research-article

Handling mixed-criticality in SoC-based real-time embedded systems

Authors:

Rodolfo Pellizzoni,

Patrick Meredith,

Lui ShaAuthors Info & Claims

EMSOFT '09: Proceedings of the seventh ACM international conference on Embedded software

Pages 235 - 244

https://doi.org/10.1145/1629335.1629367

Published: 12 October 2009 Publication History

Abstract

System-on-Chip (SoC) is a promising paradigm to implement safety-critical embedded systems, but it poses significant challenges from a design and verification point of view. In particular, in a mixed-criticality system, low criticality applications must be prevented from interfering with high criticality ones. In this paper, we introduce a new design methodology for SoC that provides strong isolation guarantees to applications with different criticalities. A set of certificates describing the assumed application behavior is extracted from a functional Architectural Analysis and Design Language (AADL) specification. Our tools then automatically generate hardware wrappers that enforce at run-time the behavior described by the certificates. In particular, we employ run-time monitoring to formally check all data communication in the system, and we enforce timing reservations for both computation and communication resources. Verification is greatly simplified because certificates are much simpler than the components used to implement low-criticality applications. The effectiveness of our methodology is proven on a case study consisting of a medical pacemaker.

References

[1]

Aeronautical Radio Inc. ARINC 653 Specification. http://www.arinc.com/.

[2]

B. Akesson, K. Goossens, and M. Ringhofer. Predator: a predictable sdram memory controller. In Proc. of the 5th IEEE/ACM inter. conference on HW/SW codesign and system synthesis, 2007.

Digital Library

[3]

P. Avgustinov, J. Tibble, and O. de Moor. Making trace monitors feasible. In Proc. of the ACM Conf. on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'07), pages 589--608, 2007.

Digital Library

[4]

S. Bak, D. Chivukula, O. Adekunle, M. Sun, M. Caccamo, and L. Sha. The system-level simplex architecture for improved real-time embedded system safety. In Proceedings of the IEEE RTAS, 2009.

Digital Library

[5]

H. Barringer, A. Goldberg, K. Havelund, and K. Sen. Rule-based runtime verification. In Int. Conf. on Verification, Model Checking, and Abstract Interpretation (VMCAI'04), pages 277--306, 2004.

[6]

Pam Binns, Matt Englehart, Mike Jackson, and Steve Vestal. Domain Specific Software Architectures for Guidance, Navigation and Control. International Journal of Software Engineering and Knowledge Engineering, 6(2):201--227, 1996.

[7]

M. Caccamo, L. Y. Zhang, L. Sha, and G. Buttazzo. An implicit prioritized access protocol for wireless sensor networks. In Proceedings of the IEEE RTSS, Dec 2002.

Digital Library

[8]

F. Chen and G. Roşu. MOP: An Efficient and Generic Runtime Verification Framework. In Proc. of the ACM OOPSLA, pages 569--588, 2007.

Digital Library

[9]

T. Chen, R. Raghavan, J. Dale, and E. Iwata. Cell broadband engine architecture and its first implementation: A performance view. Technical report, IBM Research, 2005.

[10]

P. Cumming. The TI OMAP platform approach to SoCs. In Surviving the SoC revolution: A guide to platform-based design. Kluwer, 1999.

[11]

E.A. Emerson. Handbook of Theoretical Computer Science. MIT Press, 1990. Chapter 16: Temporal and modal logic.

Digital Library

[12]

F. Balarin et al. Metropolis: An integrated electronic system design environment. IEEE Computers, 36(4):45--52, 2003.

Digital Library

[13]

M. Clavel et al. The maude 2.0 system. In Proc. Rewriting Techniques and Applications, 2003.

Digital Library

[14]

P.H. Feiler, B.A. Lewis, and S. Vestal. The SAE Architecture Analysis&Design Language (AADL): A Standard for Engineering Performance Critical Systems. In Proc, of the 2006 IEEE Conference on Computer Aided Control Systems Design, Oct. 2006.

[15]

K. Goossens, J. Dielissen, and A. Radulescu. othereal network on chip: Concepts, architectures, and implementations. IEEE Design and Test, 22(5):414--421, 2005.

Digital Library

[16]

K. Havelund and G. Rosu. Monitoring Java programs with Java pathexplorer. In Proc. First Workshop on Runtime Verification, 2001.

[17]

J. Hugues, B. Zalila, L. Pautet, and F. Kordon. From the prototype to the final embedded system using the Ocarina AADL tool suite. ACM Trans. on Emb. Computing Sys., 7(4):1--25, 2008.

Digital Library

[18]

IBM. Processor Local Bus Specification. http://www-01.ibm.com/chips/techlib/techlib.nsf/techdocs/3BBB27E5BCC165BA87256A2B0064FFB4.

[19]

G. Karsai, J. Sztipanovits, A. Ledeczi, and T. Bapty. Model-integrated development of embedded software. Proceedings of the IEEE, 91(1):145--164, 2003.

[20]

M. Kim, M. Viswanathan, S. Kannan, I. Lee, and O. Sokolsky. Java-mac: A run-time assurance approach for Java programs. Formal Methods in System Design, 24(2):129--155, 2004.

Digital Library

[21]

D. Knuth. Backus normal form vs. backus naur form. Communications of the ACM, 7(12):735--736, 1964.

Digital Library

[22]

B. Lickly, I. Liu, S. Kim, H. Patel, S. Edwards, and E. Lee. Predictable programming on a precision timed architecture. In Proceedings of International Conference on Compilers, Architecture, and Synthesis from Embedded Systems, Oct 2008.

Digital Library

[23]

H. Lu and A. Forin. The design and implementation of p2v, an architecture for zero-overhead online verification of software programs. Technical Report MSR-TR-2007-99, Microsoft Research, 2007.

[24]

M. Sipser. Introduction to the Theory of Computation. PWS Publishing, 1996. Chapter 1: Regular Languages.

Digital Library

[25]

M. Martin, B. Livshits, and M. Lam. Finding application errors and security flaws using PQL: a program query language. In Proc. of the ACM Conf. on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA'05), pages 365--383, 2005.

Digital Library

[26]

NXP Semiconductors. Philips Nexperia Digital Video Platform. http://www.nxp.com.

[27]

R. Pellizzoni, P. Meredith, M. Caccamo, and G. Rosu. Hardware runtime monitoring for dependable COTS-based real-time embedded systems. In Proceedings of the 29th IEEE RTSS, Dec 2008.

Digital Library

[28]

A.-E. Rugina, K. Kanoun, and M. Kaaniche. The ADAPT Tool: From AADL Architectural Models to Stochastic Petri Nets through Model Transformation. In Dependable Computing Conference, 2008. EDCC 2008. Seventh European, pages 85--90, May 2008.

Digital Library

[29]

A. Sangiovanni-Vincentelli. Quo vadis, SLD? reasoning about the trends and challenges of system level design. Proceedings of the IEEE, 95(3):467--506, 2007.

[30]

F. Singhoff, J. Legrand, L. Nana, and L. Marce. Scheduling and memory requirements analysis with AADL. In Proceedings of ACM SIGAda, volume 25, pages 1--10, Atlanta, Georgia, 2005.

Digital Library

[31]

O. Sokolsky, I. Lee, and D. Clarke. Schedulability analysis of AADL models. Parallel and Distributed Processing Symposium, 2006. IPDPS 2006. 20th International, April 2006.

Digital Library

[32]

H. Sun, M. Hauptman, and R. Lutz. Integrating product-line fault tree analysis into aadl models. In High Assurance Systems Engineering Symposium, 2007. HASE '07. 10th IEEE, pages 15--22, 2007.

Digital Library

[33]

University of Illinois. HW-SW Architectures for SoC-based Real-Time Embedded Systems. http://pertsserver.cs.uiuc.edu/~fpgaweb.

[34]

Uppsala University and Aalborg Univeristy. Uppaal a tool suite for verification of real-time systems. www.uppaal.com.

[35]

John G. Webster. Cardiac Pacemakers. IEEE Press, 1993.

[36]

Xilinx, Inc. Virtex-5 User Guide. Available at www.xilinx.com.

Cited By

Dörr TSchade FBecker J(2023)Pattern-Based Information Flow Control for Safety-Critical On-Chip SystemsComputer Safety, Reliability, and Security10.1007/978-3-031-40923-3_14(181-195)Online publication date: 11-Sep-2023
https://doi.org/10.1007/978-3-031-40923-3_14
Dörr TSandmann TBecker J(2022)Model-based configuration of access protection units for multicore processors in embedded systemsMicroprocessors & Microsystems10.1016/j.micpro.2021.10437787:COnline publication date: 9-Apr-2022
https://dl.acm.org/doi/10.1016/j.micpro.2021.104377
Honorat ADesnos KBhattacharyya SNezan JCucu-Grosjean LMedina RAltmeyer SScharbarg J(2020)Scheduling of Synchronous Dataflow Graphs with Partially Periodic Real-Time ConstraintsProceedings of the 28th International Conference on Real-Time Networks and Systems10.1145/3394810.3394820(22-33)Online publication date: 9-Jun-2020
https://dl.acm.org/doi/10.1145/3394810.3394820
Show More Cited By

Recommendations

A Survey of Research into Mixed Criticality Systems

This survey covers research into mixed criticality systems that has been published since Vestal’s seminal paper in 2007, up until the end of 2016. The survey is organised along the lines of the major research areas within this topic. These include ...
The worst-case execution-time problem—overview of methods and survey of tools

The determination of upper bounds on execution times, commonly called worst-case execution times (WCETs), is a necessary step in the development and validation process for hard real-time systems. This problem is hard if the underlying processor ...
How realistic is the mixed-criticality real-time system model?
RTNS '15: Proceedings of the 23rd International Conference on Real Time and Networks Systems

With the rapid evolution of commercial hardware platforms, in most application domains, the industry has shown a growing interest in integrating and running independently-developed applications of different "criticalities" in the same multi-core ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

EMSOFT '09: Proceedings of the seventh ACM international conference on Embedded software

October 2009

332 pages

ISBN:9781605586274

DOI:10.1145/1629335

Program Chairs:
Samarjit Chakraborty
TU Munich, Germany
,
Nicolas Halbwachs
Verimag/CNRS, Grenoble, France

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ESWeek '09

Sponsor:

ESWeek '09: Fifth Embedded Systems Week

October 12 - 16, 2009

Grenoble, France

Acceptance Rates

EMSOFT '09 Paper Acceptance Rate 33 of 106 submissions, 31%;

Overall Acceptance Rate 60 of 203 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

54
Total Citations
View Citations
608
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)1

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Dörr TSchade FBecker J(2023)Pattern-Based Information Flow Control for Safety-Critical On-Chip SystemsComputer Safety, Reliability, and Security10.1007/978-3-031-40923-3_14(181-195)Online publication date: 11-Sep-2023
https://doi.org/10.1007/978-3-031-40923-3_14
Dörr TSandmann TBecker J(2022)Model-based configuration of access protection units for multicore processors in embedded systemsMicroprocessors & Microsystems10.1016/j.micpro.2021.10437787:COnline publication date: 9-Apr-2022
https://dl.acm.org/doi/10.1016/j.micpro.2021.104377
Honorat ADesnos KBhattacharyya SNezan JCucu-Grosjean LMedina RAltmeyer SScharbarg J(2020)Scheduling of Synchronous Dataflow Graphs with Partially Periodic Real-Time ConstraintsProceedings of the 28th International Conference on Real-Time Networks and Systems10.1145/3394810.3394820(22-33)Online publication date: 9-Jun-2020
https://dl.acm.org/doi/10.1145/3394810.3394820
Restuccia FBiondi AMarinoni MButtazzo G(2020)Safely Preventing Unbounded Delays During Bus Transactions in FPGA-based SoC2020 IEEE 28th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM)10.1109/FCCM48280.2020.00026(129-137)Online publication date: May-2020
https://doi.org/10.1109/FCCM48280.2020.00026
Dorr TSandmann TBecker J(2020)A Formal Model for the Automatic Configuration of Access Protection Units in MPSoC-Based Embedded Systems2020 23rd Euromicro Conference on Digital System Design (DSD)10.1109/DSD51259.2020.00098(596-603)Online publication date: Aug-2020
https://doi.org/10.1109/DSD51259.2020.00098
Valente GGiammatteo PMuttillo VPomante LMascio T(2019)A Lightweight, Hardware-Based Support for Isolation in Mixed-Criticality Network-on-Chip ArchitecturesAdvances in Science, Technology and Engineering Systems Journal10.25046/aj0404674:4Online publication date: 2019
https://doi.org/10.25046/aj040467
Muttillo VPomante LBalbastre PSimo JCrespo A(2019)HW/SW Co-Design Framework for Mixed-Criticality Embedded Systems Considering Xtratum-Based SW Partitions2019 22nd Euromicro Conference on Digital System Design (DSD)10.1109/DSD.2019.00085(554-561)Online publication date: Aug-2019
https://doi.org/10.1109/DSD.2019.00085
Tobuschat SKostrzewa AErnst R(2019)Selective congestion control for mixed-critical networks-on-chipIntegration, the VLSI Journal10.1016/j.vlsi.2017.12.00365:C(404-416)Online publication date: 1-Mar-2019
https://dl.acm.org/doi/10.1016/j.vlsi.2017.12.003
Kornaros GWozniak EHorst OKoch NPrehofer CRigo ACoppola M(2018)Secure and Trusted Open CPS PlatformsSolutions for Cyber-Physical Systems Ubiquity10.4018/978-1-5225-2845-6.ch012(301-324)Online publication date: 2018
https://doi.org/10.4018/978-1-5225-2845-6.ch012
Muttillo VValente GPomante L(2018)Criticality-driven Design Space Exploration for Mixed-Criticality Heterogeneous Parallel Embedded SystemsProceedings of the 9th Workshop and 7th Workshop on Parallel Programming and RunTime Management Techniques for Manycore Architectures and Design Tools and Architectures for Multicore Embedded Computing Platforms10.1145/3183767.3183782(63-68)Online publication date: 23-Jan-2018
https://dl.acm.org/doi/10.1145/3183767.3183782
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten