Unit OS9: Unit OS9: Real-Time and Embedded Systems Real-Time and Embedded Systems

(1)

Unit OS9:

Real-Time and Embedded Systems Real-Time and Embedded Systems

9.1. Introduction and Vocabulary

(2)

Copyright Notice Copyright Notice

These materials are part of the

These materials are part of the Windows Operating Windows Operating System Internals Curriculum Development Kit,

System Internals Curriculum Development Kit, developed by David A. Solomon and Mark E.

developed by David A. Solomon and Mark E.

Russinovich with Andreas Polze Russinovich with Andreas Polze

Microsoft has licensed these materials from David Microsoft has licensed these materials from David Solomon Expert Seminars, Inc. for distribution to Solomon Expert Seminars, Inc. for distribution to academic organizations solely for use in academic academic organizations solely for use in academic environments (and not for commercial use)

environments (and not for commercial use)

(3)

Roadmap for Section 9.1 Roadmap for Section 9.1

Introduction and Vocabulary Introduction and Vocabulary

Performance Measures Performance Measures

General Structure of a Real-Time System General Structure of a Real-Time System

Task Assignment and Scheduling Task Assignment and Scheduling

Uni- vs. Multi-Processor Scheduling Algorithms Uni- vs. Multi-Processor Scheduling Algorithms

Critical Sections and Priority Inversion

(4)

Introduction and Vocabulary Introduction and Vocabulary

What is a Real-time System?

“ “ A real-time system is one in which the correctness of A real-time system is one in which the correctness of the computations not only depends on the logical

the computations not only depends on the logical

correctness of the computation, but also on the time at correctness of the computation, but also on the time at which the result is produced. If the timing constraints of which the result is produced. If the timing constraints of

the system are not met, system failure is said to have the system are not met, system failure is said to have

occurred.”

Confusion:

Not a clear definition!

What are timing constraints ? (tasks have deadlines) What are timing constraints ? (tasks have deadlines)

(5)

More confusion More confusion

What is the meaning of a “deadline"?

Do all

Do all tasks have to be executed before their deadline? (not tasks have to be executed before their deadline? (not necessarily)

necessarily)

Sometimes “yes”: flight control in an aircraft Sometimes “yes”: flight control in an aircraft Sometimes “no”: Multimedia-App.

Sometimes “no”: Multimedia-App.

What is the meaning of “executed“?

How to decide whether a task has been (completely) executed?

Relatively simple: bank transaction Relatively simple: bank transaction Impossible: Computation of π

Impossible: Computation of π

How to deal with tasks that missed their deadlines?

Terminate or run to completion?

Aircraft accident vs. Videoconference Aircraft accident vs. Videoconference

(6)

Task Value Functions Task Value Functions

Value

deadline

Value

deadline

Value

(7)

Hard vs. Soft Real-time Systems Hard vs. Soft Real-time Systems

Hard real-time systems Hard real-time systems

Embedded systems: aircraft control, nuclear power plants, Embedded systems: aircraft control, nuclear power plants,

chemical reactors, jet engines chemical reactors, jet engines

Missing a deadline has life-threatening results.

Soft real-time systems Soft real-time systems

Multimedia, airline reservation system Multimedia, airline reservation system

Missing a deadline is undesirable and impacts system Missing a deadline is undesirable and impacts system

performance but has not destroy lives or equipment.

(8)

Vocabulary Vocabulary

Example: Car & Driver Example: Car & Driver

Well-known example for human control:

Comparable to a real-time computer system in many respects Comparable to a real-time computer system in many respects Driver:

Driver: real-time controllerreal-time controller Car:

Car: controlled processcontrolled process Road and additional cars:

Road and additional cars: operating environmentoperating environment

Actuators:

Wheels, engine, brakes Wheels, engine, brakes

Controls:

Steering wheel, brake pedal, switches Steering wheel, brake pedal, switches

(9)

Mission Statement Mission Statement

Drive within the allowed speed range from start A to Drive within the allowed speed range from start A to destination B without collisions with other cars or destination B without collisions with other cars or stationary objects.

stationary objects.

How can driver‘s performance be measured?

Departs from A and reaches destination B Departs from A and reaches destination B

Total driving time Total driving time

But: road conditions have to be taken into account But: road conditions have to be taken into account What, if driver leaves the road?

What, if driver leaves the road?

Success: collision could be avoided Success: collision could be avoided Failure: control over vehicle was lost Failure: control over vehicle was lost

(10)

The Mission – a closer look The Mission – a closer look

Performance is no absolute measure.

Performance measures quality of a result in terms of the Performance measures quality of a result in terms of the best possible result under the current environmental

best possible result under the current environmental conditions.

conditions.

A closer look onto the mission:

Mission critical:

Mission critical: steering, brakessteering, brakes Non-critical:

Non-critical: radio, lightsradio, lights

Deadlines are not constants

(rush hour vs. Sunday drive)(rush hour vs. Sunday drive) How to measure the drivers physical condition?

How to measure the drivers physical condition?

(11)

Performance Measures Performance Measures

Average values say very little about the Average values say very little about the

performance of a real-time controller.

In our scenario:

How to value abrupt acceleration/deceleration How to value abrupt acceleration/deceleration

maneuvers ? maneuvers ?

How to measure for unnecessarily increased fuel How to measure for unnecessarily increased fuel

usage?

What about extra slow driving?

(12)

Problems of RT Computing Problems of RT Computing

Reliability, Fault-tolerance Reliability, Fault-tolerance

Harsh environments, electromagnetic noise, rapidly changing Harsh environments, electromagnetic noise, rapidly changing

computation loads computation loads

Task Scheduling Task Scheduling

Traditional Approach: fairness / round robin scheduling / time Traditional Approach: fairness / round robin scheduling / time

slicing slicing

RT System: fixed priority scheduling / generalized rate RT System: fixed priority scheduling / generalized rate

monotonic scheduling / earliest deadline first monotonic scheduling / earliest deadline first

Memory Management Memory Management

Swapping / paging Swapping / paging

Static pre-allocation (mpin(), vm_wire()) Static pre-allocation (mpin(), vm_wire())

(13)

Problems of RT Computing (contd.) Problems of RT Computing (contd.)

Cache Allocation Policy Cache Allocation Policy

Preemption may cause cache invalidation -> missed deadline Preemption may cause cache invalidation -> missed deadline Does t

Does t_A_A = t = t_A1_A1 + t + t_A2_A2 hold? hold?

A B A

A preempted

A preempted A resumedA resumed A completedA completed

tt_A1_A1 tt_A2_A2

(14)

Structure of a Real-time System Structure of a Real-time System

Controller: RT-Computer/

Uni- vs. Multiprocessor Uni- vs. Multiprocessor

Input data rates: typically < 1 KB/sec Input data rates: typically < 1 KB/sec

Fixed set of processes; software is "pre-loaded“

Scheduler (offline vs. online schedules) Scheduler (offline vs. online schedules)

Controlled

process Sensors Job list Clock

Trigger generator Execution

Display Actuators

Operator Environment

(15)

Data Rates Data Rates

Sensors/Actuators/Display/Input Sensors/Actuators/Display/Input Panels: low

Panels: low

Data conversion/formatting:

medium medium

(peripheral area) (peripheral area)

Control algorithm: high Control algorithm: high (central cluster)

(central cluster)

Controlled process often moves Controlled process often moves through different phases

through different phases

Varying sets of priorities, Varying sets of priorities, control tasks, deadlines control tasks, deadlines

Sensor and actuator layer Peripheral area

Central cluster

(16)

Task Classes Task Classes

Periodic, sporadic and aperiodic tasks Periodic, sporadic and aperiodic tasks

Critical and non-critical tasks Critical and non-critical tasks

Non-critical real-time (soft real-time tasks):

Objective: maximize percentage of jobs Objective: maximize percentage of jobs

successfully executed

(17)

Areas of Interest Areas of Interest

Architecture Architecture

Processor Architecture Processor Architecture Network Architecture Network Architecture

Architectures for Clock Synchronization Architectures for Clock Synchronization Fault-tolerance and Reliability Evaluation Fault-tolerance and Reliability Evaluation

Operating System Operating System

Task Assignment and Scheduling Task Assignment and Scheduling Communication Protocols

Communication Protocols

Failure Management and Recovery Failure Management and Recovery Clock Synchronization Algorithms Clock Synchronization Algorithms

Others Others

Programming Languages Programming Languages Databases

Databases

Performance Measures

(18)

Task Assignment and Scheduling Task Assignment and Scheduling

Objective:

Objective: allocation and scheduling of tasks on allocation and scheduling of tasks on processors to ensure that deadlines are met

processors to ensure that deadlines are met

Problem statement:

Given a set of tasks, task precedence constraints, task Given a set of tasks, task precedence constraints, task characteristics, and deadlines, we are asked to devise a characteristics, and deadlines, we are asked to devise a feasible allocation/schedule on a given computer

feasible allocation/schedule on a given computer

TaskTask

consumes resources (cpu, memory, input data) consumes resources (cpu, memory, input data) produces results

produces results

Precedence constraints: T

Precedence constraints: T_ii needs output from T needs output from Tj_j

(19)

Task Dependency Graph Task Dependency Graph

Characteristics:

Precedence-relation "<“

Release time Release time

Deadline (hard, soft) Deadline (hard, soft)

Relative deadline: absolute deadline - release time Relative deadline: absolute deadline - release time

(20)

Periodicity Periodicity

Periodic: released periodically, every P

_i_i

seconds seconds

Period P Period P_i_i

Runs once every period (not exactly every P

Runs once every period (not exactly every P_i_i sec) sec)

Sporadic: not periodic, invoked irregularly Sporadic: not periodic, invoked irregularly

Upper bound on invocation rate Upper bound on invocation rate

Aperiodic: sporadic but without bounded invocation rate Aperiodic: sporadic but without bounded invocation rate

Example:

Sensor is read every 10 ms.

If value exceeds threshold, signal is send out If value exceeds threshold, signal is send out Sensor task is periodic; period p = 10ms

Sensor task is periodic; period p = 10ms Task that sends the signal is sporadic Task that sends the signal is sporadic

Maximum invocation rate for this sporadic task?

(21)

Feasibility of a Schedule Feasibility of a Schedule

Task assignment/schedule is feasible if all tasks start after Task assignment/schedule is feasible if all tasks start after their release times and complete before their deadlines

their release times and complete before their deadlines Schedule S: Set of processors x Time

Schedule S: Set of processors x Time

Set of tasks Set of tasks

S(i,t) is the task scheduled to be running on processor i at time t S(i,t) is the task scheduled to be running on processor i at time t Offline scheduling: precomputed schedule

Offline scheduling: precomputed schedule

Online scheduling: tasks are scheduled at arrival Online scheduling: tasks are scheduled at arrival Must be fast

Must be fast

Static-priority algorithms: tasks' priorities do not change within a Static-priority algorithms: tasks' priorities do not change within a mode (Rate Monotonic Scheduling - RMS)

mode (Rate Monotonic Scheduling - RMS)

Dynamic-priority algorithms: priority changes with time (Earliest Dynamic-priority algorithms: priority changes with time (Earliest Deadline First - EDF)

Deadline First - EDF)

(22)

Preemptive vs. non-preemptive Preemptive vs. non-preemptive

Scheduling Scheduling

Preemptive: tasks can be interrupted by other tasks Preemptive: tasks can be interrupted by other tasks

More flexible More flexible

Critical task must be allowed to interrupt less critical ones Critical task must be allowed to interrupt less critical ones Non-preemptive: task runs until completion or blocking

Non-preemptive: task runs until completion or blocking

• S1: sub optimal; non-S1: sub optimal; non-preemptivepreemptive

• S2: T2 misses deadline; nonS2: T2 misses deadline; non-- preemptive

preemptive

• S3: preemptive; resource optimalS3: preemptive; resource optimal

• Overhead for preemption; Overhead for preemption;

bookkeeping bookkeeping

• Preemption not always possible: Preemption not always possible:

(23)

Uni-processor Scheduling Uni-processor Scheduling

Traditional rate-monotonic scheduling (RMS) Traditional rate-monotonic scheduling (RMS)

Periodic, preemptable tasks Periodic, preemptable tasks Deadlines equal task period Deadlines equal task period

Set of n tasks is schedulable if total processor utilization is no Set of n tasks is schedulable if total processor utilization is no greater than n(2

greater than n(2 ^1/n^1/n-1)-1)

Task priorities are static; inversely related to periods Task priorities are static; inversely related to periods Optimal static-priority uniprocessor algorithm

Optimal static-priority uniprocessor algorithm Some results for deadline ≠ period

Some results for deadline ≠ period

Rate monotonic deferred server (DS) Rate monotonic deferred server (DS)

Similar to RMS Similar to RMS

Can handle both: periodic and aperiodic tasks Can handle both: periodic and aperiodic tasks

(24)

Uni-processor Scheduling (contd.) Uni-processor Scheduling (contd.)

Earliest deadline first (EDF):

Tasks are preemptible Tasks are preemptible

Task with earliest deadline has highest priority Task with earliest deadline has highest priority

Optimal uni-processor algorithm Optimal uni-processor algorithm

If a task set is not schedulable on a single processor by EDF, If a task set is not schedulable on a single processor by EDF,

there is no other processor that can successfully schedule that there is no other processor that can successfully schedule that

task set task set

Precedence and exclusion conditions:

RMS & EDF assume independent preemptible tasks RMS & EDF assume independent preemptible tasks

Only processing requirements are taken into account;

memory, I/O, other resource requirements negligible memory, I/O, other resource requirements negligible

(25)

Uni-processor Scheduling (contd.) Uni-processor Scheduling (contd.)

Multiple task versions:

System has primary and alternative version of tasks System has primary and alternative version of tasks Vary in execution time and quality of output

Vary in execution time and quality of output Primary: full-fledged task; top quality output Primary: full-fledged task; top quality output

Alternative: bare-bone; lower-quality (acceptable) output; take Alternative: bare-bone; lower-quality (acceptable) output; take less much execution time

less much execution time

Schedule may pick alternative tasks during overload Schedule may pick alternative tasks during overload

IRIS tasks (increased reward with increased service):

Quality of output is monotonically nondecreasing function of Quality of output is monotonically nondecreasing function of execution time

execution time

Example: iterative algorithms for computation of π Example: iterative algorithms for computation of π

(26)

Multiprocessor Scheduling Multiprocessor Scheduling

Task assignment problem generally is NP-hard Task assignment problem generally is NP-hard Use heuristics

Use heuristics

(27)

Multiprocessor Scheduling Multiprocessor Scheduling

Utilization balancing algorithm:

Assigns tasks to processors one by one Assigns tasks to processors one by one Balanced utilization at end of each step Balanced utilization at end of each step

Preemptive tasks Preemptive tasks

Next-fit algorithm:

Works in conjunction with RMS uni-processor algorithm Works in conjunction with RMS uni-processor algorithm

Divides task set into classes Divides task set into classes

Processors are exclusively assigned to tasks Processors are exclusively assigned to tasks

Preemptive tasks Preemptive tasks

(28)

Multiprocessor Scheduling (contd.) Multiprocessor Scheduling (contd.)

Bin-packing algorithm:

Assigns tasks to processors so, that utilization does not exceed Assigns tasks to processors so, that utilization does not exceed given threshold

given threshold

Threshold is set so that uni-processor algorithm is able to Threshold is set so that uni-processor algorithm is able to schedule assigned tasks

schedule assigned tasks Preemptive tasks

Preemptive tasks

Myopic offline scheduling algorithm:

Deals with non-preemptive tasks Deals with non-preemptive tasks

Builds schedule using a search process Builds schedule using a search process

Focused addressing and bidding algorithm:

Tasks arrive at individual processors Tasks arrive at individual processors

If schedule not feasible: processor may offload some of its If schedule not feasible: processor may offload some of its workload onto other processors

workload onto other processors

(29)

Multiprocessor Scheduling (contd.) Multiprocessor Scheduling (contd.)

Buddy strategy:

Three categories: underloaded, fully loaded, and overloaded Three categories: underloaded, fully loaded, and overloaded

processors processors

Overloaded processors ask underloaded ones to take over Overloaded processors ask underloaded ones to take over

some load some load

Assignment with precedence constraints:

Takes precedence constraints into account Takes precedence constraints into account

Trial-and-error process: assign communicating processes onto Trial-and-error process: assign communicating processes onto

same processor same processor

(30)

Scheduling Problems Scheduling Problems

Critical Sections:

Source of anomalous behavior: priority inversion Source of anomalous behavior: priority inversion Lower-priority tasks can block higher-priority tasks Lower-priority tasks can block higher-priority tasks

Priority inheritance/priority ceiling protocols: finite upper bound to the Priority inheritance/priority ceiling protocols: finite upper bound to the period of priority inversion

period of priority inversion

Mode Changes:

Mission can have multiple phases Mission can have multiple phases Different task sets

Different task sets

Different priorities/arrival rates Different priorities/arrival rates

How to add/delete tasks of the task list How to add/delete tasks of the task list

Fault-Tolerant Scheduling:

Schedule backups in the event of failure Schedule backups in the event of failure

(31)

Critical Sections Critical Sections

Binary semaphores Binary semaphores

Lower priority task may block higher priority task Lower priority task may block higher priority task

• T3 has lock; blocks T1 T3 has lock; blocks T1

• T2 interrupts T3 T2 interrupts T3 Priority inversion Priority inversion

(32)

Priority Inheritance Protocol Priority Inheritance Protocol

TT_L_L blocks T blocks T_H_H(by owning a semaphore)...(by owning a semaphore)...

TT_L_Linherits temporarily priority of Tinherits temporarily priority of T_H_H

Every lower priority task may block higher priority task exactly Every lower priority task may block higher priority task exactly once per critical section

once per critical section

NORMAL TIME_CRITICAL

Time T_L locks

resourc e

T_H starts, request resource

T_H continues to completion T_L is boosted

until it frees resource

T_L runs as scheduled

(33)

Priority Ceiling Protocol Priority Ceiling Protocol

Priority ceiling of a semaphore is highest priority of any Priority ceiling of a semaphore is highest priority of any

task that may lock semaphore task that may lock semaphore

Priority

owner of lockowner of lock

= priority ceiling = priority ceiling

Critical Section

Critical Section Accessed ByAccessed By Priority CeilingPriority Ceiling S1S1 T1, T2T1, T2 P(T1)P(T1)

S2S2 T1, T2, T3T1, T2, T3 P(T1)P(T1)

S3S3 T3T3 P(T3)P(T3)

S4S4 T2, T3T2, T3 P(T2)P(T2)

•

(34)

Requirements for a RT OS Requirements for a RT OS

The OS (operating system) must be multithreaded and preemptive The OS (operating system) must be multithreaded and preemptive

The OS must support thread priority The OS must support thread priority

A system of priority inheritance must exist A system of priority inheritance must exist

The OS must support predictable thread synchronization The OS must support predictable thread synchronization

mechanisms mechanisms

In addition, the OS behavior must be predictable. This means real-time In addition, the OS behavior must be predictable. This means real-time system developers must have detailed information about the system system developers must have detailed information about the system interrupt levels, system calls, and timing:

interrupt levels, system calls, and timing:

The maximum time during which interrupts are masked by the OS and by device The maximum time during which interrupts are masked by the OS and by device drivers must be known.

drivers must be known.

The maximum time that device drivers use to process an interrupt, and specific The maximum time that device drivers use to process an interrupt, and specific IRQ information relating to those device drivers, must be known.

IRQ information relating to those device drivers, must be known.

The interrupt latency (the time from interrupt to task run) must be predictable and The interrupt latency (the time from interrupt to task run) must be predictable and

(35)