phylog certification methodology a sane way to embed
play

PHYLOG certification methodology: a sane way to embed multi-core - PowerPoint PPT Presentation

Apr 05, 2024 •31 likes •391 views

PHYLOG certification methodology: a sane way to embed multi-core processors Fr ed eric Boniol, Youcef Bouchebaba, Julien Brunel, Kevin Delmas, Thomas Loquen, Alfonso Mascarenas Gonzalez, Claire Pagetti, Thomas Polacsek, Nathana el

  1. PHYLOG certification methodology: a sane way to embed multi-core processors Fr´ ed´ eric Boniol, Youcef Bouchebaba, Julien Brunel, Kevin Delmas, Thomas Loquen, Alfonso Mascarenas Gonzalez, Claire Pagetti, Thomas Polacsek, Nathana¨ el Sensfelder ERTS, January 30 th , 2020

  2. Introduction Context: avionic systems Topic: MultiCore Processors (MCP) Certification: MCP-CRI standard Observation: certification is a difficult task because of internal complexity of MCP complexity of MCP-CRI objectives Phylog contribution: a framework to ease the certification of MultiCore Processors for avionic systems 2 / 36

  3. What is a multi-core processor (MCP)? = Complex architecture composed of computing cores, signal processing cores, DMAs, caches, memories, buses, IO devices. . . (Pro) Allows multiple functions to be executed in parallel (Cons) High integration density ⇒ hard to master the internal normal / abnormal behavior Parallelism + shared resources → risk of interference → risk of delays and non-determinism (due to interference) ⇒ key issues for certification 3 / 36

  4. Certification. . . Certification = evaluation of an argumentation, to convince that a system (i.e., its architecture, its settings, including mitigation means. . . ) satisfies certification objectives ⇒ Certification objectives for MCP? [1] “Certification Review Item for Multi-Core ( MCP-CRI )” (nov. 2016) ⇒ defines 9 certification objectives about SW development and verification planing resources settings resource usage and interference handling safety handling. . . 4 / 36

  5. Phylog approach. . . Phylog ideas 1 transcription of the MCP-CRI objectives in a more (pseudo-)formal graphical way 2 use of formal methods to support ⇒ interference analysis ⇒ safety analysis 3 use of models to support analyses and to ease dialogues between applicants and certification authorities 5 / 36

  6. Agenda 1 Transcription of MCP-CRI objectives. . . 2 PML: a meta model certification-oriented for MCP 3 Interference analysis 4 Conclusion and future work 6 / 36

  7. Transcription of MCP-CRI objectives. . . Why: to clarify what to do and how to organize the arguments How: Argumentation patterns close to GSN, CAE notations organize in diagram form the various elements, formal and informal, that contribute to the justification of a result (such as safety, security, correctness) Idea: define an argumentation pattern per MCP-CRI objective ⇒ Example: Resource Usage 3 (interference identification and mitigation) 7 / 36

  8. Example: Resource Usage 3 (RU3) Resource Usage 3 (RU3) (MCP-CRI, page 13) “The applicant has identified the interference channels that could permit interference to affect the software applications hosted on the MCP cores, and has verified the applicant’s chosen means of mitigation of the interference.” 8 / 36

  9. Resource Usage 3 (RU3) objective RU3: Identification of interference and verified means of mitigation (S1) Check all identified interference are mitigated ( ∀ i ∈ I , i mitigated) (E1) The interferences I are (E2) i mitigated identified and classified (S2) All identified interferences are classified Backing: architecture mastering (E4) Classification of c ( i ) effects (E3) Identification of all Given: hosted applications and interference I maximal accepted WCET / WCRT 9 / 36

  10. Resource Usage 3 (RU3) objective Next issue: How to fulfill the leaves of the argumentation patterns RU3 example how to identify / enumerate the interference (E3)? how to classify the interference (E4)? in a feasible way? ⇒ Idea: automatic computation ⇒ Needs: models (of the internal architecture of the MCP and its configuration). 10 / 36

  11. Agenda 1 Transcription of MCP-CRI objectives. . . 2 PML: a meta model certification-oriented for MCP 3 Interference analysis 4 Conclusion and future work 11 / 36

  12. Why a specific meta-model? Needs: an accurate abstraction able to capture the concepts mentioned in the MCP-CRI as simple as possible only for certification concerns (not for design) ⇒ Question: what is MCP-CRI talking about? 12 / 36

  13. PML (1/3): Keystone example Memory Subsystem MSMC SRAM 64-bit DDR DDR3 Memory MSMC MMU EMIF Controller L1P L1D A15 Boot ROM MPPAX ARM Semaphors C66x CorePac Power Mgt SRAM L1D SRAM NN ROSACE0 ROSACE1 PLL L1P L2 SRAM (SW) (SW) (SW) EDMA TeraNet USB 3.0 UART GPIO SRIO PCIe SPI I 2 C 13 / 36

  14. PML (1/3): Keystone example Memory Subsystem MSMC SRAM 64-bit DDR DDR3 Memory MSMC MMU EMIF Controller L1P L1D A15 Boot ROM MPPAX ARM Semaphors C66x CorePac Power Mgt SRAM L1D SRAM NN ROSACE0 ROSACE1 PLL L1P L2 SRAM (SW) (SW) (SW) EDMA TeraNet USB 3.0 UART GPIO SRIO PCIe SPI I 2 C 14 / 36

  15. PML (1/3): Keystone example initiator Memory Subsystem MSMC SRAM 64-bit DDR DDR3 Memory MSMC MMU EMIF Controller L1P L1D A15 Boot ROM MPPAX ARM Semaphors C66x CorePac Power Mgt SRAM L1D SRAM NN ROSACE0 ROSACE1 PLL L1P L2 SRAM (SW) (SW) (SW) EDMA TeraNet USB 3.0 UART GPIO SRIO PCIe SPI I 2 C 15 / 36

  16. PML (1/3): Keystone example initiator Memory Subsystem MSMC SRAM 64-bit DDR target DDR3 Memory MSMC MMU EMIF Controller L1P L1D A15 Boot ROM MPPAX ARM Semaphors C66x CorePac Power Mgt SRAM L1D SRAM NN ROSACE0 ROSACE1 PLL L1P L2 SRAM (SW) (SW) (SW) EDMA TeraNet USB 3.0 UART GPIO SRIO PCIe SPI I 2 C 16 / 36

  17. PML (1/3): Keystone example initiator Memory Subsystem MSMC SRAM 64-bit DDR target DDR3 Memory MSMC MMU EMIF Controller L1P L1D transporter A15 Boot ROM MPPAX ARM Semaphors C66x CorePac Power Mgt SRAM L1D SRAM NN ROSACE0 ROSACE1 PLL L1P L2 SRAM (SW) (SW) (SW) EDMA TeraNet USB 3.0 UART GPIO SRIO [1] “White paper on issues PCIe SPI I 2 C associated with interference applied to multi-core processors”. X. Jean et al., 2016 17 / 36

  18. PML (1/3) ⇒ 1st Idea: MPC platform = organised set of initiators targets transporters 18 / 36

  19. PML (2/3) 2d Idea: characterize each component with the services it provides to capture the normal / abnormal behavior of the platform ⇒ 6 types of services execute (ex), load (ld), store (st), authorize (auth), dispatch (dp), copy (cp) ⇒ transaction = is a request of type T from 1 iniator to n target services of type T through a path of transporter services of type T 19 / 36

  20. PML (2/3): Keystone example Example : Load transaction from ROSACE0 to SRAM 20 / 36

  21. PML (3/3) PML (simplified view) 21 / 36

  22. PML: a meta model certification oriented for MCP ⇒ allows export to dedicated view points: interference analysis, and safety analysis. 22 / 36

  23. Agenda 1 Transcription of MCP-CRI objectives. . . 2 PML: a meta model certification-oriented for MCP 3 Interference analysis 4 Conclusion and future work 23 / 36

  24. Interference definition ⇒ Interference definition ⇒ Method to enumerate all interference 24 / 36

  25. Interference definition Interference scenario let A and B two initiator components let t A and t B two “transactions” issued by A and B let P ( t A ) and P ( t B ) the paths of t A and t B (i.e., the services crossed by t A and t B ) ⇒ if there exists a service r ∈ P ( t A ) ∩ P ( t B ), then � t A | | t B � is an interference scenario on r 25 / 36

  26. Interference definition Interference scenario let A and B two initiator components let t A and t B two “transactions” issued by A and B let P ( t A ) and P ( t B ) the paths of t A and t B (i.e., the services crossed by t A and t B ) ⇒ if there exists a service r ∈ P ( t A ) ∩ P ( t B ), then � t A | | t B � is an interference scenario on r 26 / 36

  27. Interference definition Interference scenario let A and B two initiator components let t A and t B two “transactions” issued by A and B let P ( t A ) and P ( t B ) the paths of t A and t B (i.e., the services crossed by t A and t B ) ⇒ if there exists a service r ∈ P ( t A ) ∩ P ( t B ), then � t A | | t B � is an interference scenario on r 27 / 36

  28. Interference definition Interference scenario let A and B two initiator components let t A and t B two “transactions” issued by A and B let P ( t A ) and P ( t B ) the paths of t A and t B (i.e., the services crossed by t A and t B ) ⇒ if there exists a service r ∈ P ( t A ) ∩ P ( t B ), then � t A | | t B � is an interference scenario on r 28 / 36

  29. Interference definition Interference scenario let A and B two initiator components let t A and t B two “transactions” issued by A and B let P ( t A ) and P ( t B ) the paths of t A and t B (i.e., the services crossed by t A and t B ) ⇒ if there exists a service r ∈ P ( t A ) ∩ P ( t B ), then � t A | | t B � is an interference scenario on r 29 / 36

  30. Interference definition ⇒ Enumeration of all binary interference scenarios I 2 = � � � t A | | t B � | t A , t B : transaction , ∃ r ∈ P ( t A ) ∩ P ( t B ) ⇒ Enumeration of all binary interference-free scenarios IF 2 = � � � t A | | t B � | t A , t B : transaction , P ( t A ) ∩ P ( t B ) = ∅ ⇒ Can be generalized to n -ary interference channels / scenarios 30 / 36

  31. Interference definition: Keystone example 31 / 36

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SANE BOUNDS ON SOME VDW-TYPE NUMBERS A collaboration spanning many papers and authors.

SANE BOUNDS ON SOME VDW-TYPE NUMBERS A collaboration spanning many papers and authors.

SANE BOUNDS ON SOME VDW-TYPE NUMBERS A collaboration spanning many papers and authors. http://www.cs.umd.edu/~gasarch/sane/sane.html . Daniel Apon- U of Ark (grad student) Richard Beigel- Temple U Stephen Fenner- U of SC William Gasarch- U of

975 views • 44 slides
Embed with Video Capture, hosting and embedding Contents AVMS UCC Embed Capture

Embed with Video Capture, hosting and embedding Contents AVMS UCC Embed Capture

Embed with Video Capture, hosting and embedding Contents AVMS UCC Embed Capture Host Embed YouTube iframe DIY Mobile Dept. Video YouTube Gallery Panopto HEAnet Video Library Media Banner

504 views • 7 slides
1 2 3 KASS Certification Procedure Operation System Certification Certification Training

1 2 3 KASS Certification Procedure Operation System Certification Certification Training

1 2 3 KASS Certification Procedure Operation System Certification Certification Training Inspection/Audit Establish MoC Status of Operator/ Maintainer Manual, Function Identify CRB Record and Interfaces Result of Form Ground/

618 views • 24 slides
CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO

CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO

CAPLA CERTIFICATION PROGRAM EVERYTHING YOU NEED TO KNOW ABOUT THE CERTIFICATION EXAM HOW TO APPLY TO WRITE Once you have logged into the Then under Certification The Certification committee Application Forms may be CAPLA website using

687 views • 37 slides
1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA

1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA

1 CERTIFICATION Coming to you soon! 2 What is OPTA VIA Certification? OPTA VIA Certification is based on Dr. As Habits of Health Transformational System and is available to all Coaches who want to apply and reinforce their knowledge of

613 views • 19 slides
Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the

Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the

ASHA Certification Pathway to CCC-A Todd R. Philbrick, CAE Director, Certification Ex Officio to the CFCC Presentation Overview What is Certification? CCC-A Certification Standards CCC-A Application Process FAQs Keep your

209 views • 19 slides
(HQ - Since 1979 Villefranche-sur-Sane) Polyamide and Polyester monofilament extrusion ISL

(HQ - Since 1979 Villefranche-sur-Sane) Polyamide and Polyester monofilament extrusion ISL

(Since 2002) (Since 2003) (Since 2014) (Since 2015) (HQ - Since 1979 Villefranche-sur-Sane) Polyamide and Polyester monofilament extrusion ISL BRAND : AGRICULTURAL LINE FRENCH TECHNOLOGY Proudly manufactured with Identical blends and

301 views • 11 slides
OCP SAI Sanjay Sane Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada OCP SAI

OCP SAI Sanjay Sane Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada OCP SAI

OCP SAI Sanjay Sane Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada OCP SAI Switching ASICs (SDKs) do not have any common API. Same feature (for e.g. Routing Table) has different styles. Same underlying construct (for

364 views • 3 slides
Timer Certification Clinic Timer Certification A prerequisite for training and certification in

Timer Certification Clinic Timer Certification A prerequisite for training and certification in

Timer Certification Clinic Timer Certification A prerequisite for training and certification in all other positions (Descriptions in some of the following slides are as indicated in the rules, although it is not unusual for the referee to

378 views • 10 slides
Chapter 15 Embed: Focus + Context Vis/Visual Analytics, Chap 15 Focus+Context 1 CGGM Lab., CS

Chapter 15 Embed: Focus + Context Vis/Visual Analytics, Chap 15 Focus+Context 1 CGGM Lab., CS

Chapter 15 Embed: Focus + Context Vis/Visual Analytics, Chap 15 Focus+Context 1 CGGM Lab., CS Dept., NCTU Jung Hong Chuang The Big Picture Focus+context idiom To embed detailed information about a select set the focus within a

323 views • 16 slides
Using Voluntary EU-Compatible Certification and Limited IP Protection to Improve the Financial

Using Voluntary EU-Compatible Certification and Limited IP Protection to Improve the Financial

Using Voluntary EU-Compatible Certification and Limited IP Protection to Improve the Financial Index Market: Avoiding the Next Libor Kathrine Gutierrez IPSC 2019 Index: Formula or methodology that reduces complex data to a single number

801 views • 14 slides
Wastewater Laboratory Certification Overview 1 What is laboratory certification? Laboratory

Wastewater Laboratory Certification Overview 1 What is laboratory certification? Laboratory

Wastewater Laboratory Certification Overview 1 What is laboratory certification? Laboratory certification is a process that provides formal recognition to the managerial and technical competence of a laboratory performing specific analyses

853 views • 50 slides
AEROREADY CERTIFICATION Components to AEROready TM Certification In order to award an AEROready TM

AEROREADY CERTIFICATION Components to AEROready TM Certification In order to award an AEROready TM

AEROREADY CERTIFICATION Components to AEROready TM Certification In order to award an AEROready TM certification, our consulting team analyses hundreds of site selection criteria with emphasis on the following 10 items Assessment of airport

1.08k views • 75 slides
IIBA Certification Overview 1 Topics A. Benefits of Attaining an IIBA Certification B. IIBA

IIBA Certification Overview 1 Topics A. Benefits of Attaining an IIBA Certification B. IIBA

IIBA Certification Overview 1 Topics A. Benefits of Attaining an IIBA Certification B. IIBA Certification Options C. Applying for Certification D. Exam Activities Register and Prepare E. Benefits of BABOK studying 2/13/2018, p. 1

127 views • 10 slides
SOUTH DAKOTA DEPARTMENT OF EDUCATION OFFICE OF EDUCATOR CERTIFICATION Certification@state.sd.us

SOUTH DAKOTA DEPARTMENT OF EDUCATION OFFICE OF EDUCATOR CERTIFICATION Certification@state.sd.us

SOUTH DAKOTA DEPARTMENT OF EDUCATION OFFICE OF EDUCATOR CERTIFICATION Certification@state.sd.us OUTCOME OF PRESENTATION Understand the importance of educator certification Ability to create a user id and apply for certification

698 views • 53 slides
Integrating a Trauma Informed Care Approach Kristen Foskett, DNP, FNP, OR SANE Sally

Integrating a Trauma Informed Care Approach Kristen Foskett, DNP, FNP, OR SANE Sally

9/26/2016 Integrating a Trauma Informed Care Approach Kristen Foskett, DNP, FNP, OR SANE Sally Rothacker Peyton, MSN, PMHCNS BC, PMHNP BC Presentation Objectives Identify how trauma history effects the physical,

248 views • 5 slides
I. Time Resolution of a MCP-PMT and II. Test Infrastructure in the Solid State Detector Lab M.

I. Time Resolution of a MCP-PMT and II. Test Infrastructure in the Solid State Detector Lab M.

I. Time Resolution of a MCP-PMT and II. Test Infrastructure in the Solid State Detector Lab M. Centis Vignali 1 Representing: CEA (Saclay), CERN, NSRC Demokritos, Princeton University, Thessaloniki University, USTC (Hefei) 22.02.2017

459 views • 32 slides
Kun-Manie Nickel Sulphide Deposit Proactive Investor Presentation October 2017 Mining Capital

Kun-Manie Nickel Sulphide Deposit Proactive Investor Presentation October 2017 Mining Capital

Kun-Manie Nickel Sulphide Deposit Proactive Investor Presentation October 2017 Mining Capital Conference 1 2 The information contained in this confidential document ( Presentation ) has been prepared by Amur Minerals Corporation (the

350 views • 17 slides
NGC 5765b: A New Cornerstone Galaxy for MCP Feng Gao ( ) (NRAO/SHAO) J. Braatz, M. Reid,

NGC 5765b: A New Cornerstone Galaxy for MCP Feng Gao ( ) (NRAO/SHAO) J. Braatz, M. Reid,

NGC 5765b: A New Cornerstone Galaxy for MCP Feng Gao ( ) (NRAO/SHAO) J. Braatz, M. Reid, K.-Y. Lo, J. Condon, C. Henkel, C.-Y. Kuo, V. Impellizzeri, D. Pesce, W. Zhao May, 2014 How does it work Braatz et al. 2010 a Vr NGC 5765b

630 views • 14 slides
Project Due Diligence Gaye Francis and Richard Robinson Directors R2A Due Diligence Engineers 1

Project Due Diligence Gaye Francis and Richard Robinson Directors R2A Due Diligence Engineers 1

Project Due Diligence Gaye Francis and Richard Robinson Directors R2A Due Diligence Engineers 1 Plan 1. Due Diligence vs Risk Management - exclusive reliance on RM Standard fatal 2. The Project Due Diligence Process 3. Case study: Class E Tram

323 views • 17 slides
Medi-Cal Healthier California for All Population Health Management Work g roup February 11, 2020

Medi-Cal Healthier California for All Population Health Management Work g roup February 11, 2020

Medi-Cal Healthier California for All Population Health Management Work g roup February 11, 2020 1 Recommendations Adopted by DHCS: Data A minimum set of electronically available data, including behavioral health, will be required for

374 views • 23 slides
S-100 Data Services via SMART Navigation Pla latform Presented by KHOA International

S-100 Data Services via SMART Navigation Pla latform Presented by KHOA International

IHO S-100 Working Group S-100 Data Services via SMART Navigation Pla latform Presented by KHOA International Hydrographic Organization S-100WG-4, Denmark, 27 29 Feb. 2019 Organisation Hydrographique Internationale Background Korean

288 views • 9 slides
Security in the Age of Cloud Kaushik Narayan CTO, Cloud Business Unit CASB Connect MVISION

Security in the Age of Cloud Kaushik Narayan CTO, Cloud Business Unit CASB Connect MVISION

Security in the Age of Cloud Kaushik Narayan CTO, Cloud Business Unit CASB Connect MVISION Cloud Innovation Pre- and Post-Acquisition Acquisition announced Expansion to IaaS Skyhigh API control: Sanctioned Apps Networks Custom Apps

565 views • 30 slides
Streamline your gas cylinder management with CEFRANK. Manifolded Cylinder Packs, Pallets and

Streamline your gas cylinder management with CEFRANK. Manifolded Cylinder Packs, Pallets and

Streamline your gas cylinder management with CEFRANK. Manifolded Cylinder Packs, Pallets and Filling Systems Over 30 years experience Began in 1979 as CEFRANK Contractors In 1981 developed into CEFRANK Engineering Pty Ltd In 1996

667 views • 14 slides

More recommend