Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - Mitigating timing error propagation in mixed-criticality automotive systems
AU - Piper, T.
AU - Winter, S.
AU - Schwahn, O.
AU - Bidarahalli, S.
AU - Suri, Neeraj
PY - 2015/4/13
Y1 - 2015/4/13
N2 - For mixed-criticality automotive systems, the functional safety standard ISO 26262 stipulates freedom from interference, i.e., errors should not propagate from low to high criticality tasks. To prevent the propagation of timing errors, the automotive software standard AUTOSAR provides monitor based timing protection, which detects and confines task timing errors. As current monitors are unaware of a criticality concept, the effective protection of a critical task requires to monitor all tasks that constitute a potential source of propagating errors, thereby causing overhead for worst-case execution time analysis, configuration and monitoring. Differing from the indirect protection of critical tasks facilitated by existing mechanisms, we propose a novel monitoring scheme that directly protects critical tasks from interference, by providing them with execution time guarantees. Overall, our approach provides efficient lowoverhead interference protection, while also adding transient timing error ride-through capabilities. © 2015 IEEE.
AB - For mixed-criticality automotive systems, the functional safety standard ISO 26262 stipulates freedom from interference, i.e., errors should not propagate from low to high criticality tasks. To prevent the propagation of timing errors, the automotive software standard AUTOSAR provides monitor based timing protection, which detects and confines task timing errors. As current monitors are unaware of a criticality concept, the effective protection of a critical task requires to monitor all tasks that constitute a potential source of propagating errors, thereby causing overhead for worst-case execution time analysis, configuration and monitoring. Differing from the indirect protection of critical tasks facilitated by existing mechanisms, we propose a novel monitoring scheme that directly protects critical tasks from interference, by providing them with execution time guarantees. Overall, our approach provides efficient lowoverhead interference protection, while also adding transient timing error ride-through capabilities. © 2015 IEEE.
KW - Criticality (nuclear fission)
KW - Distributed computer systems
KW - Automotive software
KW - Automotive Systems
KW - Functional Safety
KW - Interference protections
KW - Mixed criticalities
KW - Potential sources
KW - Ridethrough capability
KW - Worst-case execution time analysis
KW - Errors
U2 - 10.1109/ISORC.2015.13
DO - 10.1109/ISORC.2015.13
M3 - Conference contribution/Paper
SP - 102
EP - 109
BT - 2015 IEEE 18th International Symposium on Real-Time Distributed Computing
PB - IEEE
ER -