Due to strict timing requirements, designing embedded real-time systems for safety-critical applications is inherently complex. The design paradigm should not only be able to guarantee that the final system works but also fulfill the safety-critical specifications and requirements. This paper proposes a design approach for embedded systems using T-CREST, a time-predictable hardware platform, and ForSyDe, a modeling framework supporting the formal design of embedded systems. We designed different use cases, performed preliminary experiments, and demonstrated the possibility of using this method. Furthermore, we perform worst-case execution time (WCET) analysis of our example applications.

We present SynQ, an embedded DSL (EDSL) targeting synchronous system design with quantitative types. SynQ is designed to facilitate semantically coherent system design processes by language embedding and advanced type systems. The current case study indicates the potential for a seamless system design process.

This article presents an elementary change detection algorithm designed using a synchronous model of computation (MoC) aiming at efficient implementations on parallel architectures. The change detection method is based on a 2D-first-order autoregressive ([2D-AR(1)]) recursion that predicts one-lag changes over bitemporal signals, followed by a high-parallelized spatial filtering for neighborhood training, and an estimated quantile function to detect anomalies. The proposed method uses a model-based on the functional language paradigm and a well-defined MoC, potentially enabling energy and runtime optimizations with deterministic data parallelism over multicore, GPU, or FPGA architectures. Experimental results over the bitemporal CARABAS-II SAR UWB dataset are evaluated using the synchronous MoC implementation, achieving gains in detection and hardware performance compared to a closed-form and well-known complexity model over the generalized likelihood ratio test (GLRT). In addition, since the one-lag AR(1) is a Markov process, its extension for a Markov chain in multitemporal (n-lags) analysis is applicable, potentially improving the detection performance still subject to high-parallelized structures.

Functional programming languages are recognised for their high abstraction level, high expressiveness, formal semantics, and correspondence to formal logic. However, the utilisation of functional languages in system design is limited because the existence of stateful, black-box components, e.g., simulation models and legacy components, breaks the functional languages' ground. Existing solutions to this situation, e.g. monads, are sub-optimal due to their ad-hoc and over-constrained nature. To address this challenge, we employ the quantitative type theory (QTT), which combines the dependent and linear (resource) type systems, for component specification. QTT enables stateful components to be used as pure functions with minimised restrictions. To this end, a functional language with QTT can be used for glue specification in a component-based design framework with all its advantages leveraged. The proposed approach is demonstrated by a case study in which a QTT-based RV32I instruction set architecture (ISA) specification in Idris2, a Haskell-like language, is simulated, verified, transformed and implemented in Verilog HDL by utilising properties of pure functions, which confirms the advantages of the proposed approach.

To fully utilize multi-processors, new tools are required to manage software complexity. We present a novel technique that enables automating hierarchical process network transformations to derive optimized parallel applications. Designers leverage a library of process constructors and data-parallel algorithmic skeletons, utilizing the well-defined semantics of a restricted set of operators. This carefully chosen set addresses both temporal and spatial aspects of computation, enabling the automated identification of various parallel patterns. We utilize an augmented version of a meta-modeling framework grounded in system graphs and trait hierarchies to generate an intermediate representation (IR) of the system model to simplify automatic transformations and evaluations. Our augmentation allows for capturing skeletons and hierarchical networks. By meticulously selecting the underlying framework, we alleviate the need for tool integration in our design flow. We validate our approach through a proof-of-concept implementation, where our automated tool applied 193 transformations to fully parallelize an image processing application.

Design space exploration (DSE) is a key activity in embedded design processes, where a mapping between applications and platforms that meets the process design requirements must be found. Finding such mappings is very challenging due to the complexity of modern embedded platforms and applications. DSE tools aid in this challenge by potentially covering sections of the design space that could be unintuitive to designers, leading to more optimised designs. Despite this potential benefit, DSE tools remain relatively niche in the embedded industry. A significant obstacle hindering their wider adoption is integrating such tools into embedded design processes. We present two contributions that address this integration issue. First, we present the design space identification (DSI) approach for systematically constructing DSE solutions that are modular and tuneable. Modularity means that DSE solutions can be reused to construct other DSE solutions, while tuneability means that the most specific DSE solution is chosen for the target DSE problem. Moreover, DSI enables transparent cooperation between exploration algorithms. Second, we present IDeSyDe, an extensible DSE framework for DSE solutions based on DSI. IDeSyDe allows extensions to be developed in different programming languages in a manner compliant with the DSI approach. We showcase the relevance of these contributions through five different case studies. The case study evaluations showed that non-exploration DSI procedures create overheads, which are marginal compared to the exploration algorithms. Empirically, most evaluations average 2% of the total DSE request. More importantly, the case studies have shown that IDeSyDe indeed provides a modular and incremental framework for constructing DSE solutions. In particular, the last case study required minimal extensions over the previous case studies so that support for a new application type was added to IDeSyDe.

A challenge in designing resource-constrained embedded systems for digital signal processing (DSP) is their complexity due to their vast design spaces, where only a fraction of implementations are feasible or optimal. A crucial tool to aid in this challenge is automated design space exploration (DSE). However, no exact, multi-objective, and preference-free DSE approach exists for DSP applications on resource-constrained embedded platforms. We propose a novel DSE solution with these ideal characteristics to perform DSE of analyzable DSP applications for tile-based multiprocessing embedded platforms. Our proposal harmonizes the exactness of constraint programming (CP) and the exploration efficiency of genetic algorithms (GA). Through this synergy, no single-objective reduction strategy or a priori objective preferences is required. We evaluate the proposal through state-of-the-art single-objective case studies and multi-objective case studies inspired by these. The evaluations show that our proposal improves the single-objective state-of-the-art and finds high-quality approximate Pareto-frontiers for the multi-objective case study. Therefore, our proposal is a more performant single-objective DSE solution than the state-of-the-art, and it is the first exact, multi-objective, and preference-free DSE approach for the problem addressed.

    Future avionic systems will be increasingly automated. The size and complexity of the avionics functions in these systems will increase likewise. The degree of attainable automation directly depends on the avionics system's computing power and the efficiency of available tools that map the overall functionality onto the target heterogeneous platform architecture. In safety-critical scenarios, these automation tools must also provide safety guarantees that aid or drive the certification processes.

    In line with this automation goal, We propose a novel design space exploration technique for the mapping functionality on IMA platforms.    The design space exploration technique returns mappings of the functionality onto the platform that are safe and increasingly resource-efficient.    A safe mapping is one where the functional and extra-functional requirements are met.    A resource-efficient mapping is one where fewer processing elements are used to achieve a safe mapping.    More importantly, the proposed technique can return computational proof that no safe mapping is likely possible. This proof is key for safety-critical contexts.

    To demonstrate the suitability of our technique for avionics systems design scenarios, we investigate its use with an industrial avionics case based on the ones from the PANORAMA ITEA3 project. The case study includes two avionics functionalities,    one control functionality, and one streaming-like functionality. The platform is hierarchical and heterogeneous, with elements oriented for higher safety and elements oriented for higher performance.    The avionics case-study evaluation shows that our novel design space exploration technique's abstractions and assumptions adequately represent avionics design scenarios directly or through a systematic overestimation.

    The technique is openly available within the design space exploration tool IDeSyDe. Therefore, designers can immediately benefit from the optimality and safety guarantees given by our novel design space exploration technique in their avionics design process.

Small satellites empower different applications for an affordable price. By dealing with a limited capacity for using instruments with high power consumption or high data-rate requirements, small satellite missions usually focus on specific monitoring and observation tasks. Considering that multispectral and hyperspectral sensors generate a significant amount of data subjected to communication channel impairments, bandwidth constraint is an important challenge in data transmission. That issue is addressed mainly by source and channel coding techniques aiming at an effective transmission. This paper targets a significant further bandwidth reduction by proposing an on-the-fly analysis on the satellite to decide which information is effectively useful before coding and transmitting. The images are tiled and classified using a set of detection algorithms after defining the least relevant content for general remote sensing applications. The methodology makes use of the red-band, green-band, blue-band, and near-infrared-band measurements to perform the classification of the content by managing a cloud detection algorithm, a change detection algorithm, and a vessel detection algorithm. Experiments for a set of typical scenarios of summer and winter days in Stockholm, Sweden, were conducted, and the results show that non-important content can be identified and discarded without compromising the predefined useful information for water and dry-land regions. For the evaluated images, only 22.3% of the information would need to be transmitted to the ground station to ensure the acquisition of all the important content, which illustrates the merits of the proposed method. Furthermore, the embedded platform's constraints regarding processing time were analyzed by running the detection algorithms on Unibap's iX10-100 space cloud platform.

Model-driven engineering (MDE) addresses the complexity of modern-day embedded system design. Multiple MDE frameworks are often integrated into a design process to use each MDE framework's state-of-the-art tools for increased productivity. However, this integration requires substantial development effort. In this paper, we propose an MDE, framework based on a formalism of system graphs and trait hierarchies for programming-language-agnostic integration between tools within our framework and with tools of other MDE frameworks. Implementing our framework for each programming language is a one-time development effort. We evaluate our proposal in an MDE design process by developing a Java supporting library and an AMALTHEA connector. Then we perform an MDE, industrial avionics case study with both. The evaluation shows that our framework facilitates the integration of different tools and the independent development of different system parts. Therefore, our framework is a reliable MDE, framework that lowers the effort of integrating tools to benefit from their combined state-of-the-art.