Working Paper - Safety Critical Systems based on COTS Multi-Core Processors

In upcoming highly automated systems in safety-critical application domains, such as aerospace and industrial machinery, the demand for more computational resources per control unit is constantly rising, accompanied from a shift in the chip industry towards multi-core devices with enormous complexity and high levels of feature integration. Current regulation and standards for certification does not yet consider these devices, or explicitly denying their use as a pure single-core processor replacement. Within this work, we address the issue of multi-core certifiability on the system level, providing two possible board-level architectures. In addition, a safety case is provided to show how a proper system architecture approach can fit multi-core devices in current regulation, raise system reliability and solve the common failure mode problem in the multi-core on the board level. Alongside with the hardware architecture, a high level software architecture is presented to allow mixed-criticality applications to be executed side-by-side on the multi-core with spatial and temporal isolation. We follow a requirements-driven work flow, to first define a set of requirements, to be fulfilled by the secondly proposed architectural configurations, followed by a safety analysis and the presentation of a possible certification argumentation for an industrial and aerospace context.     «

In upcoming highly automated systems in safety-critical application domains, such as aerospace and industrial machinery, the demand for more computational resources per control unit is constantly rising, accompanied from a shift in the chip industry towards multi-core devices with enormous complexity and high levels of feature integration. Current regulation and standards for certification does not yet consider these devices, or explicitly denying their use as a pure single-core processor replac...     »