Isolation of Shared Resources for Mixed-Criticality AUTOSAR Applications

Abstract

Temporal isolation without consideration of spatial isolation has been attained for mixed-criticality systems, while the need for spatial isolation is urgently required in the automotive industry. Moreover, tasks with different criticality levels sharing the same resources are a common requirement for safety-critical automotive applications. Such tasks are more challenging to spatially isolate due to context sharing to access the same resources. Nevertheless, safety certification cannot be issued without addressing spatial isolation. This paper argues that traditional real-time locking solutions are unsuitable for mixed-criticality applications within the automotive open system architecture (AUTOSAR). We adopted the server task named resource server for spatial isolation within AUTOSAR limitations. We formalized a software component model for reducing design space and proposed the mapping algorithms. Properties of resource servers within AUTOSAR were formally analyzed for blocking delays, task priority assignment, and utilization analysis. Case studies in a powertrain domain of an electric vehicle were carried out to assess the proposed solutions.