Abstract
This paper discusses aspects of dependability of real-time communication. In particular, we consider timing behaviour under fault conditions for Controller Area Network (CAN) and the extension Time-triggered CAN (TTCAN) based on a time-driven schedule. We discuss the differences between these buses and their behaviour under electromagnetic interference. We present response timing analyses for CAN and TTCAN in the presence of transient network faults using a probabilistic fault model where random faults from electromagnetic interference occur. The CAN analysis provides a probability distribution of worst case response times for message frames. The results indicate that CAN may generally provide a higher probability of delivering messages on time than TTCAN. The CAN analysis result is used to discuss an approach to implementing a bus guardian for event-triggered systems.
Similar content being viewed by others
References
ARINC. 1993. Backplane Data Bus, ARINC 659. Aeronautical Radio Inc, Annapolis, Maryland, USA.
ARINC. 1996. ARINC Specification 629-4. Aeronautical Radio Ltd, Annapolis, Maryland, USA.
Bate, I. J. 1999. Scheduling and timing analysis for safety critical real-time systems. Ph.D. thesis, Department of Computer Science, University of York, York, YO10 5DD.
Belschner, R., Berwanger, J., Ebner, C., Eisele, H., Führer, S., Forest, T., Führer, T., Hartwich, F., Hedenetz, B., Hugel, R., Knapp, A., Krammer, J., Millsap, A., Müller, B., Peller, M., and Schedl, A. 2002. FlexRay Requirements Specification. FlexRay, www.flexray.com, v2.0.2 edition.
Bosch. 1991. CAN Specification. Bosch, Postfach 50, D-700 Stuttgart 1, version 2.0 edition.
Broster, I. 2003. Flexibility in dependable communication. Ph.D. thesis, Department of Computer Science, University of York, York, YO10 5DD, UK.
Broster, I., Bernat, G., and Burns, A. 2002a. Weakly hard real-time constraints on controller area network. In Proceedings of the 14th Euromicro Real-time Systems Conference. Vienna, Austria, pp. 134–141.
Broster, I. and Burns, A. 2001. The Babbling Idiot in Event-triggered Real-time Systems. In G. Fohler (ed.), Proceedings of the Work-In-Progress Session, 22nd IEEE Real-Time Systems Symposium, YCS 337, Department of Computer Science, University of York, pp. 25–28.
Broster, I., and Burns, A. 2003. An analysable bus-guardian for event-triggered communication. In Proceedings of the 24th Real-time Systems Symposium. Cancun, Mexico, IEEE, pp. 410–419.
Broster, I., Burns, A., and Rodríguez-Navas, G. 2002b. Probabilistic analysis of CAN with faults. In Proceedings of the 23rd Real-time Systems Symposium. Austin, Texas, pp. 269–278.
Broster, I., Burns, A., and Rodríuez-Navas, G. 2004. Comparing real-time communication under electromagnetic interference. In Proceedings of the 16th Euromicro Conference on Real-Time Systems (ECRTS 04). Catania, Sicily, Italy, IEEE.
Buckingham, M. J. 1983. Noise in Electronic Devices and Systems, Series in Electrical and Electronic Engineering. Ellis Horwood/Wiley.
Burns, A. 2002. Real-time systems. In Encyclopedia of Physical Science and Technology, Vol. 14. Academic Press, pp. 45–54.
Burns, A., Punnekkat, S., Strigini, L., and Wright, D. 1998. Probabilistic scheduling guarantees for fault-tolerant real-time systems. Technical Report YCS-311, Department of Computer Science, University of York.
Ferreira, J., Oliveira, A., Fonseca, P., and Fonseca, J. 2004. An experiment to assess bit error rate in CAN. In L. Almeida (ed.), Proceedings of the 3rd international workshop on Real-time Networks (RTN). Catania, Sicily.
Führer, T., Muller, B., Dieterle, W., Hartwich, F., Hugel, R., and Walther, M. 2000. Time Triggered Communication on CAN. Technical report, Robert Bosch GmbH. Available from http://www.can.bosch.com/..
Hansen, P. 2002. FlexRay Protocol Picks Up Support. The Hansen Report on Automotive Electronics 15(2). www.hansenreport.com.
Hartwich, F., Muller, B., Führer, T., and Hugel, R. 2000. CAN network with time-triggered communication. In 7th international CAN Conference.
Helfrick, A. 1996. Avionics & Portable Electronics: Trouble in the Air? Avionics News Magazine.
Hopkins, A. L., Smith, T. B., and Lala, J. H. 1978. FTMP—A highly reliable fault-tolerant multiprocessor for aircraft. Proceedings of the IEEE 66(10): 1221–1239.
IEE. 2000. EMC and functional safety. IEE guidance document, IEE. Available from http://www.iee.org.uk/PAB/EMC/core.htm..
ISO-11898. 1993. ‘ISO 11898. Road Vehicles—Interchange of digital information—Controller area network (CAN) for high speed communication.’ International Standards Organisation.
Kim, H. and Shin, K. G. 1993. Modeling of externally-induced/common-cause faults in fault-tolerant systems. Technical report, Real-time Computing Lab, Department of Electrical Engineering and Computer Science, University of Michigan.
Kopetz, H. 1994. A solution to an automotive control system benchmark. In Proc. 15th IEEE Real-Time Systems Symposium. Puerto Rico, pp. 154–158.
Kopetz, H. 1997. Real-Time Systems: Design Principles for Distributed Embedded Applications. Kluwer Academic.
Kopetz, H. 1998a. A comparison of CAN and TTP. Technical Report 1998, Technishe Universitat Wien, Austria.
Kopetz, H. 1998b. Time-triggered model of computation. In Proceedings 19th Real-Time Systems Symposium. Madrid, Spain, pp. 168–177.
Kopetz, H. 2004. On the fault hypothesis for a safety-critical real-time system. In Proceedings of the Automotive Software Workshop. San Diego.
Ladkin, P. B. 1997. Electromagnetic interference with aircraft systems: why worry? Technical Report RVS-J-97-03, University of Bielefeld—Faculty of Technology.
Leen, G. and Heffernan, D. 2002. Expanding automotive electronic systems. IEEE Computer 0018-9162/02: 88–93.
Lima, G. M. A. 2003. Fault tolerance in fixed-priority hard real-time distributed systems. Ph.D. thesis, Department of Computer Science, University of York, York, YO10 5DD, UK.
Lima, G. M. A., and Burns, A. 2003. A consensus protocol for CAN-based systems. In Proceedings of the 24th Real-time Systems Symposium. Cancun, Mexico, IEEE, pp. 420–429.
Littlewood, B., and Wright, D. 1997. Some conservative stopping rules for the operational testing of safety-critical software. Software Engineering 23(11): 673–683.
Müller, B., Führer, T., Hartwich, F., Hugel, R., and Weiler, H. 2002. Fault tolerant TTCAN networks. In Proceedings of the 8th International CAN Conference (iCC). Las Vegas, USA.
Navet, N., Song, Y.-Q., and Simonot, F., 2000. Worst-case deadline failure probability in real-time applications distributed over controller area network. Journal of Systems Architecture 46(1): 607–617.
Nolte, T., Hansson, H., Norström, C., and Punnekkat, S. 2001. Using bit-stuffing distributions in CAN analysis. In IEEE Real-Time Embedded Systems Workshop at the Real-Time Systems Symposium. London, UK.
Pinho, L. M., Vasques, F., and Tovar, E. 2000. Integrating inaccessibility in response time analysis of CAN networks. In Proceedings of the 3rd IEEE Workshop On Factory Communication Systems. Porto, Portugal, pp. 77–84.
Powell, D. 1991. Delta-4: A generic architecture for dependable distributed computing. No. 818/2252 in Research Reports, ESPRIT 818/2252. Springer-Verlag. ISBN 3-540-54985-4.
Proenza, J., and Miro-Julia, J. 2000. MajorCAN: A modification to the controller area network protocol to achieve atomic broadcast. In IEEE Int. Workshop on Group Communications and Computations (IWGCC). Taipei, Taiwan.
Punnekkat, S., Hansson, H., and Norström, C. 2000. Response time analysis under errors for CAN. In Proceedings of the 6th Real-Time Technology and Applications Symposium (RTAS). Washington DC, IEEE, pp. 258–265.
Rodríguez-Navas, G., Barranco, M., and Proenza, J. 2003. Harmonizing dependability and real time in can networks. In L. L. Bello (ed.), Proceedings of the 2nd International Workshop on Real-Time LANs in the Internet Age (RTLIA). Porto, Portugal.
Rufino, J. 2002. Computational system for real-time distributed control. Ph.D. thesis, Universidade T’cnica de Lisboa Instito Superior T’cnico.
Rufino, J., Veríssimo, P., and Arroz, G. 1999. Embedded platforms for distributed real-time computing: Challenges and results. In Proceedings of the 2nd International Symposium on Object-Oriented Real-time Distributed Computing. Saint Malo, France, IEEE, pp. 147–152.
SAE. 1993. Class C application requirement considerations. Technical Report J2056/1, Society of Automotive Engineers.
Sidi, M., Liu, M. Z., Cidon, I., and Gopal, I. 1989. Congestion control through input rate regulation. In Proc. Global Telecommunications Conference.
Sloane, N. J. A. 2003. Sequence A000108—Catalan Numbers. Available from http://www.research.att.com/ njas/ sequences/Seis.html.. On-Line Encyclopedia of Integer Sequences.
Temple, C. 1998. Avoiding the babbling-idiot failure in a time-triggered communication system. In Proceedings 28th Annual International Fault Tolerant Computing Symposium, FTCS’98.
Tindell, K., and Burns, A. 1994. Guaranteed message latencies for distributed safety-critical hard real-time networks. Technical Report YCS 229, Department of Computer Science, University of York.
Tindell, K., Burns, A., and Wellings, A. J. 1995. Calculating controller area network (CAN) message response times. Control Engineering Practice 3(8): 1163–1169.
Tindell, K., and Hansson, H. 1995. Babbling idiots, the dual-priority protocol, and smart CAN controllers. In Proceedings of the 2nd International CAN Conference. pp. 7.22–28.
TTP. 1999. TTP/C protocol specification. Technical report, TTTech Computertechnik, Wien, Austria.
Veríssimo, P., Rufino, J., and Ming, L. 1997. How hard is hard real-time communication on field-buses? In Digest of Papers, The 27th International Symposium on Fault-Tolerant Computing Systems. Seatle, Washington, USA, pp. 112–121.
Author information
Authors and Affiliations
Corresponding author
Additional information
Ian Broster is a research associate at the University of York, his research includes real-time communication and work on the CAN protocol. Current research focuses on next-generation flexible scheduling for real-time operating systems. His research interests include probabilistic analysis, timing analysis of non-deterministic systems, flexible scheduling, real-time communication, simulation and modelling. He received his M.Eng. degree in 1999 and a Ph.D. in 2003 for his work on flexible real-time communication at the University of York, U.K.
Alan Burns has worked for many years on a number of different aspects of real-time systems engineering. He graduated in 1974 in Mathematics from Sheffield University; he then took a D.Phil, in the Computer Science Department at the University of York. After a short period of employment at UKAEA Research Centre, Harwell, he was appointed to a lectureship at Bradford University in 1979. He was subsequently promoted to Senior Lecturer in 1986. In January 1990 he took up a Readership at the University of York in the Computer Science Department. During 1994 he was promoted to a Personal Chair. In 1999 he became Head of the Computer Science Department at York.
Guillermo Rodríguez-Navas holds a degree in Telecommunication Engineering by the University of Vigo, Spain. He is currently doing a Ph.D. in Computer Science at the University of the Balearic Islands, Spain. He is also a member of the System, Robotics and Vision (SRV) research group at this university. His research is focused on dependable and real-time distributed embedded systems. In particular, he has addressed various issues related to the Controller Area Network (CAN) field bus, such as fault tolerance, clock synchronization and response time analysis.
Rights and permissions
About this article
Cite this article
Broster, I., Burns, A. & RodrÍguez-Navas, G. Timing Analysis of Real-Time Communication Under Electromagnetic Interference. Real-Time Syst 30, 55–81 (2005). https://doi.org/10.1007/s11241-005-0504-z
Issue Date:
DOI: https://doi.org/10.1007/s11241-005-0504-z