Multi-Core Multi-Architecture
COMPILER BUIL D T OO L
PXROS-HR RE AL -T IM E O S
QKIT T OOL QUAL IF IC ATI O N
B2B CONSULT ING & S U PPO R T
Made in Germany HighTec EDV-Systeme is a privately owned company since establishment in 1982 and the world‘s largest commercial open source compiler vendor. HighTec ensures independence for the future and offers the most reliable and secure tools for embedded software development. The HighTec compiler is portable and always available for the latest chip revisions for our supported architectures ahead of general release.
HighTec offers complete development and consulting services in the areas of performance optimization, functional safety, porting from single core to multi-core systems and to the AutoSAR environment.
PXROS as a certified micro-kernel real time operating system provides the highest level of data protection, functional safety and robustness.
For more information please visit www.hightec-rt.com or call us at +49 681 926130.
Our innovative team is highly skilled and dedicated to quality. We are passionate about what we do and support our customers to both sustain and advance their market position.
COMPILER BUILD TOOL
30 years of experience: Advanced Multi-Core and Multi-Architecture Support leading optimization technology.
COMPILER
Compiler HighTec ensures independence for the future and offers the most reliable and secure tools for embedded software development.
MAIN FEATURES
• Multi-Architecture compiler
• HSM compiler and GTM assembler
• C/C++ compiler with leading optimization technology
• ISO 26262 qualification kit • Frozen version support
• Advanced Multi-Core Support on linker level (no source code change)
General optimization features
Multi-Architecture
The most advanced optimization technology of HighTec‘s compiler generates the fastest code in the smallest footprint. The compiler can be used via its command-line interface for batch processing or within an IDE e.g the Eclipse-based Safe Multi-Core Platform by HighTec. Our compiler is the fastest build system on the market and supports parallel compilation processes.
The HighTec compiler supports a wide range of embedded architectures and allows migrating at any time from one architecture to another. One development tool for different architectures reduces the learning curve, increases productivity and reduces the time to market. The following architectures are supported: •
The compiler consists of a: • Language-specific front-end • Global optimizer • Target-specific optimizer • Commercial libraries (no open source) The HighTec C/C++ compiler is fully EABI-compliant and conforms to the most recent ANSI/ISO C and C++ compiler standards, including C89, C99. The user can select different features like programming language, target architecture, performance level - optimize for speed or code size - and debugging level.
TriCore/AURIX Power Architecture • RH850 • ARM •
COMPILER
Target specific optimization • •
•
•
•
TriCore/AURIX: absolute addressing mode, circular Mixing PowerPC NON-VLE and VLE instructions of variable length encoding Legacy NON-VLE code is translated by the PowerPC assembler in equivalent VLE code Supported PowerPC features: VLE, SAT, LSP and dual-issue with pipeline optimization HSM compiler and GTM assembler
Small data area optimization can be used on certain architectures like AURIX, Power Architecure or RH850. These controllers offer various addressing modes that optimize code size and run-time behavior as address calculation can be omitted. The extensive link command language provides users fine-grain control to layout code and data in memory in the optimal way. Especially on multi-core targets the layout of code and data can improve the run-time behavior considerable. The HighTec compiler provides command line options to decompose pragma section statements in a way that each element is put in a separate sub-section without changing existing source code. The splitting in sub-sections gives the user the possibility to locate each element to the optimal memory location. By analyzing e.g. the frequency of data access in multi-core applications, it can be beneficial to locate some frequently used data elements of a section to the local memory of a core, which is much faster than global memories. The performance improvement on multi-core can be even more than 10%. Additional consulting services are provided by HighTec or our partners Gliwa and Timing Architects to optimize the overall performance of multi-core applications. Position-independent code (PIC) and position independent data (PID), which can be loaded at any address, is supported by the HighTec compiler. Based on an excellent collaboration with key semiconductor partners, HighTec‘s compiler is available for the latest automotive microcontrollers and supported together with the MCAL drivers by leading AUTOSAR operating systems vendors such as Elektrobit, ETAS and Vector.
Advanced Multi-Core Support In automotive multi-core applications so-called common linking is used. This means that the application, which is distributed over different cores, can share data or code. Most of automotive applications contain legacy code that originally was not designed to be used in a multi-core environment. Therefore migrating of applications from single core to multi-core without source code changes is highly desirable. To address this need, HighTec provides a so-called Advanced MultiCore Support to map easily code and data on linker level to different cores without the need to change the source code. This feature provides our customers programming flexibility and allows straight-
forward re-use of existing code with minimal efforts. Data exchange between different cores is handled by a hide-andvisibility concept, which specifies user-defined interfaces between the cores at linker level. Data and code have to be explicitly specified in order to be visible for any other cores than the one they belong to. The linker is able to interlink object files for different core architectures and to generate one resulting output ELF-file. This multi-core functionality is supported by leading debugger vendors such as isystem, Lauterbach and pls.
ISO 26262 With the new Compiler Qualification Kit (QKit) we provide our customers a tool to perform standard compliant qualification in a simple and easy way. The QKit consists of a Qualification Support Tool (QST) that has been developed in collaboration with Validas AG and an automated test framework. The QST includes a detailed model of the compiler tool chain and generates from the use cases of the customer the tests and documents needed for the qualification. Nowadays branch coverage analysis is required to fulfill the safety standard ISO26262. Tools typically use instrumentation of the source code for this purpose. However, instrumentation changes the binary code of the application and consequently the analyzed application and the final application differ. HighTec provides an alternative approach to perform branch coverage analysis. Instead of instrumenting the source code the HighTec compiler outputs the control flow of the application in a separate debug section of the application. This information can be used together with a debugger to perform a branch coverage analysis of the final application. Another important safety related measure is post build inspection of the final image. Error detection measures such as validation of the memory layout and the consistency of the final ELF-file are essential for safety related applications. For this purpose HighTec provides the following extensions: • •
Detailed Mapfile Dumper for ELF-files
The generated data, which is output in a standard XML format, contains also information about the core assignment of code and data. The inter-core communication is listed in the cross reference table in the Mapfile. Based on this information the user can write additional scripts to validate the output and the consistency of his application.
Frozen version support Safety-related applications require a complete control of the product lifecycle including the development tools like a compiler. HighTec offers its customers to have their own frozen branch of the compiler for which they control the lifecycle. Frozen Branch Maintenance allows customer to minimize the impact of compiler changes to their code as the customer can decide what updates and customized bug fixes to include and when new QA cycles will be run.
PXROS-HR Real- T ime O S
30 years of experience: Freedom of interference interrupt lock free.
PXROS-HR
Real-Time Operating system PXROS-HR is a powerful certified real-time operating system to master the complexity of future multi-core software development.
MAIN FEATURES
• Real-time micro-kernel OS
• SIL-3 certification support
(no interrupt locks)
• MPU protected Multi-Core inter-task communication (no shared memory needed, no spin-locks)
• Static and dynamic resource management
(fail-operational)
Real-time micro-kernel OS
Memory protected inter-task communication
PXROS-HR implements the concept of complete interrupt transparency. There are neither interrupt locks nor latencies caused by the micro-kernel and thus it can be interrupted at any time by an interrupt service routine. With PXROS-HR, an interrupt service routine (so-called handler) is completely controlled by the application. It can use a subset of OS services, e.g. to send signals via an event to a task. The OS services are not executed on the interrupt level, but when returning from the interrupt level to task level.
Strict encapsulation of all components is the most important safety-principle in PXROS-HR. The OS uses the hardware Memory Protection Unit (MPU) to protect all application objects at run-time including inter-task communication. PXROS-HR manages the MPU for a task and reprograms the corresponding MPU registers during context switches of the task. PXROS-HR pays particular attention to the implementation of inter-task communication as it has high relevance in multi-core applications. Main aspects of our solution are: •
Memory protected communication Avoidance of shared memory • Communication objects are passed as references • Protection of peripheral access •
PXROS-HR
In a multi-core environment a separate instance of the operating system is running with its own scheduler on each core. In PXROS-HR each task has its system wide unique ID. This allows to use the same programming patterns for inter-task and inter-core communication independent of the tasks running on a single core or as part of a multi-core application. As a consequence, a task can be assigned to a different core during development without changing any source code. This can be implemented at the push of a button action in an IDE e.g the Eclipse-based Safe Multi-Core Platform by HighTec. The inter-task communication within the operating system is not based on copying of data or using semaphores, but instead it is based on signaling via events and message passing. On both single core and multi-core data consistency is ensured by the OS controlled atomic transfer of references and access rights of a message. Data that represents the content of a message, is never copied to a message. Due to the fact that PXROS-HR has no interrupt locks and does not use any shared memory for communication the operating system can be used easily in a multi-core environment.
TASK 1
TASK 2
Data Protection Register
Data Protection Register
1 2 3 4 5 6 7 8
8 7 6 5 4 3 2 1
CONST
STACK
DATA
MESSAGE
MESSAGE
CONST
STACK
DATA
If the owner of a message (Task1) sends a message to a task (Task2) on the same or different core, the OS hands over the access right of the message to the receiver task. Illegal access or stack overflow of tasks are detected instantly at run-time by the MPU.
Static and dynamic resource management Many safety-related embedded systems require fail-operational behavior. This requirement can only be satisfied by an operating system that in addition to static configuration also supports dynamic re-configuration at run-time. An extended right management in PXROS-HR ensures that the dynamic aspects of OS enhance system availability without compromising safety and robustness. In order to avoid resource shortage or at least to limit its effects to the system, PXROS-HR provides a budget mechanism. Each task has quotas, from which consumed resources are deducted or to which released resources are reassigned. This means in particular, that as long as free objects are available, objects of any kind like tasks or messages can be created and released dynamically during run-time.
Time management The micro-kernel of PXROS-HR has no dependency to the hardware resources of a microcontroller. The time base can be defined by the user as an external clock e.g. by taking the Flexray cycle or by assigning a hardware timer. In addition to the standard scheduling the OS provides delay-job services to execute a user-defined function after a given number of ticks. The OS can capture critical events like deadline misses and report them as error events to the user in order to trigger a corrective action.
PXview
Certification support The certified micro-kernel PXROS-HR rigorously implements the concept of encapsulation and guarantees in this way freedom of interference. •
Safety concept and implementation approved by TÜV Support in certification • Easy to integrate safety library •
A graphical interface is used for visualizing the tracing information of tasks and services such as: •
The micro-kernel, which manages the MPU, is executed in supervisor mode whereas tasks and handlers are executed in user mode. Due to the strict memory protection of tasks including the driver tasks any malfunction is encapsulated which prevents error propagation. The vital and safety functions are protected. This is a crucial advantage in reducing complexity; moreover it opens new ways to modular testing and verification.
Scheduling Message passing • Event handling •
Summary PXROS-HR is an innovative solution that covers the trend of increasing safety and security requirements while keeping on the one hand the best performance and on the other hand hardware resource needs at minimum.
QKIT Tool Qualification
”Quality is not an act, it is a habit.” Aristoteles
QKIT
Qualification Kit HighTec EDV-Systeme strongly supports its customers in qualifying the compiler tool chain by offering them appropriate error detection and mitigation strategies. Moreover, HighTec EDV Systeme — in collaboration with Validas AG — developed a Qualification Kit (QKit) that automates almost all parts of the qualification process.
MAIN FEATURES
• Qualification up to ISO26262 ASIL D, IEC 61508 SIL4, EN 50128 SIL4 • Available for multiple architectures including TriCore/AURIX and Power Architecture
• Significantly reduced effort due to automated qualification process and document generation • Transparent, traceable validation process • Flexible and extensible due to model-based approach • Extended support on demand
Features The Qualification Support Tool (QST) and a Test Automation Unit (TAU) are the main components of the QKit.
QKIT
Use Cases
Generated Documents Tool Classification Report Tool Safety Manual
Qualification Support Tool Tool Chain Model
Test Plan
Test Results
Test Automation Unit SuperTest
Perennial
Tool Qualification Plan Tool Qualification Report
DejaGNU
Qualification Support Tool The QST contains an extensive model of the tool chain modeling The structure of the tool chain with its tools (e.g. compiler, assembler), artifacts (e.g. *.c, *.o files), and tool-features (e.g. compiler options) • Potential errors and known bugs (e.g. file corruption, semantic errors) • Mitigation measures for a set of errors • Test cases for those errors that cannot be mitigated • An extensible set of use cases of the tool chain Moreover the QST contains a model of the qualification process guiding the user step by step through the qualification. Guided by a graphical user interface the user chooses from the set of predefined use cases or specifies new ones by selecting the required features. •
For all specified use cases the QST computes A list of measures to mitigate the potential errors of these use cases; these measures will be described in the safety guidelines of the generated Tool Safety Manual • The resulting tool confidence level; this will be documented in the generated Tool Classification Report. • A list of tests that have to be performed in order to provide evidence that those potential errors that cannot be mitigated will not occur with these use cases; the tests will be described in the generated Tool Qualification Plan and they will be performed automatically by the TAU. After running the tests the test results are imported by the QST and documented in the generated Tool Qualification Report.
Generated Documents Tool Classification Report •
Description of the TCL derivation method Overview (Table with TCL for each component of the tool chain) • Determination of TCL for each use case and for each of the components (Compiler, Assembler, Linker) considering potential errors and their mitigation measures •
Tool Safety Manual •
Description of method Requirements tracing to standards • Tool dependent safety guidelines • Usage dependent safety guidelines • Operation dependent safety guidelines •
•
Tool Qualification Plan •
Use cases and features with qualification need (references to use case definitions) • Validation goals, Requirements of standard and how they are to be satisfied • Qualification environment • Planned qualification process
Tool Qualification Report •
Test Automation Unit The Test Automation Unit integrates different test suites and that can be extended in an easy way. It can drive • SuperTest Rembrandt Release - Update 3 of Solid Sands B.V. for massive testing against the different language standards • Perennial validation suite • The DejaGNU test suite for GNU GCC The TAU supports output of the test results in the JUnit format that might be helpful for the integration with CI-servers.
Use cases and features that have been qualified (references to use case definitions) • Test environment • Test results and analysis for test cases with result not equal to PASS • Executed qualification process
CONSULT ING & SUPPORT
”We can‘t solve our problems by using the same kind of thinking we used to create them.” Albert Einstein
C O N S U LT I N G & S U P P O R T
Support HighTec user driven support is internationally well accepted in the embedded world.
A team of high qualified engineers is available for your assistance: •
Configuration setup Update service • Frozen version support •
HighTec helps you to be highly efficient: •
24 hour response time Phone assistance • On-site support • Private support portal • Dedicated support manager •
Call us: +49 681 92613 16 email: support@hightec-rt.com
C O N S U LT I N G & S U P P O R T
Consulting Multi-Core •
Migration to Multi-Core Performance optimization • 3rd party tool integration •
Safety •
Development of error detection measures Validation and qualification service • Functional safety concepts •
AutoSAR • Concept • Development • Integration
of customer‘s modules On-site support • Training •
Partnership •
Preferred Design House of Infineon Freescale connect partner • ST tool partner •
Call us: +49 681 92613 33 email: consulting@hightec-rt.com
Headquarter Europe Feldmannstraße 98 D-66119 Saarbrücken GERMANY
Tel.: +49 681 926130 | www.hightec-rt.com | info@hightec-rt.com