Modern safety-critical real-time systems are becoming more and more complex, due to sophisticated applications such as advanced driving assistance, automated driving, advanced infotainment, and applications involving machine learning and deep learning. This has led to increased requirements for the communication infrastructures. Real-time bus-based communication techniques, such as CAN and FlexRay, have been widely adopted for decades, due to their low cost and reliable communication capability. However, the bandwidth provided by these technologies is often not enough for modern safety-critical systems. Time-Sensitive Networking (TSN) is a promising technique that can handle the increasing bandwidth requirements, while meeting real-time constraints and providing Ethernet compatible solutions. 

We have studied the synthesis of schedules and routes for TSN, in order to fulfill timing and reliability requirements for safety-critical systems. Functional safety is an important goal for such systems, to ensure that no unreasonable risks are taken. This involves handling random and systematic faults, both of which are considered in this work. We synthesize schedules and routes for TSN so that the probability of faulty transmission due to random faults is below a certain threshold.ASIL Decomposition, introduced in the automotive industry, is applied to handle systematic faults, while achieving overall cost minimization. In order to improve schedulability, preemption support in TSN has also been studied. Heuristic algorithms are proposed for all the above contributions to address scalability issues characterized for the constrained synthesis and optimization problem addressed.

Traditional designs for safety-critical systems usually deploy a federated architecture, where several processors are available and each processor implements one dedicated function. An important goal is to achieve fault containment. However, due to the increasing complexity of modern safety-critical systems, this architecture is no longer scalable. Therefore, several tasks with different criticality levels are usually integrated on the same computing platform. A key aspect for such systems is to achieve the required independence between tasks at different criticality levels and to guarantee that they do not interfere each other. We have developed a partitioned scheduling technique for mixed-criticality systems to achieve temporal independence, while minimizing the CPU usage.

Bil-, flygelektronik-, järnvägs- och medicinska system är exempel på typiska säkerhetskritiska system. På grund av ökade krav på datakommunikation i sådana system är Ethernet med protokoll för tidskänsliga nätverk (TSN) vanligt förekommande. Flera designutmaningar såsom tids- och säkerhetskrav måste hanteras när TSN tillämpas i säkerhetskritiska system. Tidskrav hanteras ofta genom tidsutlöst schemaläggning. Säkerhetskraven inkluderar både slumpmässiga och systematiska fel. Kraven hanteras i TSN genom syntetiserade tidsutlösta scheman och rutter för meddelanden med redundans som lösning för slumpmässiga och systematiska fel. Denna avhandling inkluderar metoder för effektiv syntes av förebyggande tidsutlösta scheman och rutter för meddelanden i TSN. På grund av att funktioner blir alltmer komplexa och integrerade så behöver dessa ofta integreras på samma datorplattform. Denna avhandling föreslår så kallad serverbaserad uppgiftsschemaläggning för system med olika nivåer på säkerhetskrav. Detta innebär att funktioner garanteras vara fria från störningar samt att resursanvändning minimeras.

Time-Sensitive Networking (TSN) is a set of IEEE 802.1 technologies that support real-time and reliable Ethernet communication, commonly used in automotive and industrial automation systems. Time-aware scheduling is adopted in TSN to achieve high temporal predictability. In this paper, we demonstrate that such a scheduling solution alone does not always meet all timing requirements and must be combined with network preemption support. We propose an SMT-based synthesis method for preemptive time-triggered scheduling and routing in TSN. Our experiments demonstrate that schedulability is improved significantly when using frame preemption compared to a standard time-triggered message scheduling approach.

Due to their real-time constraints and high predictability requirements, safety-critical automotive applications are often implemented using time-triggered communication scheduling, which is supported in the Time-Sensitive Networking (TSN) standards. Applications and network communications are assigned Automotive Safety Integrity Levels (ASILs) based on the ISO 26262 standard for functional safety in automotive systems. ISO 26262 outlines, for each ASIL, requirements on coverage of random hardware errors and systematic errors. Prior research has addressed routing and scheduling for time-triggered messages in TSN in the context of random hardware errors and optimization of reliability metrics. However, no work to date has considered the functional safety aspects of addressing systematic errors. Specific to systematic errors, the ISO 26262 standard defines ASIL decomposition as a vehicle to decompose functions into independent components, each with a lower safety requirement than that of the original function. Since the cost of a component is increasing with its ASIL, decomposition can lower the total cost while still meeting the original safety requirements. In this paper, we propose an ASIL decomposition based technique to introduce redundant communication with lower-ASIL components in Ethernet systems with TSN-based time-triggered communication. The ASIL-aware routing and scheduling of messages are determined such that all safety requirements and end-to-end deadlines are satisfied and, at the same time, the total cost of the employed switches is minimized. Extensive experiments have been conducted to evaluate the efficiency of the proposed framework.

Time-sensitive Networking (TSN) on Ethernet is a promising communication technology in the automotive and industrial automation industries due to its real-time and high-bandwidth communication capabilities. Time-triggered scheduling and static routing are often adopted in these areas due to high requirements on predictability for safety-critical applications. Deadline-constrained routing and scheduling in TSN have been studied extensively in past research. However, scheduling and routing with reliability requirements in the context of transient faults are not yet studied. In this work, we propose an Satisfiability Modulo Theory-based technique to perform scheduling and routing that takes both reliability constraints and end-to-end deadline constraints into consideration. Heuristics have been applied to improve the scalability of the solution. Extensive experiments have been conducted to demonstrate the efficiency of our proposed technique.