What is mixed criticality?

Systems for the military, DoD, and critical infrastructure sectors run complex applications and services with different levels of criticality. This requires that workloads be isolated from one another to reduce interference or intrusion.

In this blog, you'll learn more about what mixed criticality is, how it works, the role of CPUs and FPGAs, and how Trenton's solutions come into play.

What is mixed criticality?

Mixed criticality refers to the use of a single computing system or platform to support applications with different levels of criticality.

These applications may have different requirements for safety, reliability, and security, and may require different levels of testing and certification.

In mixed criticality systems, safety-critical applications (those that have a high level of safety or security requirements) and non-safety-critical applications (those that have lower safety or security requirements) can coexist on the same system, without compromising safety or security. 

Why is mixed criticality needed?

Mixed criticality is needed in many complex systems where there are multiple applications with different levels of criticality, such as in aerospace, defense, automotive, and medical industries.

These systems must balance the need for safety and reliability with the need for cost-effectiveness and functionality.

One of the main benefits of mixed criticality is that it can reduce system costs by allowing multiple applications to be consolidated onto a single computing platform, rather than requiring separate platforms for each application. This can lead to significant cost savings in hardware, software, and maintenance.

Mixed criticality can also improve system flexibility and adaptability, as it allows different applications to be added or removed from the system without requiring major changes to the underlying hardware or software.

This can be particularly important in fast-changing industries, such as automotive and aerospace, where new technologies and applications are constantly being developed.

How does mixed criticality work?

Mixed criticality works by allowing multiple applications with different levels of criticality to run on a single computing platform, while ensuring that each application meets its required level of safety, reliability, and security.

This is achieved through a combination of hardware and software techniques that provide isolation and separation between the different applications, ensuring applications are prioritized by their level of criticality. 

Hardware techniques for mixed criticality may include the use of multicore CPUs or virtualization technologies to create separate and partition execution environments for each application.

Software techniques for mixed criticality may include the use of real-time operating systems (RTOS) or hypervisors to manage the execution of multiple applications with different levels of criticality.

Mixed criticality systems may also incorporate redundancy and fault tolerance mechanisms to ensure that the system can continue to function even in the event of hardware or software failures.

This may include techniques such as triple modular redundancy (TMR) or error-correcting code (ECC) memory to detect and correct errors in hardware, or software-based techniques such as checkpointing and replication to ensure that critical applications can continue to function in the event of software failures.

However, designing and implementing mixed criticality systems is a challenging task that requires careful consideration of the different requirements of each application and the overall system architecture.

Ensuring guaranteed quality of service (QoS)

By guaranteeing that each application receives the necessary resources, mixed criticality can ensure the quality of service (QoS) required by each application.

One approach to ensuring QoS in mixed-criticality systems is to allocate different levels of resources to each application based on its criticality level. Applications with higher criticality levels may be allocated more processing time, memory, or bandwidth than applications with lower criticality levels.

This ensures that high-criticality applications are always provided with the resources they need to function correctly, even under heavy system load.

Another approach is to use partitioning techniques to separate applications with different criticality levels into separate partitions within the same hardware platform. Each partition can then be assigned its own set of resources, and the partitioning mechanism can ensure that resources are not shared between partitions.

This approach can provide strong isolation between partitions, allowing them to operate independently without interference and ensuring that any failures or attacks in one partition do not affect other partitions.

What role do CPUs and FPGAs play in mixed criticality?

CPUs and FPGAs (Field Programmable Gate Arrays) can both play important roles in mixed-criticality systems. 

CPUs can be used to run applications with lower criticality levels or non-real-time requirements, while higher criticality applications can be offloaded to FPGAs. 

CPUs are often used in mixed-criticality systems to run software applications that require high flexibility and adaptability, such as operating systems, communication protocols, and control applications.

Multi-core CPUs can assign different cores to different applications, with high-criticality applications receiving more cores than low-criticality applications. CPUs can also support virtualization techniques that allow multiple applications with different criticality levels to run on the same hardware platform while maintaining strong isolation and QoS guarantees.

FPGAs, on the other hand, are often used in mixed-criticality systems to implement hardware acceleration and offloading techniques that can improve the performance, energy efficiency, and security of critical applications.

FPGAs can be customized to perform specific tasks efficiently, such as digital signal processing, encryption/decryption, and real-time control. FPGAs can also support partial reconfiguration techniques that allow the hardware platform to adapt dynamically to changing workload and criticality requirements.

Furthermore, FPGAs can also be used to implement hardware-based partitioning mechanisms, which can provide strong isolation between different partitions and ensure that each partition has its own set of resources.

CPUs and FPGAs can also be combined into a heterogeneous platform within mixed criticality systems that can leverage their respective strengths.

For example, a system can use a CPU to run non-critical software applications, while using an FPGA to perform critical tasks that require high performance, low latency, or high security. The CPU can communicate with the FPGA through high-speed interfaces such as PCIe, AXI, or Ethernet, and can use virtualization techniques to ensure strong isolation and QoS guarantees.

By combining these two technologies, mixed-criticality systems can achieve a high degree of flexibility, scalability, and efficiency while ensuring that each application receives the necessary level of resources it requires to function correctly.

Mixed criticality use cases

Military

Unmanned Aerial Vehicles (UAVs)

UAVs can be used for a variety of applications, such as surveillance, reconnaissance, search and rescue, and even delivery of goods. In a mixed-criticality system, different tasks or missions that a UAV might perform can have different levels of criticality.

For example, if a UAV is being used for a search and rescue mission, the task of locating and saving a person might be considered high criticality, while taking photos or videos of the search area might be considered low criticality.

The system would need to manage these tasks in a way that ensures that high criticality tasks take priority over low criticality tasks to ensure that lives are saved and the mission is successful.

Command and Control (C2) Systems

Command and control systems for the military are used to coordinate and manage the activities of troops and resources in a battlefield environment. In a mixed-criticality system, different types of information and tasks can have different levels of criticality.

For example, a message from a commanding officer might be considered high criticality, while a status update from a logistics officer might be considered low criticality.

The system would need to manage these messages and tasks in a way that ensures that high criticality messages are delivered and acted upon quickly, while low criticality messages do not interfere with the flow of critical information.

A mixed-criticality approach can ensure that critical tasks take priority over non-critical ones and that the system remains safe and reliable during critical operations across a variety of verticals. 

Critical infrastructure

Nuclear Power Plant

Nuclear power plants generate electricity by using nuclear reactions to heat water and produce steam, which drives turbines to generate electricity. In a mixed-criticality system, there are different types of safety systems that need to be in place to ensure that the plant operates safely and efficiently.

For example, a safety system that controls the flow of coolant might be considered high criticality, while a monitoring system that detects leaks in pipes might be considered low criticality.

The system would need to manage these different systems in a way that ensures that high criticality systems are always operational and responsive, while low criticality systems do not interfere with the operation of critical systems.

Transportation System

Transportation vehicles, such as cars and trains, are increasingly equipped with advanced driver assistance systems (ADAS) that use sensors and artificial intelligence to help drivers avoid accidents and drive more safely. In a mixed-criticality system, different ADAS features can have different levels of criticality.

For example, a feature that detects and alerts the driver to an imminent collision might be considered high criticality, while a feature that adjusts the temperature in the car might be considered low criticality.

The system would need to manage these different features in a way that ensures that high criticality features take priority over low criticality features to ensure that the vehicle operates safely and efficiently.

Where does Trenton Systems come into play?

At Trenton Systems, we provide our customers with TAA-compliant, COTS HPC solutions that provide hardware-based cybersecurity to protect critical workloads at the edge.

Our solutions utilize FPGAs that can help isolate different criticalities running on high core count CPUs.

The FPGAs also provide spatial isolation at wire speed, meaning the isolation mechanism operates at the same speed as the data being transmitted without any additional latency. 

This ensures that data can be securely processed, analyzed, stored, and transferred without interference from other applications or intrusion from unauthorized personnel.

Final thoughts 

Mixed criticality is an approach that enables multiple applications with varying levels of criticality to run on the same computing platform, without compromising safety or security.

It is essential in complex systems such as aerospace, defense, automotive, and medical industries that balance the need for safety and reliability with cost-effectiveness and functionality.

Mixed criticality achieves guaranteed quality of service (QoS) by ensuring that each application receives the necessary resources based on its criticality level, either through allocation or partitioning techniques provided by CPUs and FPGAs. 

Mixed criticality has various use cases across verticals, including military and critical infrastructure, with companies like Trenton Systems providing flexible, scalable, and efficient solutions for complex systems that require a high level of security.

Interested in learning more? Just reach out to us anytime here. 

We'd be more than happy to help. 😎