Achieving Isolation in Mixed-Criticality Industrial Edge Systems with Real-Time Containers (Artifact)

Authors Marco Barletta , Marcello Cinque , Luigi De Simone , Raffaele Della Corte

Thumbnail PDF

Artifact Description

  • Filesize: 0.57 MB
  • 12 pages

Document Identifiers

Author Details

Marco Barletta
  • Università degli Studi di Napoli Federico II, Italy
Marcello Cinque
  • Università degli Studi di Napoli Federico II, Italy
Luigi De Simone
  • Università degli Studi di Napoli Federico II, Italy
Raffaele Della Corte
  • Università degli Studi di Napoli Federico II, Italy


This work has been partially supported by the project COSMIC of UNINA DIETI and by the R&D project "REINForce: REsearch to INspire the Future” (CDS000609), funded by the Italian Ministry for Economic Development (MISE).

Cite AsGet BibTex

Marco Barletta, Marcello Cinque, Luigi De Simone, and Raffaele Della Corte. Achieving Isolation in Mixed-Criticality Industrial Edge Systems with Real-Time Containers (Artifact). In Special Issue of the 34th Euromicro Conference on Real-Time Systems (ECRTS 2022). Dagstuhl Artifacts Series (DARTS), Volume 8, Issue 1, pp. 1:1-1:12, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2022)



Real-time containers are a promising solution to reduce latencies in time-sensitive cloud systems. Recent efforts are emerging to extend their usage in industrial edge systems with mixed-criticality constraints. In these contexts, isolation becomes a major concern: a disturbance (such as timing faults or unexpected overloads) affecting a container must not impact the behavior of other containers deployed on the same hardware. In this artifact, we propose a novel architectural solution to achieve isolation in real-time containers, based on real-time co-kernels, hierarchical scheduling, and time-division networking. The architecture has been implemented on Linux patched with the Xenomai co-kernel, extended with a new hierarchical scheduling policy, named SCHED_DS, and integrating the RTNet stack. Experimental results, presented in the related scholarly paper, are promising in terms of overhead and latency compared to other Linux-based solutions. More importantly, the isolation of containers is guaranteed even in presence of severe co-located disturbances, such as faulty tasks (elapsing more time than declared) or high CPU, network, or I/O stress on the same machine.

Subject Classification

ACM Subject Classification
  • Software and its engineering → Real-time systems software
  • Real-time
  • Mixed-criticality
  • Containers
  • Edge computing


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. Luca Abeni et al. HCBS patch for Linux containers. Accessed 10th June 2022.
  2. Barletta, Marco and Cinque, Marcello and De Simone, Luigi and Della Corte, Raffaele. Artifact VM. Accessed 10th June 2022.
  3. Multiple contributors. Run docker as non root user. Accessed 10th June 2022.
  4. Multiple contributors. Scheduler tools /rt-app. Accessed 10th June 2022.
  5. Philippe Gerum. Rtnet configuration. Accessed 10th June 2022.
  6. Philippe Gerum. Rtnet setup. Accessed 10th June 2022.
  7. Philippe Gerum. Running xenomai as regolar user. Accessed 10th June 2022.
  8. Philippe Gerum. Seting udev rules. Accessed 10th June 2022.
  9. Jan Kiszka. Installing xenomai 3. Accessed 10th June 2022.
  10. Igor Kozlovsky and Pavel Lozko. Dockstation page. Accessed 10th June 2022.
  11. Xenomai maintainers. Donwload page for ipipe patch. Accessed 10th June 2022.
  12. Xenomai maintainers. Xenomai download page. Accessed 10th June 2022.