Mutable Protection Domains: Towards a Component-Based System for Dependable and Predictable Computing

The increasing complexity of software poses significant challenges for real-time and embedded systems beyond those based purely on timeliness. With embedded systems and applications running on everything from mobile phones, PDAs, to automobiles, aircraft and beyond, an emerging challenge is to ensure both the functional and timing correctness of complex software. We argue that static analysis of software is insufficient to verify the safety of all possible control flow interactions. Likewise, a static system structure upon which software can be isolated in separate protection domains, thereby defining immutable boundaries between system and application-level code, is too inflexible to the challenges faced by real-time applications with explicit timing requirements. This paper, therefore, investigates a concept called "mutable protection domains" that supports the notion of hardware-adaptable isolation boundaries between software components. In this way, a system can be dynamically reconfigured to maximize software fault isolation, increasing dependability, while guaranteeing various tasks are executed according to specific time constraints. Using a series of simulations on multidimensional, multiple-choice knapsack problems, we show how various heuristics compare in their ability to rapidly reorganize the fault isolation boundaries of a component- based system, to ensure resource constraints while simultaneously maximizing isolation benefit. Our ssh oneshot algorithm offers a promising approach to address system dynamics, including changing component invocation patterns, changing execution times, and mispredictions in isolation costs due to factors such as caching.

[1]  Theodore P. Baker,et al.  Multiprocessor EDF and deadline monotonic schedulability analysis , 2003, RTSS 2003. 24th IEEE Real-Time Systems Symposium, 2003.

[2]  Y. Toyoda A Simplified Algorithm for Obtaining Approximate Solutions to Zero-One Programming Problems , 1975 .

[3]  Giuseppe Lipari,et al.  Improved schedulability analysis of EDF on multiprocessor platforms , 2005, 17th Euromicro Conference on Real-Time Systems (ECRTS'05).

[4]  Theodore P. Baker,et al.  An Analysis of Fixed-Priority Schedulability on a Multiprocessor , 2006, Real-Time Systems.

[5]  Theodore P. Baker,et al.  A Necessary and Sometimes Sufficient Condition for the Feasibility of Sets of Sporadic Hard-Deadline Tasks , 2006, 2006 27th IEEE International Real-Time Systems Symposium (RTSS'06).

[6]  Sanjoy K. Baruah,et al.  Preemptively scheduling hard-real-time sporadic tasks on one processor , 1990, [1990] Proceedings 11th Real-Time Systems Symposium.

[7]  Sanjoy K. Baruah,et al.  Optimal utilization bounds for the fixed-priority scheduling of periodic task systems on identical multiprocessors , 2004, IEEE Transactions on Computers.

[8]  EDDIE KOHLER,et al.  The click modular router , 2000, TOCS.

[9]  Chung Laung Liu,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[10]  Andreas Haeberlen,et al.  Performance of address-space multiplexing on the Pentium , 2002 .

[11]  Jay Lepreau,et al.  The Flux OSKit: a substrate for kernel and language research , 1997, SOSP.

[12]  James H. Anderson,et al.  Mixed Pfair/ERfair scheduling of asynchronous periodic tasks , 2001, Proceedings 13th Euromicro Conference on Real-Time Systems.

[13]  Tzi-cker Chiueh,et al.  Integrating segmentation and paging protection for safe, efficient and transparent software extensions , 1999, SOSP.

[14]  Julia L. Lawall,et al.  Proceedings of the 2002 Usenix Annual Technical Conference Think: a Software Framework for Component-based Operating System Kernels , 2022 .

[15]  Andrew T. Campbell,et al.  A survey of QoS architectures , 1998, Multimedia Systems.

[16]  Sanjoy K. Baruah,et al.  Deadline-based scheduling of periodic task systems on multiprocessors , 2002, Inf. Process. Lett..

[17]  Lars Lundberg,et al.  Multiprocessor scheduling of age constraint processes , 1998, Proceedings Fifth International Conference on Real-Time Computing Systems and Applications (Cat. No.98EX236).

[18]  Theodore P. Baker,et al.  EDZL Scheduling Analysis , 2007, ECRTS.

[19]  Alan Burns,et al.  Applying new scheduling theory to static priority pre-emptive scheduling , 1993, Softw. Eng. J..

[20]  Richard West,et al.  Hijack: Taking Control of COTS Systems for Real-Time User-Level Services , 2007, 13th IEEE Real Time and Embedded Technology and Applications Symposium (RTAS'07).

[21]  John A. Zinky,et al.  QuO's runtime support for quality of service in distributed objects , 2009 .

[22]  Sanjoy K. Baruah,et al.  Proportionate progress: A notion of fairness in resource allocation , 1993, Algorithmica.

[23]  Nikitas J. Dimopoulos,et al.  A new heuristic for solving the multichoice multidimensional knapsack problem , 2005, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[24]  Jochen Liedtke,et al.  The performance of μ-kernel-based systems , 1997, SOSP.

[25]  Eric G. Manning,et al.  Heuristic Solutions for the Multiple-Choice Multi-dimension Knapsack Problem , 2001, International Conference on Computational Science.

[26]  Jochen Liedtke,et al.  On micro-kernel construction , 1995, SOSP.

[27]  Sanjoy K. Baruah,et al.  Priority-Driven Scheduling of Periodic Task Systems on Multiprocessors , 2003, Real-Time Systems.

[28]  Björn Andersson,et al.  Multiprocessor Scheduling with Few Preemptions , 2006, 12th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA'06).

[29]  Eric G. Manning,et al.  Quality adaptation in a multisession multimedia system: model, algorithms, and architecture , 1998 .

[30]  Eddie Kohler,et al.  The Click modular router , 1999, SOSP.

[31]  Daniel P. Siewiorek,et al.  A scalable solution to the multi-resource QoS problem , 1999, Proceedings 20th IEEE Real-Time Systems Symposium (Cat. No.99CB37054).

[32]  Richard West,et al.  Application-Specific Service Technologies for Commodity Operating Systems in Real-Time Environments , 2006, IEEE Real Time Technology and Applications Symposium.

[33]  Björn Andersson,et al.  Fixed-priority preemptive multiprocessor scheduling: to partition or not to partition , 2000, Proceedings Seventh International Conference on Real-Time Computing Systems and Applications.

[34]  Theodore P. Baker,et al.  An analysis of EDF schedulability on a multiprocessor , 2005, IEEE Transactions on Parallel and Distributed Systems.

[35]  Abraham Silberschatz,et al.  The Pebble Component-Based Operating System , 1999, USENIX Annual Technical Conference, General Track.

[36]  Kang G. Shin,et al.  End-host architecture for QoS-adaptive communication , 1998, Proceedings. Fourth IEEE Real-Time Technology and Applications Symposium (Cat. No.98TB100245).