9.7 Runtime Predictability

Time	Label	Presentation Title Authors
08:30	9.7.1	INCREASING ACCURACY OF TIMING MODELS: FROM CPA TO CPA+ Speaker: Leonie Köhler, TU Braunschweig, DE Authors: Leonie Köhler¹, Borislav Nikolic¹, Marc Boyer² and Rolf Ernst¹ ¹Technische Universität Braunschweig, DE; ²ONERA, FR Abstract Formal analysis methods of embedded systems provide safe, but unfortunately often pessimistic bounds on response times. An important source of pessimism is the common approach to characterize service request either by the amount of data or the number of events to be processed. Several works, e.g. [1]-[4], have demonstrated that a dual model - which includes information on both data and events - is more accurate, especially for more complex scheduling problems. In this paper, we enrich Compositional Performance Analysis (CPA) by a new component interface which, as we show, is consistent with the generic dual model proposed in [3]. Furthermore, we discuss how composition of components should be realized and how the new information should be integrated into the analysis technique. The improved CPA is called CPA+, and we identify different types of scenarios where CPA+ is particularly beneficial. Download Paper (PDF; Only available from the DATE venue WiFi)
09:00	9.7.2	SCRATCHPAD MEMORIES WITH OWNERSHIP Speaker: Martin Schoeberl, Technical Uniersity of Denmark, DK Authors: Martin Schoeberl, Tórur Biskopstø Strøm, Oktay Baris and Jens Sparsø, Technical University of Denmark, DK Abstract A multicore processor for real-time systems needs a time-predictable way to communicate data between different threads running on different cores. Standard multicore processors support data sharing with shared main memory backed up by caches and cache coherence protocol. This sharing solution is hardly time predictable nor does it scale to more than a few cores. This paper presents a shared scratchpad memory (SPM) for time-predictable communication between cores. The base architecture uses time-division multiplexing for the arbitration of the access to the shared SPM. This allows that the timing of programs executing on different cores is completely independent from programs executing on other cores. We extend this architecture by the notion of ownership. A core can own the SPM. Having exclusive access to the SPM reduces the access time to a single clock cycle. The ownership of the SPM can then be transferred to a different core, implementing low latency communication of bulk data. As an extension, we propose to organize this memory as a pool of SPMs that can be owned by different cores and transferred as needed. We evaluate the proposed architecture within the T-CREST multicore architecture. Download Paper (PDF; Only available from the DATE venue WiFi)
09:30	9.7.3	A CONTAINER-BASED DOS ATTACK-RESILIENT CONTROL FRAMEWORK FOR REAL-TIME UAV SYSTEMS Speaker: Jiyang Chen, University of Illinois at Urbana Champaign, US Authors: Jiyang Chen¹, Zhiwei Feng², Jen-Yang Wen¹, Bo Liu³ and Lui Sha¹ ¹University of Illinois at Urbana-Champaign, US; ²Northeastern University, CN; ³NVIDIA, US Abstract Unmanned aerial vehicles (UAVs) are expanding fast and the expectation for their capabilities keeps growing. Defending malicious attacks against real-time UAVs has become one of the challenges that need to be urgently solved. Among all types of attack, denial-of-service attack (DoS attack) can exhaust system resources and cause important tasks to miss deadlines. DoS attack is also easy to implement but hard to counter. In this paper, we present a software framework that offers DoS attack-resilient control for real-time UAV systems using containers: ContainerDrone. The framework provides defense mechanisms for three critical system resources: CPU, memory, and communication channel. We restrict attacker's access to CPU core set and utilization. Memory bandwidth throttling limits attacker's memory usage. By simulating sensors and drivers in the container, a security monitor constantly checks DoS attack against communication channel. Upon the detection of a security rule violation, the framework switches to the safety controller to prevent potential damages. We implemented a prototype drone with commercial-off-shelf (COTS) hardware and open-source software. Our experiment results demonstrated the effectiveness of the proposed framework against various types of DoS attacks. Download Paper (PDF; Only available from the DATE venue WiFi)
09:45	9.7.4	AN EXACT SCHEDULABILITY TEST FOR NON-PREEMPTIVE SELF-SUSPENDING REAL-TIME TASKS Speaker: Mitra Nasri, Delft University of Technology, NL Authors: Beyazit Yalcinkaya¹, Mitra Nasri¹ and Björn Brandenburg² ¹Max Planck Institute for Software Systems, DE; ²MPI-SWS, DE Abstract Exact schedulability analysis of limited-preemptive (or non-preemptive) real-time workloads with variable execution costs and release jitter is a notoriously difficult challenge due to the scheduling anomalies inherent in non-preemptive execution. Furthermore, the presence of self-suspending tasks is well-understood to add tremendous complications to an already difficult problem. By mapping the schedulability problem to the reachability problem in timed automata (TA), this paper provides the first exact schedulability test for this challenging model. Specifically, using TA extensions available in UPPAAL, this paper presents an exact schedulability test for sets of periodic and sporadic self-suspending tasks with fixed preemption points that are scheduled upon a multiprocessor under a global fixed-priority scheduling policy. To the best of our knowledge, this is the first exact schedulability test for non- and limited-preemptive self-suspending tasks (for both uniprocessor and multiprocessor systems), and thus also the first exact schedulability test for the special case of global non-preemptive fixed-priority scheduling (for either periodic or sporadic tasks). Additionally, the paper highlights some subtle pitfalls and limitations in existing TA-based schedulability tests for non-preemptive workloads. Download Paper (PDF; Only available from the DATE venue WiFi)
10:00		End of session Coffee Break in Exhibition Area Coffee Breaks in the Exhibition Area On all conference days (Tuesday to Thursday), coffee and tea will be served during the coffee breaks at the below-mentioned times in the exhibition area. Lunch Breaks (Lunch Area) On all conference days (Tuesday to Thursday), a seated lunch (lunch buffet) will be offered in the Lunch Area to fully registered conference delegates only. There will be badge control at the entrance to the lunch break area. Tuesday, March 26, 2019 Coffee Break 10:30 - 11:30 Lunch Break 13:00 - 14:30 Keynote Lecture "Leonardo da Vinci, Humanism and Engineering between Florence and Milan" by Claudio Giorgione in room 1 13:50 - 14:20 Coffee Break 16:00 - 17:00 Wednesday, March 27, 2019 Coffee Break 10:00 - 11:00 Lunch Break 12:30 - 14:30 Keynote Lecture "Heterogeneous, High Scale Computing in the Era of Intelligent, Cloud-Connected" by David Pellerin, Amazon, US in room 1 13:50 - 14:20 Coffee Break 16:00 - 17:00 Thursday, March 28, 2019 Coffee Break 10:00 - 11:00 University Booth Best Demo Award Presentation at the University Booth 10:30 Lunch Break 12:30 - 14:00 Keynote Lecture "A Fundamental Look at Models and Intelligence" by Edward A. Lee, University of California, Berkeley, US in room 1 13:20 - 13:50 Coffee Break 15:30 - 16:00

Time

Label

Presentation Title
Authors

08:30

9.7.1

INCREASING ACCURACY OF TIMING MODELS: FROM CPA TO CPA+
Speaker:
Leonie Köhler, TU Braunschweig, DE
Authors:
Leonie Köhler¹, Borislav Nikolic¹, Marc Boyer² and Rolf Ernst¹
¹Technische Universität Braunschweig, DE; ²ONERA, FR
Abstract
Formal analysis methods of embedded systems provide safe, but unfortunately often pessimistic bounds on response times. An important source of pessimism is the common approach to characterize service request either by the amount of data or the number of events to be processed. Several works, e.g. [1]-[4], have demonstrated that a dual model - which includes information on both data and events - is more accurate, especially for more complex scheduling problems. In this paper, we enrich Compositional Performance Analysis (CPA) by a new component interface which, as we show, is consistent with the generic dual model proposed in [3]. Furthermore, we discuss how composition of components should be realized and how the new information should be integrated into the analysis technique. The improved CPA is called CPA+, and we identify different types of scenarios where CPA+ is particularly beneficial.
Download Paper (PDF; Only available from the DATE venue WiFi)

09:00

9.7.2

SCRATCHPAD MEMORIES WITH OWNERSHIP
Speaker:
Martin Schoeberl, Technical Uniersity of Denmark, DK
Authors:
Martin Schoeberl, Tórur Biskopstø Strøm, Oktay Baris and Jens Sparsø, Technical University of Denmark, DK
Abstract
A multicore processor for real-time systems needs a time-predictable way to communicate data between different threads running on different cores. Standard multicore processors support data sharing with shared main memory backed up by caches and cache coherence protocol. This sharing solution is hardly time predictable nor does it scale to more than a few cores. This paper presents a shared scratchpad memory (SPM) for time-predictable communication between cores. The base architecture uses time-division multiplexing for the arbitration of the access to the shared SPM. This allows that the timing of programs executing on different cores is completely independent from programs executing on other cores. We extend this architecture by the notion of ownership. A core can own the SPM. Having exclusive access to the SPM reduces the access time to a single clock cycle. The ownership of the SPM can then be transferred to a different core, implementing low latency communication of bulk data. As an extension, we propose to organize this memory as a pool of SPMs that can be owned by different cores and transferred as needed. We evaluate the proposed architecture within the T-CREST multicore architecture.
Download Paper (PDF; Only available from the DATE venue WiFi)

09:30

9.7.3

A CONTAINER-BASED DOS ATTACK-RESILIENT CONTROL FRAMEWORK FOR REAL-TIME UAV SYSTEMS
Speaker:
Jiyang Chen, University of Illinois at Urbana Champaign, US
Authors:
Jiyang Chen¹, Zhiwei Feng², Jen-Yang Wen¹, Bo Liu³ and Lui Sha¹
¹University of Illinois at Urbana-Champaign, US; ²Northeastern University, CN; ³NVIDIA, US
Abstract
Unmanned aerial vehicles (UAVs) are expanding fast and the expectation for their capabilities keeps growing. Defending malicious attacks against real-time UAVs has become one of the challenges that need to be urgently solved. Among all types of attack, denial-of-service attack (DoS attack) can exhaust system resources and cause important tasks to miss deadlines. DoS attack is also easy to implement but hard to counter. In this paper, we present a software framework that offers DoS attack-resilient control for real-time UAV systems using containers: ContainerDrone. The framework provides defense mechanisms for three critical system resources: CPU, memory, and communication channel. We restrict attacker's access to CPU core set and utilization. Memory bandwidth throttling limits attacker's memory usage. By simulating sensors and drivers in the container, a security monitor constantly checks DoS attack against communication channel. Upon the detection of a security rule violation, the framework switches to the safety controller to prevent potential damages. We implemented a prototype drone with commercial-off-shelf (COTS) hardware and open-source software. Our experiment results demonstrated the effectiveness of the proposed framework against various types of DoS attacks.
Download Paper (PDF; Only available from the DATE venue WiFi)

09:45

9.7.4

AN EXACT SCHEDULABILITY TEST FOR NON-PREEMPTIVE SELF-SUSPENDING REAL-TIME TASKS
Speaker:
Mitra Nasri, Delft University of Technology, NL
Authors:
Beyazit Yalcinkaya¹, Mitra Nasri¹ and Björn Brandenburg²
¹Max Planck Institute for Software Systems, DE; ²MPI-SWS, DE
Abstract
Exact schedulability analysis of limited-preemptive (or non-preemptive) real-time workloads with variable execution costs and release jitter is a notoriously difficult challenge due to the scheduling anomalies inherent in non-preemptive execution. Furthermore, the presence of self-suspending tasks is well-understood to add tremendous complications to an already difficult problem. By mapping the schedulability problem to the reachability problem in timed automata (TA), this paper provides the first exact schedulability test for this challenging model. Specifically, using TA extensions available in UPPAAL, this paper presents an exact schedulability test for sets of periodic and sporadic self-suspending tasks with fixed preemption points that are scheduled upon a multiprocessor under a global fixed-priority scheduling policy. To the best of our knowledge, this is the first exact schedulability test for non- and limited-preemptive self-suspending tasks (for both uniprocessor and multiprocessor systems), and thus also the first exact schedulability test for the special case of global non-preemptive fixed-priority scheduling (for either periodic or sporadic tasks). Additionally, the paper highlights some subtle pitfalls and limitations in existing TA-based schedulability tests for non-preemptive workloads.
Download Paper (PDF; Only available from the DATE venue WiFi)

10:00

End of session
Coffee Break in Exhibition Area

Coffee Breaks in the Exhibition Area

On all conference days (Tuesday to Thursday), coffee and tea will be served during the coffee breaks at the below-mentioned times in the exhibition area.

Lunch Breaks (Lunch Area)

On all conference days (Tuesday to Thursday), a seated lunch (lunch buffet) will be offered in the Lunch Area to fully registered conference delegates only. There will be badge control at the entrance to the lunch break area.

Tuesday, March 26, 2019

Coffee Break 10:30 - 11:30
Lunch Break 13:00 - 14:30
Keynote Lecture "Leonardo da Vinci, Humanism and Engineering between Florence and Milan" by Claudio Giorgione in room 1 13:50 - 14:20
Coffee Break 16:00 - 17:00

Wednesday, March 27, 2019

Coffee Break 10:00 - 11:00
Lunch Break 12:30 - 14:30
Keynote Lecture "Heterogeneous, High Scale Computing in the Era of Intelligent, Cloud-Connected" by David Pellerin, Amazon, US in room 1 13:50 - 14:20
Coffee Break 16:00 - 17:00

Thursday, March 28, 2019

Coffee Break 10:00 - 11:00
University Booth Best Demo Award Presentation at the University Booth 10:30
Lunch Break 12:30 - 14:00
Keynote Lecture "A Fundamental Look at Models and Intelligence" by Edward A. Lee, University of California, Berkeley, US in room 1 13:20 - 13:50
Coffee Break 15:30 - 16:00