基于多核异构操作系统的动态冗余可靠机制研究  

作　　者：何瑞琦 张凯龙[1] 吴金飞 于强 张家铭 HE Ruiqi;ZHANG Kailong;WU Jinfei;YU Qiang;ZHANG Jiaming(School of Software,Northwestern Polytechnical University,Xi’an 710129,China;School of Computer Science,Northwestern Polytechnical University,Xi’an 710129,China)

机构地区：[1]西北工业大学软件学院,西安710129 [2]西北工业大学计算机学院,西安710129

出　　处：《计算机科学》2025年第4期33-39,共7页Computer Science

基　　金：国家自然科学基金(61972318);陕西省重点研发计划(2023-GHZD-47);上海航天技术研究院产学研合作基金项目(SAST2024-007)。

摘　　要：针对当前嵌入式系统的混合部署需求和功能安全需求,提出了一种动态异构冗余的操作系统架构DHR-OS。面向混合部署需求,该架构设计了异构操作系统的混合部署模式,即在多核CPU上以Linux为主操作系统,动态部署RTOS从操作系统镜像。同时,为了操作系统间的协同工作,利用OpenAMP(Open Asymmetric Multi-Processing)实现了主从操作系统间的通信,并基于OpenAMP进一步实现了设备驱动的时分复用、远程过程调用(Remote Procedure Call,RPC)、中断转发路由机制。面向功能安全需求,该架构设计了一套调度、分发、裁决为一体的关键任务安全执行机制。具体地,Linux操作系统事先对RTOS核心做池化处理,当执行关键任务时,从RTOS内核池中调度若干RTOS核心作为任务执行环境,在Linux侧的裁决器基于加权投票的分布式共识算法,处理RTOS核心任务返回的结果。通过上述设计增强了系统的灵活性和抗攻击能力。该工作为嵌入式系统的混合部署和功能安全需求提供了一种新的系统架构解决方案,具有一定创新性和实用价值。In response to the hybrid deployment requirements and functional safety needs of current embedded systems,this paper proposes a dynamic heterogeneous redundant operating system architecture,DHR-OS.Designed for hybrid deployment,the architecture features a mixed deployment model of heterogeneous operating systems,where Linux serves as the primary operating system on a multi-core CPU,while RTOS is dynamically deployed from the operating system image.To facilitate collaboration between operating systems,communication between the master and slave operating systems is implemented using OpenAMP.Furthermore,based on OpenAMP,mechanisms for time-division multiplexing of device drivers,remote RPC calls,and interrupt forwarding routing are established.To address functional safety requirements,the architecture includes a critical task safety execution mechanism that integrates scheduling,dispatching,and adjudication.Specifically,the Linux operating system pre-processes a pool of RTOS cores.When executing critical tasks,several RTOS cores are scheduled from this pool to serve as the task execution environment.The adjudicator on the Linux side processes the results returned by the RTOS core tasks using a distributed consensus algorithm based on weighted voting.This design enhances the system’s flexibility and resilience against attacks,providing a novel architectural solution to the hybrid deployment and functional safety needs of embedded systems,with significant innovation and practical value.

关 键 词：异构动态冗余 混合部署 功能安全 分布式共识 

分 类 号：TP316[自动化与计算机技术—计算机软件与理论]