| With the rapid development of real-time computing technology, the real-time system became crucial control component in more and more mission critical applications, whose failure could result in loss of life, significant property damage, or damage to the environment. There are many well-known examples in application areas such as medical devices, aircraft flight control, weapons, and nuclear systems. In order to reduce or prevent the catastrophic failures of those systems, it is necessary for us to research some novel mission critical safeguard mechanisms. At present, the safety techniques of hardware have become mature enough, which makes the design fault of real time software become the safety bottleneck of the mission critical real time system. As a very important safeguard measure preventing catastrophic failures to happen, the safety technology of distributed mission critical real time system has become a hot topic. The state of art of safety technology of mission critical real time system is systematically analyzed in this thesis. As a conclusion, the main obstacles of the development of distributed mission critical real-time system including: 1) The nature of safety is not embodied, and safety is usually regarded same as reliability and security. 2) Without the safety approach in a systematical way, the existing safety technologies are only limited to application layer, or operating system layer, or network layer and so on. For example, safety kernel is just a safety mechanism in application layer. In addition, it is very difficult to make those safety mechanisms to be compactly coupled. To resolve those problems, the nature of safety is expatiated by comparing the differences between safety and reliability, security, which would facilitate us to design some novel safety mechanisms. Based on multilevel safeguard mechanisms, the safety technologies of distributed mission real time system is deeply, systematically researched in this dissertation, some main works and contributiveness including:1) To improve safety of complex mission critical real time system by dividing and ruling way, the whole system usually is divided into few small and simple subsystems with different criticality. However, it is necessary for us design an architecture which allows subsystems to be merged into an integrated node computer in order to save cost. At the same time, it must be ensured that residual design faults in low criticality subsystem cannot corrupt high criticality subsystem while they cooperate with each other. To resolve this problem, it is therefore necessary to implement a strict mediation on inter-subsystem communication. As a result, an access control rule with multilevel criticality policy is defined in this thesis. To implement efficiently those rules and ensure rule-checking cannot be bypassed inadvertently or intentionally, a realization approach based on reflective technology is designed, which is more efficient than the traditional approach via reference monitor.2) Unlike desktop systems, mission critical real-time systems usually do not tolerate operating system glitches. To research and design ultra-dependable mission critical real time operating system, a safeguard mechanism based on temporal and spatial isolation technique is proposed in this dissertation. Temporal isolation guarantees a subsystem's monopoly use of a pre-allocated processing time without any intervention from other subsystem, such as delaying other subsystem to be scheduled. On the other hand, spatial isolation implies that a subsystem cannot access other subsystem's resources, like memory, buffers, I/O ports, and registers. Thus, a subsystem is the owner of its resources, such as memory, I/O ports, and processor time slots. As a result, the real time tasks running in different subsystems cannot interfere with each other. To support the temporal isolation among subsystem, a two-level scheduling model is designed, which consists of a low-level cyclic schedule at the operating system level and high level fixed priority schedule a...
|
PDF Full Text Request