Skip to main content

Safe and secure mixed-criticality systems with low power requirements

Periodic Reporting for period 2 - SAFEPOWER (Safe and secure mixed-criticality systems with low power requirements)

Reporting period: 2017-07-01 to 2018-12-31

How can we ensure that trains, planes and automobiles arrive safely, using less power, and are sustainable for the future? The SAFEPOWER project is producing a reference architecture and implementing the platforms, complemented by analysis, simulation and verification tools, to deliver power savings of up to 50% on the computing systems embedded in such safety-critical systems.
EU industries developing Critical, Real-Time Embedded Systems (CRTES) such as railways, aerospace, automotive and energy generation, face a relentless demand for increased dependability, security, as well as more intelligence, connectivity, better performance, energy efficiency and cost-size-volume reduction.
Using less power is also becoming increasingly important for safety-critical applications: it provides a competitive advantage for systems operating with limited energy supplies, such as battery powered systems, allows higher availability, increases the overall reliability of the electronics due to lower operating temperatures and represents a step towards near-zero emission due to the omnipresence of systems embedded in current everyday life.
An added complication with mixed-criticality systems is that power has to be shared among different applications and must be strictly controlled to prevent unwanted interferences. In fact, low-power techniques, such as energy-saving modes, have been extensively used in non-critical domains (laptops, smart-phones, etc.); however guidelines, reference architectures and development tools are missing when applying these concepts to safety-critical applications.
SAFEPOWER was conceived in order to address these issues, providing the necessary resources that enable the use of low-power features in CRTES under the strict requirements imposed by current safety and security standards.
The SAFEPOWER project had a budget of four million euros and an execution period of 36 months. The project consortium was formed by partners from Sweden (KTH University and SAAB), Germany (University of Siegen and OFFIS), the United-Kingdom (Imperas) and Spain (CAF-Signaling, FentISS and IKERLAN).
The SAFEPOWER project was conceived and planned as a use case driven project with a clear focus on industrial exploitation to ensure that the results of the project answer the needs of the potential end users of the project and to facilitate the market uptake of these results in the short to medium term. That is why relevant European railway (CAF-Signalling) and avionics (SAAB) companies were involved from the very beginning.
On the way towards accomplishing low-power and safe and secure architecture development, it is worth highlighting two major results: The former, with the development and prototyping of power and energy management and monitoring technologies, including generic techniques, such as frequency scaling, resource gating or new concepts for temperature/power monitoring and simulation that have been developed into the SAFEPOWER architecture framework, and the latter, with the positive assessment of those technologies by an independent certification authority, assuring the technical compliance of the SAFEPOWER architecture with respect to current safety and security standards.
The implementation of these technologies within the SAFEPOWER platform produced a set of project tools integrating the most promising ones within the XtratuM embedded hypervisor and OVP simulated virtual platform. On the one hand, the XtratuM hypervisor was updated to include low-power services in a certifiable way. On the other, the OVP virtual platform also included models to simulate low-power techniques and power consumption estimation within early development phases which can significantly reduce the development time of power-aware embedded systems. Both the XtratuM hypevisor and OVP platform are marketed by SME companies (FentISS and Imperas respectively) that will have their exploitation capacities reinforced.
Finally, the project technologies and tools were integrated into the industrial demonstrators. The industrial end-users collected quantitative and qualitative results from the application of the SAFEPOWER technologies within industrial scenarios and, thanks to these results, they have advocated for the adoption of low-power and multicore computing in their future products and roadmaps.
Additionally, a research demonstrator was implemented and made public along with the project tools on the SAFEPOWER project website to further disseminate the SAFEPOWER architecture and results to the research and industrial communities.
The project produced more than ten of scientific publications on relevant international conferences and Journals. Main dissemination target groups of SAFEPOWER comprise stakeholders in the SAFEPOWER application domains (avionics, railway) as well as stakeholders along supply chains (e.g. system integrators, tool developers), safety-certification organizations, other research projects and relevant scientific communities. It remains active in LinkedIn and Twitter.
The SAFEPOWER consortium has made significant progress beyond the state-of-the-art in both the industrial and the research paths of the project.
On the industrial path, a certification argument has been developed within a safety-concept, elaborated around the railway signalling use-case of the project. This safety-concept is the first of its kind to include processor level low-power techniques and power-modes positively assessed by an independent certification authority, and it will allow the exploitation of the project technologies over a shorter term according to current safety and security standards. Additionally, the XtratuM embedded hypervisor has already adopted some of those technologies. This makes XtratuM the first power-aware embedded hypervisor. In addition, the OVP simulated virtual platform included new models for the simulation of low-power techniques and power estimation.
On the research path, a lot of progress has been made by having certified the power-modes for on-chip message scheduling and the tile power and temperature monitoring.
Overall, the following impact is expected:
- Decreases in power consumption of CRTES by up to 50%, based on mixed criticality systems while maintaining the necessary operation requirements (e.g. safety, security, availability, scalability). Among all evaluated use-cases instantiating the architecture, some LP scenarios have demonstrated power savings of 13% up to 37%, while still maintaining the real-time requirements.
- Improvements in the environmental friendliness of the CRTES operation thanks to increases in energy efficiency and reductions in emissions. This is particularly relevant in systems with tens/hundreds of Electronic Control Units (e.g. automotive, railway, etc.) where the impact on global energy consumption is huge.
- Reductions in the development time and the time-to-market of low power mixed criticality systems of 25%. This is possible thanks to the use of SAFEPOWER tools for early verification (new application upon virtual-platforms) and to the fact that the certification effort is lower, as the architectural core-services exploiting power management features are already pre-assessed by certification authorities.
In this manner, SAFEPOWER aims at unleashing the potential of power management for safety relevant applications, increasing the take-up of European computing technologies in industry, in particular SMEs.
SAFEPOWER logo
SAFEPOWER reference architecture
SAFEPOWER meeting participants
SAFEPOWER PCB design
SAFEPOWER railway signalling use-case (CAF-Signalling)