Real-Time Component Software. slide credits: H. Kopetz, P. Puschner

Similar documents
Non-Blocking Write Protocol NBW:

Chapter 39: Concepts of Time-Triggered Communication. Wenbo Qiao

CORBA in the Time-Triggered Architecture

Multiprocessor and Real- Time Scheduling. Chapter 10

Time Triggered and Event Triggered; Off-line Scheduling

AUTOBEST: A United AUTOSAR-OS And ARINC 653 Kernel. Alexander Züpke, Marc Bommert, Daniel Lohmann

Main Points of the Computer Organization and System Software Module

2. Introduction to Software for Embedded Systems

CS 571 Operating Systems. Midterm Review. Angelos Stavrou, George Mason University

Multiprocessor and Real-Time Scheduling. Chapter 10

Dependable Computer Systems

FROM TIME-TRIGGERED TO TIME-DETERMINISTIC REAL-TIME SYSTEMS

Real-Time System Modeling. slide credits: H. Kopetz, P. Puschner

A Predictable RTOS. Mantis Cheng Department of Computer Science University of Victoria

Processes The Process Model. Chapter 2 Processes and Threads. Process Termination. Process States (1) Process Hierarchies

Distributed Embedded Systems and realtime networks

Commercial Real-time Operating Systems An Introduction. Swaminathan Sivasubramanian Dependable Computing & Networking Laboratory

Reference Model and Scheduling Policies for Real-Time Systems

Lecture 3: Concurrency & Tasking


Operating Systems Comprehensive Exam. Spring Student ID # 3/16/2006

Tasks. Task Implementation and management

DISTRIBUTED REAL-TIME SYSTEMS

CS370 Operating Systems

Simplified design flow for embedded systems

Module 1. Introduction:

Developing deterministic networking technology for railway applications using TTEthernet software-based end systems

Scheduling Algorithm and Analysis

Subject: Operating System (BTCOC403) Class: S.Y.B.Tech. (Computer Engineering)

Investigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models

Lecture 3. Introduction to Real-Time kernels. Real-Time Systems

PROCESSES & THREADS. Charles Abzug, Ph.D. Department of Computer Science James Madison University Harrisonburg, VA Charles Abzug

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING UNIT-1

Amrita Vishwa Vidyapeetham. ES623 Networked Embedded Systems Answer Key

Multiprocessor scheduling

Systems. Roland Kammerer. 10. November Institute of Computer Engineering Vienna University of Technology. Communication Protocols for Embedded

EMBEDDED OPERATING SYSTEMS

Real-Time Programming

Embedded Systems. 5. Operating Systems. Lothar Thiele. Computer Engineering and Networks Laboratory

Dr. D. M. Akbar Hussain DE5 Department of Electronic Systems

IT 540 Operating Systems ECE519 Advanced Operating Systems

Exam TI2720-C/TI2725-C Embedded Software

Processes The Process Model. Chapter 2. Processes and Threads. Process Termination. Process Creation

VALLIAMMAI ENGINEERING COLLEGE

Multimedia Systems 2011/2012

MARUTHI SCHOOL OF BANKING (MSB)

Intertask Communication

Chapter 5 Concurrency: Mutual Exclusion and Synchronization

Midterm Exam. October 20th, Thursday NSC

Embedded Systems. 6. Real-Time Operating Systems

CS370 Operating Systems Midterm Review

What s An OS? Cyclic Executive. Interrupts. Advantages Simple implementation Low overhead Very predictable

Microkernel/OS and Real-Time Scheduling

TDDD07 Real-time Systems Lecture 10: Wrapping up & Real-time operating systems

A Time-Triggered View. Peter PUSCHNER

OPERATING SYSTEM. Functions of Operating System:

What are Embedded Systems? Lecture 1 Introduction to Embedded Systems & Software

Administrative Stuff. We are now in week 11 No class on Thursday About one month to go. Spend your time wisely Make any major decisions w/ Client

Distributed Systems Conclusions & Exam. Brian Nielsen

Chapter 5 Concurrency: Mutual Exclusion. and. Synchronization. Operating Systems: Internals. and. Design Principles

Efficiency and memory footprint of Xilkernel for the Microblaze soft processor

A Fault Management Protocol for TTP/C

Concurrent activities in daily life. Real world exposed programs. Scheduling of programs. Tasks in engine system. Engine system

CSI3131 Final Exam Review

MaRTE-OS: Minimal Real-Time Operating System for Embedded Applications

Verification of Real-Time Systems Resource Sharing

CSE 120. Fall Lecture 8: Scheduling and Deadlock. Keith Marzullo

OMG Smart Transducer Specification (I)

CSC Operating Systems Spring Lecture - XII Midterm Review. Tevfik Ko!ar. Louisiana State University. March 4 th, 2008.

CSL373: Lecture 5 Deadlocks (no process runnable) + Scheduling (> 1 process runnable)

AC59/AT59/AC110/AT110 OPERATING SYSTEMS & SYSTEMS SOFTWARE DEC 2015

Embedded Software Programming

Threads. Threads The Thread Model (1) CSCE 351: Operating System Kernels Witawas Srisa-an Chapter 4-5

Operating Systems Design Fall 2010 Exam 1 Review. Paul Krzyzanowski

CPSC/ECE 3220 Fall 2017 Exam Give the definition (note: not the roles) for an operating system as stated in the textbook. (2 pts.

RTOS 101. Understand your real-time applications. with the help of Percepio Tracealyzer

Performance Throughput Utilization of system resources

A Server-based Approach for Predictable GPU Access Control

Chapter 12. CPU Structure and Function. Yonsei University

CSE544 Database Architecture

Lecture notes Lectures 1 through 5 (up through lecture 5 slide 63) Book Chapters 1-4

QUESTION BANK UNIT I

Following are a few basic questions that cover the essentials of OS:

Operating Systems (1DT020 & 1TT802)

MODELS OF DISTRIBUTED SYSTEMS

Real-Time Systems Hermann Härtig Real-Time Operating Systems Brief Overview

Precedence Graphs Revisited (Again)

Fault Tolerant Java Virtual Machine. Roy Friedman and Alon Kama Technion Haifa, Israel

Diagnosis in the Time-Triggered Architecture

To Everyone... iii To Educators... v To Students... vi Acknowledgments... vii Final Words... ix References... x. 1 ADialogueontheBook 1

Distributed Systems Conclusions & Exam. Brian Nielsen

OPERATING SYSTEMS CS3502 Spring Processor Scheduling. Chapter 5

CS370 Operating Systems

Introduction to Embedded Systems

REAL-TIME MULTITASKING KERNEL FOR IBM-BASED MICROCOMPUTERS

Designing Interactive Systems II

Operating Systems. Designed and Presented by Dr. Ayman Elshenawy Elsefy

General Objectives: To understand the process management in operating system. Specific Objectives: At the end of the unit you should be able to:

INPUT-OUTPUT ORGANIZATION

I/O Systems. Amir H. Payberah. Amirkabir University of Technology (Tehran Polytechnic)

Transcription:

Real-Time Component Software slide credits: H. Kopetz, P. Puschner

Overview OS services Task Structure Task Interaction Input/Output Error Detection 2

Operating System and Middleware Application Software Component API OS and Middleware Hardware In Interface Out 3

OS Services Secure boot of component software Reset, start, exec. control of component SW Task management Task interaction Message communication interface Linking Interface (RTS) Config., control (TII), debug (TDI) I/O Handling Discretization Agreement Time predictability, determinism 4

Assumptions about Software HRT Software Closed world assumption Tasks and task timing parameters known at design time Task communication, precedence known at design time I/O requirements known (values, timing) Pre-runtime preparation/analysis to provide runtime guarantees SRT Software Open world assumption Tasks, task timing and QoS parameters, I/O requirements QoS assessment before runtime; at runtime: best effort Non real-time Software 5

Task Management The software of a component is structured into a set of tasks (execution of a sequential program) that run in parallel. The OS provides the execution environment for each task. Temporal and spatial isolation: HRT Software versus other SW HRT Tasks are cooperative, not competitive. Component = unit of failure No resource-intensive protection between HRT tasks Light-weight OS Stateless versus stateful tasks 6

S-Tasks and C-Tasks Simple task (S-Task) executes from the beginning to the end without any delay, given the CPU has been allocated. Complex task (C-Task) may contain one or more WAIT statements in the task body. 7

Simple Task (S-Task) Can execute from beginning to end without delay, given the CPU has been allocated to it No blocking inside (no synchronization, communication) Independent progress Inputs available in input data structure at the task start Outputs ready in the output data structure upon task completion API: input DS, output DS, g-state Input DS g-state S-Task g-state Output DS 8

Complex Task (C-Task) May contain one or more WAIT operations Possible dependencies due to synchronization, communication Progress dependent on other tasks in node or environment C-task timing is a global issue API: input DS, output DS, g-state, shared DS, dependencies Input DS g-state C-Task WAIT g-state Output DS Shared DS 9

ARINC Standard WG 48-1999 HRT systems demands (taken from ARINC standard): The Avionics Computing Resource (ACR) shall include internal hardware and software management methods as necessary to ensure that time, space and I/O allocations are deterministic and static. Deterministic and static means in this context, that time, space and I/O allocations are determined at compilation, assembly or link time, remain identical at each and every initialization of a program or process, and are not dynamically altered during runtime. 10

Time-Triggered Task Control In strictly TT systems, the dispatcher controls the execution of tasks, by interpreting the Task Descriptor List (TADL). TADL Time 10 17 22 38 47 Action Start T1 Send M5 Stop T1 Start T3 Send M3 Dispatcher The TADL tables are generated and checked by a static scheduler, before runtime. 11

TT Resource Management In a TT OS there is hardly any dynamic resource management. Static CPU allocation. Autonomous memory management. It needs little attention from the operating system. Buffer management is minimal. No queues. Implicit, pre-planned synchronization fulfills synchronization needs and precedence constraints S-tasks only No explicit synchronization (e.g., mgmt. of semaphore queues). Operating systems become simple, can be formally analyzed. Examples: TTOS, OSEK time 12

TT Task Structure Basically the task structure in a TT system is static. There are some techniques that make the task structure data/situation dependent, but they are limited: Mode changes navigate dynamically between statically validated operating modes. Sporadic server tasks: Provide a laxity in the schedule that can be consumed by a sporadic server task. Precedence graphs with exclusive or: dynamic selection of one of a number of mutually exclusive alternatives (not very effective!) This limited data dependency of the task structure has both big advantages and disadvantages. 13

TT Task States Non preemptive system Inactive Task Activation Task Termination or Error Active 14

Task Control ET with S-Tasks In an ET system, the task control is performed by a dynamic scheduler that decides which task has to be executed next on the basis of the evolving request scenario. Advantage: Actual (and not maximum) load and task execution times form the basis of the scheduling decisions. Disadvantage: In most realistic cases the scheduling problem that has to be solved on-line is NP hard. 15

ET Task States with S-Tasks Preemptive system Task Activation Ready Active Inactive Preemption Scheduler Decision Running Task Termination 16

ET Task States with C-Tasks Preemptive system Task Activation 1 Running Active Inactive Ready 2 3 4 Blocked Task Termination 1 Scheduler Decision 3 Task executes WAIT for Event 2 Task Preemption 4 Blocking Event occurs 17

ET Resource Management In ET OS the dynamic resource management is extensive: Dynamic CPU allocation. Dynamic memory management. Dynamic Buffer allocation and ET management of communication activities Explicit synchronization between tasks, including semaphore queue management and deadlock detection. Extensive interrupt management. Timeout handling of blocked tasks. A formal timing analysis of ET operating systems is beyond the state of the art (e.g., OSEK). 18

Task Interaction Precedence constraints: restrictions on task sequence (e.g., sequence of actions or outputs) TT: reflected in TT schedule (TADL) ET: WAIT Exchange of data Messages Shared data structure provision of integrity Coordinated task schedules TT schedule guarantees mutex: deterministic solution, min. overhead Non-blocking write protocol Semaphores 19

Non-Blocking Write (NBW) Protocol Assumptions Distributed System Communication via shared memory Exactly one writer on dedicated CPU (no conflicts on CPU) One or more readers (on one or more CPUs) Intervals between write operations an long compared to the duration of a write operation Writer data ShM data Reader Reader 20

Non-Blocking Write Protocol Demanded Properties Consistency: Read operations must return consistent results. Non-Blocking Property: Readers must not block the writer. Timeliness: The maximum delay of a reader during a read operation must be bounded. 21

Non-Blocking Write Protocol Init: CCF := 0; /* concurrency control flag */ Writer: CCF_old := CCF; CCF := CCF_old + 1; write to shared struct; CCF := CCF_old + 2; Reader: start: CCF_begin := CCF; if CCF_begin mod 2 = 1 then goto start; read from shared struct; CCF_end := CCF; if CCF_end CCF_begin then goto start; CCF arithmetics in practice: all CCF operations mod (2 * bign) 22

NBW Protocol Correctness The following szenarios have to be checked for correctness: 1. 2. 3. 4. Read Write Read Write Write Read Write Read 5. 6. Read Write 23

Task Interaction Semaphores: high overheads for small critical regions (typical for real-time applications) Replica determinism Simultaneous access to CCF (NBW) or semaphores may cause race conditions unpredictable resolution 24

Time Services Clock Synchronization Time services: Specification of a potentially infinite sequence of events at absolute time-points (off-line and on-line). Specification of a future point in time within a specified temporal distance from "now" (timeout service) Time stamping of events immediately after their occurrence Output of a message (or a control signal) at a precisely defined point in time in the future, either relative to "now" or at an absolute future time point Gregorian calendar function to convert TAI (UTC) to calendar time and vice versa 25

Timing at I/O Interface Value at RT Entity Input Output Value at RT Entity Delay within Computer System t Time Delay at Sensor Time Delay at Actuator Phase-alignment of sampling transmission to control node computation transmission of set point to the actuator to reduce dead time of control loops 26

Dual Role of Time of Event Occurrence A significant event in the environment of a real-time computer can be seen from two different perspectives: Time as data: Point in time of a value change of an RT entity. Precise knowledge of this point in time is important for the analysis of the consequences of the event. Example: timekeeping in downhill skiing Time as control: may demand immediate action by the computer system to react as soon as possible to this event. Example: Emergency stop It is much more demanding to implement time as control than to implement time as data! 27

Sampling Value of an Analog RT Entity Sampling Points t 28

Timing in a Sampled System Sampling of the RT Entity Transport of the Observation WCET of the Processing Task Transport of the Result Output to the Actuator Controlled Object t 29

Sampling States vs. Events Sampling refers to the periodic interrogation of the state of a RT entity by a computer. The duration between two sampling points is called the sampling interval. The length of the sampling interval is determined by the dynamics of the real-time entity. States can be observed by sampling. Events cannot be sampled. They have to be stored in an intermediate memory element (ME). 30

Sampling Position of Memory Element Push Button ME Memory Element in Sensor Control Data Computer 31

Sampling Role of the Memory Element View of Observer without Memory Element at RT Entity View of Observer with Memory Element at RT Entity Sampling Points Value of RT Entity 32 t

Sampling Importance of MINT View of Observer with Memory Element at RT Entity Sampling Points RT Entity MINT minimum inter-arrival time t 33

Interrupt An interrupt is a hardware mechanism that periodically monitors (after the completion of each instruction or CPU clock cycle) the state of a specified signal line (interrupt line). If the line is active and the interrupt is not disabled, control is transferred after completion of the currently executing instruction (from the current task) to an instruction (task) associated with the servicing of the specified interrupt. As soon as an interrupt is recognized, the state of the local interrupt memory is reset. 34

Interrupt Push Button Memory Element in Computer ME Control Data External event forces computer into interrupt service state. 35

Memory Element for an Event Event Occurrence Memory Set Memory Reset Time Sampling: after a fixed period by sensor Polling: by CPU Interrupt: by CPU In the interval between the event occurrence and the resetting of the memory, no further events are recognized MINT 36

Sampling, Polling, Interrupt Failures What happens in the case of failure on transmission line? Sampling: Polling: ME protected message ME Control Data Control Data Interrupt: ME Control Data Computer 37

Interrupt Handling Three tasks to handle an interrupt: Time window is opened by the first dynamic TT task à guarantee MINT. Interrupt may occur in this time window; The third task, the ET interrupt service task, is activated and closes the time window. Time window is closed by the second dynamic TT task if no interrupt has occurred. Real Time 38

Need for Agreement Protocols If an RT entity is observed by two (or more) nodes of the distributed system, the following may happen: The same event can be time-stamped differently by two nodes fundamental limit of time measurement. When reading an analog sensor, a dense quantity is mapped onto a digital values discretization error. Even sensors of highest quality may yield readings differing by a single-bit quantity. Whenever a dense quantity is mapped onto a discrete representation, agreement protocols are needed to get an agreed view on multiple redundant sensor readings 39

Agreement Protocol An agreement protocol provides a consensus on the value of an observation and on the time when the observation occurred among a number of fault-free members of an ensemble: The first phase of an agreement protocol concerns the exchange of the local observations to get a globally consistent view to each of the partners In the second phase, each partner executes the same algorithm on this global data (e.g., averaging) to come to the same conclusion the agreed value and time Agreement always needs an extra round of communication and thus weakens the responsiveness of a real-time system. 40

Agreement of Resource Controllers As long as a number of resource controllers that observe a set of real-time entities has not agreed on the observations, active redundancy is not possible (and therefore no need for replica determinism): The world interface between a sensor and the associated resource controller can be serviced without concern for replica determinism (local interrupts!!) It should be an explicit design goal to eliminate the h-state from the resource controller (stateless protocols) as far as possible. The message interface of the resource controller to the rest of a cluster should provide agreed values only! 41

Byzantine Agreement Byzantine agreement protocols have the following requirements to tolerate the Byzantine failures of f" nodes : There must be at least 3f+1 nodes in a FTU. Each node must be connected to all other nodes of the FTU by f+1 disjoint communication paths. In order to detect the malicious nodes, f+1 rounds of communication must be executed among the nodes. The nodes must be synchronized to within a known precision of each other. 42

Error Detection Mechanisms An RTOS must provide error detection in the temporal domain and in the value domain Consistency checks, CRC checks Monitoring task execution times Monitoring interrupts (MINT) Double execution of tasks (time redundancy) Watchdogs observable heart-beat signal 43

A Time-Predictable Component Application Computer TT Comm. Controller HRT Subsystem Symbols Time-Triggered State Message Port Control Signal Port Memory Element for a Single State Message Synchronized Clock Time-Triggered Communication 44

Synchronization with Real-Time Clock Master clock synchronization Programmed clock interrupt from connector unit Planned window of inactivity before expected clock sync. time allows slow CPUs to complete the same workload as fast CPUs (needs bound on clock skew) window of inactivity slow CPU fast CPU clock interrupt 45

Time-Predictable Component (2) synchronized representation of global time instruction counter clock, synchronized to the local representation of global time Static schedule (instruction-counter interrupt for preemptions) Data transfer triggered by progression of instruction counter clock Data transfer triggered by progression of global-time representation Programmable clock interrupt to synchronize the instructioncounter clock with the global-time representation 46

Points to Remember Separation HRT SW vs. other SW Pre-planned TT operation keeps SW simple and verifiable Time services and the role of time Sampling I/O Application-dependent timing parameters Protection against failures Input agreement at system borders 47

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback