What is DREMS?¶
DREMS: A Software Infrastructure for Distributed Real-Time Managed Systems¶
Realizing the full potential of distributed embedded systems such as fractionated satellites necessitates a software application platform that supports secure and fault-tolerant sharing of resources: processors, storage, communication links, and devices.
The system must enable on-demand secure collaboration between applications operated by different organizations. Clearly, the economic viability of the system depends on the rapid assembly of reliable distributed application from reusable software components, including those sourced from various vendors.
DREMS is a runtime infrastructure and a related toolsuite that facilitates a model-based paradigm of software development for distributed, real-time, embedded systems where modeling tools and generators automate the tedious parts of software development and also provide a design-time framework for the analysis of software systems. The run-time software platform reduces the complexity and increases the reliability of software applications by providing reusable technological building blocks in the form of an operating system, middleware, and application management services.
The platform includes a novel operating system that supports mixed-criticality scheduling with three levels: (a) critical system tasks, (b) application tasks, and (c) best-effort tasks. Temporal partitioning among application tasks and a new, security-labeled communication mechanism called Secure Transport provide additional fault- and security isolation between untrusted applications. Operating system entry points are protected by data integrity checks that are automatically generated from formal specifications.
Applications are built from software components that interact via only well-defined interaction patterns using security-labeled messages, and are allowed to use a permitted set of low-level services provided by the operating system. The low-level services include messaging and thread synchronization primitives, but components use these indirectly: via the middleware layer that facilitate the high-level interactions. Interaction patterns include (1) point-to-point interactions (in the form of synchronous and asynchronous remote method invocations), and (2) group communications (in the form of asynchronous publish-subscribe interactions). Component operations can be event-driven or time-triggered, enabling time-driven applications. All messages sent via the Secure Transport are time-stamped, thus message receivers are aware of when the message was sent. Hence temporal ordering of events can be established (assuming the clocks of the computing nodes are synchronized).