Hybrid Real Time Systems Scheduling with Safe Interrupt Handling

Transcription

1 11th Brazlan Workshop on Real-Tme and Embedded Systems 13 Hybrd Real Tme Systems Schedulng wth Safe Interrupt Handlng Gustavo A. F. B. Melo, Sérgo V. Cavalcante Centro de Informátca Unversdade Federal de Pernambuco (UFPE) CEP Recfe PE Brazl Abstract. Hybrd event and tme-trggered real-tme systems try to brng the best of both separate approaches. However ths mxed model results n some problems as well. In partcular, the lack of fault tolerance n nterrupt handlng comes wth the event trggered part. Ths work proposes the adaptaton of a fault tolerance method for hybrd systems whch makes nterrupt handlng safe by avodng early sporadc tasks actvatons. A case study s presented at the end of the paper. 1. Introducton Bascally, hard real-tme system schedulng s done by means of two approaches. The tme-trggered concept s based on the precse constructon of a tasks actvaton tme lst pror to the runtme defnng whch task s executed at each tme unt. Well known researches n ths area are Xu and Parnas (1990) and Kopetz (1991). Ths approach s very helpful n the development of very robust and stable systems. However, the constructon of such an agenda s not suted to those systems that are senstve to envronmental events where the nstant of task actvaton s not well defned. In these cases, an event-trggered approach s more approprate. In ths case, the exact order of actvaton of each task s not known durng the desgn, beng defned by the scheduler at runtme. Some methods that follow ths reasonng are the rate monotonc [Lu and Layland 1973] and the deadlne monotonc [Leung and Whtehead 1982]. These onlne schedulng methods provde better support for ths type of system, but elmnate the temporal behavor predctablty and robustness nherent n the tmetrggered approach. That can be a problem for hghly crtcal systems wth complex applcaton constrants, such as precedence and mutual excluson relatons and low jtter requrements [Xu and Parnas 2000]. In order to tackle ths ssue, several technques referrng to hybrd approaches that mx pre-runtme algorthms wth onlne algorthms have been developed. Many results have proven to be effectve, jonng the predctablty and robustness of one wth the fast envronment response handlng of the other. Nevertheless, the event-trggered sde n hybrd schedulng of tasks can compromse the robust feature related to the offlne approach. One example s the sensor falure problem mentoned by Poledna (1995), whch may cause early actvaton of nterrupts. Ths work proposes to adapt Poledna s technque to hybrd schedulng approaches n order to obtan safe nterrupts handlng n hghly crtcal systems. In partcular, t s shown the applcablty n the hybrd system proposed by Sandström et al. (1998).

2 14 11th Brazlan Workshop on Real-Tme and Embedded Systems Secton 2 of ths paper descrbes the system n whch the schedulng s used. Secton 3. gves an overvew of hybrd schedulng algorthms and some detals of Sandström s algorthm. In secton 4. a soluton to the problem of early actvaton of sporadc tasks s presented to the algorthm descrbed n secton 3. A case study s offered at secton 5, showng smulaton of the soluton proposed. Fnally, secton 6. provdes general conclusons and future works. 2. System Descrpton and modelng Ths paper has focused on real-tme crtcal systems that have perodc tasks and are able to handle sporadc tasks. All the tasks run n just one processor. Perodc tasks are actvated n a regular nterval followng an nfnte sequence. Those are specfed by: perod T, worst case computng tme C, release tme rt and deadlne dl. Moreover, they can have relatons of precedence, mutual excluson and relatons of communcaton between them. Sporadc tasks are a subclass of aperodc tasks, by nhertng random feature of ther actvatons. The term sporadc means that the tasks present a known mnmum nterval between two consecutve actvatons. Those are modeled as nterrupts whch rase for sgnng the occurrence of events. Sporadc tasks are defned by: mnmum nterval between actvatons T, worst case computng tme C and deadlne dl. 3. Hybrd Schedulng The concept of tme-trggered (TT) s temporal accuracy centered [Kopetz 1998]. Tasks of TT systems are actvated at well defned nstants. Ths precson, obtaned n desgn tme, makes the system to have a hgh level of behavor predctablty. It brngs a great robustness. In a purely event-trggered (ET) system all the actvtes are ntated by the occurrence of events. In ths case, event means every ntern or extern state change whch needs to be handled by the computatonal system [Kopetz 1991]. Usually, n embedded real-tme systems, events are sgned through processor nterrupt mechansms. Ths feature makes the system more flexble to deal wth the envronment, whch s almost always dynamc. These approaches are so dfferent, but they are not exclusve optons [Young and Shu 1996]. Hybrd algorthms try to jon the best of both worlds to handle a set of mxed tasks, perodc and aperodc, whch also can be seen as tme-trggered and eventtrggered. The predctablty of TT systems aggregate to the flexblty of ET models provdes an effcent way to desgn crtcal systems. The jont approaches can tackle the problem of aperodc tasks n TT algorthms wth more flexblty, and even mprove the schedulablty of ET technques lke prorty schedulng [Xu and Parnas 2000]. A few hybrd algorthms are showed n the next topc Hybrd Approaches Mok (1984) approach s the smplest one to schedule perodc and sporadc tasks n the same system. It conssts n modelng sporadc tasks as perodc [Cavalcante 1997] and usng a pre-runtme scheduler to generate the tasks actvatons agenda. Ths method s very smple, allows complex constrants relatons and s completely predctable,

3 11th Brazlan Workshop on Real-Tme and Embedded Systems 15 optmum for crtcal systems. Nevertheless, a sporadc task wth tght deadlne causes a very hgh overhead, makng the system unvable. Moreover, processor utlzaton decreases sgnfcantly. Sprunt et al. (1989) technque uses a perodc server to handle aperodc requests. The server s scheduled along wth other perodc tasks. When the server task s executed t handles the requested aperodc tasks queue, ordered ndependently of perodc tasks queue. Ths approach s often used n fxed prorty schedulng (onlne) [Lu and Layland 1973, Leung and Whtehead 1982]. Sprunt et al. algorthm presents a good response tme to sporadc tasks, compared to other onlne methods, but that s not enough fast to handle very short deadlne tasks. Ths technque mprove the processor utlzaton by usng event-trggered schedulng, however t results n a hgh overhead and s not able to schedule perodc tasks wth complex constrants relatons. Sandström et al. (1998) presents a way to ntegrate pre-runtme schedulng of perodc tasks and handlng of nterrupts wth mnmum tme between actvatons. The key dea of ths algorthm s allowng nterrupts preempt perodc tasks and guaranteeng the system tme constrants n desgn tme by response tme analyss [Joseph and Pandya 1986] takng account of delays caused by nterrupts. Snce perodc tasks are scheduled offlne they can have complex constrants relatons. The overhead s low as t s not necessary routnes to actvate each task. However ths approach s not so flexble to handle sporadc tasks wth lower prortes than perodc tasks. Interrupt nterference on response tme results n less processor utlzaton. Isovc and Fohler (1999) algorthm handle sporadc tasks n tme-trggered dstrbuted systems. Ths approach conssts n an offlne sde whch executes a schedulablty test and an onlne sde that makes the decson of whch task wll start to execute n whch tme unt and takes care of spare capactes [Fohler 1995] mantenance. That technque guarantees complance wth tasks tme constrants n desgn tme. The algorthm also s concerned to handlng of soft real-tme aperodc tasks, ncreasng practcal processor utlzaton. It has the dsadvantage of a very hgh overhead caused by ts onlne characterstc. Mäk-Turja et al. (2005) work presents a hybrd schedulng wth response tme analyss of dynamcally scheduled tasks. The dea s choosng the schedulng model (onlne or offlne) not for the whole system, but for each task. Ths approach also deals wth nterrupts by usng Sandström et al. algorthm to schedule them along wth the tasks to be scheduled statcally. There s better processor utlzaton due to dynamcally scheduled tasks. Nevertheless the system overhead ncreases. Takng nto account the system descrbed n secton 2., sporadc tasks wth short deadlne and hgher prorty than perodc tasks, the more approprate approaches are Sandström et al. and Mäk-Turja et al. Amng smplcty and easness of mplementaton, the chosen algorthm s Sandström et al. The next secton shows ths algorthm n more detal Sandström s Algorthm Tasks are organzed n chans, n whch tasks of each chan are executed n sequence. Every chan has a start tme st ndependent of the end of the other chans, whch makes possble preempton between chans. Fgure 1 shows how the schedule s arranged n

4 16 11th Brazlan Workshop on Real-Tme and Embedded Systems chans. There are three chans: chan1 wth three tasks and st=0, chan2 wth two tasks and st=1000 and chan3 wth two tasks and st=3000. Fgure 1. Representaton of schedule n chans At frst a pre-runtme scheduler creates a dspatch lst, based on the representaton of chans, for perodc tasks. The n th task of a chan can be modeled as a task whose computng tme s the sum of the computng tme of the n tasks. Then, calculate the end tme of the task usng the exact response tme analyss [Joseph and Pandya 1986]. Interrupts are attrbuted as hgher prorty tasks and crtcal tme for analyss s the start tme of the chan, assumng all tasks n the chan are actvated at the same tme. However, takng nto account the preempton between chans, the analyss becomes more complcated. The delay mposed by the preemptng chan on the preempted chan must be consdered. The computng tme of all tasks n the preemptng chan are added to the calculaton, snce the preempted task only resumes after the whole preemptng chan fnshes. Consequently the nterference of nterrupts on ths chan nfluences the response tme analyss of the task under analyss. R =, where: The worst case response tme calculaton of task n the chan ch s gven by: noftask ( p) Cch, n + C p, m + = = Cnterrupt n 1 p c( R ) m 1 nterrupt T nterrupt C a,b s the computng tme of task b n chan a; R c(r ) s the set of all chans p n whch p ch and st(ch) < st(p) (R + st(ch)), that means all the chans whch preempt or any of ts predecessors n ch; noftask(p) s the number of tasks n chan p. Ths algorthm has an teratve nature. The value of R (t+1) s updated by R (t) value accordng to the equaton. The ntal value s R (0) = 0. When R converges (R (t+1) = R (t)) the result s reached. If the worst case response tme of each task s less than or equal to ts deadlne then the schedule s vald.

5 11th Brazlan Workshop on Real-Tme and Embedded Systems Hybrd Schedulng Improvements Most embedded systems need to handle nterrupts and, as we have seen, there are methods to do ths wthout compromsng the tme constrants of other tasks. But ths feature can brng some dffcultes. Poledna (1995) ntroduced the problem, n event-drven systems, wth falure of sensors, whch can generate a burst of nterrupts, makng the system does not meet ther tme constrants. For pre-runtme systems ths fact mght prejudce the predctablty nherent to the offlne approach. Poledna also presented, for systems wth fxed prorty schedulng, a way to lmt the actvatons of sporadc tasks and to detect sensors falure. After the executon of the nterrupt, t s dsabled. For each nterrupt a new task s created. It s role of ths new task enable nterrupt agan after the tme necessary to complete the mnmum tme between nterrupt actvatons. Based on Poledna's technque for onlne schedulng, we propose a soluton to be appled to hybrd schedulng of tasks. So the rest of ths secton descrbe Sandström et al. (1998) algorthm modfed to provde safe handlng of nterrupts n offlne schedules of perodc tasks. Every nterrupt s replaced by a task and a task. The task s responsble for executng nterrupt routne and s extended by a routne f whch dsables the nterrupt and program actvaton of task. The latter has the role of detectng early actvaton of the nterrupt and re-enablng t. The task mght be mplemented to not enable the nterrupt f a threshold of early actvatons s exceeded. C = C + C T = T dl = dl + The task s modeled as follows: f C f The task s defned by the followng characterstcs: C depends on mplementaton rt = rt + T C dl depends on mplementaton After realze ths process for each nterrupt the system s ready to be scheduled. Takng nto account the changes descrbed above for each nterrupt, t s necessary to change some ponts n the modelng to ft t to the hybrd schedulng technque. The tasks and are nterrupts whch are closely lnked. Snce for each task one task s actvated, we can model them as a sngle nterrupt ' wth the followng propertes: C = C + C T = T = T

6 18 11th Brazlan Workshop on Real-Tme and Embedded Systems d l = dl + C Fgure 2. Safe handlng of nterrupts It s assumed that the nterrupts may have dfferent levels of prorty between them. Thus, t s necessary to test whether each nterrupt ' has not mssed ts deadlne, from the worst case where all nterrupts wth hgher prorty than ' are actvated at the same tme as t. The test s done from hghest to lowest prorty nterrupt. The algorthm works as follows: R ( ) = C + C j, where hp(') s the set of nterrupts modeled from jont of tasks e j hp( ), wth hgher prorty than '. If R(') > dl ' then the nterrupt cannot be scheduled. Hence, an offlne schedulng algorthm generates a schedule from the set of perodc tasks. For every nstance of a task s created a chan wth start tme equal to the release tme of the task nstance, accordng to the schedule produced. The schedulng algorthm of Sandström et al. s then performed for the set of chans and set of tested nterrupts. The results of the proposed method are presented n the next secton through a case study. 5. Case Study The system s an automotve motor rotaton control. The rotaton s measured through a sensor that generates a pulse for each revoluton of the motor. Ths pulse rases an nterrupt I0. The task T0 s responsble for calculate the pulse frequency. A task T1 controls the maxmum rotaton by cuttng the fuel njecton f the rotaton measurement reaches the threshold. Task T2 records n a flash memory the occurrence of rotaton lmt exceedng. Ths experment ams to llustrate the method of safe nterrupt handlng for hybrd schedulng, proposed n the prevous secton. Tasks and nterrupts to be scheduled are specfed n Table 1 and Table 2, respectvely. The result of schedulng can be seen n Fgure 3.

7 11th Brazlan Workshop on Real-Tme and Embedded Systems 19 Table 1. Perodc tasks Attrbutes Perodc tasks T0 T1 T2 C dl T Table 2. Interrupts Attrbutes Interrupts I0 C 1 dl 2 T 10 Rotaton pulses rase nterrupts whch are mmedately executed and actvate the correspondng task, whch dsables the nterrupt. Task re-enables I0 at the rght nstant, controllng the mnmum tme between actvatons, as descrbed n secton 4. The overhead s ncreased due to the actvaton of addtonal tasks, but the temporal behavor of the other tasks becomes guaranteed. Fgure 3. Safe handlng of nterrupts Lets assume the rotaton sensor fals at t=30 and t=41. At tme t=6 nterrupt I0 s rased and the task s executed, dsablng the nterrupt. After the mnmum tme between actvatons of I0 the task start runnng for re-enablng nterrupt. When the tmelne acheves t=24 I0 executes agan. Other nterrupt occurs at t=30 because of the falure, however t has been dsabled. At t=33 fnds the frst undue actvaton of I0 and dsables the nterrupt. The sensor fals the second tme at t=41 and s notced by at t=45, whch dsables the nterrupt I0 untl system reset. Ths fact confrms the effectveness of the proposed feature n the method. 6. Concluson Hybrd schedulng concept on real-tme systems has become more and more focus of studes. The possblty of ntegratng the best of both tme-trggered and event-trggered approaches, wth respect to schedulng, s somethng very nterestng. It may make the system predctable whle flexble.

8 20 11th Brazlan Workshop on Real-Tme and Embedded Systems We brought many exstng approaches, wth the capacty of schedulng perodc tasks along wth sporadc tasks, whch guarantee tasks constrants durng desgn. They were explaned and analyzed. The exstence of event-trggered nature n hybrd schedulng brngs a typcal problem of that model, early actvaton of nterrupts, usual to sensor falure. Poledna (1995) has rose ths dffcult and presented a soluton to onlne schedulng systems. Ths work proposed a way to adapt Poledna s fault tolerance method to Sandström et al. (1998) hybrd schedulng and handle nterrupts safely. Our soluton allows creatng an envronment to desgn predctable systems, wth flexblty to handle nterrupts n a safe way by guaranteeng tme constrants of the realtme system. The case study showed how the proposed technque can be effectve to solve early nterrupt actvatons problem. As future work, Mäk-Turja et al. (2005) hybrd algorthm may be addressed to nclude the safe nterrupt handlng, allowng the schedulng of sporadc tasks wth lower prorty than perodc tasks and obtanng tghter response tmes n schedulablty tests. Other study that s able to come from ths work s hybrd schedulng for hard real-tme multprocessor systems, whch are very common and deserve attenton. References Xu, J. and Parnas, D. (1990) Schedulng processes wth release tmes, deadlnes, precedence and excluson relatons, In: IEEE Transactons on Software Engneerng, Vol. 16, No. 3, pp , March Kopetz, H. (1991) Event-Trggered Versus Tme-Trggered Real-Tme Systems, In: Proceedngs of the Internatonal Workshop on Operatng Systems of the 90s and Beyond, pp , July Lu, C. L. and Layland, C. L. (1973) Schedulng Algorthms for Mult-programmng n a Hard Real-Tme Envronment, In: Journal of the Assocaton for Computng Machnery, Vol. 20, pp Leung, J. Y. T. and Whtehead, J. (1982) On the complexty of Fxed-Prorty Schedulng of Perodc, Real-Tme Tasks, In: Performance Evaluaton, Vol. 2, No. 4, pp , December Xu, J. and Parnas, D. L. (2000) Prorty schedulng versus pre-run-tme schedulng, In: Real-Tme Systems Journal, Vol. 18, No. 1, Poledna, S. (1995) Toleratng Sensor Tmng Faults n Hghly Responsve Hard Real- Tme Systems, In: IEEE Transactons on Computers, Vol. 44, No. 2, Sandström, K., Erksson, C. and Fohler, G. (1998) Handlng Interrupts wth Statc Schedulng n an Automotve Vehcle Control System, In: Proceedngs of the 1998 Real-Tme Technology and Applcatons Symposum, Hroshma, Japan, October Mok, A. K. (1984) Desgn of real-tme programmng systems based on process models. In: Proceedngs of Real-Tme Systems Symposum, pp. 5-17, 1984.

9 11th Brazlan Workshop on Real-Tme and Embedded Systems 21 Cavalcante, S. V. (1997) A Hardware-Software Codesgn System for Embedded Real- Tme Applcatons. PhD Thess, Department of Electrcal and Electronc Engneerng, Unversty of Newcastle, Sprunt, B., Sha, L. and Lehoczky, J. (1989) Aperodc Task Schedulng for Hard Real- Tme Systems, In: The Journal of Real-Tme Systems, Vol. 1, pp , Joseph, M. and Pandya, P. K. (1986) Fndng response tmes n a real-tme system, In: The Computer Journal, Vol. 29, No. 5, Isovc, D. and Fohler, G. (1999) Handlng Sporadc Tasks n Off-lne Scheduled Dstrbuted Real-Tme Systems, In: Proceedngs of 11 th Euromcro Conference on Real-Tme Systems, Fohler, G. (1995) Jont schedulng of dstrbuted complex perodc and hard aperodc tasks n statcally scheduled systems, In: Proceedngs of 16 th Real-tme Systems Symposum, Mäk-Turja, J., Hännnen, K. and Noln, M. (2005) Effcent Development of Real- Tme Systems Usng Hybrd Schedulng, In: Proceedngs of the Internatonal Conference on Embedded Systems and Applcatons, Kopetz, H. (1998) The Tme-Trggered Model of Computaton, In: Proceedngs of 19th IEEE Real-Tme System Symposum, pp , Kopetz, H. (1991) Event-Trggered versus Tme-Trggered Real-Tme Systems, In: Lecture Notes n Computer Scence, Vol. 563, Sprnger Verlag, Berln, Young, M. and Shu, L-C. (1996) Hybrd Offlne/Onlne Schedulng for Hard Real- Tme Systems, In: Proceedngs of 2nd Internatonal Symposum on Real-Tme and Meda Systems, pp , 1996.