Deadline Analysis of AUTOSAR OS Periodic Tasks in the Presence of Interrupts

AUTOSAR, the open and emerging global standard for automotive embedded systems, offers a timing protection mechanism to protect tasks from missing their deadlines. However, in practice, it is difficult to predict when a deadline is violated, because a task missing its deadline may be caused by unrelated tasks or by the presence of interrupts. In this paper, we propose an abstract formal model to represent AUTOSAR OS programs with timing protection. We are able to determine schedulability properties and to calculate constraints on the allowed time that interrupts can take for a given task in a given period. We implement our model in Mathematica and give a case study to illustrate the utility of our method. Based on the results, we believe that our work can help designers and implementors of AUTOSAR OS programs check whether their programs satisfy crucial timing properties.

[1]  Si Liu,et al.  Formal Model of Interrupt Program from a Probabilistic Perspective , 2011, 2011 16th IEEE International Conference on Engineering of Complex Computer Systems.

[2]  Anne-Marie Déplanche,et al.  Adequacy between AUTOSAR OS specification and real-time scheduling theory , 2007, 2007 International Symposium on Industrial Embedded Systems.

[3]  Helmut Seidl,et al.  Static analysis of interrupt-driven programs synchronized via the priority ceiling protocol , 2011, POPL '11.

[4]  Harvey Tuch,et al.  Formal memory models for verifying C systems code , 2008 .

[5]  Jakob Engblom,et al.  The worst-case execution-time problem—overview of methods and survey of tools , 2008, TECS.

[6]  Jay K. Strosnider,et al.  Engineering and Analysis of Fixed Priority Schedulers , 1993, IEEE Trans. Software Eng..

[7]  John Regehr,et al.  Eliminating stack overflow by abstract interpretation , 2003, TECS.

[8]  Wang Yi,et al.  TIMES: A Tool for Schedulability Analysis and Code Generation of Real-Time Systems , 2003, FORMATS.

[9]  Wang Yi,et al.  Schedulability analysis of fixed-priority systems using timed automata , 2006, Theor. Comput. Sci..

[10]  Dominique Bertrand,et al.  An analysis of the AUTOSAR OS timing protection mechanism , 2009, 2009 IEEE Conference on Emerging Technologies & Factory Automation.

[11]  John P. Lehoczky,et al.  Fixed priority scheduling periodic tasks with varying execution priority , 1991, [1991] Proceedings Twelfth Real-Time Systems Symposium.

[12]  Jianqi Shi,et al.  ORIENTAIS: Formal Verified OSEK/VDX Real-Time Operating System , 2012, 2012 IEEE 17th International Conference on Engineering of Complex Computer Systems.

[13]  Dionisio de Niz,et al.  Predictable Interrupt Management for Real Time Kernels over conventional PC Hardware , 2006, 12th IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS'06).

[14]  Yu Guo,et al.  Certifying Low-Level Programs with Hardware Interrupts and Preemptive Threads , 2009, Journal of Automated Reasoning.

[15]  Wang Yi,et al.  A Generic Approach to Schedulability Analysis of Real-Time Tasks , 2004, Nord. J. Comput..

[16]  James W. Layland,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[17]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[18]  Wang Yi,et al.  Decidable and Undecidable Problems in Schedulability Analysis Using Timed Automata , 2004, TACAS.

[19]  John P. Lehoczky,et al.  Fixed priority scheduling of periodic task sets with arbitrary deadlines , 1990, [1990] Proceedings 11th Real-Time Systems Symposium.

[20]  Jens Palsberg,et al.  Deadline analysis of interrupt-driven software , 2003, IEEE Transactions on Software Engineering.

[21]  Jirí Srba,et al.  Comparing the Expressiveness of Timed Automata and Timed Extensions of Petri Nets , 2008, FORMATS.