Achieving Isolation in Mixed-Criticality Industrial Edge Systems with Real-Time Containers

Authors Marco Barletta , Marcello Cinque , Luigi De Simone , Raffaele Della Corte

Marco Barletta
  • Università degli Studi di Napoli Federico II, Italy
Marcello Cinque
  • Università degli Studi di Napoli Federico II, Italy
Luigi De Simone
  • Università degli Studi di Napoli Federico II, Italy
Raffaele Della Corte
  • Università degli Studi di Napoli Federico II, Italy

Marco Barletta, Marcello Cinque, Luigi De Simone, and Raffaele Della Corte. Achieving Isolation in Mixed-Criticality Industrial Edge Systems with Real-Time Containers. In 34th Euromicro Conference on Real-Time Systems (ECRTS 2022). Leibniz International Proceedings in Informatics (LIPIcs), Volume 231, pp. 15:1-15:23, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2022)


Real-time containers are a promising solution to reduce latencies in time-sensitive cloud systems. Recent efforts are emerging to extend their usage in industrial edge systems with mixed-criticality constraints. In these contexts, isolation becomes a major concern: a disturbance (such as timing faults or unexpected overloads) affecting a container must not impact the behavior of other containers deployed on the same hardware. In this paper, we propose a novel architectural solution to achieve isolation in real-time containers, based on real-time co-kernels, hierarchical scheduling, and time-division networking. The architecture has been implemented on Linux patched with the Xenomai co-kernel, extended with a new hierarchical scheduling policy, named SCHED_DS, and integrating the RTNet stack. Experimental results are promising in terms of overhead and latency compared to other Linux-based solutions. More importantly, the isolation of containers is guaranteed even in presence of severe co-located disturbances, such as faulty tasks (elapsing more time than declared) or high CPU, network, or I/O stress on the same machine.

ACM Subject Classification
  • Software and its engineering → Real-time systems software
  • Real-time
  • Mixed-criticality
  • Containers
  • Edge computing


