Ultra-Survivable Mixed-Criticality Systems based on Empiric Worst-Case Execution Time and Criticality Arithmetic

Most of the existing mixed-criticality schedulers don't take into account the fact that low-criticality tasks operate as a group to implement one or more high-criticality ser- vices. Consequently, arbitrary dropping of any of them may compromise the safety of the high-criticality service they collectively implement. In addition, it is hard to estimate a safe upper-bound of service execution time, which implies disruptive degra- dation in case of execution time overrun by any of the high or low-criticality services. This research introduces novel approaches for mixed-criticality systems by building dependable services from many less dependable services and proportionate adaptation to the empiric execution time overrun problem for systems services during the system mission. The presented approaches are mid and short-term mixed-criticality schedulers, Critical Arithmetic Adaptive Tolerance-based Mixed-criticality Protocol (ATMP-CA) and Criticality Arithmetic Lazy Bailout Protocol (LBP-CA), based on Criticality Arithmetic (CA), and the framework E-ATMP based on the Empiric Worst Case Execution Time (EWCET). Criticality Arithmetic schedulers change the system con- guration in case of core failures or systems transitions between normal and criticality runtime modes. EWCET is initially the determined optimistic EWCET estimate but gets updated during runtime to a higher value whenever a Worst-Case Execution Time (WCET) overrun occurs, and dynamically re-allocates schedules of mixed-criticality tasks using the E-ATMP framework. Both approaches deliver smoother degradation than reference schedulers in the literature. Build and architect, systems, and criticality, from many less dependable compo- nents, and represent criticality by the architecture of these components, respectively, with incorporating adaptive responses based on empiric information during the system mission, and foreseen future, guarantees smooth degradation to the total system utility when transient or permanent resource shortages occur.