• Home


• NEWS


• About ACROSS
• Workpackages
• Consortium
• Public Documents
• Events&Press
• Workshop 2012
• Program
• Cooperations
• Links
• Contact


• Partner Login
• Imprint


• Join the ACROSS LinkedIn Group

Workshop 2012 “A cross-domain approach for mixed-criticality integration based on heterogeneous MPSoCs”
January 24, 2012

Detailed Workshop Program

• A major design driver in ACROSS is composability, which enables the side-effect free composition of a larger system out of independently developed building blocks. In this talk, we will consider composability with a special focus on mixed-criticality integration. Mixed-criticality integration enables combining multiple functionalities of an embedded application within the same computation platform. This saves cost, weight, volume, and energy consumption and, if done correctly, increases the overall reliability since fewer cables and connectors are required. Without appropriate preconditions, the integration of mixed-criticality subsystems would lead to a significant and potentially unacceptable increase of certification efforts. The ACROSS MPSoC avoids the increased validation and certification effort by incorporating mechanisms that establish multiple partitions within the MPSoC with strict temporal and spatial separation between the individual partitions. With the proposed approach, applications with different levels of criticality can be placed in different partitions and can be verified and validated in isolation. In this presentation we will show how to manage complexity while keeping down the overall development effort.

• The ACROSS Multi Processor System on a Chip (MPSoC) is based on the GENESYS architectural blue print and thus offers a very pragmatic design approach for embedded systems. Due to the GENESYS architecture, employing several service layers, in particular the "core services", which are common to each design, the "optional services", which can be used if needed and the "domain specific services" referring to a particular industrial domain, the ACROSS MPSoC offers flexible devices based on building block components. Since these hardware and software building block components can be put together according to the individual requirements of a specific implementation, the ACROSS approach is suitable for cross domain application. The core services are coded in hardware and will be available for each application. The ACROSS approach relays on software based optional services and domain specific services providing a maximum level of flexibility. The embedded designer will make a selection of optional services needed and will either make use of a subset of domain specific services or will even add his own designs. The design concept of relying on a "trusted network" and a strict partitioning allows satisfying highest criticality levels such as RTCA DAL A and supports certification requirements of most industrial domains. The fact that strict partitioning is implemented allows mixing applications with different criticality levels on one and the same device or FPGA. Finally the approach of the ACROSS MPSoC platform including tools, middleware and hardware components provides an entire design and development library and development environment suited for each embedded design in any kind of industrial environment.

• This talk describes the tool-supported ACROSS development methodology from the point-of-view of an application engineer who is designing and implementing a set of functions on the ACROSS MPSoC platform. For the realization of a cross-domain methodolody for MPSoCs, three workflows have been defined. The workflows are at increasing levels of abstraction and built incrementally onto each other. Workflows residing at a higher level of abstraction also offer more integration and provide more powerful means of automation. The "tool-supported service configuration" workflow provides support for the configuration of the ACROSS platform (MPSoC and software stack). The workflow "model-driven design with automatic code generation" comprises generic and domain-specific models for the description of the application. They serve as an input for the application code and the platform configuration generators. Lastly, the "simulation and verification" workflow covers methods and tools that allow the developer to analyze system properties at different stages of the development cycle. A representative example from the domain of industrial automation illustrates the applicability of the developed methods.

• The automotive domain has to respond to the challenges of growing complexity where different components are controlled by separate units (xCUs). The effort for development and validations of such a system (eg. hybrid control strategy) includes to capture the overall vehicle behaviour which is a result of the interaction of all involved subsystems. The ACROSS MPSoC architecture allows the implementation and execution of optimization algorithms which are running in real-time and directly on the chip. The results of the optimization are e.g. new parameters for the hybrid control strategy in order to optimize the whole system performance. The expected benefit focuses on the development and integration process and thus reduce the validation time and its associated costs.

• The Aerospace Domain is characterized by stringent dependability requirements, and the ACROSS platform is a sound candidate for the provision of basic services upon which a system engineer can design dependable aerospace systems and applications. This presentation will show two complementary examples of the exploitation of the ACROSS platform in the aerospace domain: Civil Aviation Products and Cooperative Unmanned Aerial Systems. Civil aviation is well known for its stringent safety requirements and safety procedures, which regulate nearly every life cycle aspect of an aeronautic product. The huge technological progress in the electronics industry allows integrating more and more formerly separated avionic functions into a single electronic device. One of the major challenges is thereby, to deal with the increased product complexity as well as to proof adequate degrees of functional independence and segregation. Especially for mixed-criticality systems, this can easily become an unsolvable task. In our presentation we will point out some of the specific challenges that the avionics industry faces today and will discuss the potential solutions that the ACROSS approach can provide for those needs. Nowadays, Unmanned Aerial Systems (UAS) can be considered a key asset for homeland security systems and their adoption for critical roles is more and more increasing with the availability of innovative capabilities such as: autonomy, cooperation, swarm behaviors. The adoption of squads of cooperating autonomous UASs requests for stringent requirements addressing predictability, reliability, scalability, and interoperability. This speech will describe the BEE platform, which is under development by SSI, as an ACROSS-based product for a real-time, safety critical multi-robot system. The BEE platform is based on the OMG Real-Time Data Distribution Services and will exploit the ACROSS platform services to achieve the above mentioned key requirements. A cooperative multi-robot system for homeland security operations will be described as an example of the adoption of the BEE platform in a heterogeneous, network-centric system including both ACROSS and commercially available platforms.

• The ACROSS reference architecture implements a novel spatial and temporal segregation for multi core embedded systems which also satisfies the requirements of industrial control applications (e.g. performance, power dissipation, etc.). The steadily increasing demand for compute performance of those systems is not the only driver for multi core platforms which are currently addressed mainly by tightly coupled symmetric multiprocessing architectures. There are also regulations like IEC61508 for functional safety in place which require separation of functionalities to eliminate any kind of interference. The talk will present how a typical industrial control application can be mapped onto the ACROSS reference platform taking advantage of temporal and spatial segregation.

• RECOMP stands for "Reduced Certification Costs Using Trusted Multi-core Platforms" and is a European funded project from ARTEMIS JU. The project started April 1st of 2010 and has duration of 36 months. This talk will present the current results of the RECOMP project. The goal of RECOMP is to establish methods, tools and platforms for enabling cost-efficient certification and re-certification of safety-critical systems and mixed-criticality systems, i.e. systems containing safety-critical and non- safety-critical components. RECOMP recognizes the fact that the increasing processing power of embedded systems is mainly provided by increasing the number of processing cores. The increased numbers of cores is commonly regarded as a design challenge in the safety-critical area, as there are no established approaches to achieve certification. At the same time there is an increased need for flexibility in the products in the safety-critical market. This need for flexibility puts new requirements on the customization and the upgradability of both the non-safety and safety-critical critical part. The difficulty with this is the large cost in both effort and money of the re-certification of the modified software, which means that companies cannot fully leverage the advantages of modular software system. RECOMP will provide reference designs and platform architectures together with the required design methods and tools for achieving cost-effective certification and re-certification of mixed-criticality, component based, multi-core systems. The aim of RECOMP is to define a European standard reference technology for mixed-criticality multi-core systems supported by the European tool vendors participating in RECOMP.

• The ACROSS MPSoC establishes a platform for the design and implementation of dependable monolithic real-time systems. Synergistic services and more efficient economic processes can be realized by the integration of many monolithic systems into a System-of-Systems (SoS). In a system-of-systems a given problem is partitioned into a number of sub-problems. The solution of a sub-problem is delegated to an autonomous system that is free to select the solution process and must provide its solution within a given deadline. A key issue in the design of SoS is the precise specification of the interfaces among the autonomous system. Since the ACROSS architecture provides mechanisms for the precise specification of interfaces in the domains of value and time, it is ideally suited for the integration into a system-of-systems context.