Integration of Generic Operating Systems in Partitioned Architectures (presentation)

Copyright © 2008-2009 Navigators - LASIGE – FCUL

Integration of Generic

Operating Systems in

Partitioned Architectures

João Pedro Gonçalves Crespo Craveiro

Supervisor: Prof. José Rufino

Provas públicas do

Mestrado em Engenharia Informática22 September 2009, Lisbon, Portugal

1-2

João Craveiro, LaSIGE/FCUL, Portugal <[email protected]>

Provas públicas do Mestrado em Engenharia Informática


Outline

• Aerospace applications: concepts

• AIR: ARINC 653 In Space RTOS

• Improving the AIR Technology

– AIR POS Adaptation Layer

– Enhanced timeliness mechanisms

• Integration of generic operating systems

– Case study: (Embedded) Linux

• Concluding remarks and future work

2

1-3












3

1-4




ARINC 653 specification

• Important part of IMA– Partition environment

– Multiple functions, of

different criticality levels

– Shared computing platform

• Standard interface

between application

software and

operating system

4

Partition management, process management, time management,

inter- and intrapartition communication, health monitoring

Optional services (ARINC 653 Part 2)

1-5




Temporal and spatial

segregation

• Temporal segregation– Activities in one partition do not interfere with the

remaining partitions

– Fixed cyclic scheduling of partitions

• Spatial segregation– Applications in one partition cannot access memory

zones outside that partition

5

1-6












6

1-7




IMA/ARINC 653 in space

• Space industry players, ESA:– Identified similarities between the requirements of

space and aeronautical apps

– Established requirements for the employment of the

IMA concepts in space

– No major technological feasibility impairments identified

• Following the interest of ESA:– Proof of concept

– Demonstration of feasibility

7

AIRARINC 653 In

Space RTOS

1-8




AIR system architecture

8

• Time and space partitioning

• Two-level hierarchical scheduling

• Hardware and OS independence

• Different OSs among partitions

1-9





AIR PMK

• Fixed cyclic partition scheduling (first level)– Second level (process): native partition OS process

scheduler

• Partition dispatching– Notify heir partition of clock ticks elapsed while it was

inactive

– Partition context save and restore

• Mode-based schedules (NEW)

9

1-10





APEX and AIR HM

• Flexible Portable APEX– Services defined in ARINC 653

– Generic OSs: only subset of the APEX services

• Management/monitoring, interpartition communication

• AIR Health Monitoring (HM)– Responsible for handling HW/SW errors

– Isolate errors within domain of occurence

• Process

• Partition

• System

10

1-11




Time and space partitioning

Time partitioning

• Two-level hierarchical

scheduling

• Fixed cyclic partition

scheduling, RTOS

process scheduling

Space partitioning

• High-level processor-

independent abstraction

• Mapping of high-level

partition description to

low-level mechanisms

11

1-12












12

1-13




AIR POS Adaptation Layer

13

• Evolved from a paravirtualization layer below the POS

• Identified requirement for integration of generic OSs

• Confirmed observation that partitions hosting RTOSs

would also benefit from its presence

1-14





Flexible POS integration

• POS-independent PMK1. POS initialization procedures

2. Interface with AIR PMK

components (e.g. partition

scheduler/dispatcher)

• APEX3. Map sys calls onto POS or

AIR-specific services

• HM4. Triggered by raising

exception

14

1-15





Development process

• Separation of

concerns

• Reusable building

blocks

• Less time spent on

interactions

• Modifications

restricted, better

validation efforts

15

1-16




Enhanced timeliness mechanisms

Mode-based schedules

• Adaptation to different

modes/phases of

operation

• Accomomodation of

component failure

• Schedule change only

becomes effective at

the end of the MTF

16

1-17




Enhanced timeliness mechanisms

Process deadline monitoring

• Process may miss

deadline when

partition inactive– Operational fault

– Uncertain WCET, partition

windows underdimensioned

• Only earliest

deadlines verified,

right after clock tick

update

17

1-18




Demo

18

1-19












19

1-20




Integration of generic

operating systems

• Motivation:– Application portability

• Interpreted / scripting languages

– Hardware interface / device driver availability

• Case study – (Embedded) Linux:– Open source

– Portable (processor architectures, HW configurations)

– Modular and configurable

– Soft real-time developments

20

1-21




Embedded Linux

21

• Approach:

– Configuration of a vanilla Linux kernel

• Portability/maintainability

– Smaller system library (uClibc)‏

• Optimized /trimmed implementations

– Provision of standard commands more efficiently (BusyBox)‏

• Optimized/trimmed implementations

• Single executable file

1-22




Embedded Linux

Overall results

• Linux kernel 2.6

• uClibc

• Busybox (system

tools)

Entire Linux OS fitting

in less than 2 MiB

22

Will coexist with other POSs and reside always in memory

1-23




Integration of Linux in AIR

Paravirtualization in Linux

• Temporal partitioning

ensurance inherent– But Linux can still

undermine it

• Paravirtualization– Not all ISAs fully

virtualizable

• VMI / paravirt-ops– Allows same kernel to run

either natively or as

paravirtualized guest

23

1-24




Integration of Linux in AIR

Linux partition and AIR PAL

• In AIR, AIR PAL will

provide the VMI layer

to the POS

• Interactions with the

AIR PMK when

required

24

1-25












25

1-26




Concluding remarks (I)

• New component, AIR PAL, allowing:– stable POS-independent AIR PMK

– homogenous POS integration;

– better development process workflow

• Advanced timeliness adaptation and

monitoring mechanisms– absent in other ARINC 653/TSP solutions, both

opensource‏(XtratuM)‏and‏commercial‏(Wind‏River’s‏

VxWorks 653)

26

1-27




Concluding remarks (II)

• Study of Linux as a generic non-RT POS in

AIR– Embedded approach yields encouraging results, given

the POS coexistence in memory

– Proposal of paravirtualization mechanisms to

guarantee Linux does not compromise TSP-related

safety

– Implementation of AIR prototype complete with a

Linux partition was deemed incompatible with the

duration of the project

27

1-28




Future work

• Direct follow-ups– Prototype implementation (IA-32, SPARC)

– Extend to other generic POSs, like Windows (WRK)

• Consolidate/extend TSP support– Integrate interactions with environment, via

sensors/actuators

• TSP scheduling and multicore– Working plan approved for funding through an

Individual Doctoral Grant from FCT

28


Questions?

João Craveiro

LaSIGE/FCUL, Lisboa, Portugal

Homepage: http://lasige.di.fc.ul.pt/~jcraveiro/

E-mail: [email protected]

More information:

• AIR projects website, at http://air.di.fc.ul.pt• J. Craveiro, J. Rufino, C. Almeida, R. Covelo, and P.‏Venda,‏“Embedded Linux in a partitioned

architecture for aerospace applications,”‏in‏Proc. 7th ACS/IEEE Int’l Conf. on Computer

Systems and Applications, Rabat, Morocco, May 2009.

• J. Rufino, J. Craveiro, T. Schoofs, C. Tatibana,‏and‏J.‏Windsor,‏“AIR Technology: a step towards

ARINC 653 in space,”‏in‏DASIA 2009 "DAta Systems In Aerospace" Conference, Istanbul, Turkey,

May 2009.

• J. Craveiro, J. Rufino, T. Schoofs,‏and‏J.‏Windsor,‏“Flexible Operating System Integration in

Partitioned Aerospace Systems,”‏in‏INForum 2009 – Simpósio de Informática, Lisbon, Portugal,

Sep. 2009. (Nominated for Best Student Paper award)

http://lasige.di.fc.ul.pt/~jcraveiro/

mailto:[email protected]

http://air.di.fc.ul.pt/