Build real-time communication for hybrid dual-OS system

Abstract

Abstract In automotive/avionic/robot systems, consolidating multiple domains on a powerful SoC is an important trend. From the perspectives of safety and security, each of these domains must execute independently with a self-governed Operating System (OS). Such systems are termed as hybrid multi-OS systems. Generally, in a commonly used hybrid dual-OS system, a real-time OS (RTOS) and a general-purpose OS (GPOS) are integrated to satisfy different requirements. Inter-OS communication is the key to such systems. Specifically, services are often requested by tasks in RTOS from GPOS, but it is challenging to satisfy the requirements on time efficiency and predictability in RTOS, due to the uncertainty in communication maintenance and the time-sharing policy of the GPOS. Current existing approaches can not provide predictable time guarantees to the circumstances. This paper aims to build a time predictable and secure RPC mechanism (i.e., the primary and critical communication unit in a hybrid multi-OS system). On the foundation of a detailed analysis of the time delays in each phase of a RPC from RTOS to GPOS, we point out the drawbacks in conventional RPC mechanisms and propose an effective model and some methods to guarantee the predictability in all the phases of RPC. Furthermore, a real-time RPC scheme (termed RTRG-RPC) is proposed and applied to our ready-built TrustZone-based consolidation system (i.e., TZDKS). RTRG-RPC achieves accurate time control through three mechanisms: SGI (Software Generate Interrupt) message transforming, interrupt handler RPC servicing, and priority-swapping. Evaluations show that RTRG-RPC can achieve real-time predictability and managed priority inversion. Moreover, the design of RTRG-RPC also provides lightweight and essential protection on the security, without violation of the efficiency.