| EPSRC Reference: |
EP/K011626/1 |
| Title: |
Mixed Criticality Embedded Systems on Many-Core Platforms |
| Principal Investigator: |
Burns, Professor A |
| Other Investigators: |
|
| Researcher Co-Investigators: |
|
| Project Partners: |
|
| Department: |
Computer Science |
| Organisation: |
University of York |
| Scheme: |
Standard Research |
| Starts: |
01 April 2013 |
Ends: |
30 September 2016 |
Value (£): |
652,126
|
| EPSRC Research Topic Classifications: |
| Computer Sys. & Architecture |
|
|
| EPSRC Industrial Sector Classifications: |
| Aerospace, Defence and Marine |
|
|
| Related Grants: |
|
| Panel History: |
| Panel Date | Panel Name | Outcome |
|
09 Oct 2012
|
EPSRC ICT Responsive Mode - Oct 2012
|
Announced
|
|
|
Summary on Grant Application Form |
An increasingly important trend in the design of real-time and embedded systems is the integration of applications with different levels of criticality onto a common hardware platform. At the same time, these platforms are migrating from single cores to multi-cores and, in the future, many-core architectures. Criticality is a designation of the level of assurance against failure needed for a system component. A mixed criticality system (MCS) is one that has two or more distinct levels. A number of application domains, such as automotive and avionics, and EU initiatives (for example Horizon2020) have identified Mixed Criticality as a key issue in future systems.
The fundamental research question underlying these initiatives is: how, in a disciplined way, to reconcile the conflicting requirements of 'partitioning' for (safety) assurance and 'sharing' for efficient resource usage. This question gives rise to theoretical problems in modelling and verification, and systems problems relating to the design and implementation of the necessary hardware and software run-time controls. This project addresses both the theoretical and related systems questions.
A many-core platform with a scheduled communications medium is the designated platform on which multiple applications (perhaps composed of what are often called 'system of systems') are to be hosted. The isolation of components with different criticality levels is crucial, but the processor interconnects must be shared and be able to transmit messages with different criticality levels. Moreover, applications with different criticality levels must be able to exchange data in a demonstrably safe way.
A defining property of MCS is that the different means of assurance (for each criticality level) give rise to different values for the component's key parameters such as worst-case execution times and worst-case transmission times. In general, the higher the criticality level, the more conservative are the assumptions made about these values. Hence the context (system criticality level) will determine the parameters that must be used to verify (via scheduling analysis) that each core and each inter-connect will perform as required by the temporal constraints of each application. The development of criticality-aware analysis is needed for these systems.
Although total isolation with rigid time-triggered global scheduling is a possible architectural structure, significantly greater resource utilisation and hence reduced power consumption is possible if trade-offs are made between the overall system criticality level and assumptions about each component's run-time behaviour. For example, we require that: in a dual-criticality systems all applications will meet their timing constraints if all components are constrained by (rely on) their low criticality assumptions, but all high-criticality applications must also meet their deadlines if any component exhibits high-criticality behaviour (i.e. the low criticality assumptions can no longer be relied upon).
Previous work (in York and in a number of other international research centres) has explored this trade-off for single processor systems. This project will focus on many-core platforms to: (i) develop the appropriate scheduling schemes (on the cores and interconnects), (ii) derive verification procedures for MCSs, (iii) explore the theoretical bounds of the developed schemes (to show to what extent resource usage and power consumption are improved over a full partitioned system), (iv) develop the necessary run-time controls (to manage the sharing of communication media between the criticality levels), and (v) demonstrate the developed theory via simulations, a FPGA test-bed and an industrially relevant case study.
|
|
Key Findings |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Potential use in non-academic contexts |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Impacts |
|
| Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
| Summary |
|
| Date Materialised |
|
|
|
|
Sectors submitted by the Researcher |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
| Project URL: |
http://www.cs.york.ac.uk/research/research-groups/rts/mcc/ |
| Further Information: |
|
| Organisation Website: |
http://www.york.ac.uk |