Proxima: towards safer processors

The European research programme Proxima mobilised tens of researchers from specialised centres (Inria, Barcelona Supercomputing Center) and university (Padova, York) or industrial (Rapita Systems, Airbus) laboratories. It has enabled an improvement in the predictability of the processors that have to ensure the real-time operation of programs.  

In everyday life, when we are using our computers and click on a program, they do not always run immediately. We wait for a few seconds or minutes, and it does not make much difference. However certain situations have safety implications: when the program manages the real-time automatic piloting of aircraft or car ABS braking systems, waiting is not an option...

For a long time, manufacturers avoided these problems regarding delays in executing the programs by increasing the power - as well as the number - of processors.  However, it is impossible to add computer components to cars, aircraft, trains or robots indefinitely. Indeed, the latest generation highly-powerful multicore processors have become too complex for manufacturers to be able to correctly estimate the execution time of the programs. And yet, an estimation of this time is critical in order to ensure the reliability of software that must operate in real time.

Until recently, industrialists estimated this execution time by resorting to methods that predicted all scenarios in an identical manner, including the worst-case and least probable."However, for a traveller going to Nice for the weekend in April, this meant looking at all of the temperature hypotheses of the last hundred years and being equipped to cope with any eventuality. If they learn that it snowed once in a hundred years, they will then take an anorak. By knowing that, some years, it was very cold or very hot in April, our traveller will end up leaving with three suitcases, and this is unmanageable"explains Liliana Cucu-Grosjean, researcher with the Aoste team at the Inria centre in Paris, and who took part in the Proxima project. 

The European research programme Proxima, which took place from 2013 to 2016, has made it possible to find a compromise between these two risks: on the one hand, the risk of failure of a "basic" processor whose insufficient power would increase execution time. On the other hand, the risk associated with processors that are very powerful but too complex to be able to correctly estimate, in critical circumstances, the execution times of the programs in which they are embedded."The more cores a microprocessor has, the greater its computing power, but it becomes more difficult to estimate the risk of a temporal fault likely to cause a predictability problem", Liliana Cucu-Grosjean points out. 

In order to find a way out of this dilemma, the researchers on the Proxima programme invented a different and innovative approach based on probabilities: by studying the most probable scenarios, it is possible to simplify the estimation of execution times of programs required to carry out critical functions.  Proxima's work is of the utmost interest to the transport sector. First of all aeronautics but also, and increasingly, car manufacturers, since embedded systems are playing a growing role in the driverless cars soon to be on the road. Finally, Proxima has laid the foundations for the design of simpler, more robust and less costly computer systems, whilst preserving the safety of the vehicles in which they are embedded.

