Establishing sufficient temporal independence efficiently
Authors
More about the book
The design of safety-critical systems is governed by safety standards, which impose requirements on the design, test, and verification processes, as well as the architecture of an embedded system. Particularly, for the safety evaluation applicable standards demand to regard a system as a whole, rather than its individual components. To offer a way to reduce certification effort, the safety evaluation may be carried out individually whenever the considered components are sufficiently independent of each other. In this context, sufficient independence mandates that failures may not cascade from one component to another. This thesis presents an approach to prevent such cascading failures with respect to real-time properties, i. e. to establish sufficient temporal independence. Particularly, the focus is on methods that avoid static allocation of resources according to the worst-case but permit any application behavior that does not threaten real-time constraints. The approach taken in this thesis is by means of runtime monitoring of real-time properties. In this context several lightweight mechanisms for enforcement of state-of-the-art timing models are presented, and analyses are provided to determine configurations for such monitors that allow a maximum degree of runtime flexibility without voiding the independence requirements.