Challenges in validating safety critical embedded systems
By having the ability to partition the devices and present specific devices to certain cores and applications these challenges can be mitigated, and the benefits of multi-core can be realized.
Complicated software can be used for this partitioning and isolation, but embedded virtualization offers a configurable means by which devices can be partitioned and presented to specific cores, operating systems, and applications.
A nonlinear reduced order model-based controller based on singular perturbation approximation is designed to reduce cold start hydrocarbon emissions from a spark ignition (SI) combustion engine.
A model-based simulation platform is created to verify the controller robustness against sampling, quantization and fixed-point arithmetic imprecision.
An industrial case study is used to demonstrate the implementation feasibility of the VV&T methods.
Because channel 3 operates at 100 Hz, the IO processor had to operate at 200 Hz.
Domain data Value range, units, base type (Ariane 4/5) Application Developer 5 System Level Fault Root Causes End-to-end latency analysis Port connection consistency Stream miss rates, Mismatched data representation, Latency jitter & age Violation of data stream assumptions Partitions as Isolation Regions Space, time, and bandwidth partitioning Isolation not guaranteed due to undocumented resource sharing Fault containment, security levels, safety levels, distribution Virtualization of time & resources Logical vs.
physical redundancy Time stamping of data & asynchronous systems Inconsistent System States & Interactions Modal systems with modal components Concurrency & redundancy management Application level interaction protocols Performance impedance mismatches Processor, memory & network resources Compositional & replacement performance mismatches Unmanaged computer system resources Partitioned architecture models Model compliance Virtual processors & busses Synchronization domains Fault propagation Security analysis Architectural redundancy patterns Resource budget analysis & task roll-up analysis Resource allocation & deployment configurations 6 Modeling an Embedded System Architecture Elements of an embedded system architecture Software Architecture (task & communication) PLUS Hardware Architecture (relevant to embedded SW) PLUS Physical system/environment (relevant to embedded SW/HW) PLUS Logical interface between software and physical system PLUS Physical interface between hardware and physical system PLUS Deployment of software on hardware SAE AADL supports modeling, analysis, and autogeneration of embedded system architectures.
Mismatched Assumptions System Engineer Control Engineer System Under Control Physical Plant Characteristics System mass, heat, Control System Plant & Environment Observations System lag & response rate Electr.
subsys A/C subsys Fuel subsys Electr controller A/C controller Fuel controller Physical system modeling Hybrid system control 4 Mismatched Assumptions System Engineer HW configuration Unplanned resource sharing (F35, Daimler) Hardware Engineer System Under Control Computer Platform Physical Plant Characteristics Lag, proximity Data Stream Characteristics End-to-end latency (F16) Distribution & Redundancy Virtualization of HW (ARPA-Net split) Runtime Architecture Control Engineer Control System Embedded SW System Engineer Application Software Concurrency Communication ITunes crashes on dual-cores Why do system level failures still occur despite fault tolerance techniques being deployed in systems?
The race condition has been fixed by double-buffering data, but the IO processor execution rate was left at 200 Hz to reduce latency of MUX data.