour of sequences of tasks. We propose an approach to analyse worst case behaviour along functional chains in critical embedded systems. It is based on mixed integer linear programming (MILP) and is general in the sense that it can be applied to a variety of end-to-end properties. This paper focuses on two essential properties: end-to-end latency and temporal consistency. This work was supported by the French National Research Agency within the SATRIMMAP project

Une méthode globale pour la vérification d'exigences temps réel (application à l'avionique modulaire intégrée)

Dans le domaine de l aéronautique, les systèmes embarqués ont fait leur apparition durant les années 60, lorsque les équipements analogiques ont commencé à être remplacés par leurs équivalents numériques. Dès lors, l engouement suscité par les progrès de l informatique fut tel que de plus en plus de fonctionnalités ont été numérisées. L accroissement permanent de la complexité des systèmes a conduit à la définition d une architecture appelée Avionique Modulaire Intégrée (IMA pour Integrated Modular Avionics). Cette architecture se distingue des architectures antérieures, car elle est fondée sur des standards (ARINC 653 et ARINC 664 partie 7) permettant le partage des ressources de calcul et de communication entre les différentes fonctions avioniques. Ce type d architecture est appliqué aussi bien dans le domaine civil avec le Boeing B777 et l Airbus A380, que dans le domaine militaire avec le Rafale ou encore l A400M. Pour des raisons de sûreté, le comportement temporel d un système s appuyant sur une architecture IMA doit être prévisible. Ce besoin se traduit par un ensemble d exigences temps réel que doit satisfaire le système. Le problème exploré dans cette thèse concerne la vérification d exigences temps réel dans les systèmes IMA. Ces exigences s articulent autour de chaînes fonctionnelles, qui sont des séquences de fonctions. Une exigence spécifie alors une borne acceptable (minimale ou maximale) pour une propriété temporelle d une ou plusieurs chaînes fonctionnelles. Nous avons identifié trois catégories d exigences temps réel, que nous considérons pertinentes vis-à-vis des systèmes étudiés. Il s agit des exigences de latence, de fraîcheur et de cohérence. Nous proposons une modélisation des systèmes IMA, et des exigences qu ils doivent satisfaire, dans le formalisme du tagged signal model. Nous montrons alors comment, à partir de ce modèle, nous pouvons générer pour chaque exigence un programme linéaire mixte, c est-à-dire contenant à la fois des variables entières et réelles, dont la solution optimale permet de vérifier la satisfaction de l exigenceEmbedded systems appeared in aeronautics during the 60 s, when the process of replacing analog devices by their digital counterpart started. From that time, the broad thrust of computer science advances make it possible to digitize more and more avionics functionalities. The continual increase of the complexity of these systems led to the definition of a new architecture called Integrated Modular Avionics (IMA). This architecture stands apart from previous architecture because it is based on standards (ARINC 653 and ARINC 664 part 7) which allow the sharing of computation and communication resources among avionics functions. This architecture is implemented in civil aircrafts, with Boeing B777 and Airbus A380, and in military aircrafts, with Rafale or A400M. For safety reason, the temporal behaviour of such a system must be predictable, which is expressed with a set real-time requirements. A real-time requirement specifies an upper or lower bound of a temporal property of one or several functional chains. A functional chain is a sequence of functions. In this thesis, we explore the verification of real-time requirements in IMA systems. We have identified three real-time requirements relevant to our problem : latency, freshness and consistency. We propose a model of IMA systems, and the requirements they must meet, based on the tagged signal model. Then we derive from this model, for each requirement, a mixed integer linear program whose optimal solution allows us to verify the requirementTOULOUSE-INP (315552154) / SudocSudocFranceF

Une algèbre de processus pour la modélisation et la vérification de systèmes temps-réel avec préemption

La conception et la maîtrise des systèmes embarqués proposent un dé de plus en plus important à relever avec le développement des aéronefs modernes. Cette importance révèle la nécessité de mettre en œuvre des méthodes formelles automatiques permettant d assister le concepteur. Or, la nature distribuée et le partage des ressources de tels systèmes rendent difficiles leur description à l'aide des méthodes classiques mises en œuvre dans le cadre des systèmes temps-réel (algèbres de processus temporisés, automates temporisés, et, par la suite, de savoir si le système répond bien aux spéci cations attendues (véri cation). L'objectif de cette thèse est de proposer un élément de réponse à la modélisation, puis à la véri cation, de tels systèmes en utilisant les mécanismes de préemption pour réaliser le partage de ressources. L idée proposée consiste à construire un système embarqué sous la forme d'un ensemble de processus réactifs communicants et préemptibles spéci és au moyen d un formalisme algébrique. Deux types de préemption ont été identifiés : l'interruption dé nitive et la suspension temporaire avec reprise. De ces deux types de préemption découlent la structure de l'étude. En premier lieu, nous proposons de dé nir une algèbre de processus, nommée TPAPa, permettant l'interruption dé nitive. A n de pouvoir véri er les systèmes décrits dans ce formalisme, une traduction en automates temporisés a été réalisée. De cette manière, il est possible d utiliser les outils de model-checking classiques (UPPAAL, KRONOS, CMC, ...). En deuxième lieu, nous avons intégré la possibilité de suspendre temporairement l'activité d un processus puis sa reprise à partir du point d arrét. Cette fois, la traduction conduit au formalisme des automates à chronomètres. Nous montrons alors que la vérification de propriétés sur une algèbre de processus possédant des mécanismes de suspension, nommée TPAPas, est en général indécidable.TOULOUSE-ISAE (315552318) / SudocSudocFranceF

An evaluation of software-based TSN traffic shapers using Linux tc

International audienceIn this study, the feasibility of a hardware abstracted switch that targets TSN applications is evaluated. A solution using P4, a flexible solution to program SDN switches, is discussed. Nevertheless, extensions to this approximation have to be made to respect time oriented features that are unavailable to implement in a sole P4 environment. As a consequence, the Linux tc package is used to program the traffic control functionalities such as TAS and CBS shapers. The final implementation is a proof of concept that uses tc and runs on top of the Linux kernel. Finally, future work is discussed as a possible followup to this project

Quantum assignment for QoS-aware AFDX network with Deficit Round Robin

International audienceAvionics Full Duplex switched Ethernet (AFDX) is the de facto standard for the transmission of critical avionics flows. It is a specific switched Ethernet solution based on First-in First-out (FIFO) scheduling. Timing constraints have to be guaranteed for such critical flows. The worst-case traversal time analysis introduces some pessimism, leading to a very lightly loaded network: typically less than 10 % of the bandwidth is used. One solution to improve the utilisation of the network is to introduce Quality of Service (QoS) mechanisms. First, it can decrease worst-case delays for the most constrained avionics flows. Second less/non critical additional flows can be transmitted on the network with bounded impact on avionics ones. Deficit Round Robin (DRR) is such a QoS mechanism and it is envisioned for future avionics networks. An optimised WCTT analysis has been proposed for DRR on AFDX, based on network calculus. With DRR, the flow set is divided into classes and each class is allocated a quantum. In each round, transmissions are managed, based on these quanta. Thus delays are significantly impacted by quanta. The contribution of this paper is to propose an efficient quantum assignment for a set of critical avionics flow classes and at most one additional class with less/non critical flows

RTNS '19: Proceedings of the 27th International Conference on Real-Time Networks and Systems

International audienceMessage from the Program Chairs We are delighted to welcome you to the 27th edition of the International Conference on Real-Time Networks and Systems (RTNS), in Toulouse, France. RTNS is a friendly conference with a great sense of community that offers excellent opportunities for collaboration as well as a high-quality technical program. RTNS publishes papers addressing temporal issues in any area of computation and communication, at any level of abstraction, and in any application domain.This year we received 37 submissions and accepted 20 papers. The reviewing process involved 44 program committee members, who were assisted by 22 additional reviewers. Each submission received at least three reviews. Among the accepted papers, 4 outstanding papers were chosen, which are highlighted in the program, from which a separate committee selected one best paper and one best student paper. The conference program features a keynote talk giving a view on future challenges for the real-time community by Prof. Marko Bertogna (University of Modena, Italy), an industrial session on real-time challenges in four selected industrial application domains: automotive engine control systems (by Continental AG); automatic air transport (by Thales AVS France); electric smart grid substation automation systems (by SCLE-SFE, Groupe ENGIE); deterministic networking (by Cisco), and 6 technical sessions for accepted papers: analysis and validation; fault-tolerance, security, and data-flow; networking I and II; processor scheduling; and synchronization, preemption, and coordination. The main conference is also again complemented by the Junior Researcher Workshop on Real-Time Computing (JRWRTC), which is now in its 13th successful year.We would like to thank our many colleagues who have contributed to the success of RTNS 2019. First of all, we thank the Steering Committee for trusting us to manage the technical aspects of the conference. We also owe sincere thanks to all the PC members and reviewers who completed the crucial reviewing and shepherding work for the conference. The conference simply would not have been possible without the significant and sustained efforts of our General Chair, Jérôme Ermont (IRIT, ENSEEIHT, France), and the 5 members of the Local Organization Committee, who coordinated all aspects of the conference venue, web site, and the event itself. We also are grateful to the JRWRTC co-Chairs Antonio Paolillo (ULB, Belgium) and Benjamin Rouxel (UVA, Netherlands), and to the 15 members of the Workshop Committee for their efforts. Last but not least, we would like to thank the authors of all submitted papers – by entering your work into the process of review, critique, and possible rejection, even papers that were not accepted have helped to drive the important process of advancement in our field. We know it can be frustrating to have a paper rejected, but we hope that for each paper the reviewing feedback was helpful. Finally, we would like to thank the participants attending RTNS 2019 in Toulouse. We hope you will enjoy the technical program, the social events, and the conference venue and its surroundings! Ye-Qiong Song (LORIA - Université de Lorraine, France)Christopher Gill (Washington University in St. Louis, USA)RTNS 2019 Program Committee co-Chairs

Proceedings of the 27th International Conference on Real-Time Networks and Systems - RTNS '19

International audience; Message from the Program Chairs We are delighted to welcome you to the 27th edition of the International Conference on Real-Time Networks and Systems (RTNS), in Toulouse, France. RTNS is a friendly conference with a great sense of community that offers excellent opportunities for collaboration as well as a high-quality technical program. RTNS publishes papers addressing temporal issues in any area of computation and communication, at any level of abstraction, and in any application domain.This year we received 37 submissions and accepted 20 papers. The reviewing process involved 44 program committee members, who were assisted by 22 additional reviewers. Each submission received at least three reviews. Among the accepted papers, 4 outstanding papers were chosen, which are highlighted in the program, from which a separate committee selected one best paper and one best student paper. The conference program features a keynote talk giving a view on future challenges for the real-time community by Prof. Marko Bertogna (University of Modena, Italy), an industrial session on real-time challenges in four selected industrial application domains: automotive engine control systems (by Continental AG); automatic air transport (by Thales AVS France); electric smart grid substation automation systems (by SCLE-SFE, Groupe ENGIE); deterministic networking (by Cisco), and 6 technical sessions for accepted papers: analysis and validation; fault-tolerance, security, and data-flow; networking I and II; processor scheduling; and synchronization, preemption, and coordination. The main conference is also again complemented by the Junior Researcher Workshop on Real-Time Computing (JRWRTC), which is now in its 13th successful year.We would like to thank our many colleagues who have contributed to the success of RTNS 2019. First of all, we thank the Steering Committee for trusting us to manage the technical aspects of the conference. We also owe sincere thanks to all the PC members and reviewers who completed the crucial reviewing and shepherding work for the conference. The conference simply would not have been possible without the significant and sustained efforts of our General Chair, Jérôme Ermont (IRIT, ENSEEIHT, France), and the 5 members of the Local Organization Committee, who coordinated all aspects of the conference venue, web site, and the event itself. We also are grateful to the JRWRTC co-Chairs Antonio Paolillo (ULB, Belgium) and Benjamin Rouxel (UVA, Netherlands), and to the 15 members of the Workshop Committee for their efforts. Last but not least, we would like to thank the authors of all submitted papers â by entering your work into the process of review, critique, and possible rejection, even papers that were not accepted have helped to drive the important process of advancement in our field. We know it can be frustrating to have a paper rejected, but we hope that for each paper the reviewing feedback was helpful. Finally, we would like to thank the participants attending RTNS 2019 in Toulouse. We hope you will enjoy the technical program, the social events, and the conference venue and its surroundings! Ye-Qiong Song (LORIA - Université de Lorraine, France)Christopher Gill (Washington University in St. Louis, USA)RTNS 2019 Program Committee co-Chairs