G(IP)2 C: Temporally Isolated Multiprocessor Real-Time IPC with Server-to-Server Invocations

Synchronous inter-process communication (IPC) is a central operation in microkernel-based operating systems, which are commonly employed in mixed-criticality real-time systems. A key desideratum in an IPC protocol for time-sensitive systems is temporal isolation: when invoking a shared server, the w...

Full description

Saved in:
Bibliographic Details
Main Authors: Courtaud, Cedric, Brandenburg, Bjorn B.
Format: Conference Proceeding
Language:English
Subjects:
IPC
microkernel
mixed criticality systems
Operating systems
Processor scheduling
Program processors
Protocols
Prototypes
Real-time systems
RTOS
Servers
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Synchronous inter-process communication (IPC) is a central operation in microkernel-based operating systems, which are commonly employed in mixed-criticality real-time systems. A key desideratum in an IPC protocol for time-sensitive systems is temporal isolation: when invoking a shared server, the worst-case interference incurred by the waiting client (i.e., the maximum amount of budget its reservation drains while waiting for the reply) should be bounded irrespective of the behavior of competing, untrusted clients. Additionally, an IPC protocol should support server-to-server (S2S) invocations, so that servers may invoke other servers when handling requests, which enables modern software engineering practices (e.g., reuse of shared functionality, decomposition of complex services into cooperating servers, etc.). However, no prior synchronous multiprocessor IPC protocol achieves both. The main contribution of this paper is to remedy this limitation: the proposed G(IP)^{2}C protocol for partitioned, reservation-based multiprocessor scheduling ensures a strong notion of temporal isolation while permitting S2S invocations without placing any restrictions on which processors clients and servers reside on. The protocol is defined as a set of request-sequencing, bandwidth-delegation, and budget-exhaustion rules, analyzed in terms of maximum budget drain, extended to multi-occupancy reservations and background tasks, and shown to be practically realizable with a prototype implementation in LITMU\mathrm{S}^{\mathrm{R}\mathrm{T}}.
ISSN:2642-7346
DOI:10.1109/RTAS58335.2023.00029