itea dependable component based software for ce devices robocop & space4u experiences tutorial...

ITEA

Dependable Component Based Softwarefor CE Devices

Robocop & Space4U Experiences

Tutorial at ICCE 2006

Robocop & Space4U Tutorial ICCE – 2006 page 2 of ???

ITEA

Outline

Introduction

Architecture

Component Model

Resource Management

Fault Management

Real-Time Prediction

Wrap-Up

Robocop ComponentRobocop ComponentResource ModelResource Model

Simulation ModelSimulation Model

……

Functional ModelFunctional Model

Executable ComponentExecutable Component

Component ModelComponent Model

Analysis&

Integration

Analysis&

Integration

Trading &

Deployment

Trading &

Deployment

Resource ManagementResource Management

DownloadDownload

Terminal ManagementTerminal Management

Fault ManagementFault Management

ServiceService

ServiceService

logiclogic

otherMiddleman

logic

otherMiddleman

logic

logiclogic


ITEA

Performance Prediction Frameworkjoint work with M.R.V.Chaudron

Objectives:• At the design phase

– Graphically compose an assembly from components

– Predict performance properties of an assembly• Task latencies

• Number of missed deadlines

• Processor, bus, memory load

– Note: without even buying the constituent components!


ITEA

Real-time Property Prediction Abstract example:

CompCCompBCompA CompDStimulus Response

Is Response Time within TMin and TMax?

Video decoder example:

VLDInverse

QuantizerInverse

DCT…011010101…

bit-stream of a frame

reconstructed frame

Decoder

Decoding task latency < 40 ms


ITEA

Application Domains

• Hard real-time systems– Task lateness leads to catastrophic results

• anti-lock braking system

• air-bag controller

• Firm real-time systems– No catastrophic consequences, but value of the function = 0

• car navigation

• surveillance camera

• Soft real-time systems– Task lateness reduces a value of the function

• multimedia, video and audio codecs

• electronic game


ITEA

Case Study: MPEG Decoder• Requirements

– MPEG4 decoder functionality

– Rate of skipped frames <= 1%• Refreshment frequency is 25 frames/sec

• Missing deadline for decoding task <= once per 4 sec • Given

– Remote repository with various components and services

ReaderFIFO Buffer

ReaderReader

ReaderMPEG4 Decoder

ReaderRenderer

• Goal: without even buying the components

– Assess the performance and timeliness of a designed assembly


ITEA

Performance Prediction Approach (1/2)

The approach is a four-step strategy:

• The component developer specifies– behaviour model of a component

– resource model of a component• Application developer:

– composes selected components/services and

– selects scenario of interest & models this scenario (application scenario model)

• These three models are compiled together– into a model of the execution architecture (incl. concurrent tasks)

• For each scenario the tasks execution is simulated execution timeline of tasks


ITEA

Performance Prediction Approach (2/2)

Repository

Communication HWComponents

Memory and Storage HWComponents

Processing HW Components

Software Components

Input

Applicationrequirements

Design (assemble)

Real-timeapplication

Models

Component Resource model


Component Behaviour model


has

has

Compile models /reconstruct tasks

Executionarchitecture (tasks)

Simulate taskexecution

Task executiontimeline

Validate

Real-time and performanceproperties

Analyze

predicted for

ConstructApplication

Scenario modelApplication

Scenario model

!!!

Real-time awarecomponents

Real-time awarecomponents

Select

Repository

Communication HWComponents

Memory and Storage HWComponents

Processing HW Components

Software Components


ITEA

Characteristics of Models

• Reflect the implementation at higher abstraction level• Behaviour model

– for each operation specifies a sequence of invocations of operations of other interfaces

• Resource model – contains processing, bandwidth and memory usage of each

component operation• Application Scenario model:

– assembly structure, specific for this scenario

– environmental events or system interrupts (task triggers)• Resource, Behaviour and Scenario models are

composable– composed model represents an execution architecture (task pool)

of a whole application


ITEA

Behaviour and Resource ModelsBehavourModel_MPEG4Decoder_Component

behaviour

operation IDecode.decodeFrame()

calls IBufferAccess.getElement()

passedBits = 0

returnedBits = 1024

synchronous = TRUE

numberOfIterations = 1

calls IBufferAccess.storeElement()

passedBits = 1024

returnedBits = 1

synchronous = TRUE


BehavourModel_MPEG4Decoder_Component

behaviour


calls IBufferAccess.getElement()

passedBits = 0

returnedBits = 1024

synchronous = TRUE


calls IBufferAccess.storeElement()

passedBits = 1024

returnedBits = 1

synchronous = TRUE


ResourceModel_MPEG4Decoder_Component

resource use


cpu claim

max = 1E7 cycles (reference processor)

aver = 1E5 cycles (reference processor)

min = 1E4 cycles (reference processor)

mem claim = 10 KB

mem release = 3 KB

ResourceModel_MPEG4Decoder_Component

resource use


cpu claim

max = 1E7 cycles (reference processor)

aver = 1E5 cycles (reference processor)

min = 1E4 cycles (reference processor)

mem claim = 10 KB

mem release = 3 KB

IDecode IBufferAccess

decodeFrame()

getElement()

storeElement()


ITEA

Composing MPEG4 Decoder AssemblyOut of selected services

vReader: Reader

IRead

rBuffer: FIFO Buffer

IBufferAccess

IBufferAccess

vDecoder: MPEG4Decoder

IDecode

IBufferAccess

wBuffer: FIFO Buffer

IBufferAccess

vRenderer: Renderer

IWrite

IBufferAccess


ITEA

Processing Node: MIPS 130Processing Node: MIPS 130

Specifying Scenario Model

vReader: Reader

IRead


IBufferAccess

IBufferAccess


IDecode

IBufferAccess


IBufferAccess

vRenderer: Renderer

IWrite

IBufferAccess

Task Trigger

Task Trigger – can be implemented in glue code as a POSIX thread with periodic events

Invokes IWrite.renderFrame()every 40 msInvokes IDecode.decodeFrame()

every 40 ms

Invokes IRead.readFrame()every 40 ms


ITEA

Composing the Models (1/3)

Input


Design (assemble)


Models





has

has


Pool of tasksin application



Validate


Analyze

predicted for



Scenario model


ITEA

The generated task specifies• sequence of constituent method invocations• period, deadline, priority, synchronization constraints


Service_A Service_B

Operation_B

Operation_C

Service_C Service_D

Operation_D

Operation_F

Service_F

Operation_E

Operation_E

Operation_E

Task Trigger(period 40 ms)

Operation_A

TaskTrigger invoke InterfaceX.OperationA period 40 ms offset 0 ms deadline 40 ms

Application ScenarioModel:

Component ResourceModel:

Operation_E CPU claim = 3ms

30 ms

Component BehaviorModel:

OperationA() callsInterfaceZ.OperationB()

InterfaceY.OperationC()nmbIterations = 1

nmbIterations = 1


ITEA


vReader: Reader

IRead


IBufferAccess

IBufferAccess


IDecode

IBufferAccess


IBufferAccess

vRenderer: Renderer

IWrite

IBufferAccess

Task Trigger

Invokes IWrite.renderFrame()every 40 msInvokes IDecode.decodeFrame()

every 40 ms

Invokes IRead.readFrame()every 40 ms


ITEA

Simulation and Analysis (1/2)

Input


Design (assemble)


Models





has

has


Pool of tasksin application



Validate


Analyze

predicted for



Scenario model


ITEA

Simulation and Analysis (2/2)

Task instancetriggering

Task instancecompletion

Task instancedeadline

CPU is idle

Simulation time

Simulation time

Me

m lo

ad

Simulation time

Bu

s lo

ad

• Simulation or Schedulability analysis are performed with scheduling algorithms deployed on the target OS (RMA, EDF, CBS)

• Simulation results in task latencies, number of missed deadlines, CPU, memory and bus utilization


ITEA

Validation against Requirements

Task instancetriggering

Task instancecompletion

Task instancedeadline

CPU is idle

Video Decoding Task:

Related REQ:

“Skipped frames rate < 1%”

• Decision on acceptance of the composed assembly

– If “not accept”: try different component configurations, or other components

– If “accept”: buy the components, implement application-level glue code, test and deploy


ITEA

Not mentioned Facilities and Benefits

• Modelling of parameter-dependent behaviour and resource usage

• Multiple-platform resource models

• Task synchronization aspects can be modeled

• Component mapping on multiprocessor architecture

• Multidimensional design space exploration– robusteness vs cost, memory_load vs cpu_load, etc


ITEA

Framework Deployment Issues• We have developed a tool chain supporting the design activities

• We have validated the prediction approach by MPEG4 Decoder case study:

– prediction accuracy of general performance is > 90%

– prediction accuracy on task latencies is > 70%

RTIE Graphical Composer

RTIE

Repos

itory

RTIE Models

Compiler

RT

IE T

ask G

enerator

RTIE

SimulatorRTIE Visualizer RTIE

Reporter

Real-Time PredictionFramework


ITEA

RTIE Graphical Composer

itea dependable component based software for ce devices robocop & space4u experiences tutorial...

Documents

middleman logic slide

prediction approach

ms slide

video decoder example

mpeg4 decoder case study

framework deployment

performance properties

catastrophic consequences