Embedded Systems with hard real-time requirements are abundant in our environment, in cars, airplanes, trains, production facilities, household appliances, and entertainment systems. Many of them are found in safety-critical systems whose failures can endanger human .le. Verification of functional properties and non-functional properties such as the satisfaction of real-time constraints is mandatory. The Forum will concentrate on the real-time aspects.

The trends in processor design and in software development, however, makes this verification more and more difficult. Processor architectures are optimized for average-case performance using components such as caches, pipelines, and all kinds of speculation. They make processor behaviour hard to predict such that often overly conservative assumptions have to be made leading to a waste of hardware resources if real-time constraints have to be satisfied. On the other hand, methods to safely predict processor behaviour for a given program have been developed. Their success strongly depends on certain architectural features, e.g. the cache replacement strategy, and on the software-development discipline. For example, it has been shown that certain cache replacement strategies which are found in heavily-used processors do not allow precise predictions of the cache behaviour. On the positive side, much safety-critical code is automatically synthesized from formal specifications and very easily analyzed.

Larger embedded real-time systems often run on top of real-time operating systems (RTOS). These often take scheduling decisions dynamically. Their behaviour has to be analyzed together with the application.

A new trend is the development of real-time systems using real-time middleware and component based design. Adding real-time middleware further complicates the task of verification, since the middleware has to be included in the verification. Component-based design requires an incremental approach to verification.

Several scientists working on embedded systems, mostly in Europe, have recognized that a serious combined effort by representatives from several fields is necessary to establish a discipline “Design of Systems with Predictable Timing Behaviour”. These areas are: Processor Architecture, Compiler Construction, Timing Analysis, Real-Time Operating Systems, Code Synthesis.

The goals of the Forum are

• to exchange ideas between the different groups about design principles for predictable systems,
• to exploit synergies resulting from the combination of such principles originating in different groups, e.g., the combination of processor-design principles with insights gained in the Timing-Analysis group,
• clarify the relation between average-case performance and predictable worst-case performance,
• lay the groundwork for a discipline “Design for Predictability”.