Abstract-As the demand for computing power is quickly increasing in the automotive domain, car manufacturers and tier-one suppliers are gradually introducing multicore ECUs in their electronic architectures. Additionally, these multicore ECUs offer new features such as higher levels of parallelism which ease the respect of the safety requirements such as the ISO 26262 and the implementation of other automotive use-cases. These new features involve also more complexity in the design, development and verification of the software applications. Hence, OEMs and suppliers will require new tools and methodologies for deployment and validation. In this paper, we review the operating system protection mechanisms (e.g., memory, timing), needed for multi-source software in a safety critical context, with a clear focus on AUTOSAR OS which is the upcoming defacto standard for automotive ECUs. Then, we identify the main use-cases for automotive multicore ECUs and present solutions for the scheduling in a context where there are hundreds of software components and only a few OS tasks are allowed. Finally, experiments aim to assess the load level that can be reached on realistic case-studies.
Abstract. UPPAAL PORT is a new tool for component-based design and analysis of embedded systems. It operates on the hierarchically structured continuous time component modeling language SaveCCM and provides efficient model-checking by using partial-order reduction techniques that exploits the structure and the component behavior of the model. UPPAAL PORT is implemented as an extension of the verification engine in the UPPAAL tool. The tool can be used as back-end in to the Eclipse based SaveCCM integrated development environment, which supports user friendly editing, simulation, and verification of models.
With multicore controllers becoming available for industrial automation applications, new tools and algorithms to compute efficient partitioning and scheduling solutions for control applications need to be developed. Optimizing the deployment and the schedule of a set of Function Block Diagrams on a parallel architecture are both NP hard. Additionally, control engineers need help to shift from the single core towards the multicore paradigm. By taking advantage of the parallelism inside the control applications it is effectively possible to decrease the finish times of the applications which enables to decrease their cycle times and improve the quality of service of the controller processes. This paper presents a practical solution to this problem that consists in a framework, called PASA, designed for partitioning and scheduling control applications modeled as function block diagrams. It enables new algorithms tailored to solve these optimization problems. This paper presents an extension of list-based DAG scheduling algorithms designed to compute a deployment and schedule for several control applications with different cycle times. The different variants of this algorithm are compared against each other as well as against some other existing solutions on a set of randomly generated examples.
Abstract:The response time distributions of the frames sent on a Controller Area Network (CAN) bus are of prime interest to dimension and validate automotive electronic architectures. However, the existing work on the timing behaviour of the CAN network does not take into account that all the data exchanges between the Electronic Control Units (ECUs) are driven by different and independent clocks which are subject to clock drifts. This paper proposes a model for clock drifts and describes their impact on the CAN frame response time distributions. By implementing the clock drifts in a CAN simulation tool, we show experimentally that the response time distributions converge, for drift values chosen randomly within the same range on all ECUs, whatever the initial phasings between the sending nodes. Furthermore, we show that, as a result of the clock drifts, the situations leading to the worst case response times are transient.
This paper introduces a new technique for dynamic verification of component-based real-time systems based on statistical inference. Verifying such systems requires checking two types of properties: functional and real-time. For functional properties, a standard approach for ensuring correctness is Design by Contract: annotating programs with executable pre-and postconditions. We extend contracts for specifying real-time properties.In the industry, components are often bought from vendors and meant to be used off-the-shelf which makes it very difficult to determine their execution times and express related properties. We present a solution to this problem by using statistical inference for estimating the properties. The contract framework allows application developers to express contracts like "the execution time of component X lies within γ standard deviations from the mean execution time". Experiments based on industrial case studies show that this framework can be smoothly integrated into existing control applications, thereby increasing their reliability while having an acceptable execution time overhead (less than 10%).
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.