WO2017024371A1 - Method and device for analysing and timing the critical application of a multicore processor - Google Patents

Method and device for analysing and timing the critical application of a multicore processor Download PDF

Info

Publication number
WO2017024371A1
WO2017024371A1 PCT/BR2016/050189 BR2016050189W WO2017024371A1 WO 2017024371 A1 WO2017024371 A1 WO 2017024371A1 BR 2016050189 W BR2016050189 W BR 2016050189W WO 2017024371 A1 WO2017024371 A1 WO 2017024371A1
Authority
WO
WIPO (PCT)
Prior art keywords
critical
time
task
temp
processor
Prior art date
Application number
PCT/BR2016/050189
Other languages
French (fr)
Portuguese (pt)
Inventor
Fabian Luis VARGAS
Bruno Naspolini GREEN
Original Assignee
Uniao Brasileira De Educacao E Assistencia
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Uniao Brasileira De Educacao E Assistencia filed Critical Uniao Brasileira De Educacao E Assistencia
Publication of WO2017024371A1 publication Critical patent/WO2017024371A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4812Task transfer initiation or dispatching by interrupt, e.g. masked
    • G06F9/4831Task transfer initiation or dispatching by interrupt, e.g. masked with variable priority
    • G06F9/4837Task transfer initiation or dispatching by interrupt, e.g. masked with variable priority time dependent
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3447Performance evaluation by modeling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/76Architectures of general purpose stored program computers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/10Requirements analysis; Specification techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/50Allocation of resources, e.g. of the central processing unit [CPU]
    • G06F9/5005Allocation of resources, e.g. of the central processing unit [CPU] to service a request
    • G06F9/5027Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
    • G06F9/5038Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals considering the execution order of a plurality of tasks, e.g. taking priority or time dependency constraints into consideration

Definitions

  • the present invention describes a process of accurately determining the maximum critical task execution time of an embedded system based on a multicore processor. Therefore, it is proposed to use a specific hardware whose function is to analyze and control the execution time of that task.
  • This invention lies in the fields of Electronics and Computing.
  • “Static Time Analysis” techniques are fundamentally based on the simulation of abstract processor architecture models. These models substantially describe the evaluated critical task instruction set, the number of clock periods (CPI) to execute each of these instructions, the processor pipeline organization, the various processor cache levels, and other architectural details. . These models are described in high level programming language such as C or C ++. In addition to these processor models, we use the Graph Theory and Integer Linear Programming (ILP) to compute the WCET of the program in question. These techniques have the great advantage of never underestimating WCET and are often accurate software tools in calculating this parameter.
  • CPI clock periods
  • “Dynamic Time Analysis” techniques are based on measurements made directly on the hardware platform. In this scenario, you must have a hardware platform already in place and operating in the embedded system. The system starts with all possible input data as if it were operating under normal conditions. At the same time, the maximum execution time of the critical program is measured, ie the WCET of this program is measured.
  • the great advantage of these techniques over static analysis techniques is the fact that the time required to estimate WCET is reduced due to two reasons: computational simplicity, since processor models and complex control flow graphs critical tasks are no longer needed for WCET determination; and the hardware execution of the program in question is much faster than the simulation processes of this program in abstract processor models or complex control flow graph analysis.
  • the problem addresses the fact that a multicore processor, containing multiple cores, in which multiple tasks run concurrently on each core makes the execution time of each task extremely variable, which makes WCET calculation impossible. This is because, in addition to the critical task running on a given core, the other tasks performed by other processor cores perform asynchronous and random access to the system's global and peripheral memories, which makes it possible to use runtime prediction algorithms. in any program an extremely complex task.
  • US2009 / 0307700 relates to a US filed patent for a system, in a processor structure, adapted for performing critical tasks in multi-core architectures, and comprising means for determining the time remaining in relation to the runtime deadline.
  • the system monitors whether the critical task requires the use of any resources (for example, the system's global memory access bus) that at that moment some ordinary (less critical) task is using.
  • the processor runs in "shared" mode until the critical task wait time for a given resource allocated to one or more non-critical tasks is less than slack time, but note that the author does not take into account the fact that the critical task can take different and shorter times than WCET to perform (which happens most of the time).
  • the time period in which the processor runs in "shared” mode could be longer if the author took into account real-time monitoring of the critical task.
  • This condition would cause the slack time to be dynamically adjusted in real time, which would result in a longer period of time for the processor to remain in "shared” mode and thus increasing the processor performance as much as possible without the risk of loss of power. system reliability due to possible deadline violation by the critical task.
  • this patent was made public through work published in [0012], where further details were described.
  • the technique assumes that all architectural features that made the pipeline unpredictable are disabled, leaving the critical task to run in the pipeline with " static prediction of "conditional offsets” and "execution-in-order of statements", for example, and mainly disable pipeline execution of other ordinary tasks.
  • the content described in Publication reports that the system halts an ordinary task if it detects that any critical task checkpoints are violated during its execution in the pipeline. This fact reveals that a single switch is performed between the processor cores described in the article, compulsorily pausing the ordinary task (and the others, if any) until the end of the critical task, which causes a loss in system performance.
  • the current analysis and time control techniques cannot accurately determine the maximum execution time (WCET) of a program executed by a multicore processor. .
  • WET maximum execution time
  • they have a low throughput because they do not switch between processor cores; and temporarily pause ordinary tasks as soon as critical task execution begins, rather than pausing an ordinary task only when the critical task execution time exceeds a predetermined threshold.
  • the present invention aims to solve the constant problems in the state of the art by means of a system capable of determining exactly the maximum execution time (WCET) of a given critical task, which is performed by a program executed. by a multicore processor.
  • the purpose of the system is to ensure that the maximum response time of the program critical function executed by the processor does not exceed a predefined limit, and if this critical task is not completed to the limit, the system disables the remaining processor cores, keeping in operation only the core that is performing the critical task. This fact becomes extremely important in technologies that use embedded systems, since a system that takes a long time to respond to a certain command can cause severe damage.
  • Figure 1 illustrates the execution timeline of a critical task, indicating its control milestones.
  • Figure 2 illustrates an example of applying the technique proposed by the present invention in the form of a block diagram of the interior of the hardware.
  • Figure 3 illustrates a didactic diagram of the watchdog operation (W).
  • the present invention provides a method of accurately determining the maximum execution time (T) of a given critical task (TC), being a satisfactory programmed computer program or function in multicore processors. ; processors with two or more operating cores.
  • T maximum execution time
  • the goal of the system is to ensure that the maximum program response time executed by a processor does not exceed a predefined timeout and, unlike existing techniques in this technical field, only if the critical core task (TC) does not is terminated before the timeout, the system disables the remaining processor cores, keeping only the core performing the critical task (TC) running.
  • this knowledge becomes extremely important as a system that takes a long time to respond to a given command can cause severe damage.
  • the device of which the present invention relates is a hardware implemented watchdog system (W), which is coupled to the processor bus with its memory.
  • THE watchdog (W) is configured to determine and ensure that the maximum execution time (T), WCET ⁇ Worst-Case Execution Time), of a critical task (TC) does not exceed its deadline; remembering that deadline is the maximum deadline for the critical task (TC) established by international organizations.
  • the WCET value must be less than the task execution deadline.
  • a safety margin between the WCET limit and the deadline of said critical task (TC) is defined.
  • the checkpoint time controller block (CTC) also identifies when a task is started ⁇ CTaskStart) and when it is terminated ⁇ CTaskEnd) by sending flags to the watchdog block (WT), which has a timer (Temp) and is responsible for notifying the processor with the proper function to be performed.
  • WT watchdog block
  • An example of how the technique proposed by the present invention can be implemented using such watchdog components (W) is didactically illustrated by the block diagram of Figure 2.
  • the watchdog timer starts monitoring the critical task (TC) runtime (T) through the timer (Temp). If the execution time (T) is greater than the time defined for safety margin (MS), given by deadline - WCET (CPID), of the current checkpoint, ie if the execution time (T) is greater than CCT (CPID), the system sends a Warning (Wng) command to the system bus. processor so that the remaining cores are disabled so that only the core with the critical task (TC) remains running. If the critical task (TC) execution time (T) exceeds the deadline reached (DR), the system displays an error and sends a reset signal to the processor to restart the system, placing it in a known state in which all registers will be "reset”. If the Warning (Wng) command is not sent or the deadline is not exceeded, the logic described is repeated until the critical task (TC) is completed.
  • Figure 3 illustrates a didactic diagram of this logical hardware operation.
  • the watchdog (W) mode of operation described herein is well represented by the concept of processor core switching, which increases system throughput.
  • State-of-the-art documents and publications are unable to perform the process in multi-processor environments, and unlike the present invention, they temporarily pause the execution of other tasks as soon as the critical task (TC) is performed. ) starts.
  • an aircraft pilot in employing the device and / or method of the present invention in an aircraft control system, an aircraft pilot must handle the vehicle's joystick too precisely, either for military purposes. or commercial, ensuring that your goal is achieved accurately and without difficulty or risk.
  • the on-board computer program which controls the joystick, must respond to a specific command within a few milliseconds, in accordance with the requirements of international aviation bodies. Otherwise, the program is considered unsafe / inaccurate and the on-board computer is not certified / permitted by these international organizations for operation.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Evolutionary Biology (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The present invention describes a method for precisely determining the maximum execution time of a critical task of an embedded system based on a multicore processor. For that purpose, the use of a specific hardware is proposed, with the function of analysing and timing the execution of the task. More specifically, the purpose of the system is to ensure that the maximum response time of the critical function of the program executed by the processor does not exceed a preset limit, and should this critical task not be completed before the limit, the system disables the other processor cores, keeping in operation only the core that is executing the critical task. The specific hardware, which is implemented with a watchdog system, is configured with information relevant to the execution of the critical program in isolation (that is to say, in a processor with a single core), with reduced computational complexity and extreme feasibility, monitoring the execution time of the task without needing to know what is the maximum value of the execution time of this program in an environment with multiple microprocessor cores. The present invention pertains to the fields of eletronics and computer science.

Description

Relatório Descritivo de Patente de Invenção  Patent Invention Descriptive Report
MÉTODO E DISPOSITIVO PARA ANÁLISE E CONTROLE TEMPORAL DA APLICAÇÃO CRÍTICA DE UM PROCESSADOR MULTICORE  METHOD AND DEVICE FOR ANALYSIS AND TEMPORAL CONTROL OF CRITICAL APPLICATION OF A MULTICORE PROCESSOR
Campo da Invenção Field of the Invention
[0001] A presente invenção descreve um processo de determinação exata do tempo máximo de execução da tarefa crítica de um sistema embarcado baseado em um processador multicore. Para tanto, propõe-se a utilização de um hardware específico cuja função é analisar e controlar o tempo de execução da referida tarefa. Esta invenção se situa nos campos da Eletrônica e Computação.  [0001] The present invention describes a process of accurately determining the maximum critical task execution time of an embedded system based on a multicore processor. Therefore, it is proposed to use a specific hardware whose function is to analyze and control the execution time of that task. This invention lies in the fields of Electronics and Computing.
Antecedentes da Invenção Background of the Invention
[0002] Para que sistemas embarcados sejam utilizados em aplicações críticas, como por exemplo, o computador de bordo de aeronaves ou o controlador de freios ABS ou de Air-Bag em um automóvel, estes sistemas devem ser obrigatoriamente certificados por organismos internacionais. O objetivo desta certificação é garantir que o tempo máximo de resposta de um programa (software) executado pelo processador do sistema embarcado, não seja maior que o tempo definido por esses organismos, garantindo segurança e precisão na execução de uma tarefa crítica.  For embedded systems to be used in critical applications such as an aircraft's on-board computer or the ABS or Air-Bag brake controller in a car, these systems must be certified by international bodies. The purpose of this certification is to ensure that the maximum response time of a program (software) executed by the embedded system processor is not greater than the time defined by these bodies, ensuring safety and precision in performing a critical task.
[0003] Para efeito de exemplo, quando um piloto manuseia o manche de sua aeronave, o programa responsável pelo processamento do manche deve responder a um comando específico dentro de um tempo limite de alguns milissegundos, caso contrário, o programa é considerado inseguro/impreciso e o computador de bordo não recebe certificação dos organismos internacionais.  For example, when a pilot manages the joystick of his aircraft, the program responsible for handling the joystick must respond to a specific command within a few milliseconds, otherwise the program is considered unsafe / inaccurate. and the on-board computer is not certified by international organizations.
[0004] Esse requisito para obtenção da certificação internacional demanda uma técnica precisa de estimativa do tempo de resposta do determinado programa de função crítica. Algumas das técnicas amplamente utilizadas por empresas/universidades para estimar o tempo máximo de execução (WCET - Worst-Case Execution Time) da tarefa crítica de um dado programa são conhecidas como "Análise de Tempo Estático" (Static Timing Analysis) e "Análise de Tempo Dinâmico" (Dynamic Timing Analysis). [0004] This requirement for international certification requires an accurate technique for estimating the response time of a given critical function program. Some of the techniques widely used by companies / universities to estimate maximum execution time (WCET) Worst-Case Execution Time) of the critical task of a given program are known as "Static Timing Analysis" and "Dynamic Timing Analysis".
[0005] As técnicas de "Análise de Tempo Estático" são fundamentalmente baseadas na simulação de modelos abstratos da arquitetura do processador. Estes modelos descrevem substancialmente o conjunto de instruções da tarefa crítica avaliada, o número de períodos de relógio (CPI) para executar cada uma destas instruções, a organização do pipeline do processador, os diversos níveis de memória cache do processador, dentre outros detalhes da arquitetura. Estes modelos são descritos em linguagem de programação de alto nível, como C ou C++. Adicionalmente a estes modelos do processador, faz-se uso da Teoria de Grafos e de programação linear de inteiros (ILP - Integer Linear Programming) para computar o WCET do programa em questão. Estas técnicas têm como grande vantagem nunca subestimar o WCET e, na maioria das vezes, são ferramentas de software precisas no cálculo deste parâmetro. "Static Time Analysis" techniques are fundamentally based on the simulation of abstract processor architecture models. These models substantially describe the evaluated critical task instruction set, the number of clock periods (CPI) to execute each of these instructions, the processor pipeline organization, the various processor cache levels, and other architectural details. . These models are described in high level programming language such as C or C ++. In addition to these processor models, we use the Graph Theory and Integer Linear Programming (ILP) to compute the WCET of the program in question. These techniques have the great advantage of never underestimating WCET and are often accurate software tools in calculating this parameter.
[0006] As técnicas de "Análise de Tempo Dinâmico" baseiam-se em medições efetuadas diretamente na plataforma de hardware. Neste cenário, é preciso ter em mãos uma plataforma de hardware já implementada e operante no sistema embarcado. O sistema é iniciado com todos os possíveis dados de entrada como se ele estivesse operando em condições normais. Ao mesmo tempo, mede-se o tempo máximo de execução do programa crítico, isto é, mede-se o WCET deste programa. A grande vantagem destas técnicas frente às técnicas de análise estática é o fato de que o tempo necessário para se estimar o WCET é reduzido devido a dois motivos: a simplicidade computacional, uma vez que os modelos do processador e os complexos grafos de fluxo de controle da tarefa crítica não são mais necessários para a determinação do WCET; e a execução em hardware do programa em questão é bem mais rápida do que os processos de simulação deste programa em modelos abstratos (em linguagem de programação) do processador ou de complexas análises de grafos de fluxos de controle. [0007] As universidades e centros de pesquisa mais renomados do mundo normalmente estudam, propõem e trabalham com técnicas de análise de tempo estática, enquanto que empresas, por serem mais práticas e menos formais que as universidades, preferem utilizar técnicas de análise de tempo dinâmica. Ainda sim, sabe-se que as técnicas descritas apresentam uma série de carências e problemas que devem ser levados em conta durante a avaliação do WCET de um programa cuja aplicação é crítica. "Dynamic Time Analysis" techniques are based on measurements made directly on the hardware platform. In this scenario, you must have a hardware platform already in place and operating in the embedded system. The system starts with all possible input data as if it were operating under normal conditions. At the same time, the maximum execution time of the critical program is measured, ie the WCET of this program is measured. The great advantage of these techniques over static analysis techniques is the fact that the time required to estimate WCET is reduced due to two reasons: computational simplicity, since processor models and complex control flow graphs critical tasks are no longer needed for WCET determination; and the hardware execution of the program in question is much faster than the simulation processes of this program in abstract processor models or complex control flow graph analysis. The world's most renowned universities and research centers typically study, propose and work with static time analysis techniques, while companies, because they are more practical and less formal than universities, prefer to use dynamic time analysis techniques. . Still, it is known that the described techniques present a number of shortcomings and problems that must be taken into account during the WCET evaluation of a program whose application is critical.
[0008] Nas técnicas de análise estática do tempo, o problema trata do fato de que um processador multicore, que contém diversos núcleos, no qual várias tarefas são executadas simultaneamente em cada um desses núcleos torna o tempo de execução de cada tarefa extremamente variável, o que impossibilita o cálculo do WCET. Isto ocorre porque, além da tarefa crítica em execução em um dado núcleo, as demais tarefas executadas pelos outros núcleos do processador realizam acessos assíncronos e aleatórios às memórias global e periférica do sistema, o que torna a utilização de algoritmos de previsão de tempo de execução em qualquer programa uma tarefa extremamente complexa.  In static time analysis techniques, the problem addresses the fact that a multicore processor, containing multiple cores, in which multiple tasks run concurrently on each core makes the execution time of each task extremely variable, which makes WCET calculation impossible. This is because, in addition to the critical task running on a given core, the other tasks performed by other processor cores perform asynchronous and random access to the system's global and peripheral memories, which makes it possible to use runtime prediction algorithms. in any program an extremely complex task.
[0009] No caso das técnicas de análise dinâmica do tempo, temos duas dificuldades principais: a primeira é da impossibilidade de se saber, previamente, qual de todos os possíveis dados de entrada do sistema produz o maior WCET, já que não são gerados exaustivamente todos esses dados, o que implica em uma grande incerteza no cálculo do WCET; e em segundo lugar, assim como descrito pelas técnicas de "Análise de Tempo Estática", um processador multicore, com vários núcleos, executando várias tarefas por núcleo simultaneamente, torna o tempo de execução de cada tarefa extremamente variável, impossibilitando a determinação do WCET.  In the case of dynamic time analysis techniques, we have two main difficulties: first, it is impossible to know in advance which of all possible system input data produces the largest WCET, as they are not exhaustively generated all this data, which implies a great uncertainty in the WCET calculation; and secondly, as described by the "Static Time Analysis" techniques, a multicore, multi-core processor running multiple tasks per core simultaneously makes the execution time of each task extremely variable, making WCET impossible to determine.
[0010] Na busca pelo estado da técnica em literaturas científica e patentária, foram encontrados os seguintes documentos que tratam sobre o tema: In the search for the state of the art in scientific and patent literature, the following documents dealing with the subject were found:
[0011] O documento US2009/0307700 diz respeito a uma patente depositada nos EUA que versa sobre um sistema, em estrutura de processadores, adaptado para a execução de tarefas críticas em arquiteturas de múltiplos núcleos, e que compreende meios para a determinação do tempo restante em relação ao deadline (tempo máximo alocado ou estabelecido por norma) do tempo de execução. O sistema monitora se a tarefa crítica necessita da utilização de algum recurso (por exemplo, o barramento de acesso à memória global do sistema) que, naquele momento, alguma tarefa ordinária (menos crítica) está utilizando. Em caso positivo, a técnica proposta calcula o tempo de espera da tarefa crítica por este recurso e caso este tempo seja igual ou superior a um "slack time" {"slack time = WCET - deadline", onde o WCET foi determinado com a tarefa crítica executando de forma isolada no processador) a tarefa não-crítica é interrompida, o recurso alocado para a tarefa crítica é liberado, e a tarefa ordinária é pausada, mantendo apenas a tarefa crítica em execução até o seu término. Uma vez concluída a tarefa crítica, as demais tarefas ordinárias são reiniciadas. Assim, o processador executa em modo "compartilhado" até o momento em que o tempo de espera da tarefa crítica por um dado recurso alocado a uma ou mais tarefas não-críticas é inferior ao slack time, mas note que o autor não leva em consideração o fato da tarefa crítica poder consumir tempos diferentes e menores que o WCET para ser executada (o que acontece na maioria dos vezes). Neste caso, o período de tempo no qual o processador executa em modo "compartilhado" poderia ser maior se o autor levasse em consideração o monitoramento em tempo real da tarefa crítica. Esta condição faria com que o slack time fosse ajustado dinamicamente, em tempo real, o que resultaria em um período mais longo para o processador permanecer no modo "compartilhado" e portanto, incrementando o desempenho do processador ao máximo possível sem o risco de perda de confiabilidade do sistema pela eventual violação da deadline pela tarefa crítica. Na sequencia, esta patente foi tornada pública através do trabalho publicado em [0012], onde detalhes adicionais foram descritos. US2009 / 0307700 relates to a US filed patent for a system, in a processor structure, adapted for performing critical tasks in multi-core architectures, and comprising means for determining the time remaining in relation to the runtime deadline. The system monitors whether the critical task requires the use of any resources (for example, the system's global memory access bus) that at that moment some ordinary (less critical) task is using. If so, the proposed technique calculates the critical task wait time for this resource and if this time is equal to or greater than a "slack time"{"slack time = WCET - deadline", where WCET was determined with the task critical running in isolation on the processor) the non-critical task is stopped, the resource allocated for the critical task is released, and the ordinary task is paused, keeping only the critical task running until it finishes. Once the critical task is completed, the remaining ordinary tasks are restarted. Thus, the processor runs in "shared" mode until the critical task wait time for a given resource allocated to one or more non-critical tasks is less than slack time, but note that the author does not take into account the fact that the critical task can take different and shorter times than WCET to perform (which happens most of the time). In this case, the time period in which the processor runs in "shared" mode could be longer if the author took into account real-time monitoring of the critical task. This condition would cause the slack time to be dynamically adjusted in real time, which would result in a longer period of time for the processor to remain in "shared" mode and thus increasing the processor performance as much as possible without the risk of loss of power. system reliability due to possible deadline violation by the critical task. Subsequently, this patent was made public through work published in [0012], where further details were described.
[0012] A publicação "Hardware Support for WCET Analysis of Hard Real-Time Multicore Systems", dos autores Marco Paolieri, Eduardo Quihones, Francisco J. Cazorla, Guillem Bernat e Mateo Valero, revela mais detalhes sobre a mesma arquitetura multicore com compartilhamento dos recursos do processador para aplicações em tempo real, descrita anteriormente pelo documento US2009/0307700. Nota-se que um dos co-autores desta publicação também é o autor da patente (Francisco J. Cazorla). A arquitetura apresentada no artigo permite a análise do tempo de uma dada tarefa crítica determinando seus tempos máximos de execução. Assim, no momento em que a execução de uma tarefa crítica é iniciada, uma configuração denominada WCET Computation Mode faz com que essa tarefa seja realizada isoladamente, interrompendo as tarefas ordinárias restantes. O conteúdo descrito na publicação no entanto, relata que o sistema interrompe uma tarefa ordinária logo que uma tarefa crítica é iniciada. Esse fato (a exemplo daquele descrito anteriormente, no documento US2009/0307700), revela que é realizada uma única comutação entre os núcleos do processador descrito no artigo, pausando compulsoriamente a tarefa ordinária (e as demais, se houver) até o término da tarefa crítica, o que ocasiona uma perda no rendimento do sistema. [0012] The publication "Hardware Support for WCET Analysis of Hard Real-Time Multicore Systems" by authors Marco Paolieri, Eduardo Quihones, Francisco J. Cazorla, Guillem Bernat and Mateo Valero, reveal more details about the same multicore processor-sharing architecture for real-time applications, described earlier in US2009 / 0307700. Note that one of the co-authors of this publication is also the author of the patent (Francisco J. Cazorla). The architecture presented in the article allows the analysis of the time of a given critical task determining its maximum execution times. Thus, at the moment the execution of a critical task begins, a configuration called WCET Computation Mode causes that task to be performed in isolation, interrupting the remaining ordinary tasks. Content described in the publication, however, reports that the system stops an ordinary task as soon as a critical task is started. This fact (as in the example described previously in US2009 / 0307700) reveals that a single switchover is performed between the processor cores described in the article, compulsorily pausing the ordinary task (and others, if any) until the task is completed critical, which causes a loss in system performance.
[0013] A publicação "Virtual Simple Architecture (VISA): Exceeding the Complexity Limit in Safe Real-Time Systems", dos autores Aravindh Anantaraman, Kiran Seth, Kaustubh Patil, Eric Rotenberg, Frank Mueller, revela um sistema para a detecção do WCET de uma tarefa crítica baseado em um circuito com watchdog, implementado em hardware, que monitora e mapea os checkpoints de uma tarefa crítica executada concorrentemente com outras tarefas ordinárias no pipeline complexo de um processador. Caso seja detectado pelo watchdog que algum checkpoint da tarefa crítica foi violado durante a execução desta no pipeline do processador, a técnica assume que todos os recursos de arquitetura que tornavam o pipeline imprevisíveis são desabilitados, deixando a tarefa crítica para ser executada no pipeline com "predição estática de desvios condicionais" e "execução-em-ordem das instruções", por exemplo, além de, principalmente, desabilitar a execução no pipeline das outras tarefas ordinárias. Desta forma, o conteúdo descrito na publicação relata que o sistema interrompe uma tarefa ordinária caso detecte- se que algum checkpoint da tarefa crítica é violado durante a sua execução no pipeline. Esse fato revela que é realizada uma única comutação entre os núcleos do processador descrito no artigo, pausando compulsoriamente a tarefa ordinária (e as demais, se houver) até o término da tarefa crítica, o que ocasiona uma perda no rendimento do sistema. [0013] The publication "Virtual Simple Architecture (VISA): Exceeding the Complexity Limit in Safe Real-Time Systems" by authors Aravindh Anantaraman, Kiran Seth, Patty Kaustubh, Eric Rotenberg, Frank Mueller, reveals a system for detecting WCET A hardware-based watchdog circuit-critical task that monitors and maps the checkpoints of a critical task performed concurrently with other ordinary tasks on a complex processor pipeline. If it is detected by the watchdog that any critical task checkpoints have been violated while running the processor in the processor pipeline, the technique assumes that all architectural features that made the pipeline unpredictable are disabled, leaving the critical task to run in the pipeline with " static prediction of "conditional offsets" and "execution-in-order of statements", for example, and mainly disable pipeline execution of other ordinary tasks. Thus, the content described in Publication reports that the system halts an ordinary task if it detects that any critical task checkpoints are violated during its execution in the pipeline. This fact reveals that a single switch is performed between the processor cores described in the article, compulsorily pausing the ordinary task (and the others, if any) until the end of the critical task, which causes a loss in system performance.
[0014] Assim, do que se depreende da literatura pesquisada, não foram encontrados documentos antecipando ou sugerindo os ensinamentos da presente invenção, de forma que a solução aqui proposta possui novidade e atividade inventiva frente ao estado da técnica.  Thus, from what is clear from the researched literature, no documents were found anticipating or suggesting the teachings of the present invention, so that the solution proposed here has novelty and inventive activity in relation to the state of the art.
[0015] Em outras palavras, as técnicas de análise e de controle temporal que existem atualmente, bem como o conteúdo dos antecedentes da presente invenção, não conseguem determinar com exatidão o tempo máximo de execução (WCET) de um programa executado por um processador multicore. Além disso, possuem um rendimento reduzido, uma vez que: não realizam comutação entre os núcleos do processador; e pausam temporariamente tarefas ordinárias logo que a execução da tarefa crítica é iniciada, ao invés de pausar uma tarefa ordinária apenas quando o tempo de execução de uma tarefa crítica ultrapassa um limite pré-determinado.  In other words, the current analysis and time control techniques, as well as the background content of the present invention, cannot accurately determine the maximum execution time (WCET) of a program executed by a multicore processor. . In addition, they have a low throughput because they do not switch between processor cores; and temporarily pause ordinary tasks as soon as critical task execution begins, rather than pausing an ordinary task only when the critical task execution time exceeds a predetermined threshold.
Sumário da Invenção Summary of the Invention
[0016] Dessa forma, a presente invenção tem como objetivo resolver os problemas constantes no estado da técnica por meio de um sistema capaz de determinar exatamente o tempo máximo de execução (WCET) de uma dada tarefa crítica, sendo esta realizada por um programa executado por um processador multicore. O objetivo do sistema é garantir que o tempo de resposta máximo da função crítica do programa executado pelo processador não exceda um limite pré-definido, e, caso essa tarefa crítica não seja encerrada até o limite, o sistema desabilita os demais núcleos do processador, mantendo em operação apenas o núcleo que está executando a tarefa crítica. Este fato se torna de extrema importância em tecnologias que utilizam sistemas embarcados, uma vez que um sistema que demora a apresentar uma resposta de certo comando pode ocasionar prejuízos severos. Thus, the present invention aims to solve the constant problems in the state of the art by means of a system capable of determining exactly the maximum execution time (WCET) of a given critical task, which is performed by a program executed. by a multicore processor. The purpose of the system is to ensure that the maximum response time of the program critical function executed by the processor does not exceed a predefined limit, and if this critical task is not completed to the limit, the system disables the remaining processor cores, keeping in operation only the core that is performing the critical task. This fact becomes extremely important in technologies that use embedded systems, since a system that takes a long time to respond to a certain command can cause severe damage.
[0017] Neste cenário, é utilizado um hardware específico, implementado por um sistema com watchdog, e configurado com informação pertinente à execução do programa crítico de forma isolada (isto é, em um processador com um único núcleo), o que é de complexidade computacional limitada e extremamente factível. O watchdog é configurado com o valor do tempo máximo alocado para a execução da tarefa crítica, de acordo com os requisitos dos organismos internacionais e em função do nicho de aplicação. Assim, o hardware tem a função de monitorar o tempo de execução da referida tarefa sem necessidade de saber qual é o valor do WCET para este programa em um ambiente com vários núcleos de um microprocessador.  In this scenario, specific hardware is implemented, implemented by a watchdog system, and configured with information pertinent to the execution of the critical program in isolation (ie on a single core processor), which is of complexity. computationally limited and extremely feasible. The watchdog is configured with the value of the maximum time allocated for the execution of the critical task, according to the requirements of international organizations and according to the application niche. Thus, the hardware has the function of monitoring the execution time of said task without needing to know what is the value of WCET for this program in a multi-core microprocessor environment.
[0018] Também vale ressaltar que, no caso da presente invenção, não é preciso desenvolver modelos, realizar simulações abstratas do processador (como no caso das técnicas de "Análise de Tempo Estático"), ou exercitar exaustivamente a plataforma de hardware do sistema embarcado com um número infindável de dados de entrada (como no caso das técnicas de "Análise de Tempo Dinâmico"). Além destas vantagens da invenção proposta, deve-se reforçar que o projeto do watchdog apresenta menor complexidade do que o cálculo do WCET via análise teórica ou por medições diretamente na plataforma de hardware, tal como realizado pelas técnicas existentes.  It is also noteworthy that, in the case of the present invention, there is no need to develop models, perform abstract processor simulations (as in the case of "Static Time Analysis" techniques), or thoroughly exercise the embedded system hardware platform. with an endless number of input data (as with "Dynamic Time Analysis" techniques). In addition to these advantages of the proposed invention, it should be stressed that the watchdog design presents less complexity than WCET calculation via theoretical analysis or by measurements directly on the hardware platform, as performed by existing techniques.
[0019] Estes e outros fatos tornam a presente invenção uma solução capaz de garantir que o tempo máximo alocado para a execução de um dado programa não será ultrapassada em um ambiente com vários núcleos de um microprocessador, cada um deles executando uma ou mais tarefas. These and other facts make the present invention a solution capable of ensuring that the maximum time allocated for running a given program will not be exceeded in a multi-core microprocessor environment, each performing one or more tasks.
[0020] Estes e outros objetos da invenção serão imediatamente valorizados pelos versados na arte e pelas empresas com interesses no segmento, e serão descritos em detalhes suficientes para sua reprodução na descrição a seguir. Breve Descrição das Figuras These and other objects of the invention will be immediately appreciated by those skilled in the art and companies having an interest in the segment, and will be described in sufficient detail for their reproduction in the following description. Brief Description of the Figures
[0021] As seguintes figuras são apresentadas com o intuito de melhor definir e esclarecer o conteúdo do presente pedido de patente:  The following figures are presented in order to further define and clarify the contents of this patent application:
[0022] A Figura 1 ilustra a linha do tempo de execução de uma tarefa crítica, indicando seus marcos de controle.  [0022] Figure 1 illustrates the execution timeline of a critical task, indicating its control milestones.
[0023] A Figura 2 ilustra um exemplo de aplicação da técnica proposta pela presente invenção na forma de um diagrama de blocos do interior do hardware.  Figure 2 illustrates an example of applying the technique proposed by the present invention in the form of a block diagram of the interior of the hardware.
[0024] A Figura 3 ilustra um diagrama didático de operação do watchdog (W). [0024] Figure 3 illustrates a didactic diagram of the watchdog operation (W).
Descrição Detalhada da Invenção Detailed Description of the Invention
[0025] As descrições que seguem são apresentadas a título de exemplo e não limitativas ao escopo da invenção e farão compreender de forma mais clara o objeto do presente pedido de patente.  The following descriptions are given by way of example and not limiting the scope of the invention and will more clearly understand the subject matter of the present patent application.
[0026] Em um primeiro objeto, a presente invenção fornece um método de determinação exata do tempo máximo de execução (T) de uma dada tarefa crítica (TC), sendo um programa de computador ou função programada, com rendimento satisfatório, em processadores multicore; processadores com dois ou mais núcleos de operação. O objetivo do sistema é garantir que o tempo de resposta máximo do programa executado por um processador não exceda um tempo limite pré-definido e, ao contrário das técnicas já existentes desse campo técnico, somente se a tarefa crítica (TC) de certo núcleo não for encerrada antes do tempo limite, o sistema desabilita os demais núcleos do processador, mantendo em funcionamento apenas o núcleo que está executando a tarefa crítica (TC). Em tecnologias que utilizam computadores de bordo em sistemas embarcados, este conhecimento se torna de extrema importância, uma vez que um sistema que demora a apresentar uma resposta a determinado comando pode ocasionar prejuízos severos.  In a first object, the present invention provides a method of accurately determining the maximum execution time (T) of a given critical task (TC), being a satisfactory programmed computer program or function in multicore processors. ; processors with two or more operating cores. The goal of the system is to ensure that the maximum program response time executed by a processor does not exceed a predefined timeout and, unlike existing techniques in this technical field, only if the critical core task (TC) does not is terminated before the timeout, the system disables the remaining processor cores, keeping only the core performing the critical task (TC) running. In technologies that use onboard computers in embedded systems, this knowledge becomes extremely important as a system that takes a long time to respond to a given command can cause severe damage.
[0027] Em uma concretização, o dispositivo sobre o qual a presente invenção discorre trata de um sistema de watchdog (W) implementado em hardware, sendo este acoplado ao barramento do processador com sua memória. O watchdog (W) é configurado para determinar e garantir que o tempo máximo de execução (T), WCET { Worst-Case Execution Time), de uma tarefa crítica (TC), não ultrapasse o seu deadline; lembrando que deadline é o prazo máximo de execução da tarefa crítica (TC) estabelecido pelos organismos internacionais. Em outras palavras, o valor do WCET deve ser menor do que o deadline de execução da tarefa. Com isso, uma margem de segurança compreendida entre o limite WCET e o deadline da referida tarefa crítica (TC) é definida. Essas características de operação são exemplificadas pela Figura 1 , por meio de uma linha do tempo. [0027] In one embodiment, the device of which the present invention relates is a hardware implemented watchdog system (W), which is coupled to the processor bus with its memory. THE watchdog (W) is configured to determine and ensure that the maximum execution time (T), WCET {Worst-Case Execution Time), of a critical task (TC) does not exceed its deadline; remembering that deadline is the maximum deadline for the critical task (TC) established by international organizations. In other words, the WCET value must be less than the task execution deadline. Thus, a safety margin between the WCET limit and the deadline of said critical task (TC) is defined. These operating characteristics are exemplified by Figure 1 by means of a timeline.
[0028] O watchdog (W) é composto por um bloco monitor de checkpoint (MC) e um bloco controlador de tempo de checkpoint (CTC). Através de um sinal de entrada (GPIO - General-Purpose Input-Output), este bloco identifica o atual checkpoint da tarefa crítica em execução, denominado CPID {Checkpoint ID). O segundo bloco determina, a partir do instante de tempo do CPID, seu tempo crítico (CCT - Criticai Checkpoint Time), isto é, o tempo necessário para configurar o watchdog (W) no atual checkpoint, dado pela expressão: CCT(CPID) = Deadline - WCET(CPID). O bloco controlador de tempo de checkpoint (CTC) também identifica quando uma tarefa é iniciada {CTaskStart) e quando ela é encerrada {CTaskEnd), enviando sinalizadores para o bloco watchdog timer (WT), o qual é dotado de um temporizador (Temp) e é responsável por notificar o processador com a devida função a ser executada. Um exemplo de como pode ser implementada a técnica proposta pela presente invenção utilizando esses componentes do watchdog (W) são didaticamente ilustrados pelo diagrama de blocos da Figura 2.  The watchdog (W) consists of a checkpoint monitor block (MC) and a checkpoint time controller block (CTC). Through a General Purpose Input-Output (GPIO) signal, this block identifies the current critical task checkpoint, called CPID {Checkpoint ID). The second block determines, from the CPID time instant, its Critical Checkpoint Time (CCT), that is, the time required to configure the watchdog (W) at the current checkpoint, given by the expression: CCT (CPID) = Deadline - WCET (CPID). The checkpoint time controller block (CTC) also identifies when a task is started {CTaskStart) and when it is terminated {CTaskEnd) by sending flags to the watchdog block (WT), which has a timer (Temp) and is responsible for notifying the processor with the proper function to be performed. An example of how the technique proposed by the present invention can be implemented using such watchdog components (W) is didactically illustrated by the block diagram of Figure 2.
[0029] Quando uma tarefa for iniciada, o watchdog timer (WT) inicia o monitoramento do tempo de execução (T) da tarefa crítica (TC) por meio do temporizador (Temp). Caso o tempo de execução (T) seja maior que o tempo definido para margem de segurança (MS), dada por deadline - WCET(CPID), do atual checkpoint, ou seja, caso o tempo de execução (T) seja maior que CCT(CPID), o sistema envia um comando Warning (Wng) ao barramento do processador para que os demais núcleos sejam desativados, de modo que apenas o núcleo com a tarefa crítica (TC) permaneça em execução. Caso o tempo de execução (T) da tarefa crítica (TC) ultrapasse o deadline (DR - Deadline Reached), o sistema apresenta erro e envia um sinal de reset ao processador para reiniciar o sistema, colocando-o em um estado conhecido no qual todos os registradores estarão "zerados". Caso o comando Warning (Wng) não seja enviado ou o deadline não seja ultrapassado, a lógica descrita se repete até que a tarefa crítica (TC) seja finalizada. A Figura 3 ilustra um diagrama didático dessa operação lógica do hardware. When a task is started, the watchdog timer (WT) starts monitoring the critical task (TC) runtime (T) through the timer (Temp). If the execution time (T) is greater than the time defined for safety margin (MS), given by deadline - WCET (CPID), of the current checkpoint, ie if the execution time (T) is greater than CCT (CPID), the system sends a Warning (Wng) command to the system bus. processor so that the remaining cores are disabled so that only the core with the critical task (TC) remains running. If the critical task (TC) execution time (T) exceeds the deadline reached (DR), the system displays an error and sends a reset signal to the processor to restart the system, placing it in a known state in which all registers will be "reset". If the Warning (Wng) command is not sent or the deadline is not exceeded, the logic described is repeated until the critical task (TC) is completed. Figure 3 illustrates a didactic diagram of this logical hardware operation.
[0030] O modo de operação do watchdog (W) aqui descrito é bem representado pelo conceito de comutação de núcleos do processador, o que aumenta o rendimento do sistema. Os documentos e publicações encontrados no estado da técnica mostram-se incapazes de efetuar o processo em ambientes com vários núcleos de processador, e, ao contrário da presente invenção, eles pausam temporariamente a execução das demais tarefas assim que a execução da tarefa crítica (TC) se inicia. The watchdog (W) mode of operation described herein is well represented by the concept of processor core switching, which increases system throughput. State-of-the-art documents and publications are unable to perform the process in multi-processor environments, and unlike the present invention, they temporarily pause the execution of other tasks as soon as the critical task (TC) is performed. ) starts.
Exemplo de Realização Preferencial Preferred Realization Example
[0031] Em um exemplo de realização preferencial, no emprego do dispositivo e/ou método da presente invenção em um sistema de controle de aeronaves, um piloto de uma aeronave deve manusear o manche do veículo com demasiada precisão, seja em função de propósitos militares ou comerciais, garantindo que seu objetivo seja alcançado com exatidão e sem dificuldades ou riscos. O programa do computador de bordo, responsável pelo comando do manche, deve responder a um comando específico dentro de um tempo limite de alguns milissegundos, de acordo com as exigências de organismos internacionais no campo da aviação. Caso contrário, o programa é considerado inseguro/impreciso e o computador de bordo não recebe certificação/permissão desses organismos internacionais para operação. [0032] Os versados na arte valorizarão os conhecimentos aqui apresentados e poderão reproduzir a invenção nas modalidades apresentadas e em outras variantes, abrangidas no escopo das reivindicações anexas. [0031] In one preferred embodiment, in employing the device and / or method of the present invention in an aircraft control system, an aircraft pilot must handle the vehicle's joystick too precisely, either for military purposes. or commercial, ensuring that your goal is achieved accurately and without difficulty or risk. The on-board computer program, which controls the joystick, must respond to a specific command within a few milliseconds, in accordance with the requirements of international aviation bodies. Otherwise, the program is considered unsafe / inaccurate and the on-board computer is not certified / permitted by these international organizations for operation. Those skilled in the art will enhance the knowledge presented herein and may reproduce the invention in the embodiments disclosed and in other embodiments within the scope of the appended claims.

Claims

Reivindicações MÉTODO E DISPOSITIVO PARA ANÁLISE E CONTROLE TEMPORAL DA APLICAÇÃO CRÍTICA DE UM PROCESSADOR MULTICORE METHOD AND DEVICE FOR ANALYSIS AND TEMPORAL CONTROL OF CRITICAL APPLICATION OF A MULTICORE PROCESSOR
1 . Método de análise e controle temporal da aplicação crítica de um processador multicore caracterizado pelo fato de monitorar o tempo de execução (T) de uma tarefa crítica (TC) em um núcleo e interromper todas as demais tarefas executadas nos demais núcleos somente quando o tempo de execução (T) da tarefa crítica (TC) atinge um limite de tempo pré-determinado (WCET). 1 . Method of analysis and temporal control of the critical application of a multicore processor characterized by monitoring the execution time (T) of a critical task (TC) in one core and interrupting all other tasks performed in the other cores only when the critical task (T) execution (T) reaches a predetermined time limit (WCET).
2. Método, de acordo com a reivindicação 2, caracterizado pelo fato do Watchdog Timer (WT) enviar:  Method according to claim 2, characterized in that the Watchdog Timer (WT) sends:
a. sinal de Warning (Wng) para desabilitar os demais núcleos do processador, quando a contagem do temporizador (Temp) é igual ou superior à diferença entre o tempo limite estabelecido por norma {deadline) e o limite de tempo pré-determinado (WCET); ou b. sinal de alcance do tempo estabelecido por norma (DR) para reiniciar a operação do Watchdog (W) quando a contagem do temporizador (Temp) é igual ou superior ao tempo limite estabelecido por norma {deadline).  The. Warning signal (Wng) to disable other processor cores when the timer count (Temp) is equal to or greater than the difference between the deadline and the default time limit (WCET); or b. Normally set time range (DR) signal to restart Watchdog operation (W) when the timer count (Temp) is equal to or greater than the standard deadline.
3. Método, de acordo com a reivindicação 1 , caracterizado pelo fato de compreender as etapas de:  Method according to claim 1, characterized in that it comprises the steps of:
a. verificar se uma tarefa crítica (TC) foi iniciada;  The. check if a critical task (CT) has been started;
b. repetir a verificação da etapa "a" até uma tarefa crítica (TC) ser iniciada;  B. repeat the verification of step "a" until a critical task (TC) is started;
c. iniciar a contagem do temporizador (Temp), após detecção de início de uma tarefa crítica (TC);  ç. start timer count (Temp) after detection of the start of a critical task (TC);
d. verificar se a tarefa crítica (TC) foi encerrada;  d. check if the critical task (CT) has been completed;
e. retornar à etapa "a" após o encerramento da tarefa crítica (TC); f. se a tarefa crítica (TC) não tiver sido encerrada, comparar a contagem do temporizador (Temp) até o atual momento com o valor de tempo limite estabelecido por norma {deadline); and. return to step "a" after the critical task (TC) ends; f. If the critical task (TC) has not been completed, compare the timer count (Temp) to date with the timeout value set by {deadline};
g. se a contagem do temporizador (Temp) for igual ou superior ao tempo limite estabelecido por norma {deadline), reiniciar o sistema; h. se a contagem do temporizador (Temp) for menor que o tempo limite estabelecido por norma, comparar a contagem do temporizador (Temp) com a diferença entre o tempo limite estabelecido por norma {deadline) e o limite de tempo pré-determinado (WCET); i. se a contagem do temporizador (Temp) for menor que a diferença entre o tempo limite estabelecido por norma {deadline) e o limite de tempo pré-determinado (WCET), retornar à etapa "d";  g. if the timer count (Temp) is equal to or greater than the deadline, restart the system; H. If the timer count (Temp) is less than the default time limit, compare the timer count (Temp) with the difference between the standard deadline and the predetermined time limit (WCET). ; i. if the timer count (Temp) is less than the difference between the deadline and the default time limit (WCET), return to step "d";
j. se a contagem do temporizador (Temp) for igual ou superior à diferença entre o tempo limite estabelecido por norma {deadline) e o limite de tempo pré-determinado (WCET), desabilitar os núcleos do processador que não realizam a tarefa crítica (TC) e retornar à etapa "d".  j. if the timer count (Temp) is equal to or greater than the difference between the deadline and the default time limit (WCET), disable processor cores that do not perform the critical task (TC) and return to step "d".
4. Dispositivo para análise e controle temporal da aplicação crítica de um processador multicore caracterizado pelo fato de compreender:  4. Device for analysis and temporal control of the critical application of a multicore processor characterized by the fact that it comprises:
a. Watchdog (W);  The. Watchdog (W);
b. Monitor de Checkpoint (MC);  B. Checkpoint Monitor (MC);
c. Controlador de Tempo de Checkpoint (CTC); e  ç. Checkpoint Time Controller (CTC); and
d. Watchdog Timer (WT) com Temporizador (Temp),  d. Watchdog Timer (WT) with Timer (Temp),
sendo o dispositivo acoplado ao barramento do processador.  the device being coupled to the processor bus.
5. Dispositivo de acordo com a reivindicação 4, caracterizado pelo fato do Watchdog (W) compreender o Monitor de Checkpoint (MC), o Controlador de Tempo de Checkpoint (CTC) e o Watchdog Timer (WT) com Temporizador (Temp).  Device according to claim 4, characterized in that the Watchdog (W) comprises the Checkpoint Monitor (MC), the Checkpoint Time Controller (CTC) and the Watchdog Timer (WT) with Timer (Temp).
6. Dispositivo de acordo com qualquer uma das reivindicações 4 a 5, caracterizado pelo fato do Monitor de Checkpoint (MC) receber um sinal de entrada, receber e enviar um sinal de relógio (Clk), receber e enviar um sinal Reset, e enviar um sinal (CPID) de identificação do checkpoint atual. Device according to any one of claims 4 to 5, characterized in that the Checkpoint Monitor (MC) receives a signal from input, receive and send a clock signal (Clk), receive and send a Reset signal, and send a signal (CPID) identifying the current checkpoint.
7. Dispositivo de acordo com a reivindicação 6, caracterizado pelo fato do Monitor de Checkpoint (MC) receber um sinal Reset somente no momento de inicialização do dispositivo.  Device according to Claim 6, characterized in that the Checkpoint Monitor (MC) receives a Reset signal only at the time of device initialization.
8. Dispositivo de acordo com qualquer uma das reivindicações 4 a 7, caracterizado pelo fato do Controlador de Tempo de Checkpoint (CTC) receber sinal (CPID), receber e enviar um sinal de relógio (Clk), receber e enviar um sinal Reset, enviar os sinais CTaskStart e CTaskEnd que marcam o início e término da tarefa crítica (TC), e enviar um sinal CCT de tempo de configuração do watchdog (W) do atual checkpoint.  Device according to any one of claims 4 to 7, characterized in that the Checkpoint Time Controller (CTC) receives a signal (CPID), receives and sends a clock signal (Clk), receives and sends a reset signal, send the CTaskStart and CTaskEnd signals that mark the start and end of the critical task (TC), and send a watchdog configuration time (W) CCT signal from the current checkpoint.
9. Dispositivo de acordo com a reivindicação 8, caracterizado pelo fato do Controlador de Tempo de Checkpoint (CTC) receber um sinal Reset somente no momento de inicialização do dispositivo.  Device according to Claim 8, characterized in that the Checkpoint Time Controller (CTC) receives a Reset signal only at the time of device initialization.
10. Dispositivo de acordo com qualquer uma das reivindicações 4 a 9, caracterizado pelo fato do Watchdog Timer (WT) com Temporizador (Temp) receber os referidos sinais CCT, CTaskStart, CTaskEnd, sinal de relógio (Clk), e sinal Reset, e enviar sinal de Warning (Wng) ou sinal de alcance do tempo estabelecido por norma (DR).  Device according to any one of claims 4 to 9, characterized in that the Watchdog Timer (WT) with Timer (Temp) receives said CCT, CTaskStart, CTaskEnd, Clock signal (Clk), and Reset signal, and send Warning signal (Wng) or standard time range signal (DR).
1 1 . Dispositivo de acordo com a reivindicação 6, caracterizado pelo fato do Watchdog Timer (WT) receber um sinal Reset no momento de inicialização do dispositivo.  1 1. Device according to claim 6, characterized in that the Watchdog Timer (WT) receives a Reset signal at the time of device initialization.
PCT/BR2016/050189 2015-08-11 2016-08-11 Method and device for analysing and timing the critical application of a multicore processor WO2017024371A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
BR102015019186A BR102015019186A2 (en) 2015-08-11 2015-08-11 method and device for analysis and temporal control of critical application of a multicore processor
BRBR102015019186-3 2015-08-11

Publications (1)

Publication Number Publication Date
WO2017024371A1 true WO2017024371A1 (en) 2017-02-16

Family

ID=57965178

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/BR2016/050189 WO2017024371A1 (en) 2015-08-11 2016-08-11 Method and device for analysing and timing the critical application of a multicore processor

Country Status (2)

Country Link
BR (1) BR102015019186A2 (en)
WO (1) WO2017024371A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109032878A (en) * 2018-09-13 2018-12-18 郑州云海信息技术有限公司 A kind of GPIO test method and device
FR3072191A1 (en) * 2017-10-11 2019-04-12 Thales METHOD AND DEVICE FOR MONITORING AN AVIONOUS SOFTWARE APPLICATION VIA ITS RUNTIME, COMPUTER PROGRAM AND ASSOCIATED AVIONICS SYSTEM
CN111538604A (en) * 2020-04-22 2020-08-14 北京字节跳动网络技术有限公司 Distributed task processing system

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115495321B (en) * 2022-11-18 2023-03-24 天河超级计算淮海分中心 Automatic identification method for use state of super-computation node

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030037172A1 (en) * 2001-08-17 2003-02-20 John Lacombe Hardware implementation of an application-level watchdog timer
US20090307700A1 (en) * 2008-06-10 2009-12-10 Barcelona Supercomputing - Centro Nacional De Supercomputacion Multithreaded processor and a mechanism and a method for executing one hard real-time task in a multithreaded processor
US20130036421A1 (en) * 2011-08-01 2013-02-07 Honeywell International Inc. Constrained rate monotonic analysis and scheduling
US20160196149A1 (en) * 2015-01-05 2016-07-07 Dell Software Inc. Milestone based dynamic multiple watchdog timeouts and early failure detection

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030037172A1 (en) * 2001-08-17 2003-02-20 John Lacombe Hardware implementation of an application-level watchdog timer
US20090307700A1 (en) * 2008-06-10 2009-12-10 Barcelona Supercomputing - Centro Nacional De Supercomputacion Multithreaded processor and a mechanism and a method for executing one hard real-time task in a multithreaded processor
US20130036421A1 (en) * 2011-08-01 2013-02-07 Honeywell International Inc. Constrained rate monotonic analysis and scheduling
US20160196149A1 (en) * 2015-01-05 2016-07-07 Dell Software Inc. Milestone based dynamic multiple watchdog timeouts and early failure detection

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3072191A1 (en) * 2017-10-11 2019-04-12 Thales METHOD AND DEVICE FOR MONITORING AN AVIONOUS SOFTWARE APPLICATION VIA ITS RUNTIME, COMPUTER PROGRAM AND ASSOCIATED AVIONICS SYSTEM
EP3470986A1 (en) * 2017-10-11 2019-04-17 Thales Method and device for monitoring an avionics software application by means of its execution time, associated computer program and avionics system
CN109656775A (en) * 2017-10-11 2019-04-19 泰雷兹公司 By the method and apparatus, related computer program and the avionics system that execute time monitoring avionics hardware application program
US10571295B2 (en) 2017-10-11 2020-02-25 Thales Method and device for monitoring an avionics software application via its execution duration, related computer program and avionics system
CN109656775B (en) * 2017-10-11 2023-09-15 泰雷兹公司 Method and device for monitoring avionic software applications by means of execution time, associated computer program and avionic system
CN109032878A (en) * 2018-09-13 2018-12-18 郑州云海信息技术有限公司 A kind of GPIO test method and device
CN111538604A (en) * 2020-04-22 2020-08-14 北京字节跳动网络技术有限公司 Distributed task processing system
CN111538604B (en) * 2020-04-22 2023-03-28 北京字节跳动网络技术有限公司 Distributed task processing system

Also Published As

Publication number Publication date
BR102015019186A2 (en) 2017-02-14

Similar Documents

Publication Publication Date Title
Nowotsch et al. Multi-core interference-sensitive WCET analysis leveraging runtime resource capacity enforcement
JP7007425B2 (en) Memory allocation technology for partially offloaded virtualization managers
Nikolaev et al. VirtuOS: An operating system with kernel virtualization
US9052967B2 (en) Detecting resource deadlocks in multi-threaded programs by controlling scheduling in replay
WO2017024371A1 (en) Method and device for analysing and timing the critical application of a multicore processor
Ben-Yehuda et al. The offline scheduler for embedded vehicular systems
US8799908B2 (en) Hardware-enabled lock mediation for controlling access to a contested resource
US9122508B2 (en) Real time measurement of I/O interrupt delay times by hypervisor by selectively starting and/or stopping corresponding LPARs
Nowotsch et al. Monitoring and WCET analysis in COTS multi-core-SoC-based mixed-criticality systems
US9454424B2 (en) Methods and apparatus for detecting software inteference
Kantee Flexible operating system internals: the design and implementation of the anykernel and rump kernels
Huyck ARINC 653 and multi-core microprocessors—Considerations and potential impacts
Axnix et al. IBM z13 firmware innovations for simultaneous multithreading and I/O virtualization
Ge et al. HYPERFUZZER: An efficient hybrid fuzzer for virtual cpus
Klingensmith et al. Using virtualized task isolation to improve responsiveness in mobile and iot software
Crespo et al. Multicore partitioned systems based on hypervisor
Müller et al. Performance analysis of KVM hypervisor using a self-driving developer kit
Murillo et al. Synchronization for hybrid MPSoC full-system simulation
Kubacki et al. Performance issues in creating cloud environment
Benedicte et al. Towards limiting the impact of timing anomalies in complex real-time processors
El-Bayoumi ISO-26262 Compliant Safety-Critical Autonomous Driving Applications: Real-Time Interference-Aware Multicore Architectures
Oliveira et al. Investigating and mitigating contention on low-end multi-core microcontrollers
Fernández Díaz Enhancing timing analysis for COTS multicores for safety-related industry: a software approach
McLeod Usermode OS components on seL4 with rump kernels
Bloom et al. Aligning Deos and RTEMS with the FACE safety base operating system profile

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16834335

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16834335

Country of ref document: EP

Kind code of ref document: A1