About
588
Publications
45,214
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
10,100
Citations
Publications
Publications (588)
Vehicle-to-everything (V2X) roadmaps envision future applications that require the reliable exchange of large sensor data over a wireless network in real time. Applications include sensor fusion for cooperative perception or remote vehicle control that are subject to stringent real-time and safety constraints. Real-time requirements result from end...
Future autonomous mobile systems will greatly benefit from cooperation and real-time sensor data exchange using V2X communication. In such applications, wireless communication has to cope with stringent real-time and safety constraints, a huge challenge given the inherently lossy wireless communication with highly dynamic channel and error conditio...
With research trending towards increasing amounts of Vehicle-to-Everything (V2X) applications that use a shared wireless medium for data exchange, the coordination of those applications gains more and more importance. Applicationcentric Resource Management (RM) is a promising candidate for that coordination. It allows to address both application co...
Future mobility will be electrified, connected and automated. This opens completely new possibilities for mobility concepts that have the chance to improve not only the quality of life but also road safety for everyone. To achieve this, a transformation of the transportation system as we know it today is necessary. The UNICARagil project, which ran...
In this paper, we present a middleware protocol, that transmits larger-than-a-frame data samples within application real-time and reliability requirements over a lossy wireless channel. The protocol efficiently deploys an intelligent retransmission control that exploits the extended deadline requirements of a sample for frame-level scheduling. The...
Higher levels of automated driving also require a more sophisticated environmental perception. Therefore, an increasing number of sensors transmit their data samples as frame bursts to other applications for further processing. As a vehicle has to react to its environment in time, such data is subject to safety-critical latency constraints. To keep...
There is a trend towards communication of larger data objects in wireless vehicle communication. In many cases, communication uses publish-subscribe protocols. Data rate requirements of such protocols are best addressed by wireless multicast protocols, but the existing protocols lack an error protection that is suitable for real-time and safety-cri...
This paper summarizes the talks of a special session on the IPF 2.0 project, a collaborative German-US research project that leverages self-awareness principles for the self-management of distributed systems of autonomous multiprocessor systems-on-chip (MPSoCs).
In automotive and industrial real-time software systems, the primary timing constraints relate to cause-effect chains. A cause-effect chain is a sequence of linked tasks and it typically implements the process of reading sensor data, computing algorithms, and driving actuators. The classic timing analysis computes the maximum end-to-end latency of...
The current roadmaps and surveys for future wireless networking typically focus on communication and networking technologies and use representative applications to derive future network requirements. Such a benchmarking approach, however, does not cover the application integration challenge that arises from the many distributed applications sharing...
bold xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Fueled by the
progress of artificial intelligence, autonomous systems become more and more integral parts of many Internet-of-Things (IoT) and cyber–physical systems (CPSs) applications, such as automated driving, robotics, avionics, and industrial autom...
As embedded applications are subject to non-functional requirements (latency, safety, reliability, etc.) they require special care when it comes to providing assurances. Traditionally, these systems are quite static in their software and hardware composition. However, there is an increasing interest in enabling adaptivity and autonomy in embedded s...
italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Editor’s notes:
Autonomous systems are becoming pervasive in many domains. This article presents a survey regarding various emerging research directions centered around the broad topic of autonomous systems. —
Partha Pratim Pande, Washington State Univ...
Application of Ethernet-based networks in the autonomous and automated vehicles requires safe and efficient resource management policy. The network components must not only handle high volume of sensor data but also safely accommodate dynamics in system behavior, e.g. detect permanent failures, switch between different driving modes (city/highway),...
The ASTEROID project developed a cross-layer fault-tolerance solution to provide reliable software execution on unreliable hardware under soft errors. The approach is based on replicated software execution with hardware support for error detection that exploits future many-core platforms to increase reliability without resorting to redundancy in ha...
To cope with growing computing performance requirements, cyber-physical systems architectures are moving toward heterogeneous high-performance computer architectures and networks. Such architectures, however, incur intricate side effects that challenge traditional software design and integration. The programming paradigm can take a key role in mast...
In order to provide performance increases despite the end of Moore's law and Dennard scaling, architectures aggressively exploit data-and thread-level parallelism using billions of transistors on a single chip, enabled by extreme geometry miniaturization. A resulting challenge is the control, optimization, and reliable operation of such complex mul...
Logical Execution Time (LET) is a timed programming abstraction, which features predictable and composable timing. It has recently gained considerable attention in the automotive industry, where it was successfully applied to master the distribution of software applications on multi-core electronic control units. However, the LET abstraction in its...
For many Ethernet-based real-time systems, such as those from automotive, avionics and industry automation domains, fault tolerance is emerged as an essential requirement for enabling fail-safe or fail-operational behaviour. Consequently the IEEE 802.1CB-2017 standard was published. It is currently the only available TSN standard offering protectio...
To cope with the ever-increasing complexity of multi
processing architecture, Networks-on-chip (NoCs) are employed
as a promising solution for Multiprocessor Systems-on-Chip
(MPSoCs). In turn, NoCs’ associated energy consumptions have
immensely increased. Specifically, hard real-time Networks-on-chip must manifest limited energy consumption as reli...
While Networks-on-Chip (NoCs) are the prevalent
solution to provide a scalable interconnect for the complex multiprocessing architectures, their associated energy consumptions
have immensely increased. Specifically, hard real-time Networks-on-chip must manifest limited energy consumption as reliability
issues in such a shared resource jeopardize th...
Mixed-critical systems are the natural evolution of safety-critical embedded systems. They can make more efficient use of the abundant computing power in modern architectures. Despite the strong theoretical work on mixed-criticality and well-developed analytical frameworks, simulation models have not been developed at the same pace. This work prese...
The current trend in modeling and analyzing real-time systems is toward tighter yet safe timing constraints. Many practical real-time systems can de facto sustain a bounded number of deadline-misses, i.e., they have Weakly-Hard Real-Time (WHRT) constraints rather than hard real-time constraints. Therefore, we strive to provide tight Deadline Miss M...
The number and complexity of embedded system platforms used in mixed-criticality applications are rapidly growing. They run large and evolving applications on heterogeneous multi-or many-core processing platforms requiring dependable operation and long lifetime. Examples include automated and autonomous driving, smart buildings, industry 4.0, and p...
The Information Processing Factory (IPF) project has recently introduced the abstraction of complex architectures as self-aware information processing factories. These factories consist of a set of highly configurable resources, e.g., processing elements and interconnects, whose use is monitored, planned, and configured during runtime. Managing a f...
Mixed-critical real-time systems must meet strict integrity, resilience and timing constraints, as specified by safety standards. Due to the increasing threat of random hardware faults, efficiently achieving high reliability and dependability calls for cross-layer fault-tolerance solutions. This work introduces the Advanced Integrity Q-service (AIQ...
Nowadays available multiprocessor platforms predominantly use a network-on-chip (NoC) architecture as an interconnect medium, due to its good scalability and performance. During the last decade, NoCs received a significant amount of attention from the real-time community. One promising category of approaches suggests to employ already existing hard...
A previous IEEE Design&Test “Roundtable” already discussed the aspect of machine learning (ML) test and verification, but the impact of ML is wider, including hardware, software, and communication architectures and design, as well as behavioral guarantees, just to name a few important fields. ML has also started to develop a strong impact on import...
The power overhead of Networks-on-Chip (NoCs) becomes tremendous in high density Multiprocessor Systemson-Chip (MPSoCs). Especially in hard real-time and safety-critical systems, power management mechanisms
must be developed and efficiently adhered to real-time requirements. However, state-of-the-art solution typically
induces a high timing overhea...
Complex embedded systems like automobiles and IoT-systems feature a wide range of applications with varying degrees of safety relevance. As many applications on these devices interlace more and more, new ways to guarantee sufficient isolation between safety levels are necessary. Previous work only regard monitoring of timing properties for individu...
This paper introduces UNICARagil, a collaborative project carried out by a consortium
of seven German universities and six industrial partners, with funding provided by the
Federal Ministry of Education and Research of Germany. In the scope of this project,
disruptive modular structures for agile, automated vehicle concepts are researched
and devel...
Communication resources often exist in distributed real-time systems, therefore, providing guarantees on a predefined end-to-end deadline requires a timing analysis of the communication resource. Wost-case response time analysis techniques for guaranteeing the system’s schedulability are not expressive enough for weakly-hard real-time systems. In w...
Future cyber–physical systems will host a large number of coexisting distributed applications on hardware platforms with thousands to millions of networked components communicating over open networks. These applications and networks are subject to continuous change. The current separation of design process and operation in the field will be superse...
Although the robot taxi is a proof-of-concept, the volume market introduction of automated vehicles represents the main cyber-physical challenge, necessitating drastically increased design complexity. Challenges and possible architecture and design process solutions are discussed.
We present Non-interference Analysis as a model-based method to automatically reveal, track and analyze end-to-end timing dependencies as part of a cross-layer dependency analysis in complex systems. Based on revealed timing dependencies of functional cause-effect chains, this method enables an automated FMEA inspection of timing behavior of indivi...
Ensuring security in real-time and safety-critical systems is becoming extremely challenging, in particular due to the increasingly connectivity of these systems, such as in emerging autonomous vehicles that are subject to new and higher number of security attacks. The main characteristics of real-time systems is that they have strict timing constr...
Modern Networks-on-Chip (NoCs) must accommodate a diversity of temporal requirements, e.g., providing guarantees for real-time senders while reducing adverse performance impact on best-effort (BE) traffic. In this work, we propose a protocol-based adaptive congestion control. By selectively detouring real-time or BE traffic (i.e load balancing) and...
In this document, we provide supplementary material to a paper that will be published in ERTS2. It includes a more detailed description of the described requirement transformations, outlined in the paper. For this purpose, we also provide a formal description of the temporal semantics model.
In this paper we highlight challenges of the applicability of contracting (based on assumptions and guarantees) for cyber-physical systems design. We illustrate in an example the limitations of an entirely composability-centered contracting approach. An alternative approach is subsequently proposed and applied to the presented example to illustrate...
This chapter gives an overview on various real-time communication protocols, from the Controller Area Network (CAN) that was standardized over twenty years ago but is still popular, to the FlexRay protocol that provides strong predictability and fault tolerance, to the more recent Ethernet-based networks. The design of these protocols including the...
In this chapter we review the foundations Compositional Performance Analysis (CPA) and explain many extensions which support its application in design practice. CPA is widely used in automotive system design where it successfully complements or even replaces simulation-based approaches. © Springer Science+Business Media Dordrecht 2017. All Rights R...
This article identifies the contradictory needs for dynamic adaptations and full predictability in complex, exacting applications like autonomous driving. While traditional methods facilitate either dynamic adaptation or fully predictable QoS, this article shows how these contradictory expectations can be reconciled in the control of a network-on-c...
Modern automotive control software consist of a large number of reusable components, often responsible for safety critical functions. The quality and performance of these components is linked to temporal properties, which depend on the real-time behavior of interconnected processing units. Existing approaches consider requirements on temporal prope...
Finite ready queues, implemented by buffers, are a system reality in embedded real-time computing systems and networks. The dimensioning of queues is subject to constraints in industrial practice, and often the queue capacity is sufficient for typical system behavior but is not sufficient in peak overload conditions. This may lead to overflow and c...
The increasing complexity of automotive software systems and the desire for more frequent software and even feature updates require new approaches to the design, integration and testing of these systems. Ideally, those approaches enable an in-field updatability of automotive software systems that provides the same degree of safety guarantees as the...
Virtualization techniques for embedded real-time systems typically employ TDMA scheduling to achieve temporal isolation among different virtualized applications. Recent work already introduced sporadic server based solutions relying on budgets instead of a fixed TDMA schedule. While providing better average-case response times for IRQs and tasks, a...
For the development of complex software systems, we often resort to component-based approaches that separate the different concerns, enhance verifiability and reusability, and for which microkernel-based implementations are a good fit to enforce these concepts. Composing such a system of several interacting software components will, however, lead t...
Worst case design as needed for critical systems usually resorts to established methods for worst case response time analysis which rely on the worst case execution time of tasks and the minimum temporal distance between task activations. The result is often very pessimistic when compared to the real worst case load. Many feasible designs are there...
Conventional fault-tolerance approaches for Networks-on-Chip (NoCs) cannot be applied to high dependability systems due to their different goals and constraints. These systems impose strict integrity, resilience and real-time requirements. In order to meet these requirements, all possible effects of random hardware errors must be taken into account...
Synchronous dynamic random access memories (SDRAMs) are widely employed in multi- and many-core platforms due to their high-density and low-cost. Nevertheless, their benefits come at the price of a complex two-stage access protocol, which reflects their bank-based structure and an internal level of explicitly managed caching. In scenarios in which...
Cross-layer fault-tolerance solutions are the key to effectively and efficiently increase the reliability in future safety-critical real-time systems. Replicated software execution with hardware support for error detection is a cross-layer approach that exploits future many-core platforms to increase reliability without resorting to redundancy in h...
Network
Cited