European Mixed-Criticality Cluster

Motivation

Modern embedded applications already integrate a multitude of functionalities with potentially different criticality levels into a single system and this trend is expected to grow in the near future. Further, Europe is facing a once in a lifetime challenge with the advent of multicore and the potential to integrate in a single platform systems with different levels of dependability and security, known as mixed-criticality systems integration. Without appropriate preconditions, the integration of mixed-criticality subsystems based on multi- and many-core processors can lead to a significant and potentially unacceptable increase of engineering and certification costs.

The MCC Cluster

The EU FP7 projects CONTREX, DREAMS and PROXIMA collaborate in an European Mixed-Criticality Cluster (MCC) and closely work together in terms of identification of future challenges in the design and development of mixed-criticality multicore systems, join dissemination activities activities, and where possible exploring techniques to attach those challenges. In addition to the MCC there are several ongoing research initiatives studying mixed-criticality integration in multicore processors including the MultiPARTES, parMERASA and P-SOCRATES project. Some of the key challenges to be tackled include the combination of software virtualization and hardware segregation and the extension of partitioning mechanisms jointly addressing significant extra-functional requirements (e.g., time, energy and power budgets, adaptivity, reliability, safety, security, volume, weight, etc.) along with development and certification methodology.

  • Timing: the foundations for enabling integrated mixed-criticality multicores systems are mechanisms for temporal and spatial partitioning, which establish fault containment and the absence of unintended side effects between functions
  • Certification: Certification is key to enable exploitation of results in certain application domains such as railways or energy
  • Extra-functional properties: The specific properties that must be satisfied by embedded systems include timeliness, energy efficiency of battery-operated devices, dependable operation in safety-relevant scenarios, short time-to-market and low cost in addition to increasing requirements with respect to functionality.
  • Development methods: State-of-the-art model-based design methods still lack of explicit support for modelling mixed-criticality of applications. Support for spatial and temporal segregation properties at the resource allocation or platform view and for the static or dynamic application to computation, memory and communication resource mapping is required.

    MCC members

    In a following, a short description of the other projects and links to their project website are given.

    DREAMS

    Based on the strong foundation in European and national initiatives, DREAMS will establish a European reference architecture for mixed-criticality systems by consolidating and extending platform technologies and development methods. DREAMS will leverage multi-core platforms for a hierarchical system perspective of mixed-criticality applications combining the chip- and cluster-level. DREAMS will deliver architectural concepts, meta-models, virtualization technologies, model-driven development methods, tools, adaptation strategies and validation, verification and certification methods for the seamless integration of mixed-criticality to establish security, safety, real-time performance as well as data, energy and system integrity. The objective of DREAMS is a cross-domain architecture supporting multiple application domains (e.g., avionics, wind power, healthcare).

    CONTREX

    The availability of predictable computing platforms and mechanisms for segregation between applications of different criticalities sharing computing resources enable techniques for the compositional certification of mixed-criticality systems. CONTREX complements ongoing activities in the real-time and safety domain with analysis and segregation for extra-functional properties with a focus on power, temperature, and reliability. Mastering these properties is extremely important for scaling up the number of applications per platform and the number of cores per chip, in battery-powered devices, or for switching to smaller technology and cost-effective nodes. CONTREX will enable energy efficient and cost aware design through analysis and optimization of real-time, power, temperature and reliability with regard to application demands at different criticality levels. The CONTREX approach is integrated into existing model-based design methods customized for different application domains and target platforms, particularly on the requirements derived from the automotive, aeronautics and telecommunications domain. It will evaluate its effectiveness and drive integration into existing standards for the design and certification based on three industrial demonstrators. CONTREX economic goal is to improve energy efficiency by 20 % and to reduce cost per system by 30 % due to a more efficient use of the computing platform.