Latency upper bound for data chains of real-time periodic tasks

https://doi.org/10.1016/j.sysarc.2020.101824Get rights and content

Abstract

The inter-task communication in embedded real-time systems can be achieved using various patterns and be subject to different timing constraints. One of the most basic communication patterns encountered in today’s automotive and aerospace software is the data chain. Each task of the chain reads data from the previous task and delivers the results of its computation to the next task. The data passing does not affect the execution of the tasks that are activated periodically at their own rates. As there is no task synchronization, a task does not wait for its predecessor data; it may execute with old data and get new data at its later release. From the design stage of embedded real-time systems, evaluating if data chains meet their timing requirements, such as the latency constraint, is of the highest importance. The trade-off between accuracy and complexity of the timing analysis is a critical element in the optimization process. In this paper, we consider data chains of real-time periodic tasks executed by a fixed-priority preemptive scheduler upon a single processor. We present a method for the worst-case latency calculation of periodic tasks’ data chains. As the method has an exponential time complexity, we derive a polynomial-time upper bound. Evaluations carried out on an automotive benchmark demonstrate that the average bound overestimation is less than 10 percent of the actual value.

Introduction

The cyber-physical systems are engineered solutions that bridge together the cyber and physical world. At the boundaries of these two worlds, a connection is established through two peripheral subsystems. A sensory subsystem detects the events appearing in the environment and an actuation subsystem delivers the appropriate actions to control the physical process. Low-latency input-output processing is a desirable property for enabling time-sensitive control. The software architecture for such systems usually consists of multiple cooperating and communicating tasks that process the data from sensors to actuators. The resulting task chain end-to-end latency necessarily depends on the execution requirements of individual tasks and the inter-task communication delays.

The compound architectures of the real-time embedded systems in which the flow of data requires several processing stages before the actuation signals are produced can be encountered in many mission- and safety-critical applications. Such applications can be found in fields like aeronautics, healthcare, or automotive.

Flight Management System (FMS) can be viewed as an example of the cyber-physical system with multiple-stage data processing where the output of one task or task group is the input of the next one. The FMS is an on-board avionics computing system used in new-generation aircraft that helps a pilot in operating a wide range of in-flight tasks [62].

It keeps track of the current aircraft position, assists the crew in flight planning and trajectory prediction, monitors and helps to optimize the flight parameters and performances (e.g., fuel consumption, flight time). Fig. 1 gives an overview of FMS software architecture 1 (sensors as triangles, actuators as ellipses, and functions as boxes). As can be seen, many FMS functions are divided into subsequent groups that process the data from the other avionics systems and interfaces. Consider, for instance, the chain marked with the red dotted line in Fig. 1. First, the readings from the autonomous sensors, like accelerometers and gyroscopes, together with the information coming from the navigation receivers, like the Distance Measuring Equipment, the VHF Omni Directional Radio Range or the Global Positioning System, are fused in by the tasks of the Sensor Group. Then, the tasks of the Localization Group, based on the information from the navigation database and the fused sensor readings, compute an accurate estimate of the current aircraft position. Afterward, the current position is processed by a chain of tasks from the Trajectory Group and the Guidance Group to deliver the steering signals to the actuators.

End-to-end latency constraints. Due to the mission-critical nature of many operations mentioned in the previous FMS example, their results must be produced within a precise time. Wyss et al. [63] summarize different timing requirements as follows. Reactivity (or data reaction [45]) is a time interval during which data must be present at the sensor input to be detected. Latency is a time interval between the arrival of data at the sensor input and actuator’s update with a value corresponding to that particular data (i.e., the time needed for data to be propagated from sensor to actuator). Freshness (or data age [21]) is a time interval during which the actuator’s value corresponding to the same sensor reading is used.

Task chains. From sensor readings to actuation signals, the FMS tasks process the data through several stages. A task chain is a sequence of communicating tasks in which every task receives the data from its predecessors [45]. There are two models of task chains: trigger chains and data chains. They differ in task activation rules. In trigger chains, the tasks are released by the events issued from the preceding tasks. In data chains, the tasks are independent, and every task is activated periodically at its individual rate.

Trigger chains are characterized by a more flexible timing behavior. Their tasks execute only if necessary: a task is released only if it receives the request from its predecessor. The processor resources are used efficiently, and the inter-task data passing is immediate. Conversely, tasks of the data chains are released at every period, even if there is no new data to process. Processor resources can be wasted in the case of redundant task execution. Moreover, certain delay of time can elapse between the instant when the results are produced by the current task and the instant when the next task is released and can retrieve the results.

However, especially in an industrial context, data chains may outweigh the above-mentioned advantages of trigger chains. In fact, imposing the precedence relation between the subsequent tasks of a trigger chain requires synchronization mechanisms (e.g., semaphores). The use of the synchronization primitives can lead to priority-inversion problems and deadlock formations [57], [58]. An additional effort is therefore needed for the integration of these primitives with adequate control structures. As safety-critical software is subject to stringent standards, adding these features to the system makes the certification process ultimately more complicated [22]. For those reasons, the unrestrained execution model of data chains can permit to reduce cost and time overheads related to the correct implementation and validation of synchronization mechanisms required by trigger chains.

Motivation. The respect of timing constraints is crucial for critical real-time embedded systems and must be taken into account at the earliest stages of the design process. End-to-end timing constraints are introduced in many automotive software architectures and modeling languages [46] (e.g., timing model of the AUTOSAR standard [3], timing extensions to EAST-ADL [19], TADL2 language [59]). Computing a single value of data chain latency is not computationally challenging. It is especially true for the short chains and the chains with equal periods. However, already at the design level, the computational complexity becomes a serious limitation when multiple possible design choices must be evaluated. With the rapid increase of software size and complexity in today’s embedded systems [10], [20], the problem can only be exacerbated. Lowering the computational complexity of the latency analysis can help in solving the optimization problems like offsets, periods, and priorities assignment [16], [17], [35], [39].

Contribution. In our previous work [36], we proposed a method for the computation of the data chain worst-case latency of periodic independent tasks with implicit deadlines scheduled by a fixed-priority preemptive algorithm given a priority assignment of these tasks and their worst-case response times. As the method has exponential time complexity, in this work we:

  • derive a polynomial-time upper bound on the data chain worst-case latency,

  • identify the sources of bound pessimism and provide a condition for bound tightness,

  • evaluate the impact of different worst-case response time estimations on the precision of the latency analysis for different chain lengths.

Paper structure. The paper is organized as follows. The data chain model is introduced in Section 2. We present a method for the calculation of the worst-case latency of the data chains in Section 3. As the method has an exponential time complexity, we propose in Section 4 a polynomial-time upper bound on the worst-case latency of the data chains. In Section 5, we evaluate the bound precision and efficiency using the generic task sets based on a real-world automotive system. We review the related work in Section 6 and conclude the paper in Section 7.

Section snippets

System model

We introduce a data chain as a sequence of independent periodic tasks with implicit deadlines scheduled by a fixed-priority preemptive policy upon a single processor.

Latency analysis

In this section, we present a method for computing the maximum latency of the data chains of real-time periodic tasks [36]. First, we characterize the time durations between the releases of a task that writes the data and the next task in the chain that reads this data. Given a data arrival time, we construct a sequence of releases of the tasks propagating the data from the first to the last task in the chain (data propagation path). Then, to obtain the worst-case latency, we examine all

Latency bound

We derive an upper bound on the worst-case latency of the data chain. This bound can be computed in polynomial-time in the input size by finding the largest time intervals between the releases of any two directly communicating tasks.

Experiments

In this section, we evaluate the performance of the worst-case latency analysis [36] summarized in Section 3 and of the polynomial-time upper bound on the latency presented in Section 4 in terms of precision and practical complexity on a generic automotive benchmark [38] upon a single processor.

We compare these two methods against a linear-time upper bound on the worst-case latency proposed by Davare et al. [16]. In principle, the latter method applies for sporadic tasks, but its use may also

Related work

We survey related work on the latency computation for the periodic real-time task and similar models.

Harmonic periods. Gerber et al. [26], [27] consider a task chain with harmonicity constraint (i.e., periods that pairwise divide each other [31]) and enforce by the offset and priority assignment that the producer always executes before the consumer. Di Natale et al. [47] and Davare et al. [16] specify the general case when producer and consumer have harmonic periods without being necessarily

Conclusion

In this paper, we proposed a polynomial-time upper bound on the worst-case latency of data chains. We showed with benchmark based on the automotive application that the use of the proposed bound can disentangle the complexity of the worst-case latency estimation with little loss in terms of precision. The bound lays the groundwork for solving several problems in software engineering of real-time systems like, for instance, task periods and priorities assignment optimization under latency

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

Tomasz Kloda was supported by the Chair for Cyber-Physical Systems in Production Engineering at TUM and the Alexander von Humboldt Foundation.

References (69)

  • S. Mubeen et al.

    Supporting timing analysis of vehicular embedded systems through the refinement of timing constraints

    Softw. Syst. Model.

    (2019)
  • K. Tindell et al.

    Holistic schedulability analysis for distributed hard real-time systems

    Microprocess. Microprogram.

    (1994)
  • H. Zeng et al.

    Stochastic analysis of can-based real-time automotive systems

    IEEE Trans. Ind. Inf.

    (2009)
  • V. Anwikar et al.

    Timing analysis of real-time embedded systems using model checking

    18th International Conference on Real-Time and Network Systems

    (2010)
  • N.C. Audsley et al.

    Real-time scheduling: the deadline-monotonic approach

    in Proc. IEEE Workshop on Real-Time Operating Systems and Software

    (1991)
  • (2013)
  • S. Baruah et al.

    Generalized multiframe tasks

    Real-Time Syst.

    (1999)
  • M. Becker et al.

    Mechaniser-a timing analysis and synthesis tool for multi-rate effect chains with job-level dependencies

    7th International Workshop on Analysis Tools and Methodologies for Embedded and Real-time Systems WATERS’16, 05 Jul 2016, Toulouse, France

    (2016)
  • M. Becker et al.

    Synthesizing job-level dependencies for automotive multi-rate effect chains

    Proceedings of the 22nd International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA)

    (2016)
  • M. Becker et al.

    Analyzing end-to-end delays in automotive systems at various levels of timing information

    ACM SIGBED Rev.: Special Issue on 4th International Workshop on Real-time Computing and Distributed Systems in Emergent Applications

    (2017)
  • M. Becker et al.

    End-to-end timing analysis of cause-effect chains in automotive embedded systems

    J. Syst. Archit.

    (2017)
  • M. Becker et al.

    Timing analysis driven design-space exploration of cause-effect chains in automotive systems

    44th Annual Conference of the IEEE Industrial Electronics Society

    (2018)
  • L.L. Bello et al.

    Recent advances and trends in on-board embedded and networked automotive systems

    IEEE Trans. Indus. Inf.

    (2019)
  • E. Bini et al.

    Biasing effects in schedulability measures

    16th Euromicro Conference on Real-Time Systems, 2004. ECRTS 2004. Proceedings

    (2014)
  • E. Bini et al.

    A hyperbolic bound for the rate monotonic algorithm

    13th Euromicro Conference on Real-Time Systems (ECRTS 2001), 13–15 June 2001, Delft, The Netherlands, Proceedings

    (2001)
  • A. Biondi et al.

    Achieving Predictable Multicore Execution of Automotive Applications Using the LET Paradigm

    Proceedings of the 24th IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS 2018)

    (2018)
  • M. Chéramy et al.

    Simso: A simulation tool to evaluate real-time multiprocessor scheduling algorithms

    Proc. of the 5th International Workshop on Analysis Tools and Methodologies for Embedded and Real-time Systems

    (2014)
  • D. Clark

    HIC: an operating system for hierarchies of servo loops

    Proceedings of the 1989 IEEE International Conference on Robotics and Automation, Scottsdale, Arizona, USA, May 14–19, 1989

    (1989)
  • A. Davare et al.

    Period optimization for hard real-time distributed automotive systems

    Proceedings of the 44th Design Automation Conference, DAC 2007, San Diego, CA, USA, June 4–8, 2007

    (2007)
  • P. Deng et al.

    An efficient control-driven period optimization algorithm for distributed real-time systems

    IEEE Trans. Comput.

    (2016)
  • G. Durrieu et al.

    Predictable Flight Management System Implementation on a Multicore Processor

    Embedded Real Time Software (ERTS’14)

    (2014)
  • East-adl domain model specification, 2013...
  • C. Ebert et al.

    Automotive software

    IEEE Softw.

    (2017)
  • N. Feiertag et al.

    A compositional framework for end-to-end path delay calculation of automotive systems under different path semantics

    Proceedings of the IEEE Real-Time System Symposium Workshop on Compositional Theory and Technology for Real-Time Embedded Systems, Barcelona, Spain, November 30, 2008

    (2008)
  • J. Forget et al.

    Scheduling dependent periodic tasks without synchronization mechanisms

    Proceedings of the 16th IEEE Real-Time and Embedded Technology and Applications Symposium

    (2010)
  • J. Forget et al.

    A real-time architecture design language for multi-rate embedded control systems

    Proceedings of the 2010 ACM Symposium on Applied Computing

    (2010)
  • J. Forget et al.

    Verifying end-to-end real-time constraints on multi-periodic models

    2017 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)

    (2017)
  • J.J.G. García et al.

    Schedulability analysis of distributed hard real-time systems with multiple-event synchronization

    12th Euromicro Conference on Real-Time Systems (ECRTS 2000), 19–21 June 2000, Stockholm, Sweden, Proceedings

    (2000)
  • R. Gerber et al.

    Guaranteeing end-to-end timing constraints by calibrating intermediate processes

    1994 Proceedings Real-Time Systems Symposium

    (1994)
  • R. Gerber et al.

    Guaranteeing real-time requirements with resource-based calibration of periodic processes

    IEEE Trans. Softw. Eng.

    (1995)
  • J. Goossens et al.

    Limitation of the hyper-period in real-time periodic task set generation

    Proceedings of the RTS Embedded System (RTS’01)

    (2001)
  • J.C.P. Gutiérrez et al.

    On the schedulability analysis for distributed hard real-time systems

    Proceedings of the Ninth Euromicro Workshop on Real-Time Systems, RTS 1997, 11–13 June, 1997, Toledo, Spain

    (1997)
  • A. Hamann et al.

    Communication Centric Design in Complex Automotive Embedded Systems

    29th Euromicro Conference on Real-Time Systems (ECRTS)

    (2017)
  • C.-C. Han et al.

    A better polynomial-time schedulability test for real-time fixed-priority scheduling algorithms

    Proceedings Real-Time Systems Symposium

    (1997)
  • Cited by (11)

    • Complex event models for automotive embedded systems

      2022, Journal of Systems Architecture
    • Exploring the boundaries of Ada syntax with functional-style iterators

      2021, Journal of Systems Architecture
      Citation Excerpt :

      Traversing containers and manipulating its contents is thus a typical activity that programming languages support in several ways. Furthermore, item processing and transformation via data chains is a recognized design pattern [1], also in high-integrity domains [2]. For this reason, some languages provide convenient syntax to naturally express such chaining constructions [3], and whole frameworks build on these ideas [4].

    • SENTunnel: Fast Path for Sensor Data Access on Automotive Embedded Systems

      2022, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
    • Data-Age Analysis for Multi-Rate Task Chains under Timing Uncertainty

      2022, ACM International Conference Proceeding Series
    View all citing articles on Scopus
    View full text