The main goal of MULTIPARTES is to provide tools and mechanisms to support mixed criticality for trusted embedded systems based on multicore open source virtualization. It will also serve to describe the contemporary industrial practices and future needs in terms of technologies, tools and methodologies used in the development of dependable embedded systems. The intention is to show that handling mixed criticality in different industrial sectors can be a typical scenario in the future of embedded systems engineering. Multicore open source virtualization appears as a potential candidate solution for addressing future challenges (e.g. reducing costs, power consumption, volume, and time to market) in an effective way.
In our context, a Use Case is considered as a specific embedded system (i.e. product or product line) in which the MultiPARTES technology, tools and methodology could be applied as a suitable approach to achieve some benefits. Three use cases extracted from different industrial sectors are described below:
Alstom Wind engineers and maintains the GALILEO Supervisory System. Its main purpose is to supervise and control all the distributed subsystems that compose the Wind Turbine through a field bus interface.
Strict Real-Time constraints apply to the core of the Supervisory System, so GALILEO is a highly tested, robust and reliable embedded system based on a RTOS. It also contains some non Real-Time functionalities, such as the Human Machine Interface (HMI) or the communications with the SCADA. The develop ment and maintenance costs of these non Real-Time functionalities increase considerably when they are developed over a RTOS, which is not oriented to contain this kind of services.
MultiPARTES can help in solving this situation by allowing splitting the current functionalities of GALILEO into two different partitions. The Supervisory System running in one partition, connected to another partition in which the GPOS is running communication middleware and, eventually, other third party applications. Thanks to the hypervisor, the Supervisory System can also be combined with a safety critical application: the Protection System, which is in charge of maintaining the Wind Turbine in a safe state. The main functionality of the Protection System is to enssure that the design limits of the wind turbine are not exceeded.
Currently, the Protection System is implemented in an external platform. For this functionality to be integrated into the Supervisory System platform, a third partition needs to be created by using the MultiPARTES solution. The requirements of this third partition are very different from the rest of the system, since the computational power required is much lower and a simpler architecture to ease certification would be very valuable.
FraPES-SP is the application name of the Space use case. FraPES-SP is a Framework for Partitioned Embedded Systems for Space. This system will provide an off-the-shelf framework, based upon a set of generic and critical software building blocks and a qualified development process for the space sector, mainly in the developing of on-board systems for satellites. FraPES-SP defines the basic services and components to be implemented and it groups services according to its functionality, criticality and security. This use case will be mainly exploited in this market where the use of TSP-based approach is currently an open issue and several implementations are under development.
FENTISS will show that MultiPARTES approach is aligned with this industrial trend. The following advantages are provided:
The basic idea of the use case is to assess the framework on a real space application such as a satellite. However, it is difficult to test the satellite software in a real environment. For this, a demonstrator is proposed to test the embedded system of the micro-satellite against a simulation model rather than a real environment. The simulation model is implemented in Simulink on a PC-based platform, whereas the embedded software is running on a Dual-Core LEON3 FPGA board, platform typically used in the space sector.
VX+3 is an innovative video monitoring device where third party applications can be installed and executed together with the digital video recording software. The spatial and temporal isolation provided by MultiPARTES platform will allow VT to have external applications running without interfering with the monitoring software. For example, navigation and mobile payment applications, for taxis, buses and trams, are foreseen as good candidates to be installed in the partition for third party applications.
VX+3 innovative video monitoring product will be mainly oriented to the transportation market and It will be adapted to the requirements for being installed in a vehicle (I.e: enclosure designed to be proof against high temperatures and vibrations). It will reduce the number of physical devices to provide video monitoring and other applications, reducing the number of equipment on-board.
MultiPARTES will allow VX+3 to have a standard video monitoring device suitable for different markets and different uses cases, thus reducing the development and customization costs and the time to market. Moreover, the testing costs will be reduced since the validation will be focused on a core part reused in devices for different markets.