Downloaded from orbit.dtu.dk on: Oct 08, 2021 Design of Mixed-Criticality Applications on Distributed Real-Time Systems Tamas-Selicean, Domitian Publication date: 2015 Document Version Publisher's PDF, also known as Version of record Link back to DTU Orbit Citation (APA): Tamas-Selicean, D. (2015). Design of Mixed-Criticality Applications on Distributed Real-Time Systems. Technical University of Denmark. DTU Compute PHD-2014 No. 329 General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. Users may download and print one copy of any publication from the public portal for the purpose of private study or research. You may not further distribute the material or use it for any profit-making activity or commercial gain You may freely distribute the URL identifying the publication in the public portal If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim. Design of Mixed-Criticality Applications on Distributed Real-Time Systems Domiţian Tămaş–Selicean Kongens Lyngby 2014 PhD-2014-329 Technical University of Denmark Department of Applied Mathematics and Computer Science Building 303B, DK-2800 Kongens Lyngby, Denmark Phone +45 45253031, Fax +45 45881399 [email protected] www.compute.dtu.dk PhD-2014-329 Summary A mixed-criticality system implements applications of different safety-criticality levels onto the same platform. In such cases, the certification standards require that appli- cations of different criticality levels are protected so they cannot influence each other. Otherwise, all tasks have to be developed and certified according to the highest criti- cality level, dramatically increasing the development costs. In this thesis we consider mixed-criticality real-time applications implemented on distributed partitioned archi- tectures. Partitioned architectures use temporal and spatial separation mechanisms to ensure that applications of different criticality levels do not interfere with each other. With tem- poral partitioning, each application is allowed to run only within predefined time slots, allocated on each processor. The sequence of time slots for all the applications on a pro- cessor are grouped within a Major Frame, which is repeated periodically. Each partition can have its own scheduling policy; we have considered non-preemptive static cyclic scheduling and fixed-priority preemptive scheduling policies. We assume that the communication network implements the TTEthernet protocol, which supports Time- Triggered (TT) messages transmitted based on static schedule tables, Rate Constrained (RC) messages with bounded end-to-end delay, and Best-Effort (BE) messages, for which no timing guarantees are provided. TTEthernet offers spatial separation for mixed-criticality messages through the concept of virtual links, and temporal sepa- ration, enforced through schedule tables for TT messages and bandwidth allocation for RC messages. The objective of this thesis is to develop methods and tools for distributed mixed- criticality real-time systems. At the processor level, we are interested to determine (i) the mapping of tasks to processors, (ii) the assignment of tasks to partitions, (iii) the decomposition of tasks into redundant lower criticality tasks, (iv) the sequence and size of the partition time slots on each processor and (v) the schedule tables, such that all the applications are schedulable and the development and certification costs are minimized. We have proposed Simulated Annealing and Tabu Search metaheuristics to solve these ii optimization problems. The proposed algorithms have been evaluated using several benchmarks. At the communication network level, we are interested in the design optimization of TTEthernet networks used to transmit mixed-criticality messages. Given the set of TT and RC messages, and the topology of the network, we are interested to optimize (i) the packing of messages in frames, (ii) the assignment of frames to virtual links, (iii) the routing of virtual links and (iv) the TT static schedules, such that all frames are schedulable and the worst-case end-to-end delay of the RC messages is minimized. We have proposed a Tabu Search-based metaheuristic for this optimization problem. The proposed algorithm has been evaluated using several benchmarks. The optimization approaches have also been evaluated using realistic aerospace case studies. In this context, we have shown how to extend the proposed optimization frameworks to also take into account quality of service constraints. For TTEthernet networks, we have also proposed a topology selection method to reduce the cost of the architecture. Summary (Danish) I et blandet sikkerhedskritisk system implementeres applikationer med forskellige sikkerheds- kritikalitetsniveauer på den samme platform. I sådanne tilfælde kræver certificerings- standarderne, at applikationer fra forskellige sikkerhedskritisk niveauer er beskyttede, så de ikke kan påvirke hinanden. Alternativet ville være at alle opgaver udvikles og cer- tificeres i henhold til det højeste sikkerhedskritisk niveau, hvilket ville øge udviklings- omkostningerne dramatisk. I denne afhandling betragter vi blandet sikkerhedskritisk realtidsapplikationer implementeret på distribuerede partitionerede arkitekturer. Partitionerede arkitekturer benytter tidsmæssige og rumlige separationsmekanismer for at sikre, at applikationer fra de forskellige sikkerhedskritisk niveauer ikke forstyrrer hinanden. I den tidsmæssige opdeling får hver applikation kun lov til at køre inden for fastlagte tidsintervaller på hver processor. De enkelte tidsintervaller for alle appli- kationerne på en processor, er grupperet i en bestemt rækkefølge i en Major Frame, der gentages med jævne mellemrum. Hver partition kan have sin egen planlægnings politik; vi har betragtet ikke-forebyggende statisk cyklisk planlægning og fast priori- terede planlægningspolitikker. Vi antager, at kommunikationsnetværket implementerer TTEthernet-protokollen, som understøtter tidsudløste (TT) meddelelser, der udsendes ud fra statiske planlægningstabeller samt rate begrænsede (RC) meddelelser, med af- grænset ende-til-ende forsinkelse, ligesom den understøtter bedste forsøgs (BE) beske- der, for hvilke der ikke gives timing-garantier. TTEthernet tilbyder rumlig separation af blandet sikkerhedskritisk beskeder via virtuelle forbindelser, og tidsmæssig separation, og de gennemføres ved tidsplanstabeller for TT beskeder og båndbreddetildeling for RC-meddelelser. Formålet med denne afhandling er at udvikle metoder og værktøjer til distribuerede blandet sikkerhedskritisk realtidssystemer. På processorniveau, er vi interesseret i gøre rede for (i) en kortlægning af opgaver til processorer, (ii) en tildeling af opgaver til partitioner, (iii) en nedbrydning af opgaver i redundant mindre kritiske opgaver, (iv) sekvensen og størrelse af partition-tidsintervaller på hver processor og (v) tidsplan- stabeller, således at alle applikationer kan planlægges og at udviklings- og certifice- iv ringsomkostninger minimeres. Vi har foreslået Simulated Annealing and Tabu Search metaheuristikker til at løse disse optimeringsproblemer. De foreslåede algoritmer er blevet evalueret ved hjælp af flere benchmarks. På kommunikations- og netværksniveau, er vi interesserede i designoptimering af TTEt- hernet netværk, der anvendes til at overføre blandet sikkerhedskritisk beskeder. Givet et sæt af TT- og RC-beskeder, og topologien af netværket, er vi interesserede i at optimere (i) pakning af meddelelser i frames, (ii) tildeling af frames til virtuelle links, (iii) routing af virtuelle links og (iv) TT statiske tabeller, således at alle frames kan planlægges og den værst tænkelige ende-til-ende forsinkelse af RC-beskeder vil blive minimeret. Vi har foreslået en Tabu Search-baseret metaheuristik til dette optimeringsproblem. Den foreslåede algoritme er blevet evalueret ved hjælp af flere benchmarks. Optimeringsmetoderne er desuden blevet evalueret ved brug af realistiske rumfart- casestudier. I denne sammenhæng har vi vist, hvordan man kan udvide det foreslåede optimerings-framework til også at tage hensyn til service og kvalitetsbegrænsninger. For TTEthernet netværk har vi også foreslået en topologi udvælgelses metode, der re- ducerer omkostningerne i arkitekturen. Preface This thesis was prepared at the Department of Applied Mathematics and Computer Sci- ence, Technical University of Denmark in fulfillment of the requirements for acquiring the Ph.D. degree in computer engineering. The thesis deals with methods and tools for the optimization of mixed-criticality real- time embedded systems, to support the system engineers in the early life cycles phases, where the impact of design decisions is greatest. The work has been supervised by Associate Professor Paul Pop and co-supervised by Professor Jan Madsen. Lyngby, 31 January 2014 Domi¸tianTama¸s–Selicean˘ vi Papers Included in the Thesis • Domi¸tianTama¸s–Seliceanand˘ Paul Pop. Optimization of Time-Partitions for Mixed-Criticality Real-Time Distributed Embedded Systems. Proceedings of the International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops, 2011. Published. • Domi¸tianTama¸s–Seliceanand˘ Paul Pop. Design Optimization of Mixed-Criticality