Christoph Erhardt

Exploiting static application knowledge in a Java compiler for embedded systems: a case study

Offering many benefits in terms of productivity and reliability, Java is becoming an attractive choice for the field of embedded computing. However, its programming model that relies on the capabilities of just-in-time compilation limits the opportunities to generate highly optimized code in an ahead-of-time compiler. In the KESO project, a Java VM for statically-configured deeply embedded systems, we have previously used static application knowledge to create a tailored runtime environment. In this paper, we present and discuss how this static knowledge can further be exploited by our compiler in order to perform advanced optimizations that would otherwise not be achievable. We conducted a case study with the CDx real-time benchmark in which we examined the peculiarities and challenges that arise, and evaluated the effectiveness of both standard and system-model-specific compiler optimizations in the context of a static embedded application model. Our results show that incorporating the available a-priori knowledge in the compiler provides significant improvements to both footprint and runtime, and can additionally help the system integrator to identify consistency problems between the code and a higher-level system specification at an early development stage.

A JVM for soft-error-prone embedded systems

The reduction of structure sizes in microcontollers, environmental conditions or low supply voltages increase the susceptibility of embedded systems to soft errors. As a result, the employment of fault-detection and fault-tolerance measures is becoming a mandatory task even for moderately critical applications. Accordingly, software-based techniques have recently gained in popularity, and a multitude of approaches that differ in the number and frequency of tolerated errors as well as their associated overhead have been proposed. Using type-safe programming languages to isolate critical software components is very popular among those techniques. An automated application of fault-detection and fault-tolerance measures based on the type system of the programming language and static code analyses is possible. It facilitates an easy evaluation of the protection characteristics and costs, as well as the migration of software to new hardware platforms with different failure rates. Transient faults, however, are not bound to the application code secured by the type system, but can also affect the correctness of the type system itself. Thereby, the type system might lose its ability to isolate critical components. As a consequence, it is essential to also protect the type system itself against soft errors. In this paper, we show how soft errors can affect the integrity of the type system. Furthermore, we provide means to secure it against these faults, thus preserving its isolating character. These measures can be applied selectively to achieve a suitable tradeoff between level of protection and resource consumption.

Providing security on demand using invasive computing

Abstract The invasive computing paradigm offers applications the possibility to dynamically spread their computation in a multicore/multiprocessor system in a resource-aware way. If applications are assumed to act maliciously, many security problems arise. In this acticle, we discuss different ways to deal with security problems in a resource-aware way. We first formalize the attacker model and the different security requirements that applications may have in multi-core systems. We then survey different hardware and software security mechanisms that can be dynamically configured to guarantee security on demand for invasive applications.

RT-LAGC: Fragmentation-Tolerant Real-Time Memory Management Revisited

The use of managed, type-safe languages such as Java in real-time and embedded systems is advantageous, as it offers productivity and especially safety and dependability benefits over dominating unsafe languages. A Java Virtual Machine (JVM) has to provide an implicit memory management system such as a garbage collector (GC), for example, as explicit memory management through allocation and release operations by the application developer is prone to programming errors and may result in a violation of the type system properties. Real-time systems have specific requirements regarding space and time bounds and a GC has to ensure that these defined upper limits will not be exceeded. A proper solution to address this issue is, for example, employing fragmentation-tolerant garbage collection as proposed by Pizlo et al. [16]. Their approach is called SCHISM/CMR. Based on their work, we developed an alternative fragmentation-tolerant GC variant called RT-LAGC, which is supported by our compiler jino and is part of the KESO JVM [18]. RT-LAGC is a cooperative GC, that is, the real-time system developer and the compiler assist the GC through system configuration (e.g. enough slack time for the GC to run) and program analyses, respectively. This is achieved by integrating the GCs in the design process of the whole system just as any other user application. In RT-LAGC, we designed a new bidirectional fragmented object layout. Furthermore, we implemented latency-aware management of fragmented memory as well as an alternative collection technique for array meta-information. Moreover, the execution properties of an exemplary application were improved by jinos extended escape analysis. RT-LAGC is evaluated against KESOs purely incremental non-fragmentation-tolerant GC called IRRGC and a throughput-optimized stop-the-world collector named CBGC. A classification of typical memory patterns for Java objects supports the predictability of the examined embedded system.

Team up: cooperative memory management in embedded systems

The use of a managed, type-safe languages such as Java in realtime and embedded systems can offer productivity and, in particular, safety and dependability benefits over the dominating unsafe languages at reasonable costs. A JVM that has dynamic memory-management needs to provide an implicit memory-management strategy, that is, for example, a garbage collector (GC) or stack allocation provided by the escape analysis of the JVMs compiler: Explicit management of dynamically allocated memory (i.e., by use of functions such as Cs malloc () and free()) is vulnerable to programming errors such as neglected or false memory release operations causing memory leaks or dangling pointers. Such operations have the potential to break the soundness of the type system and are therefore usually not available for strongly typed languages. Type-safe languages in combination with static analyses - which respect hardware as well as system-specific information - can efficiently be employed to provide a runtime system including memory management (MM) that is specifically suited to an embedded application on a particular hardware device. In the context of this paper, we present novel memory-management strategy we implemented in our KESO JVM. It is a latency-aware garbage-collection algorithm called LAGC. Also, we introduce the static analyses that can assist LAGC. The application developers have to ensure that there is enough time for the GCs to run. Hardware characteristics such as soft-error proneness of the hardware or the memory layout can also be taken into consideration as demanded by the system configuration. This is achieved by integrating the GCs in the design process of the whole system just as any other user application, which is the reason why this approach is called cooperative memory management. The suggested strategies require reasonably low overhead.

The Perfect Getaway: Using Escape Analysis in Embedded Real-Time Systems

The use of a managed, type-safe language such as Java in real-time and embedded systems offers productivity and, in particular, safety and dependability benefits at a reasonable cost. It has been shown for commodity systems that Escape Analysis (EA) enables a set of useful optimizations, and benefits from the properties of a type-safe language. In this article, we explore the application of escape analysis in KESO [Stilkerich et al. 2012], a Java ahead-of-time compiler targeting embedded real-time systems. We present specific applications of EA for embedded programs that go beyond the widely known stack-allocation and synchronization optimizations such as extended remote-procedure-call (RPC) support for software-isolated applications, automated inference of immutable data, or improved upper space and time bounds for worst-case estimations.

A Practical Getaway: Applications of Escape Analysis in Embedded Real-Time Systems

The use of a managed, type-safe language such as Java in real-time and embedded systems offers productivity and, in particular, safety and dependability benefits at a reasonable cost. It has been shown for commodity systems that escape analysis (EA) enables a set of useful optimization, and benefits from the properties of a type-safe language. In this paper, we explore the application of escape analysis in KESO [34], a Java ahead-of-time compiler targeting (deeply) embedded real-time systems. We present specific applications of EA for embedded programs that go beyond the widely known stack-allocation and synchronization optimizations such as extended remote procedure call support for software-isolated applications, automated inference of immutable data or improved upper space and time bounds for worst-case estimations.

Cutting out the middleman: OS-level support for x10 activities

In the X10 language, computations are modeled as lightweight threads called activities. Since most operating systems only offer relatively heavyweight kernel-level threads, the X10 runtime system implements a user-space scheduler to map activities to operating-system threads in a many-to-one fashion. This approach can lead to suboptimal scheduling decisions or synchronization overhead. In this paper, we present an alternative X10 runtime system that targets OctoPOS, an operating system designed from the ground up for highly parallel workloads on PGAS architectures. OctoPOS offers an unconventional execution model based on i-lets, lightweight self-contained units of computation with (mostly) run-to-completion semantics that can be dispatched very efficiently. We are able to do a 1-to-1 mapping of X10 activities to i-lets, which results in a slim runtime system, avoiding the need for user-level scheduling and its costs. We perform microbenchmarks on a prototype many-core hardware architecture and show that our system needs fewer than 2000 clock cycles to spawn local and remote activities.

Self-adaptive corner detection on MPSoC through resource-aware programming

Multiprocessor system-on-chip (MPSoC) designs offer a lot of computational power assembled in a compact design. In mobile robotic applications, they offer the chance to replace several dedicated computing boards by a single processor, which typically leads to a significant acceleration of the computer-vision algorithms employed. This enables robots to perform more complex tasks at lower power budgets, less cooling overhead and, ultimately, smaller physical dimensions.However, the presence of shared resources and dynamically varying load situations leads to low throughput and quality for corner detection; an algorithm very widely used in computer-vision. The contemporary operating systems from the domain have not been designed for the management of highly parallel but shared computing resources.In this paper, we evaluate resource-aware programming as a means to overcome these issues. Our work is based on Invasive Computing, a MPSoC hardware and operating-system design for resource-aware programming. We evaluate this system with real-world algorithms, like Harris and Shi-Tomasi corner detectors. Our results indicate that resource-aware programming can lead to significant improvements in the behavior of these detectors, with up to 22 percent improvement in throughput and up to 20 percent improvement in accuracy.

Resource-awareness on heterogeneous MPSoCs for image processing

Explore the benefits of using heterogeneous MPSoC for image processing.Different types of processing elements leads to programming issues on MPSoC.The conventional scheme (static mapping) does not achieve the best results.A case-study based on resource-aware programming model named Invasive Computing.The resource-aware model leads to better quality and lower latency on MPSoC. Multiprocessor system-on-chip (MPSoC) designs offer a lot of computational power assembled in a compact design. The computing power of MPSoCs can be further augmented by adding massively parallel processor arrays (MPPA) and specialized hardware with instruction-set extensions. On-chip MPPAs can be used to accelerate low-level image-processing algorithms with massive inherent parallelism. However, the presence of multiple processing elements (PEs) with different characteristics raises issues related to programming and application mapping, among others. The conventional approach used for programming heterogeneous MPSoCs results in a static mapping of various parts of the application to different PE types, based on the nature of the algorithm and the structure of the PEs. Yet, such a mapping scheme independent of the instantaneous load on the PEs may lead to under-utilization of some type of PEs while overloading others.In this work, we investigate the benefits of using a heterogeneous MPSoC for accelerating various stages within a real-world image-processing algorithm for object-recognition. A case study demonstrates that a resource-aware programming model called Invasive Computing helps to improve the throughput and worst observed latency of the application program, by dynamically mapping applications to different types of PEs available on a heterogeneous MPSoC.