SParK: safety partition kernel for integrated real-time systems

Quantified Score

Visualization

Abstract

In safety critical systems, huge manpower and cost goes towards the qualification and certification of software that requires rigorous V&V (Verification & Validation) effort. In practice it has been observed that considerable parts of a safety-critical software do not perform safety-critical tasks (e.g., communication to operator station, hardware diagnostics). Therefore, if the non-critical modules of the class IA/IB systems are partitioned and if the integrity of the partitions is ensured while sharing the same hardware, V&V effort can be minimized while reducing hardware resource needs. We have designed and implemented a Safety Partition Kernel (SParK) to provide such a strictly partitioned operating environment, where partitions reside on top of SParK and are provided with temporal guarantees and spatial isolation from each other. Even though prior art exists for partitioned environments, certain practical issues like handling the effect of blocking due to system calls generated by the Real-Time Operating System (RTOS) running in a partition and handling partition-specific external interrupts while still providing temporal guarantees to each partition, have not been completely addressed. To address this lacuna, we have introduced the concept of a Virtual Interrupt Partition and accounted for the time overheads of servicing interrupts in schedulability analysis of partitions. We have implemented SParK for both Intel x86 as well as for PowerPC architectures; µC-OS II and a customized version of saRTL have been ported as GuestOSs. These have demonstrated the flexibility and practicality of the novel features built into SParK. Applications realized using SParK have shown that SParK is technically capable of serving as a microkernel for Integrated Real-Time Systems.