Loading…
Recovering from Overload in Multicore Mixed-Criticality Systems
The multicourse revolution is having limited impact on safety-critical cyber-physical systems. The key reason is the "one out of m" problem: certifying the real-time correctness of a system running on m cores can necessitate pessimistic analysis that easily negates the processing capacity...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Conference Proceeding |
| Language: | English |
| Subjects: | |
| Online Access: | Request full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The multicourse revolution is having limited impact on safety-critical cyber-physical systems. The key reason is the "one out of m" problem: certifying the real-time correctness of a system running on m cores can necessitate pessimistic analysis that easily negates the processing capacity of the "additional" m -- 1 cores. In safety-critical domains such as avionics, this has led to the common practice of simply disabling all but one core. In this paper, the usage of mixed-criticality (MC) scheduling and analysis techniques is considered to alleviate such analysis pessimism. Under MC analysis, a single system with components of different criticality levels is viewed as a set of different per-criticality-level systems. More optimistic analysis assumptions are made when certifying lower criticality levels. Unfortunately, this can lead to transient overloads at these levels, compromising real-time guarantees. This paper presents the first multicourse MC framework that addresses this problem. This framework makes scheduling decisions in a virtual time domain that can be "stretched" until the effects of a transient overload have abated. Such effects dissipate more quickly if virtual time is "stretched" more aggressively, but this may reduce the quality of the work performed. This trade off is analyzed experimentally herein. |
|---|---|
| ISSN: | 1530-2075 |
| DOI: | 10.1109/IPDPS.2015.120 |