A multi-core common processing resource (MCPR) may be an ARINC 653-compliant or similar partitioned avionics control environment wherein a processor (or processors) is partitioned into several cores, threads, or other partitions. The processing environment may include a single module operating system (MOS) that provides an event-driven health monitoring framework, and one or more guest operating systems (GOS). Guest operating systems may be partitioned or non-partitioned (i.e., partitioned into one or more virtual machines (VM)), and may correspond to partitions of the MCPR wherein various real-time processes and applications execute. The MOS health monitoring framework allows handling of health monitor events at the process, partition, and module level.
At the module and partition level, event handling may be configured via XML, whereby each event may be mapped to a fault handler. MOS health monitoring provides for both a first module-level fault log and a second fault log for each partition. Both the first and the second fault logs may be RAM-based circular logs. Furthermore, supported events may be either alarms, which need attention and may expect recovery action, or messages, which do not expect recovery action.
A single GOS partition of the MCPR (running a partitioned GOS over n virtual machines) may incorporate, e.g., a partition-level health monitor application at VM 0 and one or more real-time applications running on VM 1 . . . VM n. In the above environment, all faults (ex.—errors) from every virtual machine within a given partition would be logged in the same partition-level fault log of the MOS health monitoring framework. Therefore, a non-critical virtual machine within this partition may flood the fault log with warning-level faults, potentially overwriting critical faults (e.g., VM-level or GOS-level faults of higher severity) from a different virtual machine within the same partition. In addition, the partition-level health monitor may direct the MOS to inject a fault into the module-level event log maintained by the MOS. A non-critical virtual machine of any partitioned GOS may thereby log numerous faults and introduce jitter into the critical faults of other virtual machines throughout the MCPR. It may therefore be desirable to provide a means for multi-level fault logging and management without hindering the module operating system's response to critical faults at the partition/GOS or module levels.