Search

Your search keyword '"Biondi, Alessandro"' showing total 238 results
Start Over Author "Biondi, Alessandro"
238 results on '"Biondi, Alessandro"'

1. Attention-Based Real-Time Defenses for Physical Adversarial Attacks in Vision Applications

Author

Rossolini, Giulio, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Computer Vision and Pattern Recognition, Computer Science - Artificial Intelligence
Abstract

Deep neural networks exhibit excellent performance in computer vision tasks, but their vulnerability to real-world adversarial attacks, achieved through physical objects that can corrupt their predictions, raises serious security concerns for their application in safety-critical domains. Existing defense methods focus on single-frame analysis and are characterized by high computational costs that limit their applicability in multi-frame scenarios, where real-time decisions are crucial. To address this problem, this paper proposes an efficient attention-based defense mechanism that exploits adversarial channel-attention to quickly identify and track malicious objects in shallow network layers and mask their adversarial effects in a multi-frame setting. This work advances the state of the art by enhancing existing over-activation techniques for real-world adversarial attacks to make them usable in real-time applications. It also introduces an efficient multi-frame defense framework, validating its efficacy through extensive experiments aimed at evaluating both defense performance and computational cost.

Published
2023

2. AXI-REALM: A Lightweight and Modular Interconnect Extension for Traffic Regulation and Monitoring of Heterogeneous Real-Time SoCs

Author

Benz, Thomas, Ottaviano, Alessandro, Balas, Robert, Garofalo, Angelo, Restuccia, Francesco, Biondi, Alessandro, and Benini, Luca

Subjects
Computer Science - Hardware Architecture
Abstract

The increasing demand for heterogeneous functionality in the automotive industry and the evolution of chip manufacturing processes have led to the transition from federated to integrated critical real-time embedded systems (CRTESs). This leads to higher integration challenges of conventional timing predictability techniques due to access contention on shared resources, which can be resolved by providing system-level observability and controllability in hardware. We focus on the interconnect as a shared resource and propose AXI-REALM, a lightweight, modular, and technology-independent real-time extension to industry-standard AXI4 interconnects, available open-source. AXI-REALM uses a credit-based mechanism to distribute and control the bandwidth in a multi-subordinate system on periodic time windows, proactively prevents denial of service from malicious actors in the system, and tracks each manager's access and interference statistics for optimal budget and period selection. We provide detailed performance and implementation cost assessment in a 12nm node and an end-to-end functional case study implementing AXI-REALM into an open-source Linux-capable RISC-V SoC. In a system with a general-purpose core and a hardware accelerator's DMA engine causing interference on the interconnect, AXI-REALM achieves fair bandwidth distribution among managers, allowing the core to recover 68.2 % of its performance compared to the case without contention. Moreover, near-ideal performance (above 95 %) can be achieved by distributing the available bandwidth in favor of the core, improving the worst-case memory access latency from 264 to below eight cycles. Our approach minimizes buffering compared to other solutions and introduces only 2.45 % area overhead compared to the original SoC., Comment: 6 pages, 6 figures, accepted as a regular paper at DATE24

Published
2023

3. Robust-by-Design Classification via Unitary-Gradient Neural Networks

Author

Brau, Fabio, Rossolini, Giulio, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Machine Learning, Computer Science - Artificial Intelligence, Mathematics - Differential Geometry, Mathematics - Metric Geometry
Abstract

The use of neural networks in safety-critical systems requires safe and robust models, due to the existence of adversarial attacks. Knowing the minimal adversarial perturbation of any input x, or, equivalently, knowing the distance of x from the classification boundary, allows evaluating the classification robustness, providing certifiable predictions. Unfortunately, state-of-the-art techniques for computing such a distance are computationally expensive and hence not suited for online applications. This work proposes a novel family of classifiers, namely Signed Distance Classifiers (SDCs), that, from a theoretical perspective, directly output the exact distance of x from the classification boundary, rather than a probability score (e.g., SoftMax). SDCs represent a family of robust-by-design classifiers. To practically address the theoretical requirements of a SDC, a novel network architecture named Unitary-Gradient Neural Network is presented. Experimental results show that the proposed architecture approximates a signed distance classifier, hence allowing an online certifiable classification of x at the cost of a single inference., Comment: Under review

Published
2022

5. CARLA-GeAR: a Dataset Generator for a Systematic Evaluation of Adversarial Robustness of Vision Models

Author

Nesti, Federico, Rossolini, Giulio, D'Amico, Gianluca, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Computer Vision and Pattern Recognition
Abstract

Adversarial examples represent a serious threat for deep neural networks in several application domains and a huge amount of work has been produced to investigate them and mitigate their effects. Nevertheless, no much work has been devoted to the generation of datasets specifically designed to evaluate the adversarial robustness of neural models. This paper presents CARLA-GeAR, a tool for the automatic generation of photo-realistic synthetic datasets that can be used for a systematic evaluation of the adversarial robustness of neural models against physical adversarial patches, as well as for comparing the performance of different adversarial defense/detection methods. The tool is built on the CARLA simulator, using its Python API, and allows the generation of datasets for several vision tasks in the context of autonomous driving. The adversarial patches included in the generated datasets are attached to billboards or the back of a truck and are crafted by using state-of-the-art white-box attack strategies to maximize the prediction error of the model under test. Finally, the paper presents an experimental study to evaluate the performance of some defense methods against such attacks, showing how the datasets generated with CARLA-GeAR might be used in future work as a benchmark for adversarial defense in the real world. All the code and datasets used in this paper are available at http://carlagear.retis.santannapisa.it.

Published
2022

6. Optimized Partitioning and Priority Assignment of Real-Time Applications on Heterogeneous Platforms with Hardware Acceleration

Author

Casini, Daniel, Pazzaglia, Paolo, Biondi, Alessandro, and Di Natale, Marco

Subjects
Computer Science - Distributed, Parallel, and Cluster Computing
Abstract

Hardware accelerators, such as those based on GPUs and FPGAs, offer an excellent opportunity to efficiently parallelize functionalities. Recently, modern embedded platforms started being equipped with such accelerators, resulting in a compelling choice for emerging, highly computational intensive workloads, like those required by next-generation autonomous driving systems. Alongside the need for computational efficiency, such workloads are commonly characterized by real-time requirements, which need to be satisfied to guarantee the safe and correct behavior of the system. To this end, this paper proposes a holistic framework to help designers partition real-time applications on heterogeneous platforms with hardware accelerators. The proposed model is inspired by a realistic setup of an advanced driving assistance system presented in the WATERS 2019 Challenge by Bosch, further generalized to encompass a broader range of heterogeneous architectures. The resulting analysis is linearized and used to encode an optimization problem that jointly (i) guarantees timing constraints, (ii) finds a suitable task-to-core mapping, (iii) assigns a priority to each task, and (iv) selects which computations to accelerate, seeking for the most convenient trade-off between the smaller worst-case execution time provided by accelerators and synchronization and queuing delays.

Published
2022
Full Text
View/download PDF

7. Defending From Physically-Realizable Adversarial Attacks Through Internal Over-Activation Analysis

Author

Rossolini, Giulio, Nesti, Federico, Brau, Fabio, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Computer Vision and Pattern Recognition, Computer Science - Artificial Intelligence
Abstract

This work presents Z-Mask, a robust and effective strategy to improve the adversarial robustness of convolutional networks against physically-realizable adversarial attacks. The presented defense relies on specific Z-score analysis performed on the internal network features to detect and mask the pixels corresponding to adversarial objects in the input image. To this end, spatially contiguous activations are examined in shallow and deep layers to suggest potential adversarial regions. Such proposals are then aggregated through a multi-thresholding mechanism. The effectiveness of Z-Mask is evaluated with an extensive set of experiments carried out on models for both semantic segmentation and object detection. The evaluation is performed with both digital patches added to the input images and printed patches positioned in the real world. The obtained results confirm that Z-Mask outperforms the state-of-the-art methods in terms of both detection accuracy and overall performance of the networks under attack. Additional experiments showed that Z-Mask is also robust against possible defense-aware attacks.

Published
2022

8. On the Real-World Adversarial Robustness of Real-Time Semantic Segmentation Models for Autonomous Driving

Author

Rossolini, Giulio, Nesti, Federico, D'Amico, Gianluca, Nair, Saasha, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Computer Vision and Pattern Recognition, Computer Science - Artificial Intelligence
Abstract

The existence of real-world adversarial examples (commonly in the form of patches) poses a serious threat for the use of deep learning models in safety-critical computer vision tasks such as visual perception in autonomous driving. This paper presents an extensive evaluation of the robustness of semantic segmentation models when attacked with different types of adversarial patches, including digital, simulated, and physical ones. A novel loss function is proposed to improve the capabilities of attackers in inducing a misclassification of pixels. Also, a novel attack strategy is presented to improve the Expectation Over Transformation method for placing a patch in the scene. Finally, a state-of-the-art method for detecting adversarial patch is first extended to cope with semantic segmentation models, then improved to obtain real-time performance, and eventually evaluated in real-world scenarios. Experimental results reveal that, even though the adversarial effect is visible with both digital and real-world attacks, its impact is often spatially confined to areas of the image around the patch. This opens to further questions about the spatial robustness of real-time semantic segmentation models.

Published
2022

9. On the Minimal Adversarial Perturbation for Deep Neural Networks with Provable Estimation Error

Author

Brau, Fabio, Rossolini, Giulio, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Machine Learning, Computer Science - Artificial Intelligence, Mathematics - Differential Geometry
Abstract

Although Deep Neural Networks (DNNs) have shown incredible performance in perceptive and control tasks, several trustworthy issues are still open. One of the most discussed topics is the existence of adversarial perturbations, which has opened an interesting research line on provable techniques capable of quantifying the robustness of a given input. In this regard, the Euclidean distance of the input from the classification boundary denotes a well-proved robustness assessment as the minimal affordable adversarial perturbation. Unfortunately, computing such a distance is highly complex due the non-convex nature of NNs. Despite several methods have been proposed to address this issue, to the best of our knowledge, no provable results have been presented to estimate and bound the error committed. This paper addresses this issue by proposing two lightweight strategies to find the minimal adversarial perturbation. Differently from the state-of-the-art, the proposed approach allows formulating an error estimation theory of the approximate distance with respect to the theoretical one. Finally, a substantial set of experiments is reported to evaluate the performance of the algorithms and support the theoretical findings. The obtained results show that the proposed strategies approximate the theoretical distance for samples close to the classification boundary, leading to provable robustness guarantees against any adversarial attacks., Comment: Under review on IEEE journal Transactions on Pattern Analysis and Machine Intelligence

Published
2022
Full Text
View/download PDF

10. Evaluating the Robustness of Semantic Segmentation for Autonomous Driving against Real-World Adversarial Patch Attacks

Author

Nesti, Federico, Rossolini, Giulio, Nair, Saasha, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Computer Vision and Pattern Recognition
Abstract

Deep learning and convolutional neural networks allow achieving impressive performance in computer vision tasks, such as object detection and semantic segmentation (SS). However, recent studies have shown evident weaknesses of such models against adversarial perturbations. In a real-world scenario instead, like autonomous driving, more attention should be devoted to real-world adversarial examples (RWAEs), which are physical objects (e.g., billboards and printable patches) optimized to be adversarial to the entire perception pipeline. This paper presents an in-depth evaluation of the robustness of popular SS models by testing the effects of both digital and real-world adversarial patches. These patches are crafted with powerful attacks enriched with a novel loss function. Firstly, an investigation on the Cityscapes dataset is conducted by extending the Expectation Over Transformation (EOT) paradigm to cope with SS. Then, a novel attack optimization, called scene-specific attack, is proposed. Such an attack leverages the CARLA driving simulator to improve the transferability of the proposed EOT-based attack to a real 3D environment. Finally, a printed physical billboard containing an adversarial patch was tested in an outdoor driving scenario to assess the feasibility of the studied attacks in the real world. Exhaustive experiments revealed that the proposed attack formulations outperform previous work to craft both digital and real-world adversarial patches for SS. At the same time, the experimental results showed how these attacks are notably less effective in the real world, hence questioning the practical relevance of adversarial attacks to SS models for autonomous/assisted driving.

Published
2021

11. Increasing the Confidence of Deep Neural Networks by Coverage Analysis

Author

Rossolini, Giulio, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Machine Learning, Computer Science - Artificial Intelligence
Abstract

The great performance of machine learning algorithms and deep neural networks in several perception and control tasks is pushing the industry to adopt such technologies in safety-critical applications, as autonomous robots and self-driving vehicles. At present, however, several issues need to be solved to make deep learning methods more trustworthy, predictable, safe, and secure against adversarial attacks. Although several methods have been proposed to improve the trustworthiness of deep neural networks, most of them are tailored for specific classes of adversarial examples, hence failing to detect other corner cases or unsafe inputs that heavily deviate from the training samples. This paper presents a lightweight monitoring architecture based on coverage paradigms to enhance the model robustness against different unsafe inputs. In particular, four coverage analysis methods are proposed and tested in the architecture for evaluating multiple detection logics. Experimental results show that the proposed approach is effective in detecting both powerful adversarial examples and out-of-distribution inputs, introducing limited extra-execution time and memory requirements.

Published
2021

12. Detecting Adversarial Examples by Input Transformations, Defense Perturbations, and Voting

Author

Nesti, Federico, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
Computer Science - Computer Vision and Pattern Recognition
Abstract

Over the last few years, convolutional neural networks (CNNs) have proved to reach super-human performance in visual recognition tasks. However, CNNs can easily be fooled by adversarial examples, i.e., maliciously-crafted images that force the networks to predict an incorrect output while being extremely similar to those for which a correct output is predicted. Regular adversarial examples are not robust to input image transformations, which can then be used to detect whether an adversarial example is presented to the network. Nevertheless, it is still possible to generate adversarial examples that are robust to such transformations. This paper extensively explores the detection of adversarial examples via image transformations and proposes a novel methodology, called \textit{defense perturbation}, to detect robust adversarial examples with the same input transformations the adversarial examples are robust to. Such a \textit{defense perturbation} is shown to be an effective counter-measure to robust adversarial examples. Furthermore, multi-network adversarial examples are introduced. This kind of adversarial examples can be used to simultaneously fool multiple networks, which is critical in systems that use network redundancy, such as those based on architectures with majority voting over multiple CNNs. An extensive set of experiments based on state-of-the-art CNNs trained on the Imagenet dataset is finally reported.

Published
2021
Full Text
View/download PDF

17. Response-Time Analysis of Bundled Gang Tasks Under Partitioned FP Scheduling

Author

Rispo, Veronica, Aromolo, Federico, Casini, Daniel, and Biondi, Alessandro

Abstract

The study of parallel task models for real-time systems has become fundamental due to the increasing computational demand of modern applications. Recently, gang scheduling has gained attention for improving performance in tightly synchronized parallel applications. Nevertheless, existing studies often overestimate computational demand by assuming a constant number of cores for each task. In contrast, the bundled model accurately represents internal parallelism by means of a string of segments demanding for a variable number of cores. This model is particularly relevant to modern real-time systems, as it allows transforming general parallel tasks into bundled tasks while preserving accurate parallelism. However, it has only been analyzed for global scheduling, which carries analytical pessimism and considerable run-time overheads. This paper introduces two response-time analysis techniques for parallel real-time tasks under partitioned, fixed-priority gang scheduling under the bundled model, together with a set of specialized allocation heuristics. Experimental results compare the proposed methods against state-of-the-art approaches.

Published
2024
Full Text
View/download PDF

20. CARLA-GeAR: A Dataset Generator for a Systematic Evaluation of Adversarial Robustness of Deep Learning Vision Models

Author

Nesti, Federico, Rossolini, Giulio, D'Amico, Gianluca, Biondi, Alessandro, and Buttazzo, Giorgio

Abstract

Adversarial examples represent a serious threat for deep neural networks in several application domains and a huge amount of work has been produced to investigate them and mitigate their effects. Nevertheless, no much work has been devoted to the generation of datasets specifically designed to evaluate the adversarial robustness of neural models. This paper presents CARLA-GeAR, a tool for the automatic generation of photo-realistic synthetic datasets related to driving scenarios that can be used for a systematic evaluation of the adversarial robustness of neural models against physical adversarial patches, as well as for comparing the performance of different adversarial defense/detection methods. The tool is built on the CARLA simulator, using its Python API, and allows the generation of datasets for several vision tasks in the context of autonomous driving. The adversarial patches included in the generated datasets are attached to billboards or the back of a truck and are crafted by using state-of-the-art white-box attack strategies to maximize the prediction error of the model under test. Finally, the paper presents an experimental study to evaluate the performance of some defense methods against such attacks, showing how the datasets generated with CARLA-GeAR might be used in future work as a benchmark for adversarial defense in the real world. All the code and datasets used in this paper are available at https://carlagear.retis.santannapisa.it.

Published
2024
Full Text
View/download PDF

26. Replication-Based Scheduling of Parallel Real-Time Tasks

Author

Federico Aromolo and Geoffrey Nelissen and Alessandro Biondi, Aromolo, Federico, Nelissen, Geoffrey, Biondi, Alessandro, Federico Aromolo and Geoffrey Nelissen and Alessandro Biondi, Aromolo, Federico, Nelissen, Geoffrey, and Biondi, Alessandro

Abstract

Multiprocessors have become the standard computing platform for real-time embedded systems. To efficiently leverage the computational power of such platforms, software tasks are often characterized by an internal structure where concurrent subtasks can execute in parallel on different processors. Existing strategies for the scheduling of parallel real-time tasks on multiprocessor platforms, such as partitioned, global, and federated scheduling, were inspired by earlier techniques that were not conceived to explicitly support parallel tasks, thus carrying advantages but also well-known limitations. This paper introduces replication-based scheduling, a specialized scheduling paradigm for parallel real-time DAG tasks. Replication-based scheduling leverages the internal structure of the parallel tasks to assign replicas of the subtasks to different processors, while ensuring that exactly one replica of each subtask will be executed at runtime for every task instance. This approach aims at preserving the advantages of partitioned scheduling while simplifying the timing analysis. The replication-based scheduling framework is first defined, together with a strategy for implementing replication-based scheduling in real-time operating systems. Then, offline allocation strategies for subtask replicas and a response-time analysis are presented. In the provided experiments, the schedulability achieved with replication-based scheduling is compared with that of existing techniques for the scheduling of parallel real-time tasks on multiprocessors.

Published
2023
Full Text
View/download PDF

27. Bounding the Data-Delivery Latency of DDS Messages in Real-Time Applications

Author

Gerlando Sciangula and Daniel Casini and Alessandro Biondi and Claudio Scordino and Marco Di Natale, Sciangula, Gerlando, Casini, Daniel, Biondi, Alessandro, Scordino, Claudio, Di Natale, Marco, Gerlando Sciangula and Daniel Casini and Alessandro Biondi and Claudio Scordino and Marco Di Natale, Sciangula, Gerlando, Casini, Daniel, Biondi, Alessandro, Scordino, Claudio, and Di Natale, Marco

Abstract

Many modern applications need to run on massively interconnected sets of heterogeneous nodes, ranging from IoT devices to edge nodes up to the Cloud. In this scenario, communication is often implemented using the publish-subscribe paradigm. The Data Distribution Service (DDS) is a popular middleware specification adopting such a paradigm. The DDS is becoming a key enabler for massively distributed real-time applications, with popular frameworks such as ROS 2 and AUTOSAR Adaptive building on it. However, no formal modeling and analysis of the timing properties of DDS has been provided to date. This paper fills this gap by providing an abstract model for DDS systems that can be generalized to any implementation compliant with the specification. A concrete instance of the generic DDS model is provided for the case of eProsima’s FastDDS, which is eventually used to provide a real-time analysis that bounds the data-delivery latency of DDS messages. Finally, this paper reports on an evaluation based on a representative automotive application from the WATERS 2019 challenge by Bosch.

Published
2023
Full Text
View/download PDF

33. Bounding the Data-Delivery Latency of DDS Messages in Real-Time Applications

Author

Sciangula, Gerlando, Casini, Daniel, Biondi, Alessandro, Scordino, Claudio, and Di Natale, Marco

Subjects
real-time systems, response-time analysis, Software and its engineering → Real-time schedulability, end-to-end latency, DDS, CPA
Abstract

Many modern applications need to run on massively interconnected sets of heterogeneous nodes, ranging from IoT devices to edge nodes up to the Cloud. In this scenario, communication is often implemented using the publish-subscribe paradigm. The Data Distribution Service (DDS) is a popular middleware specification adopting such a paradigm. The DDS is becoming a key enabler for massively distributed real-time applications, with popular frameworks such as ROS 2 and AUTOSAR Adaptive building on it. However, no formal modeling and analysis of the timing properties of DDS has been provided to date. This paper fills this gap by providing an abstract model for DDS systems that can be generalized to any implementation compliant with the specification. A concrete instance of the generic DDS model is provided for the case of eProsima’s FastDDS, which is eventually used to provide a real-time analysis that bounds the data-delivery latency of DDS messages. Finally, this paper reports on an evaluation based on a representative automotive application from the WATERS 2019 challenge by Bosch., LIPIcs, Vol. 262, 35th Euromicro Conference on Real-Time Systems (ECRTS 2023), pages 9:1-9:26

Published
2023
Full Text
View/download PDF

34. Defending from Physically-Realizable Adversarial Attacks through Internal Over-Activation Analysis

Author

Rossolini, Giulio, Nesti, Federico, Brau, Fabio, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
FOS: Computer and information sciences, Artificial Intelligence (cs.AI), Computer Science - Artificial Intelligence, Computer Vision and Pattern Recognition (cs.CV), Computer Science - Computer Vision and Pattern Recognition
Abstract

This work presents Z-Mask, a robust and effective strategy to improve the adversarial robustness of convolutional networks against physically-realizable adversarial attacks. The presented defense relies on specific Z-score analysis performed on the internal network features to detect and mask the pixels corresponding to adversarial objects in the input image. To this end, spatially contiguous activations are examined in shallow and deep layers to suggest potential adversarial regions. Such proposals are then aggregated through a multi-thresholding mechanism. The effectiveness of Z-Mask is evaluated with an extensive set of experiments carried out on models for both semantic segmentation and object detection. The evaluation is performed with both digital patches added to the input images and printed patches positioned in the real world. The obtained results confirm that Z-Mask outperforms the state-of-the-art methods in terms of both detection accuracy and overall performance of the networks under attack. Additional experiments showed that Z-Mask is also robust against possible defense-aware attacks.

Published
2023

38. Response-Time Analysis for Self-Suspending Tasks Under EDF Scheduling (Artifact)

Author

https://doi.org/10.4230/LIPIcs.ECRTS.2022.13, Aromolo, Federico, Biondi, Alessandro, Nelissen, Geoffrey, https://doi.org/10.4230/LIPIcs.ECRTS.2022.13, Aromolo, Federico, Biondi, Alessandro, and Nelissen, Geoffrey

Abstract

This artifact provides the means to validate and reproduce the experimental results presented in the related paper "Response-Time Analysis for Self-Suspending Tasks Under EDF Scheduling". The paper introduces a response-time analysis for constrained-deadline self-suspending tasks scheduled under EDF on a uniprocessor system, based on a model transformation from self-suspending sporadic tasks to sporadic tasks with jitter. In the experimental evaluation presented in the paper, the performance of the proposed analysis approach for self-suspending tasks is compared with that of existing suspension-oblivious and suspension-aware analysis techniques.

Published
2022
Full Text
View/download PDF

39. Response-Time Analysis for Self-Suspending Tasks Under EDF Scheduling

Author

Aromolo, Federico, Biondi, Alessandro, Nelissen, Geoffrey, Aromolo, Federico, Biondi, Alessandro, and Nelissen, Geoffrey

Abstract

The self-suspending task model proved to be particularly effective in capturing the timing behavior of real-time systems characterized by complex execution patterns, such as computation offloading to hardware accelerators, inter-core synchronization by means of multiprocessor locking protocols, and highly parallel computation. Most of the existing results for the timing analysis of self-suspending tasks do not support the widely adopted Earliest Deadline First (EDF) scheduling algorithm, being instead primarily focused on fixed-priority scheduling. This paper presents a response-time analysis for constrained-deadline self-suspending tasks scheduled under EDF on a uniprocessor system. The proposed analysis is based on a model transformation from self-suspending sporadic tasks to sporadic tasks with jitter, which can then be analyzed using a state-of-the-art analysis method for EDF scheduling. Experimental results are presented to compare the performance of the proposed technique in terms of schedulability ratio with that of the pessimistic suspension-oblivious approach and with a less general technique for task sets with implicit deadlines.

Published
2022
Full Text
View/download PDF

40. Response-Time Analysis for Self-Suspending Tasks Under EDF Scheduling (Artifact)

Author

Aromolo, Federico, Biondi, Alessandro, Nelissen, Geoffrey, Aromolo, Federico, Biondi, Alessandro, and Nelissen, Geoffrey

Abstract

This artifact provides the means to validate and reproduce the experimental results presented in the related paper "Response-Time Analysis for Self-Suspending Tasks Under EDF Scheduling". The paper introduces a response-time analysis for constrained-deadline self-suspending tasks scheduled under EDF on a uniprocessor system, based on a model transformation from self-suspending sporadic tasks to sporadic tasks with jitter. In the experimental evaluation presented in the paper, the performance of the proposed analysis approach for self-suspending tasks is compared with that of existing suspension-oblivious and suspension-aware analysis techniques.

Published
2022

41. Response-Time Analysis for Self-Suspending Tasks Under EDF Scheduling

Author

Federico Aromolo and Alessandro Biondi and Geoffrey Nelissen, Aromolo, Federico, Biondi, Alessandro, Nelissen, Geoffrey, Federico Aromolo and Alessandro Biondi and Geoffrey Nelissen, Aromolo, Federico, Biondi, Alessandro, and Nelissen, Geoffrey

Abstract

The self-suspending task model proved to be particularly effective in capturing the timing behavior of real-time systems characterized by complex execution patterns, such as computation offloading to hardware accelerators, inter-core synchronization by means of multiprocessor locking protocols, and highly parallel computation. Most of the existing results for the timing analysis of self-suspending tasks do not support the widely adopted Earliest Deadline First (EDF) scheduling algorithm, being instead primarily focused on fixed-priority scheduling. This paper presents a response-time analysis for constrained-deadline self-suspending tasks scheduled under EDF on a uniprocessor system. The proposed analysis is based on a model transformation from self-suspending sporadic tasks to sporadic tasks with jitter, which can then be analyzed using a state-of-the-art analysis method for EDF scheduling. Experimental results are presented to compare the performance of the proposed technique in terms of schedulability ratio with that of the pessimistic suspension-oblivious approach and with a less general technique for task sets with implicit deadlines.

Published
2022
Full Text
View/download PDF

42. Response-Time Analysis for Self-Suspending Tasks Under EDF Scheduling (Artifact)

Author

Federico Aromolo and Alessandro Biondi and Geoffrey Nelissen, Aromolo, Federico, Biondi, Alessandro, Nelissen, Geoffrey, Federico Aromolo and Alessandro Biondi and Geoffrey Nelissen, Aromolo, Federico, Biondi, Alessandro, and Nelissen, Geoffrey

Abstract

This artifact provides the means to validate and reproduce the experimental results presented in the related paper "Response-Time Analysis for Self-Suspending Tasks Under EDF Scheduling". The paper introduces a response-time analysis for constrained-deadline self-suspending tasks scheduled under EDF on a uniprocessor system, based on a model transformation from self-suspending sporadic tasks to sporadic tasks with jitter. In the experimental evaluation presented in the paper, the performance of the proposed analysis approach for self-suspending tasks is compared with that of existing suspension-oblivious and suspension-aware analysis techniques.

Published
2022
Full Text
View/download PDF

44. ARTe: Providing real-time multitasking to Arduino

Author

Restuccia, Francesco, primary, Pagani, Marco, additional, Mascitti, Agostino, additional, Barrow, Michael, additional, Marinoni, Mauro, additional, Biondi, Alessandro, additional, Buttazzo, Giorgio, additional, and Kastner, Ryan, additional

Published
2022
Full Text
View/download PDF

46. Evaluating the Robustness of Semantic Segmentation for Autonomous Driving against Real-World Adversarial Patch Attacks

Author

Nesti, Federico, Rossolini, Giulio, Nair, Saasha, Biondi, Alessandro, and Buttazzo, Giorgio

Subjects
FOS: Computer and information sciences, Computer Vision and Pattern Recognition (cs.CV), Computer Science - Computer Vision and Pattern Recognition
Abstract

Deep learning and convolutional neural networks allow achieving impressive performance in computer vision tasks, such as object detection and semantic segmentation (SS). However, recent studies have shown evident weaknesses of such models against adversarial perturbations. In a real-world scenario instead, like autonomous driving, more attention should be devoted to real-world adversarial examples (RWAEs), which are physical objects (e.g., billboards and printable patches) optimized to be adversarial to the entire perception pipeline. This paper presents an in-depth evaluation of the robustness of popular SS models by testing the effects of both digital and real-world adversarial patches. These patches are crafted with powerful attacks enriched with a novel loss function. Firstly, an investigation on the Cityscapes dataset is conducted by extending the Expectation Over Transformation (EOT) paradigm to cope with SS. Then, a novel attack optimization, called scene-specific attack, is proposed. Such an attack leverages the CARLA driving simulator to improve the transferability of the proposed EOT-based attack to a real 3D environment. Finally, a printed physical billboard containing an adversarial patch was tested in an outdoor driving scenario to assess the feasibility of the studied attacks in the real world. Exhaustive experiments revealed that the proposed attack formulations outperform previous work to craft both digital and real-world adversarial patches for SS. At the same time, the experimental results showed how these attacks are notably less effective in the real world, hence questioning the practical relevance of adversarial attacks to SS models for autonomous/assisted driving.

Published
2022

Catalog

Books, media, physical & digital resources
See catalog results