WO2012070727A1 - Procédé et système pour résoudre des concurrences d'un programme multifil dans un système informatique arinc-653 pour un avion - Google Patents

Procédé et système pour résoudre des concurrences d'un programme multifil dans un système informatique arinc-653 pour un avion Download PDF

Info

Publication number
WO2012070727A1
WO2012070727A1 PCT/KR2011/002056 KR2011002056W WO2012070727A1 WO 2012070727 A1 WO2012070727 A1 WO 2012070727A1 KR 2011002056 W KR2011002056 W KR 2011002056W WO 2012070727 A1 WO2012070727 A1 WO 2012070727A1
Authority
WO
WIPO (PCT)
Prior art keywords
contention
healing
data
arinc
lock
Prior art date
Application number
PCT/KR2011/002056
Other languages
English (en)
Korean (ko)
Inventor
전용기
참구에기마틴
하옥균
Original Assignee
경상대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 경상대학교 산학협력단 filed Critical 경상대학교 산학협력단
Publication of WO2012070727A1 publication Critical patent/WO2012070727A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/362Software debugging
    • G06F11/3632Software debugging of specific synchronisation aspects

Definitions

  • the present invention relates to a method and system for detecting and healing data contention that may occur in a multithreaded program of an ARINC-653 based aircraft computer system.
  • IMA Integrated Modular Avionics
  • FIG. 1 is an exemplary diagram of a multi-threaded program
  • FIG. 2 is an execution diagram intended or expected when executing the program shown in FIG. 1
  • FIG. 3 is due to an unexpected execution when executing the program shown in FIG. An example diagram in which data contention occurs.
  • FIG. 2 when a parallel program executed in two threads is executed, an execution process as shown in FIG. 2 is expected.
  • r3 and w4 of thread B intervene before thread A is completed by abnormal multithreaded contention, resulting in an unintended result.
  • This concurrency error in a multithreaded program is called contention.
  • the main feature of the ARINC-653 in the execution of aeronautical software applications is the inclusion of a health monitor with a recovery mechanism for error occurrence at each level of process, partition and module.
  • recovering by the health monitor may include recovery through an error handler at the process level, possible countermeasures at the module level, reset the module, stop, close the module, or ignore errors, and possible countermeasures at the partition level.
  • the present invention relates to a method and system for detecting data contention that may occur in a multi-threaded program of an ARINC-653-based aircraft computer system and immediately repairing the detected contention error without stopping the system. Invention.
  • a method of healing a multi-threaded program includes detecting a data contention occurrence of a multi-threaded program by a detector, and healing a data contention by a healer.
  • the detecting of the contention occurrence of the multi-threaded program includes generating a label for each thread and detecting the occurrence of the contention using a detection protocol.
  • the detector After the detector detects a data contention occurrence of the multi-threaded program, the detector transmits data contention information to the health monitor of the ARINC-653 and the health monitor is within the ARINC-653 in the region where data contention occurred. And accessing a partition operating system (POS), wherein the step of healing data contention includes inserting a lock at the point where the contention occurred by an install lock operation and an incorrect operation by a remove lock operation. Removing the lock.
  • POS partition operating system
  • the process of inserting the lock or removing the lock protects an execution of a contention-free area in a thread to prevent another thread from intervening or to enforce a context switch or scheduling.
  • the healer healing the data contention further includes notifying the health monitor when the healer fails to heal the data contention and the health monitor further generating a new error handling code.
  • a contention healing system of a multi-threaded program detects data contention, a healer that cures contention-caused data, and a health that receives contention information from the detector and connects the contentioner with the healer.
  • An ARINC-653 module including a monitor, wherein the healer includes an install lock operator to insert a lock at a point where contention is detected and a remove lock operator to remove an erroneous lock.
  • ARINC-653-based aircraft computer system has the following effects.
  • 1 is an exemplary diagram of a multi-threaded program.
  • FIG. 2 is a diagram of an intended or expected execution process when executing the program shown in FIG.
  • FIG. 3 is an exemplary diagram in which data contention occurs due to unexpected execution when executing the program shown in FIG.
  • FIG. 4 is a schematic diagram illustrating a method of detecting data contention of a multithreaded program according to an embodiment of the present invention.
  • FIG. 5 is a diagram of a multithreaded thread thread labeling step of one embodiment of the present invention.
  • FIG. 6 is a diagram relating to an installation lock operation.
  • FIG. 7 is a diagram relating to a remove lock operation.
  • FIG. 8 is a flow chart illustrating a method of healing contention in a multithreaded program of one embodiment of the present invention.
  • FIG. 10 is a block diagram of a contention healing system of a multi-threaded program applied to ARINC-653 for an aircraft computer system according to one embodiment of the present invention.
  • a multithreaded program detector detects a data contention occurrence, an ARINC-653 calls a healer in a ARINC-653-based aircraft computer system, and a healer executes the data contention. There is a healing phase.
  • FIG. 4 is a schematic diagram illustrating a method of detecting data contention of a multithreaded program according to an embodiment of the present invention. As shown in FIG. 4, the detecting of the data contention is performed by generating a label on the thread and detecting the contention using the detection protocol.
  • FIG. 5 is a diagram of a multithreaded thread thread labeling step of one embodiment of the present invention.
  • the NR labeling technique is applied to generate a label that is a unique identifier that maintains concurrency information in each thread.
  • join count ⁇ represents the number of ancester threads associated with the critical threads from the initial thread.
  • the nested region is represented by ⁇ , ⁇ > and the spatial range of the thread is expressed by an integer.
  • the thread that has completed labeling is represented by [ ⁇ , ⁇ , ⁇ >].
  • the parent thread T has a join count of 1 and an inclusion region of ⁇ 1, 50>.
  • the maximum range of the nested area is the maximum integer that the computer system can express, and is assumed to be 50 simply for the sake of example. If you create a label for T1 and T2, there is a parent thread T of these two threads, so the join count is 1, and the nesting area is determined from the parent thread, so it is divided into ⁇ 1, 25>, and ⁇ 26,50>, respectively. Lose.
  • the threads T1 and T2 generate labels of [1, ⁇ 1,25>] and [1, ⁇ 26,50> in the nesting area of T for each thread as shown in FIG.
  • each of T and T1, T, and T2 does not satisfy the above conditions and is in a sequential relationship, and thus a contention cannot occur.
  • a protocol proposed by Dinning and Schonberg is used to detect contention occurrence using a detection protocol.
  • contention when contention may occur in T1 and T2 shown in FIG. 5, ⁇ w2-r3, r1 between ⁇ r1, w2 ⁇ in thread A and ⁇ r3, w4 ⁇ in thread B. -w4, w2-w4 ⁇ contention is detected.
  • Healing the data contention includes inserting a lock at the point where the contention occurred by an install lock operation and removing a wrong lock by a remove lock operation.
  • Fig. 6 is a view related to the install lock operation and Fig. 7 is a view related to the remove lock operation.
  • Inserting and removing locks ultimately removes or changes interleaving on the data, which protects the execution of other threads from interfering with or prevents the execution of other threads for safe execution of contentionable areas on a particular thread. ) Or to force scheduling.
  • the install lock operation is activated to insert a lock at the contention point as shown in FIG. 6 to prevent contention with data of other threads on the thread.
  • the remove lock operation is performed to remove the lock as shown in FIG. 7.
  • the new error handling code refers to operating a program by changing a lock position (a contention point) inserted by an install lock operation.
  • the remove lock operation is notified to the health monitor by displaying a healing anomaly, and the remove lock operation shown in FIG. 7 again. This operation removes the wrong lock, inserts a new lock by the install lock operation, and finally heals the contention of data.
  • FIG. 8 is a flow chart illustrating a method of healing contention in a multithreaded program of one embodiment of the present invention.
  • the detector when the detector goes through a step of searching for contention (S1) and when contention is detected on a multi-thread (S2), the detector informs the health monitor of the ARINC-653 of the contention fact (S3).
  • the health monitor accesses the partition operating system (POS) in the zone where the error occurs (S4).
  • the partition operating system calls the healer (S5) and the healer performs a data healing operation (S6). If the data contention is healed as a result of healing (S7), it is stored in a shared memory or a program is executed (S10). If the data contention is not cured, the health monitor is notified (S8). After generating the error handling code (S9), the healer operates the install lock operation and the remove lock operation again, and eventually heals data contention.
  • FIG. 10 is a block diagram of a contention healing system of a multi-threaded program in an ARINC-653 based aircraft computer system of one embodiment of the present invention.
  • a multi-threaded contention healing system includes a detector that detects data contention, a healer that heals data that has occurred, and a health monitor that receives contention information from the detector and connects the healer. Includes the included ARINC-653 module.
  • the healer includes an install lock operator that inserts a lock at the point where contention is detected and a remove lock operator that removes the wrong lock.
  • the ARINC-653 includes zones that perform independent functions, and each zone includes a separate operating system. It also includes a health monitor that functions to deliver data contention to the system in real time, the health monitor is connected to the detector and the healer.
  • FIG. 10 is a block diagram of a contention healing system at a partition level among levels of a process, a partition, and a module as a contention healing system of a multi-threaded program according to an embodiment of the present invention.
  • the detector monitors whether data contention occurs in the program during execution. It is connected to the health monitor of the interface to inform the contention occurrence.
  • the healer is called by the operating system and includes an install lock operator and a remove lock operator and is responsible for healing data contention. If the data contention is not cured, the health monitor is notified again, and the healing work for the contention healing is started repeatedly.
  • the healer may be given priority over other processes in the system when data contention occurs.
  • a system for detecting a contention of a data by a multi-threaded contention healing system and immediately healing data contention to prevent delay and error in program execution is a system for detecting a contention of a data by a multi-threaded contention healing system and immediately healing data contention to prevent delay and error in program execution.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

L'invention concerne un procédé et un système pour résoudre des concurrences d'un programme multifil dans un système informatique ARINC-653 pour un avion. Le procédé de résolution comprend les étapes suivantes : détection d'une concurrence de données du programme multifil à l'aide d'un détecteur de concurrences ; et résolution de la concurrence de données à l'aide d'un résolveur. Le système de résolution comprend : le détecteur pour détecter une concurrence de données ; un ARINC-653 contenant un moniteur de bonne santé pour raccorder le détecteur et le résolveur ; et le résolveur pour résoudre les données lorsqu'une concurrence de données se produit. Selon l'invention, les erreurs provoquées par les concurrences de données dans le programme multifil peuvent être détectées, et les erreurs détectées peuvent être immédiatement résolues. Ainsi, le retard d'exécution de programme provoqué par un arrêt du système peut être évité, et le programme multifil peut être utilisé de manière fiable.
PCT/KR2011/002056 2010-11-23 2011-03-25 Procédé et système pour résoudre des concurrences d'un programme multifil dans un système informatique arinc-653 pour un avion WO2012070727A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2010-0116992 2010-11-23
KR20100116992 2010-11-23

Publications (1)

Publication Number Publication Date
WO2012070727A1 true WO2012070727A1 (fr) 2012-05-31

Family

ID=46146050

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2011/002056 WO2012070727A1 (fr) 2010-11-23 2011-03-25 Procédé et système pour résoudre des concurrences d'un programme multifil dans un système informatique arinc-653 pour un avion

Country Status (1)

Country Link
WO (1) WO2012070727A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2581706A1 (fr) * 2011-10-14 2013-04-17 Thales Procédé de réinitialisation rapide pour dispositif de visualisation de planche de bord

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100322224B1 (ko) * 1998-02-04 2002-02-07 포만 제프리 엘 클라이언트/서버 컴퓨터 시스템에서 서버 내의 클라이언트 요청들의 디스패칭시에 시맨틱 동시 제어를 수행하는 장치 및 방법
KR20100006530A (ko) * 2008-07-09 2010-01-19 인터내셔널 비지네스 머신즈 코포레이션 경합을 줄이기 위한 윈도우 락

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100322224B1 (ko) * 1998-02-04 2002-02-07 포만 제프리 엘 클라이언트/서버 컴퓨터 시스템에서 서버 내의 클라이언트 요청들의 디스패칭시에 시맨틱 동시 제어를 수행하는 장치 및 방법
KR20100006530A (ko) * 2008-07-09 2010-01-19 인터내셔널 비지네스 머신즈 코포레이션 경합을 줄이기 위한 윈도우 락

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
HA, OK KYOON ET AL.: "An Efficient Tool for Verifying Races in OpenMP Directive Programs without Interthread Synchronization", JOURNAL OF KIISE: COMPUTING PRACTICES AND LETTERS, vol. 14, no. 3, May 2008 (2008-05-01), pages 301 - 305 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2581706A1 (fr) * 2011-10-14 2013-04-17 Thales Procédé de réinitialisation rapide pour dispositif de visualisation de planche de bord

Similar Documents

Publication Publication Date Title
KR101728581B1 (ko) 제어 컴퓨터 시스템, 제어 컴퓨터 시스템을 제어하는 방법, 및 제어 컴퓨터 시스템의 이용
US9336005B2 (en) Cooperative preemption
US7260749B2 (en) Hot plug interfaces and failure handling
US20130268798A1 (en) Microprocessor System Having Fault-Tolerant Architecture
EP3770765B1 (fr) Procédé et appareil de recouvrement d'erreur
PT94055A (pt) Memoria principal fisica unica compartilhada por dois ou mais processadores que execytam sistemas operativos respectivos
US5301311A (en) Control method for preventing incorrect reset of common resource and multicomputer system executing the method
US7734956B2 (en) Process management system
US20060282702A1 (en) Task management apparatus for control apparatus, input/output control apparatus, information control apparatus, task management method, input/output controlling method, and information controlling method
WO2012070727A1 (fr) Procédé et système pour résoudre des concurrences d'un programme multifil dans un système informatique arinc-653 pour un avion
Ha et al. On-the-fly healing of race conditions in ARINC-653 flight software
JPH09251443A (ja) 情報処理システムのプロセッサ障害回復処理方法
US20020147873A1 (en) Real time based system and method for monitoring the same
EP3629176B1 (fr) Circuit de détection de défauts doté d'un registre de progression et d'un registre de statut
US9274909B2 (en) Method and apparatus for error management of an integrated circuit system
US11467865B2 (en) Vehicle control device
Tai et al. VP: A new operation for semaphores
JP3423732B2 (ja) 情報処理装置及び情報処理装置における障害処理方法
WALTER MAFT-An architecture for reliable fly-by-wire flight control
KR102475879B1 (ko) Mdps mcu 코어 고장 감지 장치 및 방법
CN115964249A (zh) 一种嵌入式系统软件拦截程序设计系统及方法
WO2020105774A1 (fr) Dispositif et système de planification de multiples modules
CN105718326A (zh) 嵌入式系统的可恢复性测试方法
JPH04116762A (ja) スピン・ロック制御方式
JP2002108638A (ja) マイクロコンピュータのエラー検出方法及びエラー検出回路及びマイクロコンピュータシステム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11843869

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11843869

Country of ref document: EP

Kind code of ref document: A1