aramısı

DEVELOPMENT PROCESSES I TOOLS I PLATFORMS FOR SAFETY-CRITICIAL MULTICORE SYSTEMS



# Efficient Toolchain for Multicore Processors on Aircraft Engine Controls

SPONSORED BY THE



Dr. Alexander Walsch, GE Aviation



DEVELOPMENT PROCESSES I TOOLS I PLATFORMS FOR SAFETY-CRITICIAL MULTICORE SYSTEMS

### **GE** Aviation



#### A leading provider of jet engines, systems and services

6/22/2018

Efficient Toolchain for Multicore Processors on Aircraft Engine Controls | ARAMIS II Multicore Konferenz, Stuttgart | Dr. A. Walsch



#### Use Case (WP 5.4B) Starting Point

- Aircraft Engine Control Software (ECS) abstracted product code
- Self-contained single-core generic aviation application that can be run in a PiL (lab ping-pong)/HiL (test rig FADEC) environment
- Available as C code (SCADE KCG generated)
- DO-178C Level A rated software



- 129 subsystems (main control functions),
  LOC ~150.000
- Cyclic IMA-like static schedule (MIF, MAF). Known execution order on single core
- Validation criteria based on PiL transients



#### **Demonstrator Setup**



| 🐑 WCET Analysis Manag                                                     | er                                                             |                            |  |            |               |                          |                |
|---------------------------------------------------------------------------|----------------------------------------------------------------|----------------------------|--|------------|---------------|--------------------------|----------------|
| <u>File</u> <u>H</u> elp                                                  |                                                                |                            |  |            |               |                          |                |
| Trace32 Home:                                                             | D:\TRACE32\WORK\SIM_Middleware3                                |                            |  | T32 Cmd    |               |                          |                |
| VxWorks Kernel:                                                           | D:\TRACE32\WORK\SIM_Middleware3\VxWorks\vxWorks                |                            |  | T32 Script | Select a scri | pt                       | •              |
| VxWorks Application:                                                      | D:\TRACE32\WORK\SIM_Middleware3\Application\SIM_Middleware.vxe |                            |  |            |               |                          |                |
|                                                                           |                                                                |                            |  |            |               | Breakpoints              | Trace Format   |
| Start AbsLM                                                               |                                                                | Launch Time <u>W</u> eaver |  |            | setBreak      | NEXUS                    |                |
|                                                                           | Stop AbsLM                                                     | Start TimeWeaver Analysis  |  |            | N2SpeedConv   | SASCII (Extended)        |                |
|                                                                           | Launch Lauterbach Launch VxWorks                               |                            |  |            |               | O User Script            | ASCII (Normal) |
| Timeweaver Project: D.\Timeweaver\WORK\SIM_Middleware3\SIM_Middleware.apx |                                                                |                            |  |            |               | Launch Teraterm          | Launch NPSS    |
| Launch Teraterm WCET                                                      |                                                                |                            |  |            |               |                          |                |
| Vently Sources Init T32 Attach Pigg UBoot Reset CPU Go CPU                |                                                                |                            |  |            |               |                          |                |
| Start WCET Analysis                                                       |                                                                |                            |  |            |               |                          |                |
| Stop Activity                                                             |                                                                |                            |  |            |               |                          |                |
|                                                                           |                                                                |                            |  |            |               |                          |                |
|                                                                           |                                                                |                            |  |            |               |                          |                |
|                                                                           |                                                                |                            |  |            |               |                          |                |
| Clear Console Log                                                         |                                                                |                            |  |            | Save W        | CET Analysis Log on exit | QK Qlose       |
|                                                                           |                                                                |                            |  |            |               |                          |                |

- Demonstrator Automation
  - Automation of closed loop PiL setup
  - Acquisition of platform data (traces) and engine model transient response
  - WCET analysis
  - Parameter changes (planned)

#### Process





6/22/2018

## Data Dependency Analysis



DEVELOPMENT PROCESSES | TOOLS | PLATFORM FOR SAFETY-CRITICIAL MULTICORE SYSTEMS

- Different tools for data dependency analysis are currently investigated
- Instead of using the ECS a smaller subset (ECS\_Example) is used (8 subsystems, same data sharing mechanism as ECS, known data dependency, different behavior) AutoAnalyze
- Static data dependency analysis
- Automotive tool (AUTOSAR) with no native C input. Preprocessing stage (under development) needed

Universitä Augsburg

Preprocessing stage could be replaced by



## Gropius



Albrechts-Universität zu Kiel

- Static analysis (abstract interpretation)
- Native C input
- First results look promising. Work in progress. ٠

- SI X SILEXICA
- Static and dynamic analysis
- First results on static analysis available soon. Work in progress.



DEVELOPMENT PROCESSES I TOOLS I PLATFORMS FOR SAFETY-CRITICIAL MULTICORE SYSTEMS

## WCET Analysis

 Need for an efficient (no source code instrumentation, minimized rig/test bed time) method that supports complex

processors

• Short term: intrusive



 Long term (~Q1 2019) non-intrusive



Zynq US+



- First results on ECS promising
- Expected speed-up: O (weeks) -> O(hours)
- NDA with AbsInt in place

## **Deployment and Schedule Synthesis**

- Deployment and schedule synthesis based on constraints
  - Data dependency between subsystems (atomic units )
  - WCET of subsystems
  - Hardware (interference channels/CAST-32A)
  - Platform software (OS specific)
- Correctness by construction principle (plannable deterministic system)
- Static schedule, run to completion (no preemption)

ASSIST 2.4:

• Valid search based solution (constraint programming)



• Investigated with ECS\_Example. Work in progress.

#### Solution 1 of 10 Tabular View Topology View ECS\_Example Compl. Bool Bool Bool Bool Bool Bool Bool Compl. Co



aramı

DEVELOPMENT PROCESSES I TOOLS I PLATFORM

#### af3:

- Optimized solution (based on SMT solver)
- Will be looked at after ASSIST

fortiss

# **Configuration I**





- Single-core setup (VxWorks)
- ECS runs closed loop/30 seconds simulated time
- Traces stored in target RAM (16 MB)/intrusive
- Download via JTAG/NEXUS format
- TimeWeaver analysis

- 129 subsystems take ~30 min
- Results are currently evaluated and problems resolved (7 subsystems fail)
- Evaluation based on different WCET analysis solution









#### Next Steps - 2018 (Schedule Synthesis)





ENTWICKLUNGSPROZESSE I WERKZEUGE I PLATTFORMEN FÜR SICHERHEITSKRITISCHE MULTICORESYSTEME



# Thank you for your attention!

alexander.walsch@ge.com

**GE** Aviation