

RESIST  
OPENES  
dewi  
EMC<sup>2</sup>  
BENEFIC

*CompSOC:  
Virtual execution platforms for mixed-  
criticality systems*

Kees Goossens  
The CompSOC team  
at TUE and Prague University

**TU/e** Technische Universiteit  
Eindhoven  
University of Technology  
Where innovation starts

Kees Goossens <k.g.w.goossens@tue.nl>  
Electronic Systems Group  
Electrical Engineering Faculty

CompSOC:  
Virtual execution platforms for mixed-criticality systems 1

- Cyber-physical, embedded real-time systems usually contain multiple concurrent applications that have different characteristics and requirements, and are often designed by different parties. As a result, a single system contains applications designed using different models of computation (MOC), and with different criticalities (e.g. real time, safety critical, adaptive, or not). By offering an independent execution virtual platform to each application, the CompSOC platform enables independent design, verification, and execution of applications with different criticalities and models of computation. We present the underlying concepts, architecture, and formalism of the CompSOC platform. More information can be found on [www.compsoc.eu](http://www.compsoc.eu).

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven  
University of Technology

## the current CompSOC team

2

- Eindhoven university of technology
  - Kees Goossens (team leader)
  - Gabriela Breaban
  - Valeriu Codreanu
  - Sven Goossens
  - Manil Dev Gomony
  - Martijn Koedam
  - Reinier van Kampenhout
  - Rachana Kumar
  - Yonghui Li
  - Andrew Nelson
  - Shubhendu Sinha
  - Rasool Tavakoli
  - Juan Valencia
- Prague University
  - Benny Akesson
- close collaboration with the **dataflow research (SDF3)** at TU/e
  - Marc Geilen
  - Sander Stuijk
  - Dip Goswami
  - Majid Nabi
- and many others



This research is supported by EU grants  
FP7 288008 T-CREST, FP7 288248 FlexTiles,  
CA505 BENEFIC, CA703 OpenES,  
ARTEMIS-2013-1 621429 EMC2 and 621353 DEWI.  
Parts of the platform were developed with support  
from COMCAS, Cobra, Scalopes,  
TSAR, NEST, NEVA, MESA.



© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universität  
Eindhoven University of Technology

## trend: embedded systems

3

- phones, game consoles, cars, refrigerators, buildings, ...
- interaction with physical world → **real-time requirements**



[wikipedia.org]



[sensimed.com]



[mit.edu]

## trend: embedded systems

4

- phones, game consoles, cars, refrigerators, buildings, ...
- interaction with physical world → **real-time requirements**



## trend: multiple applications on one embedded device

5

- different **application domains**
  - infotainment (streaming → video analysis), games
  - real-time control, (wireless) networking stacks



## trend: multiple applications on one connected embedded device

6

- different **application domains**
  - infotainment (streaming → video analysis), games
  - real-time control, (wireless) networking stacks
- **use cases**
- sharing resources



## observation: different applications

7

- have different **characteristics** and requirements
  - FRT, SRT, NRT, adaptive, ...
- are designed by different **parties**
- use different models of computation (MOC) & verification approaches
  - FRT → worst case & formal verification
  - NRT → average case & simulation
  - adaptive SRT → actual case & simulation
- use different **resource-management** policies
  - data / event / time, schedulers, power management

## problem: design time

8

- systems are complex
- time is short
- it takes too long
- getting worse
- monolithic verification after integration
  - hardware, multiple applications
- circular verification
  - who to blame for errors?



## goal & approach

9

- reduce SOC design & verification effort
- independent design, verification, and deployment per application
  - application as the unit of verification
- two complexity-reducing techniques
  - composability
  - predictability
- applied to multi-processor system with distributed shared memory

## composability

10

- virtual execution platform per application
  - defined by its space, time, energy budgets
- design, verify, deploy in a virtual platform
- no interference
  - when integrating, executing, or switching use cases



N! combinations & interleavings → N virtual platforms  
inter-dependent state  $2^S \times 2^S \times 2^S \times 2^S$  → independent states  $2^S + 2^S + 2^S + 2^S$

## composability

11

- time-division-multiplex virtual execution platforms
  - space, time, energy budgets
  - no interference



FRT radio virtual platform  
SRT video virtual platform

virt. proc.    virt. interc.    virt. mem.

processor    interconnect    memory

inter-application scheduling  
μkernel

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven  
University of Technology

## composability & predictability

12

- each application can have its own
  - programming model, scheduling, power management
  - (CS)DF, KPN, TT, DSM
- for RT use predictable schedulers, and associated real-time formalism



## CompSOC

13



## CompSOC

14



## CompSOC

15







## CompSOC software architecture

20



## CompSOC software architecture

21





demo: 4-battery-run-short.avi [DATE'12] 24

|       | C1   | C2    | F P S | m s |
|-------|------|-------|-------|-----|
| APP 1 | Red  | Black | 9     | 0   |
| APP 2 | Blue | Black | 8     | 0   |

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven  
University of Technology

predictability 25

- cyclo-static dataflow (CSDF) is
  - the programming model
  - used to describe the binding of application to platform
    - unshared resources
    - shared resources
- extending to scenario mode-aware dataflow (Stuijk, Moreira)

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven  
University of Technology







### predictability with CSDF

31



- CSDF graph captures
  - application functionality & data dependencies
  - mapping of application on unshared resources (WCET)
  - resource sharing (SO, TDM, RR, LR, ...)
  - finite buffer sizes, flow control / backpressure
- **compositional method**
  - CSDF graph is constructed of independent smaller subgraphs
  - budgets within application, and between applications

## predictability with CSDF

32



© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven University of Technology

## predictability with CSDF

33



© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven University of Technology









## CompSOC – run-time loading

42



© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven University of Technology

## CompSOC – run-time loading

43



© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven University of Technology





## CompSOC – run-time loading

48

- loading is
  - composable
  - predictable

The diagram illustrates the CompSOC run-time loading architecture. At the top, two boxes represent the 'application bundle' (containing 'app. ELF's and 'virtual platform specification') and the 'system bundle' (containing 'sys. ELF's and 'phys. platform specification'). These feed into a 'bitstream' box, which then connects to the hardware. The hardware itself is shown as a printed circuit board (PCB) with various components. On the left, a box labeled 'app 1' contains 'virtual platform specification & ELF's. Below the PCB, there are 'memory tiles' and 'processor tiles'. A 'network on chip' connects these to a central processing unit. This central unit contains several layers of software and hardware components: 'SM task', 'task sch.', 'sys. app.', 'FRT dataflow', 'DF API', 'TT API', 'RTOS', 'resource manager', and 'microkernel (TDM)'.

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven University of Technology

## (current) restrictions

49

- data and code must fit in local tile memories
  - no caches, or else flush on preemption
- no I/O virtualisation
- DVFS is simulated on FPGA
- external interrupts – supported
- preemptive intra-application scheduling – supported
- memory protection – supported
- limited support for multiple use cases in the design flow
- currently supported programming models
  - cyclo-static dataflow (actors)
  - Kahn process networks (processes)
  - time-triggered (jobs) – limited

The diagram lists current restrictions in CompSOC. It includes:

- data and code must fit in local tile memories
  - no caches, or else flush on preemption
- no I/O virtualisation
- DVFS is simulated on FPGA
- external interrupts – supported
- preemptive intra-application scheduling – supported
- memory protection – supported
- limited support for multiple use cases in the design flow
- currently supported programming models
  - cyclo-static dataflow (actors)
  - Kahn process networks (processes)
  - time-triggered (jobs) – limited

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven University of Technology

# demo: playback-dynamic-load.mp4

[DATE'14] 50

# demo: playback-dynamic-load.mp4 [DATE'14]

demo: playback-dynamic-load.mp4 [DATE'14] 52

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven  
University of Technology

conclusions 53

- reduce SOC design effort
- independent design, verification, and execution per application
- composability
- predictability
- virtual execution platforms with application-specific MOC, scheduling, power management
  - any mix of NRT, SRT, FRT
- design flow
- FPGA prototype
- used in teaching MSc embedded systems lab

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven  
University of Technology

more information: [www.compsoc.eu](http://www.compsoc.eu)

54

- CompSOC overview in SIGBED'13 and in Multiprocessor System-on-Chip. Huebner (ed), Springer, 2010
- Aethereal real-time NOC, DAC'10
- Real-time DRAM memory controller, DATE'13, ECRTS'14
- CompoSe RTOS, MICPRO'11
- CoMiK microkernel, DATE'14
- Composable power management, SAMOS'11
- Design flow, FPGA World'13
- SDF3, DAC'06 <http://www.es.ele.tue.nl/sdf3/>

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven University of Technology

## acknowledgements

55

- Eindhoven university of technology
  - Kees Goossens (team leader)
  - Gabriela Breaban
  - Sven Goossens
  - Martijn Koedam
  - Reinier van Kampenhout
  - Yonghui Li
  - Andrew Nelson
  - Shubhendu Sinha
  - Rasool Tavakoli
  - Juan Valencia
- Prague University
  - Benny Akesson
- close collaboration with the dataflow research (SDF3) at TU/e
  - Sander Stuijk
  - Marc Geilen
- and many others

This research is supported by  
EU grants CATRENE CA505 **BENEFIC**,  
CA703 **OpenES**, CT217 **RESIST**,  
ARTEMIS-2013-1 621429 **EMC<sup>2</sup>** and 621353 **DEWI**.  
Parts of the platform were developed with support  
from Flextiles, T-CREST, COMCAS, Cobra,  
Scalopes, TSAR, NEST, NEVA, MESA.

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

**TU/e** Technische Universiteit  
Eindhoven University of Technology

end

56

for further information

[www.compsoc.eu](http://www.compsoc.eu)

Kees Goossens <k.g.w.goossens@tue.nl>

Electronic Systems Group

Electrical Engineering Faculty

© Kees Goossens  
Electronic Systems

SIES  
2014-06-20

