1
STREAM01 / Mastère SE course E10
Distributed embedded Systems and Real-time networks
Marie-Agnès Peraldi-Frati AOSTE Project UNSA- I3S-INRIA
December 2007
Course 2 :
Real-time Standards
Autosar standard
OSEK/VDX standard
Real-Time communications
ISO and realtime
Real time Protocols
3
AUTOSAR
An Open Standardized Software Architecture for Automotive Industry www.autosar.org
Three main topics
Architecture : software architecture including AUTOSAR Basic software
Methodology: Exchange formats or description templates for seamless configuration process
Application interfaces: typical automotive interface (syntax and semantics)
Architecture
5
Methodology
Methodology
1a: SW component description
General characteristics, Communication properties : r-ports, p-ports, interfaces
Structure (sub-components, connections) Required HW resources (processing time, scheduling, memory)
1b: ECU resource description
General characteristics, Temperature, Available signal processing methods, Available programming capabilities, Available HW (uC, memory, interface CAN, LIN, Flexray), Periphery (sensor, actuator), Connectors : number of pins, SW below RTE
1c: Description of system
Bus systems CAN, LIN…, connected ECUs, Gateways, protocols, communication matrix and attributes, function clustering, function deployment (distribution to ECU)
7
Methodology
2: Distribution of SW component description to ECU
Configuration on the basis of description
Consideration of ECU resources available and constraints given in the system description
3: Generation of required configuration for AUTOSAR infrastructure per ECU
Mapping of task, messages…
4: Generation of software executables based on the configuration on each ECU
Example of functional transferability : Speed Warning Use Case
SW-Component description get_v() describes a function to acquire the current vehicule speed and defines the necessary resources (memory, run-time and computing power requirements …)
Function v_warn() makes use of get_v()
Autosar virtual integration :
9
Application interfaces
Syntax of interface
meta model,
software component template
Semantics of interface
Physical properties, units …
Supporting re-use across product lines
AUSTOSAR conclusion
A standards and a methodology based on component architecture design
Independent HW/SW development process
Interoperability and reuse of components
Interface and templates for AUTOSAR components
Open issues in AUTOSAR
RT in RTE mean Run Time … not Real Time
Timing issues ?
Safety ?
Predicatbility ?
….
11
Timing issue example 1
Courtesy Kai Richter TIMMO project
Timing issue example 2
13
Autosar OS and COM
Course 2 :
Real-time Communications
Autosar standard
OSEK/VDX standard
ISO and realtime
Real time Protocols
15
OSEK/VDX overview
1993 OSEK group (Open Systems and the Corresponding Interfaces for Automotive Electronics)
University of Karlsruhe
Spare part designers
(Bosch, Siemens …)
Car manufacturers (
BMW, DaimlerChrysler, Renault, PSA, Opel etc.)
1994 OSEK/VDX OS (Vehicle Distributed eXecutive)
Joined projects of OSEK and VDX (GIE PSA-Renault)
OSEK/VDX
Real-time OS for automotive embedded systems
Real-time constraints
Fault tolerance
Embedded hardware (RAM, ECU 8 et 16 bits)
Distributed Architecture
17
OSEK-VDX Specifications
OS
: Sept 2001, OS Kernel event triggered
COM
: Jan. 2003, Services for communication
TIME
: OS kernel time triggered
FT
: Fault-tolerance manage redundancy and frame construction
NM
: May 2000, Network Management and Monitoring
OIL
: Jan. 2003, Application description language
http://www.osek-vdx.org
OSEK/VDX Operating system: Services
Taskmanagement
Activation, termination, state management, task switch
Synchronization
Resource management, Mutual exclusion, Event control
Interrupt management
Alarm
Relative and absolute alarms
Static (defined at compile-time) and dynamic (defined at run-time) alarms
Error management
Mechanisms supporting the user in case of various errors
Only static Objects : neither dynamic creation nor dynamic
suppression of objects
19
Methodology
Task management
Interrupt tasks
System tasks
Application tasks
21
Task scheduling
Multiple instance of the same task
Several tasks with the same priority
Problem of the memory space for context switching storage.
Task Scheduling
Fixed Priority Preemptive Scheduling
3 scheduling modes
Preemption mode: a task may be preempted by one with higher priority
Non preemptive mode: a task switch is only performed via an explicit system services (explicit point of rescheduling ,cooperative mode)
Mixed mode: a task have an attribute (preemptable or not) Advantages of a non-preemptive execution in a preemptive context :
In the case of a short execution time it is equivalent to a context switching
This mechanism needs few RAM consuming
Adapted to resource protection
23
OSEK/VDX Application Task
Basic task
3 states : suspended / ready/ running
no waiting state, and thus only comprise synchronization points at the beginning and the end of the task
without deadlock
Moderate requirement regarding run time context (RAM).
Extended task
Can wait for an event waiting state
4 states : basic task states + waiting
OSEK/VDX Application Task
Group of tasks
A group is a set of tasks attached to an internal resource
Internal tasks
(from the same group) cannot preempt each others
External tasks
with a lowest priority than the highest
prioritytask in a group cannot preempt a task in this group.
External tasks
with a highest priority than the highest
prioritytask in a group can preempt all the tasks in this
group.
25
OSEK/VDX Resource management
Resource management ensures that :
two tasks cannot occupy the same resource at the same time.
deadlocks cannot occur by use of these resources.
access to resources never results in a waiting state.
priority inversion cannot occurs.
OSEK/VDX Ressource management
Main problem : Deadlock
Priority Ceiling Protocol to solve these problems
Off line : Priority(Rj) = max {priority(Ti) using Rj}
On line
Priority{(Tk) using Rj}= Priority(Rj)
As Soon As Tk release Rj, Tk recover is initial priority
27
Multiple resource access
T4 Priority >T3 Priority
T4 and T3 are using the same resource
Problem :
Abnormal suspension time for T4
Priority Ceiling Protocol
T5 Priority >T4 Priority
T4 and T3 are using the same resource
Solution : Priority inversion
between T1 and T4
since R1 is released
29
OSEK-VDX COM
Objectives :
Portability, reuse and interoperability of application software
Same interface for internal or external communications
Independency on underlying protocol (CAN, TTP … )
Static configuration of communication
Communication Services based on objects
Writing a message : potentially multiple writers on a node
Reading a message : multiple readers on the same or on different sites
OSEK/VDX Communication
Osek API Sender/Receiver Periodic Message
Segmentation Recombination
Acknowledge Frame transfer
with CAN or TTP Monitoring Mode switching
Initialization
31
OSEK-VDX COM
Asynchronous model of communication
Based on messages
Senders and receivers are tasks and/or ISR from OSEK OS
At the IL level :
Receiving/Sending Message objects (Int. and Ext. com.)
I-PDU (Ext. Com. only)
N,M Communications
Communications tasks for sendingcannot be suspended during transmission
Communications tasks for receivingcannot be lockedif the message is not available.
OSEK-VDX COM
Application layer manage its own copy
of a message A message can have
no data : it is a signal
The sizeof a message can be either static or dynamic (max boundary).
33
OSEK-VDX COM
Management of the message object by
Blackboard (Update and multiple reads) Management of the message object by Queue (Read once)
Transfer characteristics :Triggered , pending Notificationmechanism is associated with a message
OSEK-VDX COM
I-PDU :
Only for external communication
Optimization: one or several messages in the same frame
Transmissionof a I- PDU on request, periodic, mixed mode
Temporal management (deadline, on sending and
receiving)
35
OSEK-VDX Evolutions
Application model
OSEKtime OS : TTCAN, TTP/C, Flexray
Classical tasks : OSEK-VDX OS
TT Tasks : entry point, ending point – Suspended running preempted
Off line Static scheduling
Deadline monitoring
Free space time used for classical task execution
OSEK-VDX Conclusion
Maturity of the proposition
Industry products available : Motorala , WindRiver
A major step for the objectives of reuse and portability
37
Course 2 :
Realtime Communications
OSEK/VDX standard
ISO and realtime
Real time Protocols
Main definition in data transmission
Architecture : OSI model-based architecture ?
Topology : bus, ring, star, tree
Protocol
Synchronous /asynchronous
Event / Time trigerred
Protection from errors
Architecture of an embedded network
Based on the OSI model with a limitation of the number of levels
Idea : reducing the number of layers (suppression of the network, transport, session and presentation layers)
Advantage : the duration to pass the layers is limited
Inconvenient : the associated services are not available !
Integration of temporal mechanisms in real time networks.
Architecture of real time embedded network
Real time network merges and simplifies the services of the different layers.
Architecture of real time embedded network
Useful layers for real time networks ?
physical: transmission medium ,
physical link : optical, radio waves, coaxial cable, infra red …
shared between stations in full duplex accesses
Data link IEEE 802 :
Ensure the detection of error transmission
Includes the MAC sub layer which allows multiple accesses to physical medium
Depends on the topology
application:useful layer which provides services required for distributed information’s accesses. Services can be tagged with temporal information's.
Real time embedded network => layers 1, 2, 7
Architecture of real time embedded network
Unused layers?
Network andtransport: provide and control the routing of datagram's between users. The control for the safe transmission of data is ensured by the DLL layer.
Session : manage the dialogue before establishing a connection.
This layer is not implemented on embedded networks.
Presentation:data packaging. Few services of this layer are implemented.
43
Topology
Good fit to long skinny systems – elevators, assembly lines, etc...
Flexible - many protocol options
Break in the cable splits the bus
Was prevalent for early desktop systems
Topology
Token ring
No contention over a shared wire
Nodes act as repeaters
Requires bypass for failed node
Popular choice for fiber optics
45
Topology
Star
Can emulate bus functions
Easy to detect and isolate failures
Broken wire only affects one node
Broken hub is catastrophic
Requires more wiring; common for current desktop systems
Protocols
What’s services and protocol and at which level ?
Diffusion, point to point, multipoint
Protocol with or without connection
Connection is not adapted in a well-known environment.
The objective is to increase the exchange speed
Protocol with or without acknowledgement
Protocols provide negative or positive ack,
For periodic communications in real time embedded networks => no ack
For sporadic or aperiodic communications => ack
Main issue => recovery from errors
47
Protocols
Synchronous or Asynchronous transmission
Synchronous : receiver and transmitter are sampling
the signal at significant instants to acquire transmitted bits.
Problem of clock drift between nodes => Characters based synchronization
Asynchronous
information is transmitted at non predefined instants. Synchronization between receiver and transmitter is done by the way of encapsulating data into a frame with start and stop information's.
Course 2 :
Realtime Communications
OSEK/VDX standard
ISO and realtime
Real time Protocols
49
MAC Protocol
Protocol with concurrency :
CSMA (Carrier sense Multiple access) class protocol
Local access management
Protocol with temporal multiplexing :
frequency or time multiplexing
TDMA Time Division Multiple Access
Synchronous or asynchronous TDMA
Protocol with explicit control access
Token or arbiter
Temporal aspects
Propagation time
Few time in comparison to transmission time
Approximately Tp =5 microS/km for a coaxial wire
Transmission time
The duration for a station for the emission of the information bloc PDU (Protocol data unit).
Transmission time Tt of the n bits of the PDU on a circuit which bandwidth is C bits/s is Tt=n/C.
Transfer time
Ttr = Tt + Tp
51
Temporal aspects
Latency time for emission:
Delay between a request for an emission (MAC_Data_Rq) an the beginning of the frame transmission at the sender node CNI level (Network Communication Interface).
Turnround time :
A characteristic of station with an access control protocol
The delay for a station to recognize that it is its turn to send or to receive
Response time :
Addition of transfer time and latency time
It represents the delay between the service demand of emission and the reception of the frame.
Frame
Temporal aspects
MAC-Data-Rq
Latency Time
Transmission Time Propagation Time
Response Time
Transfer Time Mac services
and medium
53
PDU Frame encoding
• Manchester encoding
Data encoded by transition from high-to-low or low-to-high
“Self-clocking” scheme
PDU Frame encoding
NRZ = Non-Return-To_Zero
Few transitions (on average) = requires less oscillator drift
Bit stuffingrelaxes oscillator drift requirements
55
Generic Message
Header
Routing information (source, destination)
Global priority information (which message gets on bus first?)
Data
Application- or high-level-standard defined data fields
Often only 1-8 bytes
Error detection
Detects corrupted data (e.g., using a CRC)
Detection is not perfect for high bit error rates
Embedded networks can have very high bit error rates
Central Issue: Message Priority
Local priority
Each node can transmit its highest priority message when it gets a turn on the bus
Or, it can implement some form of round-robin message transmission, etc.
Global priority
Which node gets the next turn on the bus?
Could be a function of round-robin selection of nodes
Could be a function of the node’s inherent priority
Could be a function of the priority of the highest message on the node -- a
“global message priority” scheme Fundamental tension:
Reducing latency for high-priority nodes/messages vs. Ensuring fairness for low-priority nodes/messages
57
Access protocol : bus master approach
Bus Master can poll for messages
Master sends polling messages and waits for response
Problem: missing/slow slave
Master uses worst-case timeout waiting for response
If slave gets confused/is late, protocol fails
Problem: broken master
Master can send a time tick
Other nodes select response time from that time tick
Then becomes a form of time slice/time slot protocols discussed later
Polling
Operation
Centrally assigned master polls the other nodes (slaves)
Non-master nodes transmit messages when they are polled
Inter-slave communication through the master
Exemple : WorldFIP, Profibus
59
Polling
Advantages
Simple protocol to implement;
historically very popular
Bounded latency for real-time applications
Disadvantages
Single point of failure from centralized master
Polling consumes bandwidth
Network size fixed during installation (not robust)– Or, master must discover nodes during reconfiguration
Prioritization is local to each node
But, can use centralized load balancing
Polling need not be in strict order; it could be, for example: 1, 2, 1, 3, 4, 1, 5, 1, 3, 1, 6, …(repeats)
TDMA Time division multiple access
Master node sends out a frame sync to synchronize clocks
Each node transmits during its unique time slot Exemple : TTP, FlexrayInterbus, ControlNet, Arinc
61
TDMA
Advantages
Simple protocol to implement
Deterministicresponse time
No wasted time for Master polling messages Disadvantages
Single point of failure from the bus master
Wasted bandwidth when some nodes are idle
Requires stable clocks
Network size fixed during installation (not robust)
Prioritization is local to each node – (can use centralized load balancing) Variation: Variable Length TDMA (~Implicit Token)
Unused time slices are truncated to save time
More efficient use of bandwidth
CSMA/CD Transmit And Collide
CSMA : Carrier Sense Multiple Access
CSMA + CD Collision Detection
Transmit message if bus is idle;
if you get lucky network transites to “active”
If you get unlucky, you get a collision event (requires Collision Detection HW)
Vulnerability window is about 2 time slot
After collision, back off a certain time
Amount of time to back off should vary with network load
Exemple : ethernet
63
CSMA/CD
Advantages
Small latency for low traffic load
Network initialization/configuration is not required
Node can enter or leave the network without any interruption
Supports many nodes
Probabilistic global prioritization is possible
Extensive installed base and support
Disadvantages
Designed for aperiodic traffic - not ideal for synchronized control loops
Collision detection is an analog process which is not always practical
Unbounded individual message latency
Poor efficiency under heavy loads
Explicit Tokens Protocols
Token ring
Nodes are connected in a ring using point-to-point links
This is not a circular bus – every wire is independent and operates concurrently
A token signal is passed from one node to another in a circular fashion
The token holder has the permission to access the media
This is a bit-at-a-time transfer protocol– Bits are shifted around the ring– All other protocols discussed deal with whole messages
Token bus
A token signal is passed from a node to node on a bus (virtual
65
Explicit Tokens Protocols
Advantages
Bounded latency for real-time control applications
High throughput during heavy traffic
On-the-fly reconfiguration Disadvantages
Token passing latencies under light traffic conditions
Prioritization local to each node
Lengthy reconfiguration process
Token initialization, loss, and duplication recovery overhead
Collisions may occur during initialization and reconfiguration
Complex protocol (especially at MAC sublayer)
Example : profibus, telway, map
Implicit Tokens protocols
Length of waiting period is used as a time-domain implicit “token”
Owner of bus determined by what time it is instead of explicit token message
Time slices -- waiting period is a whole message long
TDMA, TTP
Time slots -- waiting period is as short as possible
~ 2tpd
CSMA/CA
67
CSMA/CA (Implicit Token)
IDLE: Active station transmits immediately
After each message, reserve S slots for N nodes
BUSY: Transmit during your assigned slot
– If S=N, no collisions - known as Reservation CSMA
– If S<N, statistical collision avoidance
CSMA/CA Tradeoffs
Advantages
Small latency for light traffic
Good throughput under heavy traffic
Global prioritization through fixed slots – prioritized implicit token passes
Bounded latency through rotating slots – non-prioritized implicit token passes Disadvantages
Restarting time slots from an idle bus can be difficult
Send dummy messages to avoid idle state
Collisions can occur
Node complexity in mapping Sth slot to Nth node
69
Binary Countdown (Bit Dominance)
Each node is assigned a unique identification number
All nodes wishing to transmit compete for the channel by transmitting a binary signal based on their identification value
A node drops out the competition if it detects a dominant state while transmitting a passive state
Thus, the node with the dominantidentification value wins
Examples : CAN, VAN, LIN
Binary Countdown
Bit encoding
Self-clocking schemes are simpler, but require more bandwidth
Bit-stuffed schemes require extra bits for stuffing, result in nondeterministic message lengths
Collision-based protocols
An unbounded number of collisions results in unbounded worst-case latency Idea: use collision to signal start of a reservation CSMA protocol – works well. In
general not constrained by bit speed/network length ratio (but IS constrained by message speed/network length ratio)
Bit dominance/binary countdown protocols
Excellent efficiency – But must have compatible network medium
Constrained by network bit speed/network length ratio
71
Conclusion
Protocols are optimized for different operating scenarios
Collision-based
High number of possible transmitters
Low number of active transmitters
Arbitration overhead proportional to activity
Token-based, Time-multiplexed & Polled
Moderate number of total transmitters
Handles worst case activity without a problem
Arbitration overhead relatively constant
Binary countdown
Moderately large number of message types
Arbitration overhead constant
Global prioritization (but no mechanism for fairness)
Conclusion
General embedded network issues
Dynamic tension among efficiency, latency, determinism Classes of protocols
Time-multiplexed (polled/time-triggered)
Token (implicit/explicit)
Binary countdown
General tradeoff overview
Global vs. local priority (and, priority vs. fairness)
Efficiency vs. dynamic flexibility
73
References
H. Kopetz,
Real-Time Systems : Design Principles for Distributed Embedded Applications, Kluwer, 1997.
CIA Web site http://www.can-cia.org/can/protocol/
OSEK/VDX operating system specification V2.2.2 , http://www.osek- vdx.org/osekvdx_OS.html
OSEK/VDX Communication specification V3.0.3 , http://www.osek- vdx.org/mirror/OSEKCOM303.pdf
ITEA2 Timmo projectwww.timmo.org
Systèmes temps réel 1 & 2 Ed N. Navet , Hermès edition
Course 3 :