Research on Ultra-Dependable Embedded Real Time Operating System

In this paper, to research and design ultra-dependable embedded real time operating system supporting security and safety, spatial and temporal isolation safeguard is proposed and used. Temporal isolation mechanism guarantees a subsystem can exclusively use a pre-allocated processing time without any intervention from other subsystem. On the other hand, spatial isolation implies that a subsystem cannot inadvertently access other subsystem's space resources, like memory, buffers, I/O ports, and registers. Thus, a subsystem is the owner of its resources, such as memory, I/O ports, and processor time units. From this, the real time tasks running in different subsystems never interfere with each other. To support the temporal isolation among subsystems, a two-level scheduling model is designed, which consists of a low-level cyclic schedule at the operating system level and high-level fixed priority schedule at subsystem level. Thus, a real time task in a subsystem can only be scheduled and executed during the static time window allocated to the subsystem, and any task overrun cannot cross the time window boundaries of subsystem. It is very easy to restrain a task time-failure within the subsystem with temporal isolation mechanism. In reference to spatial isolation safeguard, a based on hard currency and error holding mechanism is presented, it apply to most embedded modern processors with memory protection unit, such as i386sx, PowerPC. As a result, an ultra-dependable embedded RTOS supporting temporal and spatial isolation safeguard is implemented and verified. It is called ERTOS designed by Software Engineering Institute of East China Normal University.

[1]  Kang G. Shin,et al.  EMERALDS: a microkernel for embedded real-time systems , 1996, Proceedings Real-Time Technology and Applications.

[2]  John C. Knight,et al.  Safety critical systems: challenges and directions , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.

[3]  Ragunathan Rajkumar,et al.  Temporal protection in real-time operating systems , 1994, Proceedings of 11th IEEE Workshop on Real-Time Operating Systems and Software.

[4]  Lei Luo,et al.  A provably correct operating system: δ-core , 2001, OPSR.

[5]  Jane W.-S. Liu,et al.  Scheduling real-time applications in an open environment , 1997, Proceedings Real-Time Systems Symposium.

[6]  Mohamed F. Younis,et al.  Partition scheduling in APEX runtime environment for embedded avionics software , 1998, Proceedings Fifth International Conference on Real-Time Computing Systems and Applications (Cat. No.98EX236).

[7]  Andrew C. Simpson,et al.  Safety through security , 1998, Proceedings Ninth International Workshop on Software Specification and Design.

[8]  Philip Koopman,et al.  The Exception Handling Effectiveness of POSIX Operating Systems , 2000, IEEE Trans. Software Eng..

[9]  Dongsheng Wang,et al.  Transparent checkpointing and rollback recovery mechanism for Windows NT applications , 2001, OPSR.

[10]  Jennifer C. Hou,et al.  Distance-Constrained Scheduling and Its Applications to Real-Time Systems , 1996, IEEE Trans. Computers.

[11]  John P. Lehoczky,et al.  The rate monotonic scheduling algorithm: exact characterization and average case behavior , 1989, [1989] Proceedings. Real-Time Systems Symposium.

[12]  Kang G. Shin,et al.  On memory protection in real-time OS for small embedded systems , 1997, Proceedings Fourth International Workshop on Real-Time Computing Systems and Applications.

[13]  C. C. Bakshi,et al.  A virtual memory system for real-time applications , 1992, [1992] Proceedings Real-Time Systems Symposium.

[14]  Gilles Muller,et al.  Matching micro-kernels to modern applications using fine-grained memory protection , 1995, Proceedings.Seventh IEEE Symposium on Parallel and Distributed Processing.