Developers need tools designed to support multicore development, debugging and optimization. The multicore RTOS should be supported by a tool set that lets developers assess load balancing, identify bottlenecks, determine opportunities for concurrency, characterize and debug interactions between threads running on multiple CPUs, and move threads or processes between cores and measure the resulting impact on the system. Timing and blocking can be thorny issues, so the tool set should offer developers a means of pinpointing what the processors and threads are doing.
Compliance is a necessary condition for getting a medical device to market -- a sine qua non that must be met before investments can be transformed into revenue. Thus, in addition to appropriate OS characteristics and tool set features, a medical device needs a well-planned approval strategy.
Screen shot of a system profiler display showing CPU usage across four cores.
Concern that the complexities associated with multicore systems might hinder certification of the end product has informed some medical manufacturers hesitation to adopt multicore processing. It is worth noting, however, that the inherent complexity of today's single-core systems means that, in practice, it is impossible to validate even single-core systems simply by testing them. Both multiprocessor and single-processor systems are so complex that demonstrating their functional safety requires a combination of techniques -- and the same techniques can and should be used to validate both single-core and multicore systems.
Testing, statistical analysis, and design validation complement one another to validate a software system, whether it is running on one or multiple cores. The requisite techniques should be well-known to anyone who has taken a system through a certification or approval process. They include:
- Testing. Though testing can only prove the existence of faults and not their absence, it is still a key element in any system validation strategy.
- Statistical analysis. Applied to in-use data for devices or components with a history in the field, statistical analysis can be used to support dependability claims. It can also be used with fault injection during validation to estimate the number of faults remaining in a system.
- Fault tree analysis. Starting with potential or actual failures, fault tree analysis can be used to deduce possible causes for the failures.
- Design verification. Undertaken during development and retrospectively with tools such as Spin and NuSMV, design verification can provide strong evidence to support system dependability claims.
- Design artifacts. A mature software lifecycle with all the relevant design artifacts, from project plan to traceability matrix, is a standard and essential component of any certification case.
Multicore processing is quite likely the future of all but the simplest medical devices. Careful selection of the operating system -- with particular attention to the architecture, to support for the processor affinity of thread hierarchies, and to the tool set -- can mitigate the effect of these challenges on system design, development, and validation.
Testing, statistical analysis and design validation complement one another to validate a software system, whether it is running on one or multiple cores.
About the author
Justin Moon is product manager for the medical business at QNX Software Systems. He joined QNX Software 10 years ago and has worked on the custom engineering team, specializing in BSP and driver development, and on the automotive team. He studied computer engineering at St. Lawrence College.
This story was originally posted by EE Times.