Single-Core Integrated Modular Avionic (IMA) is an established technology used in modern aircraft. Due to the foreseeable obsolescence of single-core processors and the constantly increasing number of new system functions, multi-/many-core processors are seen as a key technology for meeting these challenges. The integration of multiple system functions on a single hardware device offers potential for weight and energy savings as well as increased efficiency. However, running multiple functions concurrently on different processor cores does not prevent them from sharing other resources such as cache, memory, buses and I/O peripherals. The resulting interference may increase latency and jitter of operations and thus violates safety and reliability requirements if not handled properly. The same effects occur when a function with highly parallelized code blocks is executed. Therefore, the development of an avionics platform using multi-/many-core processors is subject to strict regulations and certification processes.
The challenging timing behavior caused by modern hardware/software high performance architectures prevents the use of such platforms in real-time systems. State-of-the-art approaches focus on strict isolation mechanisms to guarantee reliable timing of safety-critical applications. However, the performance of the entire system suffers as a result.
At the Institute of Computer and Network Engineering, we propose a different approach to address the challenging timing behaviour that relies on a established technique from fault-tolerant system design, namely modular redundancy. In systems with higher criticality, modularity is mandatory to raise the reliability of a system above that of their components. In Avionics, modular redundancy is commonly used to detect hardware errors and software errors, additionally we extend it to mask timing outliers. We call this approach Timing Diversity.
A Timing Diversity set-up consists of at least two hardware platforms. A safety-critical application is executed on both hardware platforms. As timing errors should be sporadic (safety critical functions are usually well specified and tested due to certification), it may be assumed a timing error does not occur on two hardware platforms simultaneously. As a consequence, one platform provides the correct result before deadline.
The MC-ADAMS project involves 4 national partners:
The following people are currently involved in the MC-ADAMS project:
The listed material is protected by copyright. The corresponding copyright must be observed.
|
Robin Hapka, Anika Christmann and Rolf Ernst, "Controlling High-Performance Platform Uncertainties with Timing Diversity" in IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA), August 2022. |
|
|
|
|
@inproceedings{Hapka2022ControllingHigh-PerformancePlatform, author = {Robin Hapka and Anika Christmann and Rolf Ernst}, |
|||
|
Mischa Möstl, Robin Hapka, Anika Christmann and Rolf Ernst, "Work-in-Progress: Timing Diversity as a Protective Mechanism" in 2021 International Conference on Embedded Software (EMSOFT), pp. 29-30, Oktober 2021, author created copy. |
|
||
|
@inproceedings{Möstl2021Work-in-Progress:TimingDiversity, author = {Mischa Möstl and Robin Hapka and Anika Christmann and Rolf Ernst}, |
|||
|
Anika Christmann, Adam Kostrzewa, Rolf Ernst, Marius Rockschies, Martin Halle, Frank Thielecke, Alexander Peuker, Alexander Kuzolap, Meiko Steen, Peter Hecker, Kai-Frederik Nessitt and Selma Saidi, "Integrating Multi-/Many-Cores in Avionics: Open Issues and Future Concepts" in IEEE Digital Avionics Systems Conference (DASC) 2021, Oktober 2021, author created copy. |
|
|
|
|
@inproceedings{Christmann2021IntegratingMultiManycores, author = {Anika Christmann and Adam Kostrzewa and Rolf Ernst and Marius Rockschies and Martin Halle and Frank Thielecke and Alexander Peuker and Alexander Kuzolap and Meiko Steen and Peter Hecker and Kai-Frederik Nessitt and Selma Saidi}, |
The MC-ADAMS project is funded by the German Federal Ministry for Economic Affairs and Climate Action funding number 20E1920B.
Institute of Computer and Network Engineering
Hans-Sommer-Street 66
38106 Braunschweig
Phone: +49 (0)531 391-3734
Fax: +49 (0)531 391-4587
