Spelling suggestions: "subject:"mixed criticality"" "subject:"fixed criticality""
1 |
ARCHITECTURE-AWARE MAPPING AND SCHEDULING OF MIXED-CRITICALITY APPLICATIONS ON MULTI-CORE PLATFORMSVasu, Aishwarya 01 May 2018 (has links) (PDF)
The desire to have enhanced and increased feature sets in embedded applications has contributed to a significant increase in the computational demands of such systems over the years. To support such demand and yet maintain reasonable power/energy budgets, the industry has begun a shift to multi-core architectures even in the embedded systems domain. Embedded real-time applications such as Avionics and Automotive systems are no exception to this trend. Such systems have strict certification requirements of subsets of their functionality, which result in strict temporal constraints on those subsets, while other subsets may have less strict requirements. Migrating such {\em mixed criticality} systems from single-core to multi-core platforms is challenging because application/component isolation and freedom from interference among them must be guaranteed. Safe and efficient, architecture-aware mapping and scheduling of system components (e.g., partitions, tasks, etc. as relevant to a particular domain) on the multiple cores is at the center of any scheme to migrate such systems from single-core to multi-core platforms. In this dissertation, we propose, develop and evaluate a unified framework to automate the mapping and scheduling process with the consideration of several architectural and application level requirements/constraints (e.g., communication and cache conflicts among system components, constraints prohibiting the allocation of certain system components on the same core, etc.)
|
2 |
Robustesse des applications temps-réel multicoeurs : techniques de construction d'un ordonnacement équitable tolérant aux pannes matérielles / Robustness of Multicore Real-Time Apllications : Building Techniques for Processor Failures Tolerant SchedulingMouafo Tchinda, Yves 12 October 2017 (has links)
Cette thèse propose des techniques de construction d'une séquence d'ordonnancement valide par un algorithme équitable pour des systèmes temps-réel multicoeurs subissant des pannes processeurs permanentes. Selon la nature des tâches les concepteurs peuvent allouer ou pas du temps supplémentaire pour récupérer l'exécution perdue. Dans un premier temps, nous traitons le cas de la défaillance d'un seul coeur. Nous montrons alors que s'il n'y a pas d'allocation de temps supplémentaire, prévoir un coeur de plus que le minimum nécessaire permet de construire une séquence valide : c'est la Technique de la Redondance Matérielle Limitée. Toutefois, si une telle allocation s'impose, nous proposons trois techniques : la Technique des Sous-tâches de Substitution qui augmente le WCET des tâches afin de prévoir du temps additionnel en remplacement du temps perdu, la Technique Contraindre puis Relâcher qui crée une marge de temps entre le délai critique et la période d'une tâche pour rattraper l'exécution perdue et la Technique du Flux Apériodique (TFA) qui réordonnance l'exécution perdue dans les unités de temps creux équitablement réparties. Ensuite, l'utilisation conjointe de ces techniques est envisagée en fonction de la nature des tâches impactées. Enfin, le cas de la défaillance de plusieurs coeurs est étudié. Pour ajuster la charge du système au nombre de coeurs fonctionnels, deux approches sont proposées : le changement de mode de criticité qui modifie les paramètres temporels de certaines tâches et l'abandon de certaines tâches en fonction de leur importance dans le système. / This thesis proposes several techniques to build a valid schedule with a Pfair algorithm for multicore real-time systems despite permanent processor failures. Depending on the nature of the tasks, additional time may be allocated or not to recover the lost execution. First, we consider a single core failure. We then show that if no additional time is allocated, the use of a single more core than the required minimum provides a valid schedule : it is the Limited Hardware Redundancy Technique. However, if full recovery is mandatory, we propose three techniques : the Substitute Subtasks Technique which increases the WCET to provide additionnal time which can be used to recover the lost time, the Constrain and Release Technique which creates a time margin between each task's deadline and the following period which can be used to recover the lost execution and the Aperiodic Flow Technique which reschedules the lost execution within the idle time units. Then, these techniques are mixed to adapt the scheduling behaviour to the nature of the impacted tasks. Finally, the case of the failure of several cores is studied.To adapt the system load to the number of remaining functionnal cores we use the criticality mode change which modifies the temporal parameters of some tasks or we discard some tasks according to their importance.
|
3 |
Novel Concept for Cloud-Connection of Embedded Field Devices in Automational Ferdous Fahim, Sahat, Block, Dimitri, Hayek, Ali 13 February 2024 (has links)
Critical industrial applications in embedded field devices require reliability and consistency. Cloudbased
services have been gaining attraction in embedded field devices for monitoring, optimization,
predictive maintenance, and other supporting use cases. A significant challenge persists in enabling
cloud-connection to the embedded field devices. The central issues on this matter are diversity, resource
constraint, and the critical applications of these devices. This paper proposes a novel concept
for enabling cloud connection to these devices. A dedicated software module, μConnector, has been
introduced for cloud-related activities. It operates on Zephyr RTOS. The purpose of μConnector is to
create a separation between critical and cloud related applications within the embedded field devices.
μConnector is designed to be application-agnostic while being independent of vendor selection for
hardware components. The scientific contribution of the paper lies in the introduction of μConnector.
The presented concept addresses the challenges associated with cloud connectivity for embedded field
devices. Its primary objective is to define architectural decisions guiding the implementation of the
proposed software module.
|
4 |
Defending Real-Time Systems through Timing-Aware DesignsMishra, Tanmaya 04 May 2022 (has links)
Real-time computing systems are those that are designed to achieve computing goals by certain deadlines. Real-time computing systems are present in everything from cars to airplanes, pacemakers to industrial-control systems, and other pieces of critical infrastructure. With the increasing interconnectivity of these systems, system security issues and the constant threat of manipulation by malicious external attackers that have plagued general computing systems, now threaten the integrity and safety of real-time systems. This dissertation discusses three different defense techniques that focuses on the role that real-time scheduling theory can play to reduce runtime cost, and guarantee correctness when applying these defense strategies to real-time systems. The first work introduces a novel timing aware defense strategy for the CAN bus that utilizes TrustZone on state-of-the-art ARMv8-M microcontrollers. The second reduces the runtime cost of control-flow integrity (CFI), a popular system security defense technique, by correctly modeling when a real-time system performs I/O, and exploiting the model to schedule CFI procedures efficiently. Finally, the third studies and provides a lightweight mitigation strategy for a recently discovered vulnerability within mixed criticality real-time systems. / Doctor of Philosophy / Real-time computing systems are those that are designed to achieve computing goals within certain timing constraints. Real-time computing systems are present in everything from cars to airplanes, pacemakers to industrial-control systems, and other pieces of critical infrastructure. With the increasing interconnectivity of these systems, system security issues and the constant threat of manipulation by malicious external attackers that have plagued general computing systems, now threaten the integrity and safety of real-time systems. This dissertation discusses three different defense techniques that focuses on the role that real-time scheduling theory can play to reduce runtime cost, and guarantee correctness when applying these defense strategies to real-time systems.
The first work introduces a novel timing aware defense strategy for the Controller Area Network (CAN). CAN is a popular communication system that is at the heart of every modern passenger vehicle and is indispensable for the safe operation of various components such as the engine and transmission systems, and due to its simplicity, may be vulnerable to a variety of attacks. We leverage security advancements in modern processor design to provide a lightweight and predictable (in terms of time taken to perform the operation) defense technique for some of these vulnerabilities.
The second work applies a technique called Control-Flow Integrity (CFI) to real-time systems. CFI is a general-purpose defense technique to prevent attackers from modifying software execution, and applying such techniques to real-time systems, particularly those with limited hardware capabilities, may be infeasible. By applying real-time scheduling theory, we propose a strategy to apply CFI to such systems, while reducing its overhead, or cost, without compromising the security guarantees CFI inherently provides.
Finally, safety-critical systems may consist of a mix of operations, each having a different level of importance (criticality) with respect to the safe operation of the system. However, due to the complexity of modeling such systems, the models themselves may be vulnerable to attacks. Through simulations we study one such vulnerability and propose a modification to mitigate it.
|
5 |
Toward unifying on-board intelligent transportation systems architecture in public transports / Vers l'unification des architectures embarquées de systèmes de transport intelligents appliquée aux transports publicsSciandra, Vincent 19 December 2013 (has links)
Cette thèse s'inscrit dans une démarche Européenne de recherche sous l'égide du projet European Bus System of the Futur (EBSF). Ce projet vise à définir le bus de demain et de préparer son architecture embarquée, aux systèmes de transport intelligents (STI) critiques ou de divertissement, de plus en plus présents dans les véhicules. Les systèmes autrefois hétérogènes et autonomes, devrons à l'avenir communiquer sur une architecture orientée service (SOA) unique. L'objectif est d'optimiser le fonctionnement de l'architecture dans son ensemble grâce à des protocoles de communication ouverts et standards. C'est à partir de cette base, à laquelle nous avons activement apportée notre contribution, que notre thèse s'appuie. Le dimensionnement et la validation de ces architectures sont restés des éléments sans réponse à la suite du projet EBSF. Cette thèse présente premièrement une méthode dimensionnement des architectures STI basée sur les méthodes de décision multi-critères. Nous nous basons sur une étude poussée des besoins opérationnels collectés tout au long de la thèse. Dans un deuxième temps, nous adaptons le modèle de Criticité Mixte, définit dans le domaine du temps réel, aux flux de communication entre le véhicule et l'infrastructure. Enfin nous présentons les travaux réalisés dans le cadre de la standardisation européenne afin de promouvoir ce type d'architecture et les travaux de cette thèse / Intelligent Transportation systems (ITS) are massively used in the Public Transport sector since the Two decades. This profusion of systems on-board and off-board vehicles generates inter-operability issues. The growth of urban zones and the increase of public transport attractiveness, brought multi-modal constraints that are today limited due to a lack of architecture vision embracing all ITS. This thesis proposes to unify the architecture vision of on-board ITS. We based our technical architecture on the Service Oriented Architecture (SOA) proposed in the European Bus System of the Future (EBSF) project, in which this thesis actively contributed. We study first the global requirements of different transportation modes operated in Europe. Those requirements are a basis to the definition of technical constraints of a global architecture. Those constraints are ranked in terms of importance using a proposed method based on Multi-Criteria Decision Making (MCDM) techniques. The method that we propose permits to size the technical architecture. We then study the flow management of data, considering the context of operation of vehicles and the criticality of ITS applications. We propose to adapt the Real-time Mixed-Criticality model to communication systems on-board the vehicles. We apply this method on a communication gateway of a bus, through its journey. Finally we present the work done at the standardization level (CEN) in order promote the global architecture vision presented in the thesis
|
6 |
Leveraging virtualization technologies for resource partitioning in mixed criticality systemsLi, Ye 28 November 2015 (has links)
Multi- and many-core processors are becoming increasingly popular in embedded systems. Many of these processors now feature hardware virtualization capabilities, such as the ARM Cortex A15, and x86 processors with Intel VT-x or AMD-V support. Hardware virtualization offers opportunities to partition physical resources, including processor cores, memory and I/O devices amongst guest virtual machines. Mixed criticality systems and services can then co-exist on the same platform in separate virtual machines. However, traditional virtual machine systems are too expensive because of the costs of trapping into hypervisors to multiplex and manage machine physical resources on behalf of separate guests. For example, hypervisors are needed to schedule separate VMs on physical processor cores. Additionally, traditional hypervisors have memory footprints that are often too large for many embedded computing systems. This dissertation presents the design of the Quest-V separation kernel, which partitions services of different criticality levels across separate virtual machines, or sandboxes. Each sandbox encapsulates a subset of machine physical resources that it manages without requiring intervention of a hypervisor. In Quest-V, a hypervisor is not needed for normal operation, except to bootstrap the system and establish communication channels between sandboxes. This approach not only reduces the memory footprint of the most privileged protection domain, it removes it from the control path during normal system operation, thereby heightening security.
|
7 |
Une approche efficace et polyvalente pour l'ordonnancement de systèmes à criticité mixte sur processeur multi-coeurs / Versatile and efficient mixed–criticality scheduling for multi-core processorsGratia, Romain 06 January 2017 (has links)
Ce document présente nos contributions aux algorithmes d'ordonnancement à criticité mixte pour multi-processeurs. La correction de l'exécution des applications temps réel critiques est assurée par l'utilisation d'un ordonnancement vérifié à la conception. Dans ce contexte, le dimensionnement des plate-formes d'exécution vise à minimiser le nombre de processeurs nécessaires pour assurer un ordonnancement correct. Ce dimensionnement est affecté par les exigences de sûreté de fonctionnement. Ces exigences poussent à surestimer le temps nécessaire garantissant l'exécution correcte des applications. Il en découle un dimensionnement assez coûteux. Les méthodes d'ordonnancement des systèmes à criticité mixte proposent des compromis sur les garanties d'exécution des applications améliorant le dimensionnement. Différents compromis ont été proposés mais tous reposent sur la notion de mode d'exécution. Les modes sont ordonnés, et les tâches voient leur temps d'exécution requis croître avec les modes. Cependant, afin de diminuer le dimensionnement du système, seul l'ordonnancement des tâches les plus critiques est garanti. Ce modèle est appelé "discarding". La majorité des algorithmes proposés se limitent à deux modes d'exécutions par simplicité. De plus, les algorithmes les plus efficaces pour multi-processeurs exhibent un nombre élevé de préemptions, ce qui constitue un frein à leur adoption. Finalement, ces algorithmes sont rarement généralisables. Pourtant, la prise en compte de plus de deux modes, ou de tâches aux périodes élastiques permettrait une adoption plus large par le milieu industriel. L'approche proposée repose sur la séparation des préoccupations entre la prise en compte des modes de fonctionnement, et l'ordonnancement des tâches sur multi-processeurs. Cette méthode permet de concevoir une politique d'ordonnancement efficace et adaptable à différents modèles de systèmes à criticité mixte. Notre approche consiste à transformer un lot de tâches à criticité mixte en un lot de tâches qui n'est plus à criticité mixte. Ceci nous permet d'utiliser un algorithme d'ordonnancement temps réel optimal engendrant peu de préemptions et de migrations, à savoir RUN. Cette approche, appliquée en premier pour le modèle discarding avec deux modes d'exécution, rempli son objectif d'efficacité. Nous illustrons sa généricité en utilisant le même principe pour ordonnancer des systèmes discarding avec plus de deux modes d'exécution. Enfin, une démarche reposant sur la décomposition de tâche permet de généraliser l'approche au cas des tâches élastiques. / This thesis focuses on the scheduling of mixed-criticality scheduling algorithms for multi-processors. The correctness of the execution of the real-time applications is ensured by a scheduler and is checked during the design phase. The execution platform sizing aims at minimising the number of processors required to ensure this correct scheduling. This sizing is impacted by the safety requirements. Indeed, these requirements tend to overestimate the execution times of the applications to ensure their correct executions. Consequently, the resulting sizing is costly. The mixed-criticality scheduling theory aims at proposing compromises on the guarantees of the execution of the applications to reduce this over-sizing. Several models of mixed-criticality systems offering different compromises have been proposed but all are based on the use of execution modes. Modes are ordered and tasks have non decreasing execution times in each mode. Yet, to reduce the sizing of the execution platform, only the execution of the most critical tasks is ensured. This model is called the discarding model. For simplicity reasons, most of the mixed-criticality scheduling algorithms are limited to this model. Besides, the most efficient scheduling policies for multi-processors entail too many preemptions and migrations to be actually used. Finally, they are rarely generalised to handle different models of mixed-criticality systems. However, the handling of more than two execution modes or of tasks with elastic periods would make such solutions more attractive for the industry. The approach proposed in this thesis is based on the separation of concerns between handling the execution modes and the scheduling of the tasks on the multi-processors. With this approach, we achieve to design an efficient scheduling policy that schedules different models of mixed-criticality systems. It consists in performing the transformation of a mixed-criticality task set into a non mixed-criticality one. We then schedule this task set by using an optimal hard real-time scheduling algorithm that entails few preemptions and migrations: RUN. We first apply our approach on the discarding model with two execution modes. The results show the efficiency of our approach for such model. Then, we demonstrate the versatility of our approach by scheduling systems of the discarding model with more than two execution modes. Finally, by using a method based on the decomposition of task execution, our approach can schedule systems based on elastic tasks.
|
8 |
Non-intrusive Logging and Monitoring System of a Parameterized Hardware-in-the-loop Real-Time Simulator / Icke-påträngande loggnings och övervakningssystem för en parametrerad hårdvara-in-the-loop realtidsimulatorAndung Muntaha, Muhamad January 2019 (has links)
Electronic Control Unit (ECU) is a crucial component in today’s vehicle. In a complete vehicle, there are many ECUs installed. Each of these controls a single function of the vehicle. During the development cycle of an ECU, its functionality needs to be validated against the requirement specification. The Hardware-in-the-loop (HIL) method is commonly used to do this by testing the ECU in a virtual representation of its controlled system. One crucial part of the HIL testing method is an intermediary component that acts as a bridge between the simulation computer and the ECU under test. This component runs a parameterized real-time system that translates messages from the simulation computer to the ECU under test and vice versa. It has a strict real-time requirement for each of its tasks to complete.A logging and monitoring system is needed to ensure that the intermediary component is functioning correctly. This functionality is implemented in the form of low priority additional tasks that run concurrently with the high priority message translation tasks. The implementation of these tasks, alongside with a distributed system to support the logging and monitoring functionality, is presented in this thesis work.Several execution time measurements are carried out to get the information on how the parameters of a task affect its execution time. Then, the linear regression analysis is used to model the execution time estimation of the parameterized tasks. Finally, the time demand analysis is utilized to provide a guarantee that the system is schedulable. / Elektronisk styrenhet (ECU) är en viktig del i dagens fordon. I ett komplett fordon finns det många ECU installerade. Var och en av dessa kontrollerar en enda funktion hos fordonet. Under en utvecklingscykel för en ecu måste dess funktionalitet valideras mot kravspecifikationen. HIL-metoden (Hardware-in-the-loop) används vanligtvis för att göra detta genom att testa ECU i en virtuell representation av sitt styrda system. En viktig del av HIL-testmetoden är en mellanliggande komponent som fungerar som en bro mellan simuleringsdatorn och den ecu som testas. Denna komponent driver ett parametrerat realtidssystem som översätter meddelanden från simuleringsdatorn till ECU som testas och vice versa. Det har en strikt realtidskrav för att alla uppgifter ska kunna slutföras.Ett loggnings och övervakningssystem behövs för att den mellanliggande komponenten ska fungera korrekt. Denna funktionalitet är implementerad i form av extraordinära uppgifter med låg prioritet som körs samtidigt med de högsta prioritetsuppgifterna för översättningstjänster. Genomförandet av dessa uppgifter, tillsammans med ett distribuerat system för att stödja loggnings och övervakningsfunktionaliteten, presenteras i detta avhandlingararbete.Flera utförandetidsmätningar utförs för att få information om hur parametrarna för en uppgift påverkar dess körtid. Därefter används den linjära regressionsanalysen för att modellera exekveringstidestimeringen av de parametrerade uppgifterna. Slutligen används tidsanalysanalysen för att garantera att systemet är schemaläggbart.
|
9 |
Design and quality of service of mixed criticality systems in embedded architectures based on Network-on-Chip (NoC) / Dimensionnement et Qualité de Service pour les systèmes à criticité mixte dans les architectures embarquées à base de Network on Chip (NoC)Papastefanakis, Ermis 28 November 2017 (has links)
L'évolution de Systems-on-Chip (SoCs) est rapide et le nombre des processeurs augmente conduisant à la transition des les plates-formes Multi-core vers les Manycore. Dans telles plates-formes, l'architecture d'interconnexion a également décalé des bus traditionnels vers les Réseaux sur puce (NoC) afin de faire face à la mise en échelle. Les NoC permettent aux processeurs d'échanger des informations avec la mémoire et les périphériques lors de l'exécution d'une tâche et d'effectuer plusieurs communications en parallèle. Les plates-formes basées sur un NoC sont aussi présentes dans des systèmes embarqués, caractérisés par des exigences comme la prédictibilité, la sécurité et la criticité mixte. Afin de fournir telles fonctionnalités dans les plates-formes commerciales existantes, il faut prendre en considération le NoC qui est un élément clé ayant un impact important sur les performances d'un SoC. Une tâche échange des informations à travers du NoC et par conséquent, son temps d'exécution dépend du temps de transmission des flux qu'elle génère. En calculant le temps de transmission de pire cas (WCTT) des flux dans le NoC, une étape est faite vers le calcul du temps d'exécution de pire cas (WCET) d'une tâche. Ceci contribue à la prédictibilité globale du système. De plus, en prenant en compte les politiques d'arbitrage dans le NoC, il est possible de fournir des garanties de sécurité contre des tâches compromises qui pourraient essayer de saturer les ressources du système (attaque DoS). Dans les systèmes critiques de sécurité, une distinction des tâches par rapport à leur niveau de criticité, permet aux tâches de criticité mixte de coexister et d'exécuter en harmonie. De plus, ça permet aux tâches critiques de maintenir leurs temps d'exécution au prix de tâches de faible criticité qui seront ralenties ou arrêtées. Cette thèse vise à fournir des méthodes et des mécanismes dans le but de contribuer aux axes de prédictibilité, de sécurité et de criticité mixte dans les architectures Manycore basées sur Noc. En outre, l'incitation consiste à relever conjointement les défis dans ces trois axes en tenant compte de leur impact mutuel. Chaque axe a été étudié individuellement, mais très peu de recherche prend en compte leur interdépendance. Cette fusion des aspects est de plus en plus intrinsèque dans des domaines tels que Internet-of-Things, Cyber-Physical Systems (CPS), véhicules connectés et autonomes qui gagnent de l'élan. La raison en est leur haut degré de connectivité qui crée une grande surface d'exposition ainsi que leur présence croissante qui rend l'impact des attaques sévère et visible. Les contributions de cette thèse consistent en une méthode pour fournir une prédictibilité aux flux dans le NoC, un mécanisme pour la sécurité du NoC et une boîte à outils pour la génération de trafic utilisée pour l'analyse comparative. La première contribution est une adaptation de l'approche de la trajectoire traditionnellement utilisée dans les réseaux avioniques (AFDX) pour calculer le WCET. Dans cette thèse, nous identifions les différences et les similitudes dans l'architecture NoC et modifions l'approche de la trajectoire afin de calculer le WCTT des flux NoC. La deuxième contribution est un mécanisme qui permet de détecter les attaques de DoS et d'atténuer leur impact dans un ensemble des flux de criticité mixte. Plus précisément, un mécanisme surveille le NoC et lors de la détection d'un comportement anormal, un deuxième mécanisme d'atténuation s'active. Ce dernier applique des limites de trafic à la source et restreint le taux auquel le NoC est occupé. Cela atténuera l'impact de l'attaque, garantissant la disponibilité des ressources pour les tâches de haute criticité. Finalement NTGEN, est un outil qui peut générer automatiquement des jeux des flux aléatoires mais qui provoquent une occupation NoC prédéterminée. Ces ensembles sont ensuite injectés dans le NoC et les informations sont collectées en fonction de la latence / The evolution of Systems-on-Chip (SoCs) is rapid and the number of processors has increased transitioning from Multi-core to Manycore platforms. In such platforms, the interconnect architecture has also shifted from traditional buses to Networks-on-Chip (NoC) in order to cope with scalability. NoCs allow the processors to exchange information with memory and peripherals during task execution and enable multiple communications in parallel. NoC-based platforms are also present in embedded systems, characterized by requirements like predictability, security and mixed-criticality. In order to enable such features in existing commercial platforms it is necessary to take into consideration the NoC which is a key element with an important impact to a SoC's performance. A task exchanges information through the NoC and as a result, its execution time depends on the transmission time of the flows it generates. By calculating the Worst Case Transmission Time (WCTT) of flows in the NoC, a step is made towards the calculation of the Worst Case Execution Time (WCET) of a task. This contributes to the overall predictability of the system. Similarly by leveraging arbitration and traffic policies in the NoC it is possible to provide security guarantees against compromised tasks that might try to saturate the system's resources (DoS attack). In safety critical systems, a distinction of tasks in relation to their criticality level, allows tasks of mixed criticality to co-exist and execute in harmony. In addtition, it allows critical tasks to maintain their execution times at the cost of tasks of lower criticality that will be either slowed down or stopped. This thesis aims to provide methods and mechanisms with the objective to contribute in the axes of predictability, security and mixed criticality in NoC-based Manycore architectures. In addition, the incentive is to jointly address the challenges in these three axes taking into account their mutual impact. Each axis has been researched individually, but very little research takes under consideration their interdependence. This fusion of aspects is becoming more and more intrinsic in fields like the Internet-of-Things, Cyber-Physical Systems (CPSs), connected and autonomous vehicles which are gaining momentum. The reason being their high degree of connectivity which is creates great exposure as well as their increasing presence which makes attacks severe and visible. The contributions of this thesis consist of a method to provide predictability to a set of flows in the NoC, a mechanism to provide security properties to the NoC and a toolkit for traffic generation used for benchmarking. The first contribution is an adaptation of the trajectory approach traditionally used in avionics networks (AFDX) to calculate WCET. In this thesis, we identify the differences and similarities in NoC architecture and modify the trajectory approach in order to calculate the WCTT of NoC flows. The second contribution is a mechanism that detects DoS attacks and mitigates their impact in a mixed criticality set of flows. More specifically, a monitor mechanism will detect abnormal behavior, and activate a mitigation mechanism. The latter, will apply traffic shaping at the source and restrict the rate at which the NoC is occupied. This will limit the impact of the attack, guaranteeing resource availability for high criticality tasks. Finally NTGEN, is a toolkit that can automatically generate random sets of flows that result to a predetermined NoC occupancy. These sets are then injected in the NoC and information is collected related to latency
|
10 |
Automated Configuration of Time-Critical Multi-Configuration AUTOSAR SystemsChandmare, Kunal 28 September 2017 (has links) (PDF)
The vision of automated driving demands a highly available system, especially in safety-critical functionalities. In automated driving when a driver is not binding to be a part of the control loop, the system needs to be operational even after failure of a critical component until driver regain the control of vehicle. In pursuit of such a fail-operational behavior, the developed design process with software redundancy in contrast to conventional dedicated backup requires the support of automatic configurator for scheduling relevant parameters to ensure real-time behavior of the system. Multiple implementation methods are introduced to provide an automatic service which also considers task criticality before assigning task to the processor. Also, a generic method is developed to generate adaptation plans automatically for an already monitoring and reconfiguration service to handle fault occurring environment.
|
Page generated in 0.0805 seconds