Resource Augmentation for Fault-Tolerance
Feasibility of Real-time Tasks under Error Bursts
Abhilash Thekkilakattil, Radu Dobrin,
Sasikumar Punnekkat and Huseyin Aysan
Dependable Hard Real-time Systems
Timing characteristics of the
physical components
Fault tolerance
requirements
Event occurrences
Real-time
tasks
web images
Fault Tolerance in Real-time Systems
Temporal redundancy for transient faults
classical FT-feasibility analysis
error Burst
faults/errors as singleton events
Nature of errors
- Normally continuous events e.g., a vehicle passing through electromagnetic fields
- Occur continuously over a period of time: error bursts
Challenging to handle in classical FT-feasibility analysis
- Need to map continuous events into singleton events
Why FT-feasibility?
FT-feasibility analysis simplifies system design process:
● Can check for the existence of a schedule even before finding
the scheduler
● If a schedule exists:
● Use optimal scheduling policies e.g., EDF
● If a schedule does not exist:
● Adjust task attributes
● Use a faster processor
Use of a faster processor
● Can we find upper-bounds?
● Will the search for the optimal speed eventually terminate?
● Is the speed-up required affordable?
Problem Description
Questions:
● How can we perform an FT-feasibility analysis for a given set of
temporally redundant real-time tasks under a specified error burst
length?
● If the real-time task set is not found to be FT-feasible, what is the lowest
processor speed that guarantees its FT-feasibility under the error burst?
Problem Description
Questions:
● How can we perform an FT-feasibility analysis for a given set of
temporally redundant real-time tasks under a specified error burst
length?
● If the real-time task set is not found to be FT-feasible, what is the lowest
processor speed that guarantees its FT-feasibility under the error burst?
Definitions
worst case error overhead (Et)
ε
Tlength
ε
t
∑
maximum
wasted execution time
=
Worst Case Temporal Wastage
(Werr(t))
Assumptions
Error detection
abs. deadline of τi
τi
t’
● Objective: Find the Worst Case Temporal Wastage at time t
● Strategy: we assume that there are no deadline misses under the
error burst and derive the sufficient condition for this to be true
t
Case 1
Worst Case Temporal Wastage at the absolute deadline
of a job that is not hit by the error burst
Werr(dk) = Werr(t)
Werr(dk) = Werr(d(k-1))
τj
t < d(k-1) ≤ dk
abs. deadline
of τi
dk
τi
t’
t
Under EDF, the tasks released in the interval [t’,t] having a deadline greater than t are
not hit by the error burst
Case 2
Worst Case Temporal Wastage at t when the error burst
hits only a single job
scenario a: Werr(t)=2(Ck – ε)
τk
τj
τi
t’
scenario b: Werr(t)= 2(Cj – ε)
t
τk
τj
τi
t’
τk
t
τj
scenario c: Werr(t)= 2(Ci – ε)
τi
t’
t
Case 3
Worst Case Temporal Wastage at t when the error burst
hits more than one job
Werr(t) =
2(Ci – ε)
+
∑ (Ck – ε)
, Dk ≤ Di
Tlength
ε
(Cl – ε)
τl
ε
(Ck – ε)
τk
ε
(Cj – ε)
τj
(Ci – ε) ε ε
(Ci – ε)
τi
t’
t
Worst Case Temporal Wastage:
General Case
Case 1 : WCTW at the previous absolute deadline
•If τi is not hit by the error burst
Werr(t) = Max
t is the absolute
deadline of a task τi
Case 2 : max{2(Ck – ε)} , Dk ≤ Di
•When the error burst hits only a single job
Case 3 : 2(Ci – ε) + ∑ (Ck – ε) , Dk ≤ Di
•When the error burst hits more than one job
FT-Feasibility: A Sufficient Condition
Et
Tlength
DBF(t)
t
Et = Werr(t) + Tlength
Et + DBF(t) ≤ t
Problem Description
Questions:
● How can we perform an FT-feasibility analysis for a given set of
temporally redundant real-time tasks under a specified error burst
length?
● If the real-time task set is not found to be FT-feasible, what is the lowest
processor speed that guarantees its FT-feasibility under the error burst?
Resource Augmentation
DBF(t)/S
DBF(t)
DBF(t)
Tlength
deadline miss
t
X
+
Y
Y’ == W
Werr
err(t)
(t) /S
Tlength + Werr(t)
Is +S DBF(t)
bounded
≤ t?
If,
[Werr(t) =x+y]
S = max { (DBF(t) + Werr(t) )/ (t - Tlength)}
Tlength + Werr(t) + DBF(t) > t
Put Werr(t) = 2DBF(t) and DBF(t) = t
then, speed-up by S,
S ≤ 3t/(t- Tlength )
Tlength + Werr(t) /S+ DBF(t)/S ≤ t
S ≤ 3y/(y-1)
y=t/ Tlength
Hence,
6 )
S ≤ (DBF(t)+ Werr(t) )/ (t -ST≤length
=>
[y ≥ 2 => T
≤D
/2]
length
S = max{(DBF(t)+
Werrmin
(t) )/ (t -Tlength)}
Conclusions
● Fault tolerance feasibility analysis of real-time tasks
● A sufficient condition for FT-feasibility
● Resource augmentation bounds for FT-feasibility
● Speed-up ≤ 6 if Tlength ≤ shortest deadline/2
● Future work:
● More severe error models
● Utilization based test for FT-feasibility
Thank you !
Questions ?