WCET-Aware Partial Control-Flow Checking for Resource-Constrained Real-Time Embedded Systems

Real-time embedded systems in diverse application domains, such as industrial control, automotive, and aerospace, are often safety-critical systems with stringent timing constraints that place strong demands on reliability and fault tolerance. Since fault-tolerance mechanisms inevitably add performance and/or resource overheads, it is important to guarantee a system´s real-time constraints despite these overheads. Control-flow checking (CFC) is an effective technique for improving embedded systems´ reliability and security by online monitoring and checking of software control flow to detect runtime deviations from the control-flow graph (CFG). Software-based CFC has high runtime overhead, and it is generally not applicable to resource-constrained embedded systems with stringent timing constraints. We present techniques for partial CFC (PCFC), which aims to achieve a tradeoff between runtime overhead, which is measured in terms of increases in worst case execution time (WCET), and fault-detection coverage by selectively instrumenting a subset of basic blocks. Experimental results indicate that PCFC significantly enables reductions of the program WCET compared to full CFC at the cost of reduced fault-detection ratio, thus providing a tunable fault-tolerance technique that can be adapted by the designer to suit the needs of different applications.