Temporal Protection in Dreams
Microsoft Research Institute and Department of Computing,
School of Mathematics, Physics, Computing and Electronics,
NSW 2109, Australia
Conventional operating systems which reliably support competing applications with timing deadlines must include facilities to protect those applications from interfering with one another?s ability to meet their deadlines. In the context of the Dreams model, this paper examines three of the essential components of this temporal protection: a real-time scheduling algorithm, management of processes which exceed their allocated processor usage, and the correct tracking of a process?s real-time processor usage.
Keywords Real-time, overrun, operating systems, scheduling, temporal protection.
The aim of the Dreams (Distributed Real-Time Extensions with Application to Multimedia Systems) project is to develop a set of extensions to conventional operating systems so that they may support real-time and distributed real-time processes within the conventional operating system paradigm.
Fundamental to the conventional operating system paradigm is the ability to run independent applications simultaneously while protecting these applications from interfering with one another. This is quite different from the paradigm of real-time systems where the system supports a single application, so processes in the system are not independent and work together towards a common goal.
There are two major ways in which a conventional operating system must be altered to allow it to protect real-time applications from one another. First is the addition of a new type of protection which we call temporal protection. This encompasses the requirement that the timing behaviour of one process should not be able to affect an independent process?s ability to meet its deadline. To achieve this, the scheduling
Proceedings of the 20
Australasian Computer Science
Conference, Sydney, Australia, 5-7 February 1997.
method needs to be altered, the processes? timing behaviour needs to be monitored and enforced, and the condition where processes overrun must be sensibly handled. The second alteration required is to modify the mechanisms used for sharing logical resources.
The Dreams model ensures that the system as a whole has sufficient capacity to satisfy all of the active real-time applications by using an admission mechanism and by constraining and modelling particular parts of the operating system. These issues, along with an overview of the major real-time components of the Dreams system and a general comparison with other models, can be found in .
This paper addresses the issue of temporal protection. We discuss the scheduling mechanism, the management of overrun processes, and processor usage tracking.
Section two of this paper introduces the relevant real-time terminology and describes the abstraction of the real-time scheduling entity used in the Dreams system: the transient periodic process.
To ensure that real-time processes do not interfere with one another, processes must be restricted from taking CPU resources beyond those they originally request. This enforcement mechanism makes it necessary to deal with the processes which have overrun. Managing overrun processes has not been of interest to static real-time systems research, where processes are not expected to overrun, nor has it been adequately addressed by the dynamic realtime community. The third section of the paper describes our methods and policies for handling overrun and the integration of the basic scheduling policy with the overrun scheduling policy.
The operating system scheduler is responsible for allocating processes to the CPU for certain periods of time. Real-time processes must be scheduled in an appropriate manner to ensure that each process can meet its deadline. The fourth section is prefaced by highlighting the inadequacies of conventional schedulers in