Research on Ultra-Dependable Embedded Real Time Operating System

In this paper, to research and design ultra-dependable embedded real time operating system supporting security and safety, spatial and temporal isolation safeguard is proposed and used. Temporal isolation mechanism guarantees a subsystem can exclusively use a pre-allocated processing time without any intervention from other subsystem. On the other hand, spatial isolation implies that a subsystem cannot inadvertently access other subsystem´s space resources, like memory, buffers, I/O ports, and registers. Thus, a subsystem is the owner of its resources, such as memory, I/O ports, and processor time units. From this, the real time tasks running in different subsystems never interfere with each other. To support the temporal isolation among subsystems, a two-level scheduling model is designed, which consists of a low-level cyclic schedule at the operating system level and high-level fixed priority schedule at subsystem level. Thus, a real time task in a subsystem can only be scheduled and executed during the static time window allocated to the subsystem, and any task overrun cannot cross the time window boundaries of subsystem. It is very easy to restrain a task time-failure within the subsystem with temporal isolation mechanism. In reference to spatial isolation safeguard, a based on hard currency and error holding mechanism is presented, it apply to most embedded modern processors with memory protection unit, such as i386sx, PowerPC. As a result, an ultra-dependable embedded RTOS supporting temporal and spatial isolation safeguard is implemented and verified. It is called ERTOS designed by Software Engineering Institute of East China Normal University.