Stefan Reif, Timo Hönig and Wolfgang Schröder-Preikschat
Inherently Deterministic Operating Systems
In state-of-the-art system software, scalability and predictability are mutually exclusive—scalable systems are usually poorly predictable and, vice versa, predictable systems cannot utilise a large number of processor cores efficiently. Both research domains, however, have started to discover a symbiosis. On the one hand, large-scale systems have to consider performance outliers even in rare cases, such as tail latencies and system noise. Due to the massive scale of modern-day computing system, infrequent and seemingly negligible delays are becoming highly relevant for the whole-system performance. Thus, large-scale systems benefit greatly from predictability improvements. On the other hand, processors with a large number of low-complexity cores promise high computing performance with good predictability at instruction level and low power demand—which would be ideal for embedded systems. The benefits of parallel hardware architectures, however, are obstructed by major challenges regarding the timing analysis of highly-concurrent software. In consequence, embedded systems need approaches that combine scalability and analysability efficiently.
This talk introduces inherently deterministic operating systems (IDOSs), a novel system design methodology that promises optimal predictability, scalability, and analysability. Inherently deterministic operating systems ensure, by construction, that all operations unconditionally need the same amount of resources. Based on a prototypical implementation, DetOX, this talk further discusses challenges regarding the practical feasibility of deterministic systems, limitations caused by state-of-the-art hardware, adaptations to established system-design principles that are needed for deterministic execution, the consequences of determinism for application development, and the possibility of co-existence of deterministic sub-systems with non-deterministic hard real-time, soft real-time, and best-effort subsystems.