Patent Application
20220012119
The present disclosure relates to a multiple module scheduling device and system, and is produced by a research project “Development of software black box technology for high-reliability computing” conducted with the support of “Ministry of Science and Technology Information and Communication in the Republic of Korea”.
To build a safe system, an operating system for a safety-first system such as a vehicle or an aircraft organizes an application into partitions, and a partition is composed of several processes. Partitioning used herein refers to a scheme that minimizes interference between applications, each of which is composed of partitions, and operates an application itself separately from another application.
A conventional system, to which the scheduling of multiple modules is applied, may have only a single error monitoring rule, and thus may not perform an error monitoring function optimized for each scheduling. Accordingly, when an error occurs, the conventional system may not efficiently perform a recovery action.
The present disclosure provides a device capable of performing error handling optimized for each scheduling by applying an error monitoring scheme having a separate rule for each scheduling applied to multiple modules.
According to an aspect of the present disclosure, a multiple module scheduling device may include a scheduling management unit determining scheduling of a partition for each of a plurality of modules before execution of the partition and controlling the execution of the partition for each module depending on the determined scheduling, an error monitoring unit monitoring error information occurring in the plurality of modules, and an error control unit receiving the error information from the error monitoring unit, and controlling a predetermined recovery action to be performed based on the received error information.
Furthermore, the error information may include a state of a system and an error type of the system.
Moreover, the error control unit may compare the error information with a system level monitoring table and may determine that the error information corresponds to an error at a module level or an error at a partition level.
Also, when it is determined that the error information corresponds to the error at the module level, the error control unit may compare the error information with a module level monitoring level table, may determine a recovery action corresponding to the error information, and may control the determined recovery action to be performed.
In addition, when it is determined that the error information corresponds to the error at the partition level, the error control unit may compare the error information with a partition level monitoring level table, may determine the recovery action corresponding to the error information, and may control the determined recovery action to be performed.
Besides, in a scheduling monitoring system using the multiple module scheduling device, the multiple module scheduling device may include system level monitoring tables, of which the number is the same as the number of the modules, module level monitoring tables, of which the number is the same as the number of the modules, and partition level monitoring tables, of which the number is the same as the number of the modules.
According to an embodiment of the present disclosure, it is possible to perform error handling optimized for each scheduling by applying an error monitoring scheme having a separate rule for each scheduling applied to multiple modules.
According to an embodiment of the present disclosure, other advantages and features and methods of accomplishing the same may be understood more readily with reference to the following detailed description of an embodiment and the accompanying drawings. The present disclosure, however, may be embodied in various different forms, and should not be construed as being limited only to the illustrated embodiments. Rather, these embodiments are provided as examples so that the disclosure will be thorough and complete, and will fully convey the category of the present disclosure to those skilled in the art. The present disclosure may be defined by scope of the claims. Meanwhile, the terminology used herein to describe embodiments of the present disclosure is not intended to limit the scope of the present disclosure.
Even though it is not defined, all terms (including technical or scientific terms) used herein have the same meaning as being generally accepted by the general technology in the art belonging to present disclosure. Terms defined by general dictionaries may be construed as having the same meaning as the related technology and/or body of this application, and will not be conceptualized or construed excessively formally, even though being not clearly defined herein.
The terms used in the specification are provided to describe the embodiments, not to limit the present disclosure. In the specification, the singular forms include plural forms unless particularly mentioned. The terms “comprises” and/or various conjugated forms of this verb such as ‘inclusion’, ‘comprising’, ‘including’, and ‘containing’ used herein does not exclude presence or addition of one or more other different compositions, ingredients, components, steps, operations, and/or elements in addition to the aforementioned compositions, ingredients, components, steps, operations, and/or elements. In the present specification, the term ‘and/or’ refers to each of the listed configurations or various combinations thereof.
Meanwhile, terms such as ‘˜ unit’, ‘˜ device’, ‘˜ block’, ‘module’, or the like used throughout the present specification may mean a unit that processes at least one function or operation. For example, it may mean software or hardware components such as FPGA or ASIC. However, ‘˜ unit’, ‘˜ device’, ‘˜ block’, ‘module’, or the like may not be limited to software or hardware. For example, ‘˜ unit’, ‘˜ device’, ‘˜ block’, or ‘module’ may be configured to be stored in an addressable storage medium or may be configured to execute one or more processors.
Therefore, as an example, ‘˜ unit’, ‘˜ device’, ‘˜ block’, or ‘module’ may include various elements such as software elements, object-oriented software elements, class elements, and task elements, processes, functions, attributes, procedures, subroutines, program code segments, drivers, firmware, microcodes, circuits, data, databases, data structures, tables, arrays, and variables. Functions provided in components and ‘˜ unit’, ‘˜ device’, ‘˜ block’, and ‘˜module’ may be combined with the smaller number of components and ‘˜ unit’, ‘˜ device’, ‘˜ block’, and ‘˜module’ or may be further divided into additional components and ‘˜ unit’, ‘˜ device’, ‘˜ block’, and ‘˜module’.
Below, embodiments of the present disclosure will be more fully described with reference to accompanying drawings.
Referring to
The modules 100 execute application-related partitions, respectively. The memory 200 stores data for modules and partitions. The multiple module scheduling device 300 processes errors, which occur depending on a schedule determined in a system, at a module level and a partition level.
The multi-module system 10 includes two or more modules. The plurality of modules share memory resources and execute partitions. In an embodiment of the present disclosure, as described below, the multiple module scheduling device 300 processes an error, which occurs in a procedure of processing data based on the scheduling determined for each module, depending on a predefined recovery action.
The recovery action is different depending on various situations that occur while various application programs are executed for each module. As a result, the multiple module scheduling device 300 may perform a recovery action on an error, which occurs for each module, based on a predetermined recovery action, thereby effectively processing an error occurring between modules in a multi-module environment.
Referring to
The scheduling managing unit 310 statically defines scheduling of a partition for each of a plurality of modules in advance before the execution of the partition, and controls the execution of the partition for each module depending on the defined scheduling. The error monitoring unit 320 monitors error information including system state of an error occurring in a system, and an error type of the system. The error control unit 330 receives error information from the error monitoring unit 320, compares error information with a system level monitoring table, a module level monitoring table, and a partition level monitoring table, and controls a predetermined recovery action to be performed. Herein, it is preferable that the number of system level monitoring tables is the same as the number of multiple modules, the number of module level monitoring tables is the same as the number of multiple modules, and the number of partition level monitoring tables is the same as the number of multiple modules.
Referring to
When an error occurs in a system in a procedure of executing an application program, the multiple module scheduling device 300 monitors error information including a state of the system and an error type of the system (S20). The multiple module scheduling device 300 compares an error occurring at a system level with the system level monitoring table, and determines whether the error is an error at a module level or at the partition level (S30 and S50).
When it is determined that the error is an error at the module level, the multiple module scheduling device 300 compares the error with to a module level monitoring table, and then controls a predetermined recovery action to be performed (S40). When it is determined that the error is an error at the partition level, the multiple module scheduling device 300 compares the error with a partition level monitoring table, and then controls a predetermined recovery action to be performed (S60).
Hereinafter, the procedure will be described in detail with reference to
Referring to
For example, when the system state of the error information occurring in the system in operation S20 is ‘Module Init’, and the error type of the error information is ‘Memory Violation’, it may be identified that the error information corresponds to a module level error (See
Afterward, because the system state of the error information occurring in the system is ‘Module Init’, and the error type of the error information is ‘Memory Violation’, it is possible to perform a recovery action, which is referred to as ‘RESTART’ in the module level monitoring table (See
As another example, when the system state of the error information occurring in the system in operation S20 is ‘Partition Init’, and the error type of the error information is ‘Machine Check’, it may be identified that the error information corresponds to a partition level error (See
Afterward, because the system state of the error information occurring in the system is ‘Partition Init’, and the error type of the error information is ‘Memory Check’, it is possible to perform a recovery action, which is referred to as ‘PARTITION STOP’ in the partition level monitoring table (See
As such, when an error occurs in the system, it is possible to perform a predetermined recovery action by comparing the error information with the module level monitoring table of
The conventional scheduling system may define only a single monitoring rule in a module, and thus the conventional scheduling system may not perform error monitoring optimized for each scheduling in a system to which multiple modules are applied. As a result, when the multiple module scheduling device 300 is used, it is possible to apply monitoring having a predetermined recovery action for each scheduling according to each module, thereby performing error handling optimized for each scheduling.
The above description exemplifies the present disclosure. Furthermore, the above-mentioned contents describe exemplary embodiments of the present disclosure, and the present disclosure may be used in various other combinations, changes, and environments. That is, variations or modifications can be made to the present disclosure without departing from the scope of the present disclosure that is disclosed in the specification, the equivalent scope to the written disclosures, and/or the technical or knowledge range of those skilled in the art. The written embodiments describe the best state for implementing the technical spirit of the present disclosure, and various changes required in specific applications and purposes of the present disclosure can be made. Accordingly, the detailed description of the present disclosure is not intended to restrict the present disclosure in the disclosed embodiment state. In addition, it should be construed that the attached claims include other embodiments.
| Number | Date | Country | Kind |
|---|---|---|---|
| 10-2018-0146104 | Nov 2018 | KR | national |
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/KR2018/014761 | 11/28/2018 | WO | 00 |
