Requirements#

Orchestration Requirements		status: valid security: YES safety: ASIL_B
tags: orchestration realizes: wp__requirements_feat

doc__orchestration_requirements		Generic Document

Executor#

Task Management#

Async Cooperative Task Runtime		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes fulfilled by: feat_arc_sta__orchestration__static_view
The executor shall provide a cooperative task runtime for async programming based on the definition of Rust’s async model (see Asynchronous Programming in Rust <https://rust-lang.github.io/async-book>).
feat_req__orchestration__exec_async_rt		Feature Requirement

Yielding Guidelines for Long Operations		status: valid security: NO safety: QM
tags: orchestration reqtype: Non-Functional satisfies: stkh_req__execution_model__processes
The executor shall provide guidelines for dividing long-running operations into smaller, cooperatively yielding segments.
feat_req__orchestration__exec_yielding		Feature Requirement

Dedicated Threads for Blocking Operations		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
The system shall support execution of tasks containing blocking calls on dedicated OS threads isolated from cooperative scheduling.
feat_req__orchestration__exec_block_threads		Feature Requirement

Special Tasks and Preemption#

Preemptive Scheduling for Safety Tasks		status: invalid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__dependability__automotive_safety
The Executor shall support preemptive scheduling of special safety-critical tasks, guaranteeing their execution.
feat_req__orchestration__exec_preempt_safety		Feature Requirement

Separate Priority for Safety Tasks		status: invalid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__dependability__automotive_safety
Safety-critical tasks shall be prioritized separately from standard cooperative tasks.
feat_req__orchestration__exec_safe_task_prio		Feature Requirement

Thread Pool Configuration#

Fixed-Size Thread Pool		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
Executor instances shall run tasks on a statically configured thread pool with a fixed thread count.
feat_req__orchestration__exec_fixed_pool		Feature Requirement

Uniform OS Priority for Non-Safety Threads		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
Threads within an Executor not involved in safety-critical tasks shall share identical OS-level priority.
feat_req__orchestration__exec_os_prio		Feature Requirement

Configurable Thread Affinity		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
Thread affinity to CPU cores shall be configurable per Executor instance.
feat_req__orchestration__exec_thread_aff		Feature Requirement

Isolated Thread Pools		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
Executor instances shall isolate their thread pools from each other.
feat_req__orchestration__exec_pool_isolation		Feature Requirement

Task Scheduling#

No Internal Priorities for Cooperative Tasks		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
Cooperative tasks within an Executor shall execute without internal priority distinctions.
feat_req__orchestration__exec_no_int_prios		Feature Requirement

FIFO or Fairness Scheduling		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
The Executor shall support FIFO or fairness-based scheduling among cooperative tasks.
feat_req__orchestration__exec_fifo_fair_sched		Feature Requirement

Scale via Additional Executors		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
Scaling of Executor resources shall be achieved through additional Executor instances rather than dynamic thread scaling.
feat_req__orchestration__exec_scale_instances		Feature Requirement

Orchestrator Requirements#

Program Definition#

Static Program Execution Graphs		status: valid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__app_architectures__support_time fulfilled by: feat_arc_sta__orchestration__static_view
The Orchestrator shall provide a runtime-static Program abstraction representing computation logic as execution graphs.
feat_req__orchestration__orch_static_graphs		Feature Requirement

Explicit Control Flows and Timing		status: valid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__app_architectures__support_time
Programs shall explicitly define sequential, parallel, conditional execution flows, loops, and timing contracts.
feat_req__orchestration__orch_ctrl_flows		Feature Requirement

Event-Based Synchronization		status: valid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__app_architectures__support_time
Programs shall support explicit event-based synchronization and trigger conditions.
feat_req__orchestration__orch_event_sync		Feature Requirement

Fault-Handling and Monitors		status: valid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__app_architectures__support_time
Programs shall contain integrated fault-handling logic and execution monitors to enforce timing constraints.
feat_req__orchestration__orch_fault_mon		Feature Requirement

API Design#

Code-First Integration API		status: valid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__app_architectures__support_time
The Orchestrator shall offer a code-first API to integrate directly with application logic without external DSL/IDL.
feat_req__orchestration__orch_code_api		Feature Requirement

Execution Model#

Single-Executor Deployment		status: valid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__app_architectures__support_time
Each Program shall be deployed exclusively on a single Executor instance.
feat_req__orchestration__orch_single_deploy		Feature Requirement

Multi-Program Support per Executor		status: valid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__app_architectures__support_time
Executors may host multiple Programs to support resource sharing.
feat_req__orchestration__orch_multi_prog		Feature Requirement

Event-Only Communication		status: valid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__app_architectures__support_time
Programs shall communicate exclusively through explicitly defined events.
feat_req__orchestration__orch_event_comm		Feature Requirement

Special Safety Task Integration#

Safety Tasks in Programs		status: invalid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__dependability__automotive_safety
Critical timing or safety paths within Programs shall be executed via preemptive special tasks provided by the Executor.
feat_req__orchestration__orch_safety_tasks		Feature Requirement

Observability Requirements#

Trace Correlation Points		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__dev_experience__tracing_of_exec
The Executor and Orchestrator shall expose structured tracing points correlating user-space task scheduling with OS-level scheduling.
feat_req__orchestration__obsv_trace_corr		Feature Requirement

Task Lifecycle and Queue Metrics		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__dev_experience__tracing_of_exec
Observability shall capture task lifecycle events, Executor queue metrics, and mapping of user-space tasks to OS threads.
feat_req__orchestration__obsv_lifecycle_qm		Feature Requirement

Program Flow and Timing Visibility		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__dev_experience__tracing_of_exec
Observability shall provide visibility into Program execution flow, event synchronization points, and timing violations.
feat_req__orchestration__obsv_flow_vis		Feature Requirement

Integration with Tracing Frameworks		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__dev_experience__tracing_of_exec
Tracing points shall integrate seamlessly with established tracing frameworks like Perfetto and LTTng.
feat_req__orchestration__obsv_fw_integ		Feature Requirement

External Supervision Requirements#

Health Indicators Export		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
Executor and Orchestrator frameworks shall expose health indicators for integration with external supervisory systems.
feat_req__orchestration__ext_health_inds		Feature Requirement

Internal Task Health Verification		status: valid security: NO safety: QM
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes
Frameworks shall internally verify task-level health status based on timing constraints and fault-handling execution.
feat_req__orchestration__ext_task_health		Feature Requirement

General Constraints#

Determinism and Scalability		status: valid security: NO safety: QM
tags: orchestration reqtype: Non-Functional satisfies: stkh_req__execution_model__processes
The Executor and Orchestrator shall maintain determinism and scalability suitable for mixed-criticality environments.
feat_req__orchestration__gen_det_scale		Feature Requirement

Explicit Preemption Activation		status: invalid security: NO safety: ASIL_B
tags: orchestration reqtype: Functional satisfies: stkh_req__execution_model__processes, stkh_req__dependability__automotive_safety
Preemptive scheduling shall only be activated explicitly for tasks with safety or critical timing constraints.
feat_req__orchestration__gen_preempt_act		Feature Requirement

Exclusive Use of IPC Feature for Inter Process Synchronization		status: invalid security: YES safety: ASIL_B
tags: orchestration reqtype: Non-Functional satisfies: stkh_req__execution_model__processes, stkh_req__dependability__automotive_safety, stkh_req__dependability__security_features, stkh_req__communication__inter_process
The system shall use the approved IPC feature exclusively for all inter-process synchronization.
feat_req__orchestration__gen_excl_ipc		Feature Requirement