Part of the company's INTEGRITY-178 Time-Variant Unified Multi-Processing (tuMP) RTOS, the Bandwidth Allocation and Monitoring (BAM) functionality will help software architects to allocate and enforce bandwidth limits to shared resources for each processor core. By guaranteeing access to shared resources based on application requirements or assurance level, BAM will effectively mitigate multicore interference and minimise multicore worst-case execution time (WCET).
Multicore interference occurs when multiple processor cores attempt to access the same shared resource, such as memory, shared cache, I/O, or the on-chip interconnect.
The BAM interference mitigation functionality monitors and strictly enforces the use of the shared resources as defined by the system integrator. When coupled with Green Hills Software’s multicore SoC-specific WCET utility libraries, BAM ensures that critical partitions meet their required deadlines while enabling other lower criticality partitions to execute on other cores simultaneously with no impact on the critical applications. This remains true even as the other partitions are modified or as new partitions are introduced into the system - a vital capability for sustainability and growth of critical systems based on multicore architectures.
“Green Hills Software has been leading the charge for multicore interference mitigation with DAL A-compliant solutions across multiple multicore architectures,” said Dan O'Dowd, founder and chief executive officer of Green Hills Software. “Our competitors, such as Lynx Software, noted recently that ‘the FAA has promised to allow the use of multiple cores in a multicore processor chip but only if adequate mitigations can be demonstrated to certifiers, based [on] the CAST-32A specifications.’ Yet no RTOS supplier other than Green Hills Software provides a DO-178C Level A-compliant solution for multicore interference mitigation that meets the CAST-32A requirements.”
Although some level of mitigation at the application level is possible, generally it requires retesting and reverification of all the applications executing on the multicore system when any single application changes. In the same way that MMU support and partition schedules need to be implemented in the OS, the enforcement of the multicore interference mitigation needs to be in the OS in order to achieve robust multicore partitioning. INTEGRITY-178 tuMP provides a general solution to multicore interference mitigation, thereby minimizing retesting and verification after any application changes or additions.
The DAL A compliant BAM functionality monitors and enforces the bandwidth allocation of the chip-level interconnect to each of the cores. Because the chip-level interconnect is at the centre of interactions between the cores and other shared resources, it is the ideal place to observe and enforce limits on the use of shared resources.
BAM emulates a high-rate hardware-based approach to ensure continuous allocation enforcement of the cores’ use of shared multicore resources. It is able to regulate the bandwidth smoothly throughout the application’s execution time window, allowing other applications in the same execution time window to acquire their allocated portion of the shared resources. These capabilities greatly lower integration and certification risks while also enabling integrators to gain the maximum performance advantages of multicore processors.
The INTEGRITY-178 tuMP safety- and security-critical RTOS is designed to simultaneously meet DO-178C design assurance level (DAL) A and the separation kernel protection profile (SKPP v1.03) as defined by the NSA. INTEGRITY-178 tuMP is a multicore RTOS with support for any combination of asymmetric multi-processing (AMP), symmetric multi-processing (SMP), and bound multi-processing (BMP).
Specifically, it includes support for running a multi-threaded DO-178C DAL A partition across multiple processor cores in a BMP configuration as required in ARINC 653 Part 1, Supplements 4 and 5, and also SMP configurations as required in ARINC 653 Part 2 Multicore Service Extensions, Supplements 3 and 4. INTEGRITY-178 tuMP was the first RTOS to be certified conformant to the FACE Technical Standard, edition 3.0, and remains the only one conformant for all three avionics processor architectures: Arm, Intel, and Power Architecture.