Skip to main content
Log in

Implementing mixed-criticality synchronous reactive programs upon uniprocessor platforms

  • Published:
Real-Time Systems Aims and scope Submit manuscript

Abstract

Model-based design methodologies based on the synchrony assumption are widely used in many safety-critical application domains. The synchrony assumption asserts that actions (such as the execution of code) occur instantaneously; however, physical platforms obviously do not possess this property. This paper considers the problem of obtaining resource-efficient implementations of programs that are written under the synchrony assumption on actual platforms, such that these implementations execute in a manner that is semantically consistent with the execution sequences that would occur if the synchrony assumption were to hold.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Notes

  1. This requirement has been stated (Berry 2000, p. 101) as the bounded delay property of the implementation: there is a maximum delay in completing the execution of the actions representing the system reaction to any input, which is strictly less than the minimum time that elapses between successive rounds.

  2. This gap between conservative WCET estimates and the actual WCET value is only likely to increase: as has been pointed out in Henzinger and Sifakis (2006), because of the rapid progress in VLSI design, embedded systems are implemented on sophisticated, hardware/software layered multicore architectures with caches, pipelines, and speculative execution. The ensuing difficulty of accurate worst-case analysis makes conservative, safety-critical solutions ever more expensive, in both resource and design cost.

  3. This statement is generally true for feedthrough blocks; for non-feedthrough blocks, cyclic dependencies need not result in inconsistency or non-determinism.

  4. Many safety-critical application domains specify more than two criticality levels (also called, e.g., Safety Integrity Levels (SILs) or Design Assurance Levels (DALs) in different standards documents), with functionalities at higher criticality levels subject to more rigorous validation requirements. For ease of presentation, we make the simplifying assumption in this paper that there are just two criticality levels that we call lo and hi.

  5. A cyclic executive is defined (Baker and Shaw 1988) as “a control structure or program for explicitly interleaving the execution of several periodic processes; [..] the interleaving is done in a deterministic fashion so that execution timing is predictable.”

  6. We are not attempting to meet deadlines in this schedule, simply keeping the processor active whenever there are nodes remaining that have arrived but not completed execution, regardless of whether their deadlines are met or not.

  7. As in Observation 2, we are not attempting to meet deadlines in this schedule.

References

  • Audsley NC (1991) Optimal priority assignment and feasibility of static priority tasks with arbitrary start times. Tech rep, The University of York, England

  • Baker TP, Shaw A (1988) The cyclic executive model and ada. In: Proceedings of the IEEE real-time systems symposium, pp 120–129

    Chapter  Google Scholar 

  • Baruah S, Fohler G (2011) Certification-cognizant time-triggered scheduling of mixed-criticality systems. In: Proceedings of the IEEE real-time systems symposium (RTSS). IEEE Computer Society, New York

    Google Scholar 

  • Baruah S, Li H, Stougie L (2010) Towards the design of certifiable mixed-criticality systems. In: Proceedings of the IEEE real-time technology and applications symposium (RTAS). IEEE, New York

    Google Scholar 

  • Baruah S, Burns A, Davis R (2011) Response-time analysis for mixed criticality systems. In: Proceedings of the IEEE real-time systems symposium (RTSS). IEEE Computer Society, New York

    Google Scholar 

  • Baruah SK, Bonifaci V, D’Angelo G, Li H, Marchetti-Spaccamela A, Megow N, Stougie L (2012) Scheduling real-time mixed-criticality jobs. IEEE Trans Comput 61(8):1140–1152

    Article  MathSciNet  Google Scholar 

  • Bensalem S, Caspi P, Parent-Vigouroux C, Dumas C (1999) A methodology for proving control systems with Lustre and PVS. Depend Comput Critical Appl. doi:10.1109/DCFTS.1999.814291

    Google Scholar 

  • Benveniste A, Berry G (1991) The synchronous approach to reactive and real-time systems. Proc IEEE 79(9):1270–1282. doi:10.1109/5.97297

    Article  Google Scholar 

  • Berry G (2000) The Esterel v5 language primer: version v5_91. Centre de Mathématiques Appliquées, Ecole des Mines and INRIA

  • Burns A, Davis R (2013) Mixed-criticality systems: a review. Available at http://www-users.cs.york.ac.uk/~burns/review.pdf

  • Caspi P, Scaife N, Sofronis C, Tripakis S (2008) Semantics-preserving multitask implementation of synchronous programs. ACM Trans Embedded Comput Syst 7(2)

  • Dorin F, Richard P, Richard M, Goossens J (2010) Schedulability and sensitivity analysis of multiple criticality tasks with fixed-priorities. Real-Time Syst 46(3):305–331

    Article  MATH  Google Scholar 

  • Fohler G (1993) Changing operational modes in the context of pre run-time scheduling. IEICE Trans Inf Syst E 76–D(11):1333–1340. Special Issue on Responsive Computer Systems

    Google Scholar 

  • Forget J (2009) A synchronous language for critical embedded systems with multiple real-time constraints. PhD thesis, University of Toulouse

  • Forget J, Boniol F, Grolleau E, Lesens D, Pagetti C (2010) Scheduling dependent periodic tasks without synchronization mechanisms. In: Proceedings of the IEEE real-time technology and applications symposium (RTAS). IEEE, New York

    Google Scholar 

  • Garey M, Johnson D (1975) Complexity results for multiprocessor scheduling under resource constraints. SIAM J Comput 4:397–411

    Article  MATH  MathSciNet  Google Scholar 

  • Guan N, Ekberg P, Stigge M, Yi W (2011) Effective and efficient scheduling for certifiable mixed criticality sporadic task systems. In: Proceedings of the IEEE real-time systems symposium (RTSS). IEEE Computer Society, New York

    Google Scholar 

  • Halbwachs N (1993) Synchronous programming of reactive systems. Kluwer Academic, Amsterdam

    Book  MATH  Google Scholar 

  • Halbwachs N, Raymond P (1999) Validation of synchronous reactive systems: from formal verification to automatic testing. In: ASIAN’99, Asian computing science conference. LNCS, vol 1742. Springer, Berlin

    Google Scholar 

  • Harel D, Pnueli A (1985) On the development of reactive systems. In: Logics and models of concurrent systems. Springer, New York, pp 477–498. http://dl.acm.org/citation.cfm?id=101969.101990

    Chapter  Google Scholar 

  • Henzinger T, Sifakis J (2006) The embedded systems design challenge. In: Proceedings of the 14th international symposium on formal methods (FM). Lecture notes in computer science. Springer, Berlin. http://chess.eecs.berkeley.edu/pubs/264.html

    Google Scholar 

  • Jagadeesan LJ, Puchol C, Olnhausen JE (1996) A formal approach to reactive systems software: a telecommunications application in Esterel. Form Methods Syst Des 8:123–151. doi:10.1007/BF00122418

    Article  Google Scholar 

  • Kopetz H (2011) Real-time systems—design principles for distributed embedded applications. Springer, Berlin

    MATH  Google Scholar 

  • Kuo TW, Mok AK (1991) Load adjustment in adaptive real-time systems. In: Proceedings of the IEEE real-time systems symposium, pp 160–171

    Google Scholar 

  • Lee EA, Neuendorffer S, Wirthlin MJ (2003) Actor-oriented design of embedded hardware and software systems. J. Circ Syst Comput 2

  • Liu C, Layland J (1973) Scheduling algorithms for multiprogramming in a hard real-time environment. J ACM 20(1):46–61

    Article  MATH  MathSciNet  Google Scholar 

  • Lublinerman R, Tripakis S (2008) Modularity vs. reusability: code generation from synchronous block diagrams. In: DATE. IEEE, New York, pp 1504–1509

    Chapter  Google Scholar 

  • Mok A (1983) Fundamental design problems of distributed systems for the hard-real-time environment. PhD thesis, Laboratory for Computer Science, Massachusetts Institute of Technology. Available as Technical Report No MIT/LCS/TR-297

  • Natale MD, Zeng H (2011) Task implementation and schedulability analysis of synchronous finite state machines. In: Work in progress (WiP) session of the IEEE real-time and embedded technology and applications symposium, pp 21–24

    Google Scholar 

  • Pagetti C, Forget J, Boniol F, Cordovilla M, Lesens D (2011) Multi-task implementation of multi-periodic synchronous programs. Discrete Event Dyn Syst 22(3)

  • Vecchié E, de Simone R (2006) Syntax-driven behavior partitioning for model-checking of Esterel programs. Electron Notes Theor Comput Sci 153:19–35. doi:10.1016/j.entcs.2006.02.023

    Article  Google Scholar 

  • Vestal S (2007) Preemptive scheduling of multi-criticality systems with varying degrees of execution time assurance. In: Proceedings of the Real-Time Systems Symposium. IEEE Computer Society, New York, pp 239–243

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Sanjoy Baruah.

Additional information

This research is supported in part by NSF grants CNS 0834270, CNS 0834132, and CNS 1016954; ARO grant W911NF-09-1-0535; AFOSR grant FA9550-09-1-0549; and AFRL grant FA8750-11-1-0033.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Baruah, S. Implementing mixed-criticality synchronous reactive programs upon uniprocessor platforms. Real-Time Syst 50, 317–341 (2014). https://doi.org/10.1007/s11241-013-9197-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11241-013-9197-x

Keywords

Navigation