A method to monitor program flow for multitasking real-time embedded software with ASIL rating

摘要

A method to monitor program flow of runnable processes or tasks in a multitasking real time system, the processes or tasks having different or mixed automotive safety integrity level (ASIL) ratings. Temporal and spatial freedom from interference is maintained. The method creates one or more safety goals 301-303 having different ASIL ratings on a single core processer. A plurality of runnable processes RX_Y_Zms_N are created per safety goal and memory is split and allocated such that runnable processes with the same ASIL share the same memory part. Runnable processes are allocated to tasks T1-T8 and each task is allocated a fixed time period Zms for repetition. Task are prioritized and a calling order of tasks is determined. A question generated by a monitoring module is sent to a task to detect abnormalities in runnable/task execution. A unique signature is assigned per question at the receiving task and the signature is updated as each runnable/task is executed. A final signature is derived following execution of all the tasks and is sent to the monitoring module, where a comparison of the received answer with a predefined time and expected result occurs, and a safe state is commanded when a mismatch occurs.