[ICO]NameLast modifiedSizeDescription

[   ]fail-mysql-db.sql.gz2015-08-05 09:54 592M 
[   ]dosek.tar.gz2015-08-06 14:03 16M 
[   ]rawdata.tar.gz2015-08-13 14:10 50M 

Global Optimization of Real-Time Systems
by RTOS-Aware Control-Flow Analysis

Christian Dietrich, Martin Hoffmann, Daniel Lohmann

Cyber--physical systems generally have a dedicated purpose and, therefore, the embedded real-time control system is designed with a fixed set of functionalities. This results in a large amount of implicit and explicit static knowledge about the software system, at compile and provisioning time. Over the decades, compilers learned to extract and to exploit static knowledge in different program types. More recently, optimizations were lifted to the inter-procedural or even to the whole-program level. However, on the operating-system level, compilers typically assume a probabilistic scheduling policy, and, therefore, stop at the application--kernel boundary; control-flow transitions between different threads are not covered, yet. For real-time operating systems, this pessimistic assumption does not generally hold. Due to an increased need for predictability and timeliness, these operating systems do provide deterministic and exactly specified scheduling decisions.

In this paper, we cross the application--kernel boundary by combining the RTOS semantics and the explicit system knowledge to enable system-wide flow-sensitive compiler optimizations. We present two methods to extract a cross-kernel control-flow--graph, that provides a global view on all possible execution paths of a real-time system.

Having this knowledge at hand, we tailor the operating system kernel more closely to the particular application scenario. On the example of a real-world safety-critical control system, we present three possible use cases. Run-time optimizations, by means of specialized system calls for each call site, allow to speed up the kernel execution path by 28 percent in our benchmark scenario. Furthermore, we target transient hardware fault tolerance with two automated software-based countermeasures: generation of OS state assertions on the expected system behavior, and a system-wide dominator-region based control--flow-error detection. Both dependability measures leverage significant robustness improvements.


This directory contains several data artifacts, which are needed to reproduce the results from the paper.
dosek.tar.gz
Archive of the dOSEK source code. This archive contains a full git archive with master set to the revision used in the paper. For generating GCFG for a small example, please type:
mkdir build; cd build; ../new_build_env.py --arch posix
make bcc1_task1a; dot -Tpdf app/bcc1/task1/bcc1_task1a/*final* > gcfg.pdf
fail-mysql-db.sql.gz
This is a compressed dump of a MySQL database. It contains the raw result for the FAIL* injection campaign. The data in rawdata.tar.gz:data/results.data is extraced from it.
rawdata.tar.gz
Archive of the rawdata that was used within the text of the paper. It contains all numbers, which were calculated with the versuchung experimentation framework. This archive also contains the binaries, injected with FAIL* and the golden run traces.