Guaranteeing Some Service Upon Mode Switch in Mixed-Criticality Systems


Epistemic uncertainty widely exists in real-time systems that the precise nature of the external environment, as well as the run-time behavior of the platform upon which it is implemented, cannot be predicted with complete certainty prior to deployment. However, systems nevertheless must be designed and analyzed prior to deployment in the presence such uncertainty — the widely-studied (see [3] for a thorough review) Vestal model [11] for mixed-criticality workloads addresses uncertainties in estimating the worst-case execution time (WCET) of real-time code. Different estimations, at different levels of assurance, are made about these WCET values; it is required that all functionalities execute correctly if the less conservative assumptions hold, while only the more critical functionalities are required to execute correctly in the (presumably less likely) event that the less conservative assumptions fail to hold but the more conservative assumptions do.

Here we briefly introduce some generalizations of the Vestal model, where degraded (but non-zero) level of services can be guaranteed for the less critical functionalities even in the event of only the more conservative assumptions holding. If such service degradation is represented by a shorter allowed execution for each job, or a longer period, recent work has suggested some MC scheduling algorithms; while for other degradation definition, we seek for further discussions perhaps with the industry.

Meeting Name

Mixed Criticality on Multicore/Manycore Platforms (Dagstuhl Seminar 17131), Dagstuhl Reports, March 2017


Computer Science

Keywords and Phrases

Mixed-Criticality; Speedup Bounds; Optimality; Clairvoyance

Document Type

Article - Conference proceedings

Document Version


File Type





© 2017 Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik, All rights reserved.