Building a safe and secure embedded world
AURIX™ 2G compiler and tool support for industrial system applications
❖ TASKING set of tools - quick overview
▪ Quick overview about the TASKING products. The TASKING portfolio covers a wide range including the tool-chain for AURIX™, performance optimization and finally safety related solutions.
❖ Pin Mapper
▪ Package customization using the pin selection and pin configuration
▪ Simple Demo [Low level drivers code generation]
❖ Compiler Set up in VX-Toolset for TriCore™
▪ Quick overview over the TASKING TriCore™ Eclipse IDE
▪ TASKING TriCore™ Compiler feature
⮚ Optimization settings (Size and Speed optimization)
⮚ Static code analysis (Misra-C and Cert-C)
⮚ Debugging capabilities
⮚ TÜV “Fit for Purpose” Certification
❖ TASKING Embedded Profiler / Safety Checker
▪ Quick overview over the TASKING Embedded Profiler and Safety Checker
▪ Use case: locate stall cycles when multiple cores access the same memory
▪ Small Safety Checker example
Agenda
❖ TASKING set of tools - quick overview
▪ Quick overview about the TASKING products. The TASKING portfolio covers a wide range including the tool-chain for AURIX™, performance optimization and finally safety related solutions.
❖ Pin Mapper
▪ Package customization using the pin selection and pin configuration
▪ Simple Demo [Low level drivers code generation]
❖ Compiler Set up in VX-Toolset for TriCore™
▪ Quick overview over the TASKING TriCore™ Eclipse IDE
▪ TASKING TriCore™ Compiler feature
⮚ Optimization settings (Size and Speed optimization)
⮚ Static code analysis (Misra-C and Cert-C)
⮚ Debugging capabilities
⮚ TÜV “Fit for Purpose” Certification
❖ TASKING Embedded Profiler / Safety Checker
▪ Quick overview over the TASKING Embedded Profiler and Safety Checker
▪ Use case: locate stall cycles when multiple cores access the same memory
▪ Small Safety Checker example
Agenda
TASKING: A Full Set of TriCore/AURIX™ Development Tools
Compiler - Optimized to leverage critical features of target processors, and
developed with ASPICE CL2 processes to qualify for safety-critical applications.
Includes Debugger and Linker/Locator.
Embedded Profiler - More than performance measurement, it shows you
the source of the performance bottleneck and how to optimize your code.
LAPACK Performance Libraries - Provides rapid and accurate
solutions to complex mathematical operations - all within a safety-critical environment.
Embedded Debugger - At an accessible price, your team can finally own
enough debuggers so you can verify code functionality without workflow delay.
Safety Checker - You can ensure freedom from interference with static safety
analysis of your code.
Compiler Qualification Kit - Required documentation pertaining to the
TASKING toolset helps streamline your ISO 26262 safety certification process..
❖ TASKING set of tools - quick overview
▪ Quick overview about the TASKING products. The TASKING portfolio covers a wide range including the tool-chain for AURIX™, performance optimization and finally safety related solutions.
❖ Pin Mapper
▪ Package customization using the pin selection and pin configuration
▪ Simple Demo [Low level drivers code generation]
❖ Compiler Set up in VX-Toolset for TriCore™
▪ Quick overview over the TASKING TriCore™ Eclipse IDE
▪ TASKING TriCore™ Compiler feature
⮚ Optimization settings (Size and Speed optimization)
⮚ Static code analysis (Misra-C and Cert-C)
⮚ Debugging capabilities
⮚ TÜV “Fit for Purpose” Certification
❖ TASKING Embedded Profiler / Safety Checker
▪ Quick overview over the TASKING Embedded Profiler and Safety Checker
▪ Use case: locate stall cycles when multiple cores access the same memory
▪ Small Safety Checker example
Agenda
6
● Full support for AURIX™ and
AURIX™ 2G
● Supports all package formats.
● Configure particular device pins
to satisfy a specific set of
peripheral and I/O
requirements.
● Select best fitting device that
supports the peripherals and
I/O features listed in system
requirements
● Different views like the Package
View that provide information
about the pin status
TASKING Pin Mapper
7
● Intuitive Eclipse based GUI.
● Automatic detection of Pin
conflicts.
● Configuration issues can be
resolved by hand or automatically
by the Pin Mapper.
● Automatic generation of pin
initialization code compatible with
iLLD drivers.
● Generate a pin configuration file
to be used with Altium Designer
● Can also generate a pin
configuration file in CSV format.
TASKING Pin Mapper
8
Demo
TASKING Pin Mapper
❖ TASKING set of tools - quick overview
▪ Quick overview about the TASKING products. The TASKING portfolio covers a wide range including the tool-chain for AURIX™, performance optimization and finally safety related solutions.
❖ Pin Mapper
▪ Package customization using the pin selection and pin configuration
▪ Simple Demo [Low level drivers code generation]
❖ Compiler Set up in VX-Toolset for TriCore™
▪ Quick overview over the TASKING TriCore™ Eclipse IDE
▪ TASKING TriCore™ Compiler feature
⮚ Optimization settings (Size and Speed optimization)
⮚ Static code analysis (Misra-C and Cert-C)
⮚ Debugging capabilities
⮚ TÜV “Fit for Purpose” Certification
❖ TASKING Embedded Profiler / Safety Checker
▪ Quick overview over the TASKING Embedded Profiler and Safety Checker
▪ Use case: locate stall cycles when multiple cores access the same memory
▪ Small Safety Checker example
Agenda
10
⮚ Full TriCore™ Integrated Development Environment with full user control over different optimization levels
TASKING VX-Toolset for TriCore™>> Optimization settings (Size and Speed optimization)
11
⮚ Software development guidelines ( Cert-C and Misra-C )
TASKING VX-Toolset for TriCore™ >> Static code analysis (Misra-C and Cert-C)
TASKING VX-Toolset for TriCore™ >> Debugging capabilities
TASKING Embedded Debugger
● Stand-alone streamlined single and multicore
debugging for TriCore™ cores.
● Instruction set simulator for TriCore™ and auxiliary
cores (GTM, HSM,SCR …)
● ECLIPSE-based standalone tool, or integrated as a
plugin into Eclipse Mars env.
● Same features as the Integrated Debugger
● Price allows multiple debuggers, eliminating
bottlenecks waiting for a debugger
13
■ ECLIPSE based OCDS/MCDS hardware debugging.
■ Out-of-the box board support for development boards from Infineon and several 3rd parties.
■ C/C++ and Assembly language support.
■ Debugging of highly optimized code is supported,
□ supporting TASKING VX-toolsets for TriCore™ v4.2r2 and up.
■ C/C++ expression evaluation.
■ Symbolic access to special function registers (SFR).
■ Elaborate run-control with multi-core start/stop synchronization.
■ On-chip breakpoints and watchpoints also known as data breakpoints.
■ Unlimited number of breakpoints in RAM.
■ Basic trace support in instruction set simulator.
■ Script based testing
■ File system virtualization to easily move data from the target to the host for further analysis.
TASKING VX-Toolset for TriCore™ >> Debugging capabilities
14
TASKING Compiler
Verify Compliance
to MISRA C &
CERT C guidelines
Safety Checker
TASKING
SAFETY
TÜV certified & ASPICE CL2
compliant
Static Code-
Analysis Tools
Compiler Qualifica-
tion Kit
Verify freedom from interference between different ASIL based SW components
TASKING
Services
TASKING VX-Toolset for TriCore™ >> Safety ECO-System
Provide Evidence
For ISO 26262
Compliance
In TASKING, we are not creating tools, we are developing a complete safety ecosystem.
“In this assessment TÜV confirmed
that the toolset is suited for
development of ASIL D software
at TCL3 tool confidence level”
~ TÜV Nord
“Fit for Purpose” Certification
Performance Optimization
15
TASKING VX-Toolset for TriCore™ >> Certification Benefits
FULL FLEXIBILITY
One Qualification kit fit for
all standards. Certificate
covers safety standards:
- ISO 26262 (automotive)
- EN 50128 (railway)
- ISO 25119 (tractors, ...)
LESS QUALIFICATION
EFFORT
There is no need to do tool qualification
as long as the customer comply to our
guidance in the safety manual
CUSTOM USE CASE
SUPPORT
In TASKING we provide our services to
qualify a certain customer specific use
case. Lifting the workload of the
qualification from the shoulders of our
customers.
LESS WORK PRODUCTS
Less work products as
customer does not need to
create the work product
“Software Tool Qualification
Report”. That is a big time-
saver for customers.
❖ TASKING set of tools - quick overview
▪ Quick overview about the TASKING products. The TASKING portfolio covers a wide range including the tool-chain for AURIX™, performance optimization and finally safety related solutions.
❖ Pin Mapper
▪ Package customization using the pin selection and pin configuration
▪ Simple Demo [Low level drivers code generation]
❖ Compiler Set up in VX-Toolset for TriCore™
▪ Quick overview over the TASKING TriCore™ Eclipse IDE
▪ TASKING TriCore™ Compiler feature
⮚ Optimization settings (Size and Speed optimization)
⮚ Static code analysis (Misra-C and Cert-C)
⮚ Debugging capabilities
⮚ TÜV “Fit for Purpose” Certification
❖ TASKING Embedded Profiler / Safety Checker
▪ Quick overview over the TASKING Embedded Profiler and Safety Checker
▪ Use case: locate stall cycles when multiple cores access the same memory
▪ Small Safety Checker example
Agenda
Multicore Applications on TriCore™
Performance
Correctness
Scalability
Safety
Problem Statement: How can I optimize such multicore based Software?
18
■ World‘s first Smart Performance Optimization tool for AURIX™
■ Developed in cooperation with Infineon
■ Non-intrusive analysis will be done on the chip without having to buy special hardware
■ Identifies the exact location and nature of the Performance bottleneck and gives you hints how to fix it
What causes performance issues
■ Stalls
□ For example memory stalls are common on the AURIX™ due the amount and connection of memories and can only be prevented with a good layout
■ Pipeline hazards
□ Data hazards if instructions with a data dependence modify data in different stages of a pipeline
A structural hazard occurs when a part of the processor's hardware is needed by two or more instructions at the same time.
Control hazards or branching hazards when the processor does not know the outcome of the branch
TASKING Embedded Profiler
Analysis is done right on the board
Embedded
Profiler
Binary File
TriCore™
AURIX™
Knowledge
BottlenecksStalls Hazards
On Chip
Performance
Counters
19
Profiler Analysis Type
■ Performance Analysis
This type of analysis traces instructions and performance events. It measures the CPU clock count and it
finds branch misses, cache misses and stalls due to memory access delays or pipeline hazards. You can run
this type of analysis on the whole application or select specific functions.
■ Memory Access Analysis
This type of analysis traces function calls, function returns and data accesses. You can run this type of
analysis on the whole application or select specific functions.
■ Function-level Analysis
This type of analysis traces all function calls and function returns. This is the fastest analysis.
TASKING Embedded Profiler
● Finds location and nature performance
bottlenecks, allowing non-expert users to find and
fix problems like an expert
● Displays the problem, shows a detailed list of
errors and gives the user precise suggestions to
solve the problem
● Compare results before and after to see the
optimization effects — including possible unwanted
side effects
● Different profile analysis types
TASKING Embedded Profiler
• Multiple cores do access the lmuram memory at the same time. This leads to a high number of stall cycles
• The number of stall cycles can be reduced if the placement of the variables is adapted.
• In the example this is achieved by placing the variables accessed by the cores 1 and 2 in the core local instead of the lmuram memory.
Embedded Profiler Example
• Example code snippet
//variable always located in non cached lmuram
__at(0xb0000000) volatile int var0;
#if !FIXED
// located in non-cached lmuram
__at(0xb0000004) volatile int var1;
__at(0xb0000008) volatile int var2;
#else
// located in private scratchpad
__private1 int var1;
__private2 int var2;
#endif
Embedded Profiler Example
• Measurement results on a TC29x TriBoard
OriginalStall cycles core 0: 26.074 / 0,09 average stalls per clock cycle
Local Memory Unit accesses: 4.412
Source line: var0 += 1; => 21.951 stall cycles
Fixed
Stall cycles core 0: 17.056 / 0,06 average stalls per clock cycle
Local Memory Unit accesses: 2.394
Source line: var0 += 1; => 12.976 stall cycles
Embedded Profiler Example
24
▪ Mapping of SW components on your ECU, maybe on different cores, maybe together on one core
▪ As soon as they share memory and interfere with each other you have to insure freedome from interference.
Requirements mapping for multi-core architecture
Core #1 Core #3Core #2
ADAS
SW-C
Autosar
SW-C
RTE
Safety OS & BSW
Micro #1 Micro #1
ADAS
Linux/
QNX/
AUTOSAR
---
Autosar
SW-C
RTE
Safety OS &
BSWcom
Core #1 Core #3Core #2
Autosar
SW-C
RTE
Safety OS
& BSW
ADAS
Linux/
QNX/
AUTOSAR
--- com
0
Core #1 Core #3Core #2
ADAS
Linux/
QNX/
AUTOSAR
Autosar SW-C
RTE
BSW
Hypervisor
Full AUTOSAR
Microcontroller Partitioning
Core Partitioning
Hypervisor
Safety
Software
Regular
Software
Regular
Software
Safety
Software
SafetyRegul
arSafety
Regula
r
Safe
ty
Regular Regular
Safety-Requirements Non-Safety-Requirements
Software Components
ECU Software
25
▪ The Memory Protection Unit issues an interrupt when an illegal memory access occurs
▪ If an RTOS is used, it will terminate or restart the partition, or enter a fail-safe mode (These checks will lower performance and could be additional error sources)
Memory Interference Solutions Solution #1 Memory protection unit - MPU
Core #1
Application #1
- Task 1
ASIL A
Application #2
- Task 2
ASIL A
Core #2
Application #3
- Task 3
ASIL B
Core #3
Application #4
- Task 4
ASIL D
RAM
TASK 1
-Stack
-Application Data
TASK 2
-Stack
-Application Data
TASK 3
-Stack
-Application Data
TASK 4
-Stack
-Application Data
ASIL A
ASIL A
ASIL B
ASIL D
MPU
26
Memory Interference Solutions Solution #2 TASKING Safety Checker
Core #1
Application #1
- Task 1
ASIL A
Application #2
- Task 2
ASIL A
Core #2
Application #3
- Task 3
ASIL B
Core #3
Application #4
- Task 4
ASIL D
RAM
TASK 1
-Stack
-Application Data
TASK 2
-Stack
-Application Data
TASK 3
-Stack
-Application Data
TASK 4
-Stack
-Application Data
ASIL
A
ASIL
A
ASIL B
ASIL D
Task1.c
Task2.c
Task3.c
Task4.c
TASKING
Safety Checker
Partitioning.saf- Access rights
- Safety classes
Access
Violations
VD-Archives
27
Example code
struct {
int x;
} my_struct;
int * f1(void)
{
return &my_struct.x;
}
int * f2(void)
{
return f1();
}
int y;
void f3(void)
{
y = *f2();
}
ASIL A
ASIL BASIL C
file_1.c file_2.c file_3.c
■ ASIL C write ASIL A, ASIL C exec/write/read ASIL B, ASIL B read/exec ASIL A
28
▪ Diagnostic report content snippets
* Call/Data Graph
==================
*--f3 [class ASIL_C] @file3.c:4 :
:.. Reads from static variable "my_struct" [class ASIL_A] // ACCESS VIOLATION!
:.. Writes to static variable "y" [class ASIL_C]
:.. Calls function "f2" [class ASIL_B]
Safety Checker generated
29
Pros and Cons for each approach
Memory Protection unit (MPU) TASKING Safety Checker
Configuration Effort Big small
Requires Hardware Yes, the MPU No hardware required
Error detection in early stage of development No Yes
Automated Testing No Yes
Code Coverage Low High
Time to Market High risk Low risk
Though, Safety Checker cannot fully replace a MPU. The rational behind it is to discover the safety violations in
earlier stage of the development and then less number of memory violations should be expected when turning
on the MPU in a later integration stage.
Building a safe and secure embedded world
Learn more about Hitex at www.hitex.com
Vielen Dank für Ihre Aufmerksamkeit.
19.09.2019
Copyright © Hitex GmbH
2019. All rights
reserved.
30
Copyright © Hitex GmbH
2019. All rights
reserved.
31
tes
19.09.2019
Top Related