Christoph Kuehbacher (Univ. Augsburg) has defended his PhD thesis

Christoph Kuehbacher from the University of Augsburg has defended his PhD thesis entitled Analyzable Dataflow Executions With Adaptive Redundancy.

In his thesis, he has developed a runtime environment (RTE) for the fault-tolerant execution of dataflow applications modelled as directed acyclic graphs. The RTE is able to adaptively select an appropriate level of redundancy and runs on various multi- and manycore architectures. The tasks of such applications are then scheduled regarding their dependencies, the required levels of redundancy, and the specified deadline of the application. The work was developed in the scope of the ADMORPH project, more specifically as part of the activities on Work Package 2 (Task 2.3) and Work Package 3 (Task 3.3).

Paper at the International Conference on Software Engineering and Formal Methods (SEFM)

Lukas Miedema and Clemens Grelck had their paper entitled “Strategy Switching: Smart Fault-Tolerance for Weakly-Hard Resource-Constrained Real-Time Applications” accepted at the International Conference on Software Engineering and Formal Methods (SEFM). The paper is also available within the conference proceedings.

The paper proposes a new approach for applying fault-tolerance, named strategy switching, to deal with single event upsets (SEUs) on Commercial off The Shelf (COTS) hardware. Strategy switching minimizes the effective unmitigated fault-rate by switching which tasks are to be run under a fault-tolerance scheme at runtime.

Dolly Sapra talks about her interest and experience as a woman in CS

Dolly Sapra is a Postdoctoral Researcher at University of Amsterdam, where she also completed her PhD under prof. A.D. Pimentel in Parallel Computing Systems (PCS) group. She holds an M.E. (Engineering) degree in Computer Science from BITS-Pilani, India. She turned to academic research after working in the industry as a software developer, for nearly a decade in India and in the U.K. Her current research is mainly focused on neural architectures for embedded devices, which includes multi-objective neural architecture search and adaptive architectures for resource constrained systems. She enjoys supervising graduate and undergraduate projects in the domain of neural networks and edge devices. In the ADMORPH project she brings her expertise in Design Space Exploration for adaptive systems.

Your education background is in Computer Science and Engineering. Did you always fancy computer technology? What was your main motivation to pursue a path in this technological area?

I was introduced to programming at a young age by my school. My first program was written in BASIC language, when I was 10 years old. It was a love at first sight kind of feeling for coding and computers at that time. I knew as a young girl that I am going to be connected to programming in some way throughout my growing up years and later as an adult.

During my engineering studies (bachelors and masters) I developed a keen interest in computer systems. Even though I was not involved in direct systems research during my career as a software developer in the Industry, I loved getting back to it when I joined PCS group as a guest researcher.

I was looking at your LinkedIn profile and saw that before moving to academia you worked in several companies. Based on your experience, would you say that females have the same opportunities than males in the industrial sector?

It depends. I have worked in 3 countries now – India, the UK and the Netherlands. The biases against woman are different in each country and so are the opportunities and struggles. For example, in India, I never heard the bias that “women cannot be good programmers”. The first time I received a comment that I do not look like a software developer was in the UK. I have heard similar stories in the Netherlands on the lines that it is surprising to see a good female computer scientist. The gender bias in India is different – generally related to the notion that a working woman needs more flexibility at her workplace and so is not very reliable. The gender bias in Europe is related to the notion that women are not very good at programming and technical skills.

In my experience, the opportunities in the industrial sector also reflect these biases in the respective country. A new mom finds it extremely hard to land a new (better) job, get promoted and manage that elusive work-life balance in India. European companies allow more flexibility, but a woman still has to constantly prove her worth and skills to be taken seriously in her work environment.

What made you move away from industry and work for becoming PhD?

I was on a year-long sabbatical when I moved for my husband’s work-related transfer to the Netherlands. It was supposed to be a short stay in Amsterdam and then we were to go back to London. I was in dilemma whether to spend my energy in looking for a new job and resign soon after or just do something for fun. In the end I decided to work as a guest researcher at the local university, which turned into an offer to do more research as a PhD candidate. I quite enjoyed the academic world and its challenges, so decided to stay in the country and pursue the PhD degree.

Can you tell us about your work in ADMORPH? Are you applying your expertise in Machine Learning?

In the ADMORPH project, I bring my expertise in Design Space Exploration (DSE), for systems design and dynamic optimization. The aim of DSE is to design fault tolerant embedded systems (with task deadlines). The system needs to react to resource failures over a long period of time, so the task deadlines are always satisfied. This allows the system to be adaptive in order to have better reliability.

I am also looking at Reinforcement Learning based techniques to improve the current DSE algorithm.

Finally, what would you say to young female students to attract them to Computer Science?

Live your life by your strengths, not weaknesses. Spend some time reflecting on what you are good at and make your career where you can work with your strengths. If computer science excites you and if programming and its logical creativity stimulates you, do not be afraid to follow a technical path.

If you find you are alone on your path, reach out beyond your immediate world to find your tribe. There are many people who will be on the same journey as you – you only need to look beyond your bubble. Send emails, get active in forums, even look out on social media, there are now a ton of influencers and role-models telling their unique stories and providing words of wisdom and encouragement.

Thanks for sharing with us your perspectives, and best wishes for your career!

Developing automatic validation of safety and security cases for adaptive systems

ADMORPH is investigating safety- and security-critical systems and we will investigate the safety and security properties of PikeOS resources in a graph model as domain-specific system modelling language (DSML). The goal is to enhance the security in complex safety-critical embedded systems design, by assisting system integrators in configuring their system with an analysis of interference between system components.

The development of a proof of concept has started in September: We have investigated the importability of XML configuration files for generation of graph-based models for a simple model for potential information flows between user-defined configurations of a separation kernel. While the approach is representation-independent, for storage, inspired from a German national project, we have explored the use of the Neo4j graph database and used XSLT for transforming the data.

Developping experimental PikeOS extensions for runtime adaptation

We are happy to share new developments in the context of the ADMORPH project. In concrete, we developed the following two main experimental extensions to SYSGO’s PikeOS real-time OS to support runtime adaptation research in ADMORPH project.

Thread Migration

We introduce support for monitoring CPU core affinity of threads during runtime. The problem addressed here is related to runtime faults in the CPU potentially caused by a heavy usage of a specific core.

Our goal is to adapt the execution on this core in function of its current usage. A heavy usage can cause overheating of the core. Resulting arbitrary faults are more likely to occur and to damage the system, in comparison to a scenario with nominal CPU core usage.

Hence, we want to reduce the activity of the given core, before such core usage issues occur during runtime. For this, we introduce support for runtime thread migration in PikeOS: it is now possible, during runtime, to migrate the execution of a thread to another (pre-configured) CPU core. Thus, we let the initial CPU core cool down before continuing execution.

Time Partition Shifting

We introduce support for scheduling adaptation in a PikeOS system. In certified real-time systems such as PikeOS, scheduling schemes are defined very static to guarantee the deterministic execution of critical tasks. In a standard PikeOS version, we statically define in the scheduling scheme(s) specific time windows for tasks to execute. As the goal – especially for safety-critical tasks – is for the task to meet its deadline (i.e. terminating before the end of its pre-configured time window), the system integrator is likely to configure conservative (i.e. safe) time windows, which would be longer than the WCET of the task. However, the cases when the task execution time reaches its WCET are supposed to be rare.

Hence, the CPU is idle until end of the time window instead of doing actual work. Nevertheless, note that PikeOS allows background activity with time partition 0 on every CPU cores (as described in the PikeOS User Manual).

Thus, we introduce a new functionality in PikeOS for a task to notify the system that it has returned at the end of its job in the current time window. After that, the system shifts the following time windows, so that the next task in the schedule can start the execution earlier. This time partition shifting property propagates, so that tasks can possibly have more time to execute than the pre-configured time window. This also means that the latest the time window is configured, the less likely is for the corresponding task to execute beyond its deadline.


Adaptivity in automated production systems

Adaptivity will be a key enabler of future embedded computer systems and systems of systems, while providing protection against faults and attacks. The ADMORPH use-cases already now give great examples of the potential of adaptive systems, no matter if we look at the radar surveillance, the subway transport systems or the autonomous aerospace systems. In all three cases, adaptivity provides the necessary means to develop reliable and fault-tolerant systems despite immense complexity and stringent requirements on the extra-functional behaviour. But of course, these three use-cases are clearly not the full picture and many other complex systems may profit from adaptivity, as well.

A large initiative in the Augsburg region, the AI Production Network Augsburg (link in German only), has recently been started to explore the future of AI-based automated production systems — systems that share many of the requirements and challenges of our use-cases. We will present the methods, techniques and tools developed within ADMORPH to our regional academic and industrial partners. Together, we will explore their applicability to the broader context of production technology.


The AI Production Network Augsburg is an association of the University of Augsburg with the Fraunhofer Institute for Casting, Composite and Processing Technology IGCV, the Augsburg Center for Lightweight Production Technology (ZLP) of the German Aerospace Center (DLR) and the University of Applied Sciences Augsburg. The aim is joint research into AI based production technologies at the overplap between materials, manufacturing technologies, data-based modeling and digital business models.

© Universität Augsburg


The ADMORPH Railway System Use Case


Our goal with the Railway System Use Case is to exploit ADMORPH tools to create robust and reliable communication between the train and the ground part of the railway system.

The data transmission system between the train and the ground part of the operator’s system consists of a pair of MCG-GCG communication units (Mobile Communication Units and Ground Communication Unit), as shown in the figure below. The purpose of these units is to interconnect the trusted parts of the on-board system with the trusted parts of the ground system through an untrusted wireless network environment.


The robustness of the system (security and availability of the service) is achieved by the redundancy of communication channels (optimally managed by the systems of various telecommunications operators) and the use of an application that continuously evaluates the status and parameters of transmission channels. Based on the set criteria (security, transmission quality, etc.), the application will adapt the operating mode of the data connection, as illustrated in the following figure.

Use of project tools

To achieve a sufficient level of protection for the trusted part of the MCG and the mutual separation of communication channels A and B, the PikeOS hypervisor is used, which will allow the physical device to be divided into several independent logical parts. For the needs of the use case, the HW of the commercial communication unit, illustrated below, was configured to create three independent parts:

  • two mutually isolated communication parts for Channel A and Channel B, represented by partition A and partition B.
  • a part for the needs of the control application, represented by partition C.

Linux OS is installed in partitions A and B, which allows to easily integrate commercial peripherals. Partition C is without an OS (so-called native PikeOS partition), configured for the needs of the static scheduler CECILE.

In addition to the above system, the MCG may contain other partitions with train diagnostics and control applications, which are not part of the project. The resulting MCG configuration is shown in the next figure, where secure communication between Linux partitions A, B, and control partition C can also be seen. Two pairs of queuing ports are used to communicate with modems. This is one of the system’s security tools.

Application development toolset

The TeamPlay coordination language and the CECILE static scheduler will be used to create the control application. Therefore, a tool was created to convert the output of the CECILE coordination compiler to a format suitable for the Target Compiler and Linker CODEO (Sysgo’s IDE), which generates binary code for the native PikeOS partition. The figure below shows a test application written in TeamPlay and its console output when running on a PikeOS partition.


The integration of the TeamPlay and CECILE development tools for the PikeOS environment completed the second stage of the demonstrator’s development. Verification of the functionality of the test module on the target HW platform was a condition for using the toolkit to create a control application that should reach a level suitable for operational verification of the system

Paper accepted to IEEE Control Systems Letters

A new ADMORPH paper has been accepted for publication. The paper, entitled “Stability of Linear Systems under Extended Weakly-Hard Constraints”, will appear in IEEE Control Systems Letters, a highly ranked journal (Scimago Q1).

The paper proposes a comprehensive stability analysis for control systems subject to deadline misses bounded by the weakly-hard model. In the paper, the classical weakly-hard model is extended in order for the analysis to cover additional scheduler configurations. Using properties inherent to the weakly-hard model, we also prove analytic bounds on the stability of embedded systems subject to a broad class of other weakly-hard constraints. The proposed analysis calls for modularity and separation of concern, thus bringing the assessment of control systems stability one step closer to the real-time implementation.

ADMORPH at HiPEAC’22, in Budapest

The ADMORPH project was present at the HiPEAC 2022 Conference, which took place in Budapest, Hungary, from 20 to 22 of June.

ADMORPH posters were visible in the coffee-break area throughout the entire event, while an ADMORPH flyer highlighting the project vision, objective, use cases and architecture and technologies, was distributed to HiPEAC participants.

Furthermore, on June 20 the project participated in the DL4IoT workshop, with a presentation given by Stafanos Skalistis.

Marine Kadar talks about her interest and experience as a woman in CS

Marine Kadar works as project research engineer at SYSGO. She received her PhD from the Real-Time Systems Chair of TU Kaiserslautern in 2022. Her PhD study applied in the scope of FORA, a European training network in Horizon 2020 Research and Innovation project. She investigated how to develop and deploy intrusion detection solutions into embedded mixed-criticality systems, evaluating the solutions in an industrial environment, using SYSGO’s PikeOS real-time hypervisor. Before her PhD, Marine received her engineering degree from ENSIMAG engineering school (France), with a specialization on embedded systems.

Was there a particular reason for you to take an engineering course?

Retrospectively, taking an engineering course was a logical decision in my education path. At school, I have always been interested in science and math. Most of all, I find scientific reasoning fascinating and I enjoy solving practical problems.

After 2 years of generic preparatory classes, I decided to take a course in math and computer science. I then focused on embedded systems, at system low level with hardware mechanisms and operating system programming. I particularly liked security-related problems: e.g. attack methods to hijack a program and countermeasures to protect a systems against such threats. I chose to do my PhD in the domain of embedded system security with the motivation to learn more on the topic.

Since you got your PhD, not too long ago, you already worked in a few companies. Was your decision to go to the industry motivated by the will to do more applied work, rather than fundamental research?

During my engineering studies, I had the opportunity to do internships in a research lab and several companies. I enjoyed different aspects of both work environments: for example, real-life problems in industry and relative freedom in research. That is one main reason, why I chose to do a PhD in an industrial environment. The principal contribution of my PhD was indeed to integrate and evaluate security solutions into industrial embedded mixed-criticality systems, using a commercial industrial platform.

The STEM areas are typically male dominated. Did you felt any difference concerning the opportunities given to women, when moving from an academic environment to the industry?

I did not feel a difference between my studies in the university and working in the industry in regard to opportunities given to women. As there were very few women in my computer science course, I logically met very few women with programming skills in the companies where I worked.

Can you tell us about what you are working on in the context of ADMORPH?

In ADMORPH, I am responsible for SYSGO’s contributions in the project. I have been working on developing PikeOS (i.e. SYSGO’s real-time hypervisor) extensions to support runtime mechanisms in ADMORPH system architecture. These include fault detection methods and adaptation solutions to support ADMORPH use-cases.

My main focus is on the topic of fault and intrusion detection, which is directly related to my PhD work. I contributed to the implementation of a hardware-assisted framework based on ARM CoreSight processor tracing technology to implement transparent control-flow monitoring of a user-level application during runtime. I participated to the evaluation of this monitoring framework in a real-life environment using PikeOS real-time hypervisor and a commercial hardware target.

Finally, if you would be talking to young girls about their future career, would you try to convince them about the relevance of working in a technological area? How would you motivate them?

Since I started to study general science and then when I specialized in computer science, the ratio of girls fell down below 10%. In my opinion, this result is mostly due to personal choices (without constraint), which are influenced by our day-to-day environment: family, role models, school, medias, politics, etc. Changing the society towards more gender equality is a non-trivial political goal. I do not think that one speech can easily make someone change his/her mind on such personal matter.

Hence, more than convincing young girls to choose a career in a technological area, I would emphasize the need for them to do what they like and to be independent, so that they can be free to make their own choices.

Thanks a lot for your answers, Marine!