An efficient schedulability analysis for optimizing systems with adaptive mixed-criticality scheduling

Abstract

In the design optimization of real-time systems, the schedulability analysis is used to define the feasibility region within which tasks meet their deadlines, so that optimization algorithms can find the best solution within the region. However, the current analysis techniques for systems with adaptive mixed-criticality (AMC) scheduling are based on response time calculation, which are too complex for optimization purposes. In this paper, we provide a simpler schedulability test based on request bound functions, which allows an efficient definition of the feasibility region for AMC. We prove that the new analysis is safe with bounded pessimism. Experimental results show that our analysis provides much better scalability for optimization procedures, with only small loss of performance (less than 7% in weighted schedulability, and no more than 4% in optimization objectives).

Appendices

Appendix 1: ILP formulation for software synthesis of simulink models

We give a summary of the ILP formulation for Simulink minimum delay synthesis problem. Let \(\mathbb {V}\) denote the set of nodes and \(\mathbb {E}\) the set of directed edges. Each edge (i, j) is associated with two weights: \(c_{i,j}\) indicating the penalty on control performance due to introduction of unit delay on the link, and \(g_{i,j}\) denoting the memory cost. We assume each node (functional block) is mapped to a dedicated task. In Simulink, tasks have the same offset and their deadlines are the same as the periods (Di Natale et al. 2010).

Let the binary variable \(p_{j,i}\) denote the relative priority level between task \(\tau _j\) and \(\tau _i\), as in (57). We assume the priority order is unique, i.e., no two tasks have the same priority.

$$\begin{aligned} \forall i\ne j, \ \ p_{i,j} + p_{j,i} = 1 \end{aligned}$$

(123)

The transitive properties of the priority order must hold true: if \(\tau _i\) has a higher priority than \(\tau _j\) and \(\tau _j\) has a higher priority than \(\tau _k\), then \(\tau _i\) must have a higher priority than \(\tau _k\).

$$\begin{aligned} \forall i \ne j \ne k, \ \ p_{i,j} + p_{j,k} \le 1 + p_{i,k} \end{aligned}$$

(124)

To make sure that tasks are schedulable, the problem should include the schedulability region formulation. The AMC-rbf based formulation is described in Sect. 4.1.2, while Sect. 4.2.2 gives the AMC-rtb based formulation.

For each High-to-Low (HL, where high rate writer \(\tau _i\) sends data to low rate reader \(\tau _j\)) communication link in the DAG, RT block of type HL is necessary if reader cannot finish before the next writer instance is released (i.e., within the period of the writer). To represent this condition, a binary variable \(z_{i,j}\) is added as follows

$$\begin{aligned} z_{i,j} = \left\{ \begin{array}{ll} 0 &{}\quad \text {reader} \tau _j \,\text {finishes in} T_i,\\ 1 &{}\quad \text {otherwise.} \end{array} \right. \end{aligned}$$

(125)

This can be formulated as if we check the schedulability of \(\tau _j\) assuming its deadline is \(T_i\).

For each LH communication link (low rate writer \(\tau _i\) and high rate reader \(\tau _j\)), RT block of type LH is necessary if the reader \(\tau _j\) is assigned with a higher priority. This is perfectly captured by the binary variable \(p_{j,i}\): an RT block of type LH is needed for the link (i, j) if and only if \(p_{j,i}=1\).

The total memory usage by RT block shall not exceed the amount provided by the platform, denoted as \(\lambda \). This corresponds to the following constraint

$$\begin{aligned} \sum _{(i,j) \in \mathbb {E}: T_i < T_j} g_{i,j} \cdot z_{i,j} + \sum _{(i,j) \in \mathbb {E}: T_i > T_j} g_{i,j} \cdot p_{j,i} \le \lambda \end{aligned}$$

(126)

The objective is to minimize the penalty on the control performance introduced by the RT blocks of type LH

$$\begin{aligned} \min \ \sum _{(i,j) \in \mathbb {E}: T_i > T_j} p_{j,i} \cdot c_{i,j} \end{aligned}$$

(127)

Note that RT blocks of type HL are excluded in the above objective as they only incur memory overhead, but no functional delay.

Appendix 2: ILP formulation for task allocation on multicore platform

We describe the ILP formulation for the problem presented in Sect. 6.3, where we aim to find a schedulable allocation of a set of mixed-criticality tasks in a multicore platform with K cores. The task priority order is assumed to be given.

A set of binary variables \(a_{i,k}\) is defined to indicate the mapping of task \(\tau _i\) to core k, as follows

$$\begin{aligned} a_{i,k} = \left\{ \begin{array}{ll} 1 &{} \quad \tau _i \text {is mapped to core} k,\\ 0 &{} \quad \text {otherwise.} \end{array} \right. \end{aligned}$$

(128)

Since each task must be mapped to exactly one core, we have the following constraints

$$\begin{aligned} \forall i, \ \sum _{k = 1}^{K} a_{i, k} = 1 \end{aligned}$$

(129)

We add a redundant constraint that the total utilization for each core (in either LO mode or HI mode) cannot exceed 100%. It is simple but is effective for removing obviously unschedulable solution.

$$\begin{aligned} \forall k, \ \ \sum _{i} a_{i, k} \cdot \frac{C_i(LO)}{T_i} \le 1 \bigwedge \sum _{i: L_i=HI} a_{i, k} \cdot \frac{C_i(HI)}{T_i} \le 1 \end{aligned}$$

(130)

The problem should also include the formulation of the schedulability region as follows.

ILP for AMC-rbf . It takes a similar form as (53), but the functions G and H need to be redefined, to add the index of the core k

$$\begin{aligned} G_{i,k}(t)= & {} C_i(HI) \cdot a_{i,k} + \sum _{j \in hpH(i)} \left\lceil \frac{t}{T_j} \right\rceil C_j(HI) \cdot a_{j,k} \nonumber \\ H_{i,k}(s)= & {} \sum _{j \in hpL(i)} \left( \left\lfloor \frac{s}{T_j} \right\rfloor + 1 \right) C_j(LO) \cdot a_{j,k} \nonumber \\&+ \sum _{j \in hpH(i)} \max \left( 0, \left\lfloor \frac{s - D_j}{T_j} \right\rfloor \right) \left( C_j(LO) - C_j(HI)\right) \cdot a_{j,k} \end{aligned}$$

(131)

Now the schedulability constraint (53) should be modified accordingly, to reflect that a higher priority task \(\tau _j\) can only interfere \(\tau _i\) if both of them are mapped to core k

$$\begin{aligned} \left\{ \begin{array}{ll} \forall t_{i,m} \in \mathcal {T}_i, \forall s \in \mathcal {S}_i(t_{i,m}), \forall k, &{} G_{i,k}(t_{i,m}) + H_{i,k}(s)\\ &{} \displaystyle \le t_{i,m} + M \sum _{k =0}^{k_i-1} E_i(m,k) + M (1-a_{i,k})\\ \displaystyle \sum _{k=0}^{k_i-1} (2^k \times b_{i,k}) \le m_i -1 \end{array} \right. \end{aligned}$$

(132)

ILP for AMC-rtb . Since a task can be interfered by another higher priority task only when they are mapped to the same core, (61) is modified as follows

$$\begin{aligned} \forall k, R^{LO}_i + M (1 - a_{i, k}) \displaystyle\ge & {} C_i(LO) + \sum _{j \in hp(i)} I^{LO}_{j,i} \cdot a_{j, k} \cdot C_j(LO)\nonumber \\ \forall k, R^{CC}_i + M (1 - a_{i, k}) \displaystyle\ge & {} C_i(HI) + \sum _{j \in hpL(i)} I^{LO}_{j,i} \cdot a_{j, k} \cdot C_j(LO) \nonumber \\&\displaystyle + \sum _{j \in hpH(i)} I^{CC}_{j,i} \cdot a_{j, k} \cdot C_j(HI) \end{aligned}$$

(133)

The constraints in (133) contain some nonlinear terms \(I^{LO}_{j,i} \cdot a_{j, k}\) and \(I^{CC}_{j,i} \cdot a_{j, k}\). They can be linearized, by replacing them respectively with variables \(\Pi _{j, i, k}^{LO} \in \mathbb {N}\) and \(\Pi _{j, i, k}^{CC} \in \mathbb {N}\) that satisfy the following constraints.

$$\begin{aligned}&I_{j, i}^{LO} - M (1 - a_{j, k}) \le \Pi _{j, i, k}^{LO} \le I_{j, i}^{LO} \nonumber \\&I_{j, i}^{CC} - M (1 - a_{j, k}) \le \Pi _{j, i, k}^{CC} \le I_{j, i}^{CC} \end{aligned}$$

(134)

Appendix 3: Branch-and-bound for task allocation

Branch-and-bound (bnb) is an algorithm design paradigm for discrete optimization problems, which systematically enumerates all candidate solutions by means of design space search. Central to the branch-and-bound algorithm is the design of the recursion procedure, where the set of candidate solutions is forming a rooted tree with the full set at the root. Each branch of the tree represents subsets of the solution set. Before enumerating the candidate solutions of a branch, estimated bounds on the optimal solution for the branch is derived. If the branch is surely impossible to provide a better solution than the current optimal, it is discarded.

Algorithm 1 describes the bnb procedure for task allocation in multicore. In the algorithm, each recursion level decides on the core allocation for a particular task. Procedure FetchNextTask returns a task that is unallocated from the task set.