A Formal Approach to Design and Verification of Two-Level Hierarchical Scheduling Systems

Hierarchical scheduling (HS) systems manage a set of realtime applications through a scheduling hierarchy, enabling partitioning and reduction of complexity, confinement of failure modes, and temporal isolation among system applications. This plays a crucial role in all industrial areas where high-performance microprocessors allow growing integration of multiple applications on a single platform. We propose a formal approach to the development of real-time applications with non-deterministic Execution Times and local resource sharing managed by a Time Division Multiplexing (TDM) global scheduler and preemptive Fixed Priority (FP) local schedulers, according to the scheduling hierarchy prescribed by the ARINC-653 standard. The methodology leverages the theory of preemptive Time Petri Nets (pTPNs) to support exact schedulability analysis, to guide the implementation on a Real-Time Operating System (RTOS), and to drive functional conformance testing of the real-time code. Computational experience is reported to show the feasibility of the approach.