ATMP-CA: Optimising Mixed-Criticality Systems Considering Criticality Arithmetic
Abstract
1. Introduction
2. Related Work
3. Criticality Arithmetic
3.1. Safety Integrity Implementations
3.2. Criticality Arithmetic and Safety Integrity
3.2.1. Benefits of Criticality Arithmetic
3.2.2. Drawbacks of Criticality Arithmetic
4. System Model
- is the service’s name.
- l
- is the service’s criticality level, with . A higher value of means a higher level of criticality. The vector is used to represent all possible criticality levels in a system: , with being the minimum and being the maximum possible criticality level.
- T
- is the set of tasks that implement the service s. If only one task implements the service (), then no criticality arithmetic is used, and the task in this case has the same criticality as the service.If multiple tasks implement the service (), then criticality arithmetic is used: All the tasks implement the same service s with redundant execution. The criticality of each is less than the criticality of service s it implements.
- is the utility function of task . The input parameter of the utility function is the chosen period, i.e., throughput. The utility function is characterised by the following properties: . is the primary period, with the relative utility being 1.0 up to this period. At the tolerance period , the resulting utility is , with the utility linearly interpolated between and .
- s
- is the service that is implemented by task .
- d
- is the relative deadline of task . We assume implicit deadlines, e.g., . (Note that this assumption is only chosen for the scheduling test in our implementation, but it is not a requirement of our optimisation method.)
- c
- is the WCET estimate of task . Depending on the underlying short-term scheduling protocol, the WCET estimate can be different for each criticality level. However, the mid-term scheduler described in this paper does not require this.
- l
- is the criticality level of task with . A higher value of l indicates a higher level of criticality. The vector is used to represent all possible criticality levels in a system: , with being the minimum and being the maximum possible criticality level.
- represent the task’s chosen period and the resulting utility u, respectively. The period p can be chosen within the tolerance interval: . The resulting utility is defined by the task’s utility function: . Section 4.1 We also use an absolute utility, U, which is calculated as .
4.1. TRTCM
4.2. Computing Elements
5. ATMP with Criticality Arithmetic
5.1. Criticality-Arithmetic-Aware Allocation to Cores
| Algorithm 1: Criticality-arithmetic-aware allocation of tasks to cores. | 
|  | 
5.2. Formulation of ILP Problem for ATMP-CA
- Optimisation parameters (constants): In ATMP, the units of scheduling are tasks. As described in Section 4, each task of a task set T consists of the following components:where the utility function is characterised by the following properties: . We model the utility function and the criticality of each task in the ILP problem with the following constants:
| the WCET of , | |
| the primary period (with utility ), | |
| the tolerance period, | |
| the utility at the tolerance period , | |
| the criticality weight of , | |
| the computing capacity of . | 
- The parameters , , and characterise a task’s utility function by two linear lines, as shown in Figure 1. The horizontal line is a constant utility of , which can be directly expressed as an ILP constraint. The sloped line of each task’s utility function can be also derived from , , and , for which we have to calculate its slope and y-intercept to express it as a line equation:
- Optimisation variables: We use the following optimisation variables to find the optimised task configurations:
| the chosen period of task , | |
| the relative utility of task . | 
- Objective function The optimisation ILP goal function maximises the system utility through maximising the utility variable of each task multiplied by its criticality weight :The criticality weight is explained below under the optimisation constraints.
- Optimisation constraints We express the piecewise affine approximationsof the utility functions to the following constraints:
- The resource constraints are used to limit the workload of each of the available cores . The maximum workload a core is its computing capacity :
- The tolerance constraints determine the maximal acceptable period of
- In ATMP, the weight is always set to the criticality of a task . In contrast, in ATMP-CA, the calculation of the weight of a task depends on the context with the replicas on other cores. In ATMP-CA, the is only set to the criticality of the task in the case where another replica of the task has already been allocated with its maximum utility or there is another replica of the task allocated in the cores still to be processed. Otherwise, the weight is set to the criticality of the service it implements, which is higher than .
- The implementation of the ILP formulation in ATMP-CA to calculate the weight is shown in Algorithm 2. The algorithm has a single input, the task , for which we want to calculate the weight , as used in Equation (4). On line 2, function determines whether a replica of task has been optimised with maximum utility in already-processed cores, and function checks whether the not-yet processed cores included an allocation of a replica of task . If one of these two functions returns , then we choose the task’s criticality on line 3. Otherwise, we choose on line 4 the criticality of the task’s service . On line 7, the weight for the ILP objective function is set to the determined criticality l.
6. Experiments
| Algorithm 2: Calc-CA-aware ILP-weight. | 
|  | 
6.1. Setup of Experiments
6.2. Results of Experiments
6.3. Discussion
7. Conclusions
Author Contributions
Funding
Acknowledgments
Conflicts of Interest
Appendix A. Glossary of Main Elements Used in System Model
- …worst-case execution time (WCET) of task ; also written as :
- …computing capacity of computing element
- …set of computing elements
- …deadline of task
- …real execution time of task
- ,
- …criticality level of task respective service s
- ,
- …chosen period and resulting utility of task :
- …primary period of task
- …tolerance period of task
- …set of tasks implementing service s
- …utility of task at period :
- …utility function (defined by , , ), calculates utility for a period p
- …absolute utility
Appendix B. List of Acronyms Used in this Paper
| ASIL | … | automotive safety integrity level | 
| ATMP | … | adaptive tolerance-based mixed-criticality protocol | 
| CA | … | criticality arithmetic (also known as SIL arithmetic) | 
| DAL | … | development assurance level | 
| HI, LO | … | high and low criticality (in examples with only 2 criticality levels) | 
| ILP | … | integer linear programming | 
| PFD | … | probability of failure on demand | 
| PFH | … | probability of failure per hour | 
| SAMP | … | standard adaptive mixed-criticality protocol | 
| SIL | … | safety integrity level | 
| TRTCM | … | tolerance-based real-time computing model | 
| WCET | … | worst-case execution time | 
References
- Vestal, S. Preemptive Scheduling of Multi-criticality Systems with Varying Degrees of Execution Time Assurance. In Proceedings of the 28th IEEE International Real-Time Systems Symposium (RTSS’07), Tucson, AZ, USA, 3–6 December 2007; pp. 239–243. [Google Scholar] [CrossRef]
- Burns, A.; Davis, R.I.; Baruah, S.; Bate, I. Robust Mixed-Criticality Systems. IEEE Trans. Comput. 2018, 67, 1478–1491. [Google Scholar] [CrossRef]
- Simó, J.; Balbastre, P.; Blanes, J.F.; Poza-Luján, J.L.; Guasque, A. The Role of Mixed Criticality Technology in Industry 4.0. Electronics 2021, 10, 226. [Google Scholar] [CrossRef]
- Sahoo, S.S.; Ranjbar, B.; Kumar, A. Reliability-Aware Resource Management in Multi-/Many-Core Systems: A Perspective Paper. J. Low Power Electron. Appl. 2021, 11, 7. [Google Scholar] [CrossRef]
- Capota, E.A.; Stangaciu, C.S.; Micea, M.V.; Curiac, D.I. Towards mixed criticality task scheduling in cyber physical systems: Challenges and perspectives. J. Syst. Softw. 2019, 156, 204–216. [Google Scholar] [CrossRef]
- Esper, A.; Nelissen, G.; Nélis, V.; Tovar, E. An industrial view on the common academic understanding of mixed-criticality systems. Real-Time Syst. 2018, 54, 745–795. [Google Scholar] [CrossRef]
- Baruah, S. Mixed-Criticality Scheduling Theory: Scope, Promise, and Limitations. IEEE Des. Test 2018, 35, 31–37. [Google Scholar] [CrossRef]
- Bauer, L.; Damschen, M.; Ziegenbein, D.; Hamann, A.; Biondi, A.; Buttazzo, G.; Henkel, J. Analyses and Architectures for Mixed-Critical Systems: Industry Trends and Research Perspective Special Session Extended Abstract. In Proceedings of the 2019 International Conference on Embedded Software (EMSOFT), New York, NY, USA, 13–18 October 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 1–2. [Google Scholar]
- International Electrotechnical Commission. Functional Safety of Electrical/Electronic/Programmable Electronic Safety-Related Systems; IEC standard 61508; International Electrotechnical Commission: Geneva, Switzerland, 1998. [Google Scholar]
- Catherine, M.; Saverio, I.; Raimund, K. Analysis for Systems Modelled in Matlab/SimulinkUsing SIL Arithmetic to Design Safe and Secure Systems. In Proceedings of the 23rd IEEE International Symposium on Real-time Distributed Computing, Nashville, TN, USA, 19–21 May 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 213–218. [Google Scholar]
- Iacovelli, S.; Kirner, R.; Menon, C. ATMP: An Adaptive Tolerance-based Mixed-criticality Protocol for Multi-core Systems. In Proceedings of the 13th International Symposium on Industrial Embedded Systems (SIES’18), Graz, Austria, 6–8 June 2018. [Google Scholar]
- Anderson, J.S.; Ravindran, B.; Jensen, E.D. Consensus-driven distributable thread scheduling in networked embedded systems. In International Conference on Embedded and Ubiquitous Computing; Springer: Berlin/Heidelberg, Germany, 2007; pp. 247–260. [Google Scholar]
- Kirner, R. A Uniform Model for Tolerance-Based Real-Time Computing. In Proceedings of the 17th IEEE Int’l Symposium on Object/Component/Service-oriented Real-Time Distributed Computing, Reno, Nevada, 27 November 2014; pp. 9–16. [Google Scholar] [CrossRef]
- Baruah, S.; Burns, A. Expressing survivability considerations in mixed-criticality scheduling theory. J. Syst. Archit. 2020, 109. [Google Scholar] [CrossRef]
- Jiang, Z.; Zhao, S.; Dong, P.; Yang, D.; Wei, R.; Guan, N.; Audsley, N. Re-Thinking Mixed-Criticality Architecture for Automotive Industry. In 2020 IEEE 38th International Conference on Computer Design (ICCD); IEEE: Piscataway, NJ, USA, 2020; pp. 510–517. [Google Scholar]
- Baruah, S.K.; Burns, A.; Davis, R.I. Response-time analysis for mixed criticality systems. In 2011 IEEE 32nd Real-Time Systems Symposium; IEEE: Piscataway, NJ, USA, 2011; pp. 34–43. [Google Scholar]
- Kadeed, T.; Nikolic, B.; Ernst, R. Safe Online Reconfiguration of Mixed-Criticality Real-Time Systems. In Proceedings of the 2020 IEEE 25th Pacific Rim International Symposium on Dependable Computing (PRDC), Perth, Australia, 1–4 December 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 140–149. [Google Scholar]
- International Standards Organisation. ISO26262: Road Vehicles—Functional Safety; ISO/DIS standard 26262; International Standards Organisation: Geneva, Switzerland, 2011. [Google Scholar]
- SAE International. ARP4754A:Guidelines for Development of Civil Aircraft and Systems; SAE standard ARP4754A; SAE International: Warrendale, PA, USA, 2010. [Google Scholar]
- Wu, P. Preventing Interference between Subsystem Blocks at Design Time. U.S. Patent Number US8938710B2, 20 January 2015. [Google Scholar]
- Frigerio, A.; Vermeulen, B.; Goossens, K. Component-level ASIL Decomposition for automotive architectures. In Proceedings of the 2019 International Conference on Dependable Systems and Networks Workshops, Portland, OR, USA, 24–27 June 2019; pp. 62–69. [Google Scholar]
- Rushby, J. Bus architectures for safety-critical embedded systems. In International Workshop on Embedded Software; Springer: Berlin/Heidelberg, Germany, 2001; pp. 306–323. [Google Scholar]
- Piovesan, A.; Favaro, J. Experience with ISO 26262 ASIL Decomposition. In Proceedings of the Automotive SPIN Italia Workshop, Milano, Italy, 17 February 2011. [Google Scholar]
- Ward, D.; Crozier, S. The uses and abuses of ASIL decomposition in ISO 26262. In Proceedings of the 7th IET International Conference on System Safety, incorporating the Cyber Security Conference 2012, Edinburgh, UK, 15–18 October 2012. [Google Scholar]
- Kirner, R.; Iacovelli, S.; Zolda, M. Optimised Adaptation of Mixed-criticality Systems with Periodic Tasks on Uniform Multiprocessors in Case of Faults. In Proceedings of the 11th IEEE Workshop on Software Technologies for Future Embedded and Ubiquitous Systems (SEUS’15), Auckland, New Zealand, 13 April 2015. [Google Scholar]


| SIL | PFD | PFH | 
|---|---|---|
| 4 | to | to | 
| 3 | to | to | 
| 2 | to | to | 
| 1 | to | to | 
| Service: | name | S1 | S2 | S3 | S4 | S5 | S6 | S7 | S8 | 
| criticality | HI | HI | HI | HI | LO | LO | LO | LO | |
| Task: | name | T1 | T2 | T3a, | T4a, | T5 | T6 | T7 | T8 | 
| T3b | T4b | ||||||||
| critality | HI | HI | LO | LO | LO | LO | LO | LO | 
| Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. | 
© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Fadlelseed, S.; Kirner, R.; Menon, C. ATMP-CA: Optimising Mixed-Criticality Systems Considering Criticality Arithmetic. Electronics 2021, 10, 1352. https://doi.org/10.3390/electronics10111352
Fadlelseed S, Kirner R, Menon C. ATMP-CA: Optimising Mixed-Criticality Systems Considering Criticality Arithmetic. Electronics. 2021; 10(11):1352. https://doi.org/10.3390/electronics10111352
Chicago/Turabian StyleFadlelseed, Sajid, Raimund Kirner, and Catherine Menon. 2021. "ATMP-CA: Optimising Mixed-Criticality Systems Considering Criticality Arithmetic" Electronics 10, no. 11: 1352. https://doi.org/10.3390/electronics10111352
APA StyleFadlelseed, S., Kirner, R., & Menon, C. (2021). ATMP-CA: Optimising Mixed-Criticality Systems Considering Criticality Arithmetic. Electronics, 10(11), 1352. https://doi.org/10.3390/electronics10111352
 
         
                                                


 
       