16. – 19. November 2003, Dagstuhl-Perspektive-Workshop 03471

Design of Systems with Predictable Behaviour


Lothar Thiele (ETH Zürich, CH)
Reinhard Wilhelm (Universität des Saarlandes, DE)

Auskunft zu diesem Dagstuhl-Perspektive-Workshop erteilt

Dagstuhl Service Team


Dagstuhl Seminar Proceedings DROPS
Dagstuhl's Impact: Dokumente verfügbar


Embedded Systems with hard real-time requirements are abundant in our environment, in cars, airplanes, trains, production facilities, household appliances, and entertainment systems. Many of them are found in safety-critical systems whose failures can endanger human .le. Verification of functional properties and non-functional properties such as the satisfaction of real-time constraints is mandatory. The Forum will concentrate on the real-time aspects.

The trends in processor design and in software development, however, makes this verification more and more difficult. Processor architectures are optimized for average-case performance using components such as caches, pipelines, and all kinds of speculation. They make processor behaviour hard to predict such that often overly conservative assumptions have to be made leading to a waste of hardware resources if real-time constraints have to be satisfied. On the other hand, methods to safely predict processor behaviour for a given program have been developed. Their success strongly depends on certain architectural features, e.g. the cache replacement strategy, and on the software-development discipline. For example, it has been shown that certain cache replacement strategies which are found in heavily-used processors do not allow precise predictions of the cache behaviour. On the positive side, much safety-critical code is automatically synthesized from formal specifications and very easily analyzed.

Larger embedded real-time systems often run on top of real-time operating systems (RTOS). These often take scheduling decisions dynamically. Their behaviour has to be analyzed together with the application.

A new trend is the development of real-time systems using real-time middleware and component based design. Adding real-time middleware further complicates the task of verification, since the middleware has to be included in the verification. Component-based design requires an incremental approach to verification.

Several scientists working on embedded systems, mostly in Europe, have recognized that a serious combined effort by representatives from several fields is necessary to establish a discipline “Design of Systems with Predictable Timing Behaviour”. These areas are: Processor Architecture, Compiler Construction, Timing Analysis, Real-Time Operating Systems, Code Synthesis.

The goals of the Forum are

  • to exchange ideas between the different groups about design principles for predictable systems,
  • to exploit synergies resulting from the combination of such principles originating in different groups, e.g., the combination of processor-design principles with insights gained in the Timing-Analysis group,
  • clarify the relation between average-case performance and predictable worst-case performance,
  • lay the groundwork for a discipline “Design for Predictability”.


In der Reihe Dagstuhl Reports werden alle Dagstuhl-Seminare und Dagstuhl-Perspektiven-Workshops dokumentiert. Die Organisatoren stellen zusammen mit dem Collector des Seminars einen Bericht zusammen, der die Beiträge der Autoren zusammenfasst und um eine Zusammenfassung ergänzt.


Download Übersichtsflyer (PDF).

Dagstuhl's Impact

Bitte informieren Sie uns, wenn eine Veröffentlichung ausgehend von Ihrem Seminar entsteht. Derartige Veröffentlichungen werden von uns in der Rubrik Dagstuhl's Impact separat aufgelistet  und im Erdgeschoss der Bibliothek präsentiert.


Es besteht weiterhin die Möglichkeit, eine umfassende Kollektion begutachteter Arbeiten in der Reihe Dagstuhl Follow-Ups zu publizieren.