multicore for safety critical embedded systems challenges
play

Multicore for safety-critical embedded systems: challenges and - PowerPoint PPT Presentation

May 11, 2023 •335 likes •1.39k views

Multicore for safety-critical embedded systems: challenges and opportunities Giuseppe Lipari CRIStAL Universit de Lille Centre de Recherche en Informatique, Signal et Automatique de Lille June 23, 2016 Giuseppe Lipari (CRIStAL)

  1. WCET estimation Execution time of a task varies with The input The state of the system The processor architecture Interference from other threads How to compute By timing analysis (by using appropriate tools) we can obtain a (safe) upper bound, but sometimes too pessimistic By testing we can only obtain an unsafe lower bound Problem A wrong estimate may lead to a wrong Courtesy of Peter Puschner analysis Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 13 / 46

  2. Execution time variability: example Tasks can have variable execution times between different jobs while (cond) { if (a > 10) { // long computation } else { // short computation } a = getInput(); } We have two sources of variability: the value of variable a influences which computation is performed (long or short); the value of cond influences the number of times the loop body is executed. Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 14 / 46

  3. Impact of processor architecture With recent processor architectures, the difference between BCET and WCET became larger and larger Figure : Courtesy of AbsInt Impact of cache and shared resources Situation even worse on multi-core systems Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 15 / 46

  4. Impact of interference WCET Analysis it is difficult to estimate a tight upper bound of WCET when the task executes in isolation Preemption: preempting tasks could evict cache lines next time the task executes the data is not in the cache anymore while (i < 10) { data = getInput(); // ... // possible preemption function(data); // is data in cache ? } Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 16 / 46

  5. Impact of interference WCET Analysis it is difficult to estimate a tight upper bound of WCET when the task executes in isolation Preemption: preempting tasks could evict cache lines next time the task executes the data is not in the cache anymore while (i < 10) { data = getInput(); // ... // possible preemption function(data); // is data in cache ? } Some (partial) solution is available avoid (or limit) preemption → additional blocking time for higher priority tasks lock cache to some task try to minimise cache conflicts by properly placing tasks in memory Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 16 / 46

  6. Outline Introduction to RT Systemes 1 Resource Reservations 2 Hierarchical scheduling 3 Multiprocessor sharing of resources 4 Conclusions 5 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 17 / 46

  7. Resource Reservation Assign each task to a server a watchdog that monitors execution and enforces an execution budget A server S = ( Q , P ) Q : maximum execution budget P : minimim serving period U = Q / P : reserved bandwidth Different algorithms in the literature FP: Polling Server, Deferrable Server, Sporadic Server EDF: Dynamic Sporadic Server, Constant Bandwidth Server Implementations Sporadic Server is a POSIX standard (optional) CBS implemented in Linux (since 3.14), (available as SCHED_DEADLINE ) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 18 / 46

  8. Example Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) U = 0 , 983 < 1 ⇒ schedulable τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 19 / 46

  9. Misbehaving task Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) What happens if τ 1 executes for 2 for the first 3 instances ? τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 τ 2 and τ 3 miss their deadlines They could be critical tasks, we need to protect them Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 20 / 46

  10. Example with CBS Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) Assign τ 1 a server S 1 = ( 1 , 4 ) τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 τ 2 and τ 3 are not influenced Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 21 / 46

  11. Example with CBS Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) Assign τ 1 a server S 1 = ( 1 , 4 ) τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 τ 2 and τ 3 are not influenced Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 21 / 46

  12. Example with CBS Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) Assign τ 1 a server S 1 = ( 1 , 4 ) τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 τ 2 and τ 3 are not influenced Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 21 / 46

  13. Example with CBS Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) Assign τ 1 a server S 1 = ( 1 , 4 ) τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 τ 2 and τ 3 are not influenced Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 21 / 46

  14. Example with CBS Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) Assign τ 1 a server S 1 = ( 1 , 4 ) τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 τ 2 and τ 3 are not influenced Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 21 / 46

  15. Example with CBS Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) Assign τ 1 a server S 1 = ( 1 , 4 ) τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 τ 2 and τ 3 are not influenced Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 21 / 46

  16. Example with CBS Consider τ 1 = ( 1 , 4 ) , τ 2 = ( 2 , 5 ) , τ 3 = ( 2 , 6 ) Assign τ 1 a server S 1 = ( 1 , 4 ) τ 1 τ 2 τ 3 0 2 4 6 8 10 12 14 16 18 20 τ 2 and τ 3 are not influenced Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 21 / 46

  17. CBS algorithm properties CBS takes care of other possible cases jobs arriving earlier (or later) than expected jobs executing more or less than expected server period can be different from task period Properties: Temporal isolation: no server misses its "scheduling deadlines" all server jobs execute the maximum budget before their scheduling deadlines Hard Schedulablity: if a task is assigned Q i ≥ C i and P i ≤ T i , then it will never miss its deadlines Thanks to this properties we can easily mix hard and soft real-time tasks simply by assigning the correct parameters (budget/periods) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 22 / 46

  18. CBS algorithm Two dynamic variables q : remaining budget (init to Q , decreases while executing) d : scheduling deadline Q = 4 , P = 12 P + t = d Active , Q = τ 1 q P / Q ) 0 2 4 6 8 10 12 14 16 t Idle Idle if q < ( d − t ) Q / P − d ( ≥ q when q = ( d − t ) Q / P i f Ahead Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 23 / 46

  19. CBS algorithm Two dynamic variables q : remaining budget (init to Q , decreases while executing) d : scheduling deadline Q = 4 , P = 12 P P + + t t = = d d Active Active , , Q Q = = τ 1 q q if q ≥ ( d − t ) Q / P 0 2 4 6 8 10 12 14 16 Idle if q < ( d − t ) Q / P when q = ( d − t ) Q / P t = 0: q ← 4, d ← 12 Ahead Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 23 / 46

  20. CBS algorithm Two dynamic variables q : remaining budget (init to Q , decreases while executing) d : scheduling deadline Q = 4 , P = 12 P + t = d Active Active , Q = τ 1 q if q ≥ ( d − t ) Q / P 0 2 4 6 8 10 12 14 16 Idle if q < ( d − t ) Q / P when q = ( d − t ) Q / P t = 0: q ← 4, d ← 12 Ahead t = 4: q ← 2 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 23 / 46

  21. CBS algorithm Two dynamic variables q : remaining budget (init to Q , decreases while executing) d : scheduling deadline Q = 4 , P = 12 q = Q , d = t + P Active τ 1 P / Q ) 0 2 4 6 8 10 12 14 16 t Idle if q < ( d − t ) Q / P if q < ( d − t ) Q / P − d ( ≥ when q = ( d − t ) Q / P q i f t = 0: q ← 4, d ← 12 Ahead Ahead t = 4: q ← 2 t = 7: q ← 1 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 23 / 46

  22. CBS algorithm Two dynamic variables q : remaining budget (init to Q , decreases while executing) d : scheduling deadline Q = 4 , P = 12 P + t = d Active , Q = τ 1 q P / Q ) 0 2 4 6 8 10 12 14 16 t Idle Idle if q < ( d − t ) Q / P − d ( ≥ q when q = ( d − t ) Q / P when q = ( d − t ) Q / P i f t = 0: q ← 4, d ← 12 Ahead t = 4: q ← 2 t = 7: q ← 1 t = 9: zero lag time Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 23 / 46

  23. CBS algorithm: early arrival Q = 4 , P = 12 P + t = d Active , Q = τ 1 q P / Q ) 0 2 4 6 8 10 12 14 16 t Idle Idle if q < ( d − t ) Q / P − d ( ≥ q when q = ( d − t ) Q / P f i Ahead Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 24 / 46

  24. CBS algorithm: early arrival Q = 4 , P = 12 P P + + t t = = d d Active Active , Q , Q = = τ 1 q q if q ≥ ( d − t ) Q / P 0 2 4 6 8 10 12 14 16 Idle if q < ( d − t ) Q / P when q = ( d − t ) Q / P t = 0: q ← 4, d ← 12 Ahead Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 24 / 46

  25. CBS algorithm: early arrival Q = 4 , P = 12 P + t = d Active Active , Q = τ 1 q if q ≥ ( d − t ) Q / P 0 2 4 6 8 10 12 14 16 Idle if q < ( d − t ) Q / P when q = ( d − t ) Q / P t = 0: q ← 4, d ← 12 Ahead t = 2: q ← 2 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 24 / 46

  26. CBS algorithm: early arrival Q = 4 , P = 12 q = Q , d = t + P Active τ 1 P / Q ) 0 2 4 6 8 10 12 14 16 t Idle if q < ( d − t ) Q / P if q < ( d − t ) Q / P − d ( ≥ q when q = ( d − t ) Q / P f i t = 0: q ← 4, d ← 12 Ahead Ahead t = 2: q ← 2 t = 5: q ← 1 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 24 / 46

  27. CBS algorithm: early arrival Q = 4 , P = 12 P + t = d Active Active , Q = τ 1 q if q ≥ ( d − t ) Q / P 0 2 4 6 8 10 12 14 16 Idle if q < ( d − t ) Q / P when q = ( d − t ) Q / P t = 0: q ← 4, d ← 12 Ahead t = 2: q ← 2 t = 5: q ← 1 t = 8 < 9: reuse the same q = 1 and d = 12 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 24 / 46

  28. CBS algorithm: early arrival Q = 4 , P = 12 P + t = d Active Active , Q = τ 1 q if q ≥ ( d − t ) Q / P 0 2 4 6 8 10 12 14 16 Idle if q < ( d − t ) Q / P when q = ( d − t ) Q / P t = 0: q ← 4, d ← 12 Ahead t = 2: q ← 2 t = 5: q ← 1 t = 8 < 9: reuse the same q = 1 and d = 12 t = 9: q = 0, so q ← 4 and d ← 24 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 24 / 46

  29. Analysis Setting the budget the Hard Schedulability Property tells us that, to meet all deadlines, Q i ≥ C i and P i ≤ T i If we allow some deadline to be missed, we can set the budget between the average value and the worst case value of the execution time We need some sort of probabilistic characterization of the execution time Probability of deadline miss For a periodic task, given the stochastic process of the execution time, the probability of missing a deadline can be computed under different conditions Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 25 / 46

  30. Probability of finishing time When the budget is exhausted, the CBS will postpone the deadline by P i If the exceeding job is allowed to continue its execution, it will consume budget of future instances Future instance may also miss their deadlines Markov chain model [Abeni and Buttazzo, 1999] if the execution time is a IID stochastic variable, we can build a Markov Chain to compute the probability of finishing within P i , 2 P i , . . . , kP i , . . . Refinement [Palopoli, Fontanelli, Abeni, Villalba Frias, 2015] Efficient numerical methods Closed form solution Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 26 / 46

  31. Stopping and skipping If the budget is exhausted we can Continue executing all jobs 1 Kill the executing job 2 Skip the next job 3 Solution 2. is more difficult to implement must leave data structures in a consistent state must unlock semaphores before exiting may need to roll-back some operation (time consuming) Solution 3. is not always desirable the data is produced late and may not be useful Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 27 / 46

  32. Skipping next job Here is a periodic POSIX thread in Linux, implementing solution 3. void *thread_code( void *arg) { struct per_data *ps = ( struct per_data *) arg; struct timespec next, now; clock_gettime(CLOCK_REALTIME, &next); while (1) { // Wait until next period timespec_add_us(&next, ps->period_us); clock_nanosleep(CLOCK_REALTIME, TIMER_ABSTIME, &next, NULL); // Job execution // Check deadline miss clock_gettime(CLOCK_REALTIME, &now); while (timespec_cmp(&now, &next) > 0) { // Skip jobs timespec_add_us(&next, ps->dline_us); } } return NULL; } Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 28 / 46

  33. Outline Introduction to RT Systemes 1 Resource Reservations 2 Hierarchical scheduling 3 Multiprocessor sharing of resources 4 Conclusions 5 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 29 / 46

  34. Hierarchical systems Similar techniques are used for timing partition of applications (group of tasks) Application A1 Application A2 Application A3 T7 T1 T3 T5 T2 T4 T6 Local Local Local Scheduler Scheduler Scheduler EDF RM POSIX Server S3 Server S1 Server S2 Global Scheduler Used mainly in IMA (Integrated Modular Avionics – ARINC 653) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 30 / 46

  35. Hierarchical scheduling Two levels of scheduling A global scheduler selects the components to execute, regardless of their internal structure When a component is selected by the global scheduler, a local scheduler decides which of the tasks is executing Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 31 / 46

  36. Hierarchical scheduling Two levels of scheduling A global scheduler selects the components to execute, regardless of their internal structure When a component is selected by the global scheduler, a local scheduler decides which of the tasks is executing Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 31 / 46

  37. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  38. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  39. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  40. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  41. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  42. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  43. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  44. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  45. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  46. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  47. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  48. Hierarchical scheduling - example A(2,4) B(3,6) τ A 1 ( 2 , 8 ) τ A 2 ( 2 , 12 ) τ B 1 ( 2 , 9 ) τ B 2 ( 3 , 16 ) 0 2 4 6 8 10 12 14 16 18 20 22 24 26 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 32 / 46

  49. Outline Introduction to RT Systemes 1 Resource Reservations 2 Hierarchical scheduling 3 Multiprocessor sharing of resources 4 Conclusions 5 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 33 / 46

  50. Shared data Until now, we have considered only independent tasks a task never blocks or suspends it can only be suspended when it finishes its istance (job) However, in reality, many tasks exchange data through shared memory Example Consider as an example three periodic tasks that exchange data Conflicts on concurrent access could make the data structures inconsistent. Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 34 / 46

  51. Shared resources and critical sections The shared data structure is called resource; A piece of code accessing the data structure is called critical section; Two or more critical sections on the same resource must be executed in mutual exclusion Therefore, each data structure should be protected by a mutual exclusion mechanism; here we will study what happens when resources are protected by mutual exclusion semaphores. The resource and the corresponding mutex semaphore will be denoted by symbol S j Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 35 / 46

  52. Priority inversion A blocking condition happens when a high priority tasks wants to access a resource that is held by a lower priority task. Consider the following example, where p 1 > p 2 . L(S) U(S) τ 1 S L(S) U(S) τ 2 S S 0 2 4 6 8 10 12 14 16 18 20 22 24 From time 4 to 7, task τ 1 is blocked by a lower priority task τ 2 ; this is a priority inversion . Priority inversion is not avoidable; in fact, τ 1 must wait for τ 2 to leave the critical section. However, in some cases, the priority inversion could be too large. Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 36 / 46

  53. The middle priority task Consider the following example, with p 1 > p 2 > p 3 τ 1 L(S) U(S) S τ 2 τ 3 L(S) U(S) S S S 0 2 4 6 8 10 12 14 16 18 20 22 24 The middle priority task delays the high priority task too much! Well-known problem since the ’90s (Mars Pathfinder problem) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 37 / 46

  54. Priority Inheritance Protocol First solution: While the low priority task blocks an higher priority task, it inherits the priority of the higher priority task; L(S) U(S) τ 1 S τ 2 L(S) U(S) τ 3 S S S 0 2 4 6 8 10 12 14 16 18 20 22 24 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 38 / 46

  55. Resource reservation and semaphores Two problems arise when using CBS with priority inheritance What to do if the budget is exhausted within a critical section? What happens to the budget of a blocked task? Blocking inside a critical section τ 1 τ 2 L(S) S 0 2 4 6 8 10 12 14 16 18 20 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 39 / 46

  56. Resource reservation and semaphores Two problems arise when using CBS with priority inheritance What to do if the budget is exhausted within a critical section? What happens to the budget of a blocked task? Blocking inside a critical section τ 1 q = 0 τ 2 L(S) S 0 2 4 6 8 10 12 14 16 18 20 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 39 / 46

  57. Resource reservation and semaphores Two problems arise when using CBS with priority inheritance What to do if the budget is exhausted within a critical section? What happens to the budget of a blocked task? Blocking inside a critical section τ 1 L(S) τ 2 L(S) S 0 2 4 6 8 10 12 14 16 18 20 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 39 / 46

  58. Resource reservation and semaphores Two problems arise when using CBS with priority inheritance What to do if the budget is exhausted within a critical section? What happens to the budget of a blocked task? Blocking inside a critical section τ 1 L(S) τ 2 L(S) S 0 2 4 6 8 10 12 14 16 18 20 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 39 / 46

  59. Resource reservation and semaphores Two problems arise when using CBS with priority inheritance What to do if the budget is exhausted within a critical section? What happens to the budget of a blocked task? Blocking inside a critical section τ 1 L(S) U(S) S τ 2 L(S) U(S) S S 0 2 4 6 8 10 12 14 16 18 20 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 39 / 46

  60. Solutions 1 Check budget before entering the critical section, check if there is enough budget to complete Needs to know the length of the critical sections to work Used by Algorithm BROE [Bertogna et Baruah] 2 Overrun budget if the budget is exhausted while in a critical section, the job is allowed to continue need to know the length of the critical sections for the analysis and admission control Used by Algorithm SIRAP [Benham et al.] 3 Inherit budget/deadline When a task blocks another task, it inherits its budget/deadline pair needs to know the length of the critical sections for the analysis (but not for admission control) Used by Algorithm BWI [Lipari et al.] Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 40 / 46

  61. Bandwidth Inheritance In the previous case: τ 1 L(S) τ 2 S 0 2 4 6 8 10 12 14 16 Task τ 2 inherits the deadline and the budget (so the server ) of task τ 1 Therefore, it consumes the budget of the other server (rather than its own) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 41 / 46

  62. Bandwidth Inheritance In the previous case: τ 1 q = 0 L(S) τ 2 S 0 2 4 6 8 10 12 14 16 Task τ 2 inherits the deadline and the budget (so the server ) of task τ 1 Therefore, it consumes the budget of the other server (rather than its own) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 41 / 46

  63. Bandwidth Inheritance In the previous case: L(S) τ 1 L(S) τ 2 S 0 2 4 6 8 10 12 14 16 Task τ 2 inherits the deadline and the budget (so the server ) of task τ 1 Therefore, it consumes the budget of the other server (rather than its own) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 41 / 46

  64. Bandwidth Inheritance In the previous case: L(S) τ 1 inheritance L(S) τ 2 S 0 2 4 6 8 10 12 14 16 Task τ 2 inherits the deadline and the budget (so the server ) of task τ 1 Therefore, it consumes the budget of the other server (rather than its own) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 41 / 46

  65. Bandwidth Inheritance In the previous case: L(S) τ 1 inheritance L(S) U(S) τ 2 S S 0 2 4 6 8 10 12 14 16 Task τ 2 inherits the deadline and the budget (so the server ) of task τ 1 Therefore, it consumes the budget of the other server (rather than its own) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 41 / 46

  66. Bandwidth Inheritance In the previous case: L(S) U(S) τ 1 S L(S) U(S) τ 2 S S 0 2 4 6 8 10 12 14 16 Task τ 2 inherits the deadline and the budget (so the server ) of task τ 1 Therefore, it consumes the budget of the other server (rather than its own) Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 41 / 46

  67. Multiprocessor extension On single-processors, when a task blocks, the lock-owner is not running On multi-processors, when a task blocks the lock-owner may be running on another core. In this case, the blocking task starts to spin , i.e. it actively waits for the lock-owner to release the resource the lock-owner may be suspended on a different core. In this case, a migration occurs, and the lock owner executes in the server (and hence in the core) of the blocked task We only consider FIFO blocking queues Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 42 / 46

  68. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . S A S B S C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  69. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . S A S B B S C C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  70. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . S A S B BB L( R 1 ) S C C 1 C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  71. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . S A A S B BBB L( R 1 ) S C C 1 C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  72. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . S A A L( R 1 ) S B BBB L( R 1 ) S C C 1 C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  73. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . S A A A L( R 1 ) S B BBB C 1 L( R 1 ) S C C 1 C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  74. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . L( R 1 ) S A A A L( R 1 ) S B BBB C 1 L( R 1 ) S C C 1 C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  75. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . L( R 1 ) S A A A L( R 1 ) U( R 1 ) S B BBB C 1 C 1 L( R 1 ) S C C 1 C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  76. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . L( R 1 ) S A A A L( R 1 ) U( R 1 ) U( R 1 ) S B BBB C 1 C 1 B 1 L( R 1 ) S C C 1 C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

  77. Example 3 tasks, τ A , τ B , τ C , executed on 2 processors, that access only Semaphore R 1 . L( R 1 ) U( R 1 ) S A A A A 1 L( R 1 ) U( R 1 ) U( R 1 ) S B BBB C 1 C 1 B 1 B L( R 1 ) S C C 1 C C 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30 Giuseppe Lipari (CRIStAL) Multicore for safety-critical embedded systems: challenges and opportunities June 23, 2016 43 / 46

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Multicore Resource Management for Embedded Real-Time Systems Heechul Yun University of Kansas 1

Multicore Resource Management for Embedded Real-Time Systems Heechul Yun University of Kansas 1

Multicore Resource Management for Embedded Real-Time Systems Heechul Yun University of Kansas 1 High-Performance Multicores for Intelligent, Safety Critical Systems Why? Intelligence more performance Space, weight, power

105 views • 7 slides
A safety concept for a wind power mixed-criticality embedded system based on multicore

A safety concept for a wind power mixed-criticality embedded system based on multicore

A safety concept for a wind power mixed-criticality embedded system based on multicore partitioning Jon Perez, David Gonzalez, Salvador Trujillo Ton Trapman, Jose Miguel Garate Embedded Systems Group Software and Performance Ik4-IKERLAN

330 views • 6 slides
JAVA FOR SAFETY CRITICAL EMBEDDED HARD-REAL-TIME SYSTEMS Bent Thomsen Aalborg University A

JAVA FOR SAFETY CRITICAL EMBEDDED HARD-REAL-TIME SYSTEMS Bent Thomsen Aalborg University A

JAVA FOR SAFETY CRITICAL EMBEDDED HARD-REAL-TIME SYSTEMS Bent Thomsen Aalborg University A typical safety critical embedded hard real time program Cruise control: Loop every X microseconds Read the sensors; Compute speed; if speed too

844 views • 55 slides
VARiability In safety-critical Embedded Systems ARTEMIS-2011-1 Project Number: 295397 BVR

VARiability In safety-critical Embedded Systems ARTEMIS-2011-1 Project Number: 295397 BVR

VARiability In safety-critical Embedded Systems ARTEMIS-2011-1 Project Number: 295397 BVR Better Variability Results by ystein Haugen (SINTEF) and Ommund grd (Autronica) What do we mean by variability? Product Line

408 views • 17 slides
A safety concept for a wind power mixed-criticality embedded system based on multicore

A safety concept for a wind power mixed-criticality embedded system based on multicore

2 1 A safety concept for a wind power mixed-criticality embedded system based on multicore partitioning Jon Perez 1 , David Gonzalez 1 (dgonzalez@ikerlan.es), Salvador Trujillo 1 , Jose Miguel Grate 2 , Ton Trapman 2 1st International Workshop

306 views • 14 slides
Debugging Multicore &amp; Shared- Memory Embedded Systems Classes 249 &amp; 269 2007 edition

Debugging Multicore &amp; Shared- Memory Embedded Systems Classes 249 &amp; 269 2007 edition

Debugging Multicore &amp; Shared- Memory Embedded Systems Classes 249 &amp; 269 2007 edition Jakob Engblom, PhD Virtutech jakob@virtutech.com 1 Scope &amp; Context of This Talk Multiprocessor revolution Programming multicore

1.5k views • 129 slides
Exploring the Tradeoffs of Configurability and Heterogeneity in Multicore Embedded Systems

Exploring the Tradeoffs of Configurability and Heterogeneity in Multicore Embedded Systems

Exploring the Tradeoffs of Configurability and Heterogeneity in Multicore Embedded Systems Tosiron Adegbija and Ann Gordon-Ross + Department of Electrical and Computer Engineering University of Florida, Gainesville, Florida, USA University of

502 views • 22 slides
EE Analyzer Xavier R IVAL rival@di.ens.fr Certification of embedded softwares Safety critical

EE Analyzer Xavier R IVAL rival@di.ens.fr Certification of embedded softwares Safety critical

The A STR EE Analyzer Xavier R IVAL rival@di.ens.fr Certification of embedded softwares Safety critical applications avionic softwares but also automotive, space... synchronous Properties to prove to guarantee safety:

491 views • 36 slides
Programming-Model Centric Debugging for Multicore Embedded Systems Kevin Pouget Under the

Programming-Model Centric Debugging for Multicore Embedded Systems Kevin Pouget Under the

s t m i c r o e l e c t r o n i c s , u n i v e r s i t y o f g r e n o b l e / l i g l a b o r a t o r y STMicroelectronics LIG University of Grenoble Programming-Model Centric Debugging for Multicore Embedded Systems Kevin Pouget Under the

1.69k views • 129 slides
Programming-Model Centric Debugging for Multicore Embedded Systems Kevin Pouget, UJF-LIG,

Programming-Model Centric Debugging for Multicore Embedded Systems Kevin Pouget, UJF-LIG,

s t m i c r o e l e c t r o n i c s , u n i v e r s i t y o f g r e n o b l e / l i g l a b o r a t o r y STMicroelectronics LIG University of Grenoble Programming-Model Centric Debugging for Multicore Embedded Systems Kevin Pouget, UJF-LIG,

843 views • 69 slides
F Formal Modeling and Verification of l M d li d V ifi ti f Safety-Critical Software

F Formal Modeling and Verification of l M d li d V ifi ti f Safety-Critical Software

Submitted to IEEE Software 2009 - Special issue on Software Development for Embedded Systems F Formal Modeling and Verification of l M d li d V ifi ti f Safety-Critical Software implemented in PLC JUNBEOM YOO JUNBEOM YOO KONKUK

882 views • 32 slides
Embedded System Programming Multicore ES (Module 40) Yann-Hang Lee Arizona State University

Embedded System Programming Multicore ES (Module 40) Yann-Hang Lee Arizona State University

Embedded System Programming Multicore ES (Module 40) Yann-Hang Lee Arizona State University yhlee@asu.edu (480) 727-7507 Summer 2014 Real-time Systems Lab, Computer Science and Engineering, ASU The Era of Multi-core Processors thread

436 views • 12 slides
GNSS-based Positioning Scheme &amp; Application in Safety-critical Systems of Rail Transport

GNSS-based Positioning Scheme &amp; Application in Safety-critical Systems of Rail Transport

Name : Chengming Jin Supervisor : Allison Kealy GNSS-based Positioning Scheme &amp; Application in Safety-critical Systems of Rail Transport CONTENT I ntroduction 1 Challenges 2 Solutions 3 Introduction How Modern Railway Signal Works?

480 views • 30 slides
Safety-Critical Java for Low-End Embedded Platforms Stephan E. Korsholm &amp; Hans Sndergaard

Safety-Critical Java for Low-End Embedded Platforms Stephan E. Korsholm &amp; Hans Sndergaard

Safety-Critical Java for Low-End Embedded Platforms Stephan E. Korsholm &amp; Hans Sndergaard VIA University College, Horsens, DK Anders P. Ravn CISS, Aalborg University, DK JTRES October 2012 1 The Problem Low-End Industrial Platforms

180 views • 16 slides
Thanks Multicore Real-Time Systems Guan Nan, Martin Stigge, Mingsong Lv, Zhang Yi, -- Challenges

Thanks Multicore Real-Time Systems Guan Nan, Martin Stigge, Mingsong Lv, Zhang Yi, -- Challenges

2010-09-11 Part 2 Thanks Multicore Real-Time Systems Guan Nan, Martin Stigge, Mingsong Lv, Zhang Yi, -- Challenges &amp; Solutions Erik Hagersten, Bengt Jonsson and Alexander Medvedev Wang Yi Uppsala University VTSA Summer School

372 views • 13 slides
Multicore Synchronization a pragmatic introduction Multicore Synchronization This is a talk on

Multicore Synchronization a pragmatic introduction Multicore Synchronization This is a talk on

Multicore Synchronization a pragmatic introduction Multicore Synchronization This is a talk on mechanical sympathy of parallel systems on modern multicore systems. Understanding both your workload and your environment allows for effective

1.21k views • 107 slides
R e a l - T i me S y s t e ms , w e r e b e t t e r i n t h e p a s

R e a l - T i me S y s t e ms , w e r e b e t t e r i n t h e p a s

R e a l - T i me S y s t e ms , w e r e b e t t e r i n t h e p a s t ( o h , r e a l l y ? ) H a n s Z u i d a m, f o r 0 4 0 c o d e r s . n l S e p t e mb e r 2 0 ,

456 views • 44 slides
Resource Access Control Radek Pel anek Introduction Mutual Exclusion Scheduling with

Resource Access Control Radek Pel anek Introduction Mutual Exclusion Scheduling with

Introduction Mutual Exclusion Scheduling with Resources Resource Access Control Radek Pel anek Introduction Mutual Exclusion Scheduling with Resources Notions Resources: notions resource something needed to advance execution of a task;

954 views • 58 slides
Ariane 5.01 failure Patriot failure Mars orbiter loss (overflow) (float rounding) (unit error)

Ariane 5.01 failure Patriot failure Mars orbiter loss (overflow) (float rounding) (unit error)

Motivation (1 mn) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Abstract interpretation, reminder (10 mn) . . . . . . . . . . . . . . . . . . 6 Applications of abstract interpretation (2 mn) . . . . . . . . .

876 views • 16 slides
Scheduling Marcel Kneib marcel.kneib@posteo.de Hochschule RheinMain Jonas Reininger

Scheduling Marcel Kneib marcel.kneib@posteo.de Hochschule RheinMain Jonas Reininger

User-Level CPU Inheritance Scheduling Marcel Kneib marcel.kneib@posteo.de Hochschule RheinMain Jonas Reininger jonas.reininger@gmail.com Hochschule RheinMain Introduction Scheduling in user-level Hierarchy of schedulers

346 views • 16 slides
Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main

Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main

Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main Objectives Implement a sustained and affordable human and robotic program to explore the solar system and beyond; Extend human presence

745 views • 37 slides
LBNE Beam Simulation G4 needs Thoughts... Requests... Paul Lebrun CD/APC/ Fermilab, March

LBNE Beam Simulation G4 needs Thoughts... Requests... Paul Lebrun CD/APC/ Fermilab, March

LBNE Beam Simulation G4 needs Thoughts... Requests... Paul Lebrun CD/APC/ Fermilab, March 24 2014. Take Home message For the most part, Geant4 and MARS are adequate for we need to do. Assuming that a ~10 to 15 % absolute prediction

148 views • 13 slides
Path Planning Jan Faigl Department of Computer Science Faculty of Electrical Engineering Czech

Path Planning Jan Faigl Department of Computer Science Faculty of Electrical Engineering Czech

Path Planning Jan Faigl Department of Computer Science Faculty of Electrical Engineering Czech Technical University in Prague Lecture 03 B4M36UIR Artificial Intelligence in Robotics Jan Faigl, 2020 B4M36UIR Lecture 03: Path Planning

1.65k views • 140 slides
Coarsening of three-dimensional structured and unstructured grids for subsurface flow Jrg Espen

Coarsening of three-dimensional structured and unstructured grids for subsurface flow Jrg Espen

Coarsening of three-dimensional structured and unstructured grids for subsurface flow Jrg Espen Aarnes and Vera Louise Hauge SINTEF ICT, Norway Yalchin Efendiev Texas A&amp;M University, Texas, USA Task: Given ability to model velocity on

547 views • 22 slides

More recommend