Depending on the physical structuring of large distributed safety-critical real-time systems, one can distinguish federated and integrated system architectures. This paper describes an integrated system architecture which combines the complexity management advantages of federated systems with the functional integration and hardware benefits of an integrated approach. In order to control complexity, the overall functionality is divided into a set of application subsystems, each with dedicated architectural communication services, allowing developers to act as if they were building an application for a federated architecture. The introduced architecture builds upon the validated services of a time-triggered core architecture, which provides a physical network as a shared resource for the communication activities of more than one application subsystem. The communication resources are encapsulated and multiplexed between application subsystems. In analogy, encapsulated partitions are used to share node computers among software modules of multiple application subsystems. Architectural encapsulation mechanisms ensure that the assumptions and abstractions performed in the functional system structuring also hold after combining the different subsystems on the target platform.
In Abhängigkeit der physikalischen Strukturierung von großen verteilten sicherheitskritischen Echtzeitsystemen können föderierte und integrierte Systemarchitekturen unterschieden werden. Diese Arbeit beschreibt eine integrierte Systemarchitektur, welche die Vorteile föderierter Architekturen in Bezug auf Komplexitätsmanagement mit den Vorteilen eines integrierten Ansatzes (d. h. bessere funktionale Integration und Ressourcenauslastung) vereint. Um die Komplexität des Gesamtsystems zu beherrschen, erfolgt eine Unterteilung in Applikationssubsysteme, die zudem mit spezifischen Architekturdiensten ausgestattet sind. Insbesondere werden die Kommunikationsdienste in deren Funktionalität und Zeitverhalten an die jeweiligen Applikationsanforderungen angepasst. Designer können das System daher in einer Weise entwickeln, wie dies eine föderierte Architektur gestatten würde. Die vorgestellte integrierte Systemarchitektur basiert auf den validierten Diensten einer zeitgesteuerten Kernarchitektur, wobei das physikalische Netzwerk eines einzelnen, verteilten zeitgesteuerten Computersystems als gemeinsame Ressource für die Kommunikationsaktivitäten mehrerer Applikationssubsysteme dient. Die Kommunikationsressourcen werden enkapsuliert und zwischen Applikationssubsystemen gemultiplext. Ebenso dienen enkapsulierte Partitionen innerhalb von Komponenten der Aufteilung von Komponentenressourcen (z. B. Prozessorzeit und Speicher) zwischen Softwaremodulen verschiedener Applikationssubsysteme. Die Enkapsulierungsmechanismen der Architektur auf Netzwerk- und Komponentenebene stellen sicher, dass die im Rahmen der funktionalen Systemstrukturierung getroffenen Annahmen und Abstraktionen auch nach der Integration der verschiedenen Subsysteme auf der Zielplattform halten.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Atkinson, R. (2002): COTS tools reduce the cost of embedded software certification. COTS Journal: 27–31.
Beal, D. et al. (2000): RTAI: Real-Time Application Interface. Linux Journal. April, 2000.
Birch, S. (2003): Pre-safe headlines S-Class revisions. Automotive Engineering International: 15–18.
Butler, R. W., Caldwell, J. L., Vito, B. L. Di. (1991): Design strategy for a formally verified reliable computing platform. In: Proceedings of the 6th Annual Conference on Systems Integrity, Software Safety and Process Security: 125–133.
Coulouris, G., Dollimore, J., Kindberg, T. (1994): Distributed systems: concepts and design. 2nd ed. Int. Computer Science Series. Reading, MA, USA: Addison-Wesley.
Cristian F. (1991): Understanding fault-tolerant distributed systems. Communications of the ACM, 34 (2): 56–78.
DECOS (2005): Virtual communication links and gateways – implementation of design tools and middleware services. Dependable Embedded Components and Systems (DECOS) Project Deliverable D2.2.3.
Deicke, A. (2002): The electrical/electronic diagnostic concept of the new 7 series. In: Convergence Int. Congress & Exposition On Transportation Electronics, Detroit, MI, USA. SAE.
DeLine, R. (1999): Resolving packaging mismatch. PhD thesis, Carnegie Mellon University, Computer Science Department, Pittsburgh.
Driscoll, K., Hoyme, K. (1993): SafeBus for avionics. IEEE Aerospace and Electronics Systems Magazine.
Hammett, R. (2003): Flight-critical distributed systems: design considerations [avionics]. IEEE Aerospace and Electronic Systems Magazine, 18 (6): 30–36.
Hansen (2002): The Hansen Report on Automotive Electronics, Portsmouth, NH, USA (www.hansenreport.com).
Hayhurst, K., Dorsey, C., Knight, J., Leveson, N., McCormick, G. (1999): Streamlining software aspects of certification: Report on the SSAC survey. Technical report, NASA Technical Memorandum 1999–209519.
Hexel, R. (1999): Validation of fault tolerance mechanisms in a time triggered communication protocol using fault injection. PhD Thesis. Technische Universität Wien, Institut für Technische Informatik.
Huber, B., Peti, P., Obermaisser, R., El Salloum, C. (2005): Using RTAI/LXRT for partitioning in a prototype implementation of the DECOS architecture. In: Proc. of the 3rd Int. Workshop on Intelligent Solutions in Embedded Systems (WISES). May, 2005.
Johnson, S. C., Butler, R. W. (1992): Design for validation. IEEE Aerospace and Electronic Systems Magazine, 7 (1): 38–43.
Kopetz, H. (1997): Real-time systems. Design principles for distributed embedded applications. Boston, Dordrecht, London: Kluwer Academic Publishers.
Kopetz, H. (1999): Elementary versus composite interfaces in distributed real-time systems. In: Proc. of ISADS'99, Tokyo, Japan.
Kopetz, H. (1999b): Specification of the TTP/C Protocol. TTTech. Schönbrunnerstraße 7, 1040 Vienna.
Kopetz, H. (2003): Fault containment and error detection in the time-triggered architecture. In: Proc. of the 6th Int. Symposium on Autonomous Decentralized Systems.
Kopetz, H., Bauer, G. (2003): The time-triggered architecture. IEEE Special Issue on Modeling and Design of Embedded Software.
Kopetz, H., Nossal, R. (1997): Temporal firewalls in large distributed real-time systems. In: Proc. of the 6th IEEE Workshop on Future Trends of Distributed Computing Systems.
Kopetz, H., Obermaisser, R., Peti, P., Suri, N. (2004): From a federated to an integrated architecture for dependable embedded systems. Technical Report 22/2004. Technische Universität Wien, Institut für Technische Informatik.
Kopetz, H., Ochsenreiter, W. (1987): Clock synchronization in distributed real time systems. IEEE Transactions on Computers.
Kopetz, H., Suri, N. (2003): Compositional design of RT systems: A conceptual basis for specification of linking interfaces. In: Proc. of the 6th IEEE Int. Symposium on Object-Oriented Real-Time Distributed Computing: 51–60.
Lala, J. H., Harper, R. E. (1994): Architectural principles for safety-critical real-time applications. In: Proc. of the IEEE, 82: 25–40.
Langley, NASA (2003): Formal methods site. (shemesh.larc.nasa.gov)
Leohold, J., Schmidt, C. (2004): Communication requirements of future driver assistance systems in automobiles. In: Proc. of the Int. Workshop on Factory Communication Systems: 167–174.
Leveson, N. G. (1986): Software safety: why, what, and how. ACM Comput. Surv., 18 (2): 125–163.
MOST Cooperation (2002): MOST Specification Version 2.2. MOST Cooperation, Karlsruhe, Germany. (www.mostnet.de).
Nicholson, M., Conmy, P., Bate, I., McDermid, J. (2000): Generating and maintaining a safety argument for integrated modular systems. In: Proc. of the 5th Australian Workshop on Safety Critical Systems and Software: 31–41.
Obermaisser, R., Peti, P. (2005): Specification and execution of gateways in integrated architectures. In: Proc. of the 10th IEEE Int. Conf. on Emerging Technologies and Factory Automation (ETFA'05): 689–698.
Obermaisser, R., Peti, P., Kopetz, H. (2005): Virtual networks in an integrated time-triggered architecture. In: Proc. of the 10th IEEE Int. Workshop on Object-oriented Real-time Dependable Systems.
Obermaisser, R., Peti, P., Kopetz, H. (2005b): Virtual gateways in the DECOS integrated architecture. In: Proc. of the Workshop on Parallel and Distributed Real-Time Systems.
OMG (2001): Model driven architecture. Technical Report document number ORMSC/2001-07-01, Object Management Group. (http://www.omg.org).
Peti, P., Obermaisser, R., Tagliabo, F., Marino, A., Cerchio, S. (2005): An integrated architecture for future car generations. In: Proc. of the 8th IEEE Int. Symposium on Object-Oriented Real-Time Distributed Computing.
Poledna, S., Maier, R., Bauer, G., Stöger, G. (2002): Time-triggered architecture: A consistent computing platform. IEEE Micro, 22 (4): 36–45.
Robert Bosch Gmbh (1991): CAN Specification, Version 2.0. Robert Bosch Gmbh, Stuttgart, Germany.
RTCA (1992): DO-178B: Software considerations in airborne systems and equipment certification. Radio Technical Commission for Aeronautics, Inc. (RTCA), Washington, DC.
Rushby, J. (1999): Partitioning for avionics architectures: Requirements, mechanisms, and assurance. NASA Contractor Report CR-1999-209347, NASA Langley Research Center. Also to be issued by the FAA.
Rushby, J. (2001): Bus architectures for safety-critical embedded systems. In: Henzinger, Tom and Kirsch, Christoph (eds.): In: Proc. of the 1st Workshop on Embedded Software (EMSOFT 2001), vol. 2211 of Lecture Notes in Computer Science: 306–323, Lake Tahoe, CA: Springer.
Rushby, J. (2001b): Modular certification. Technical report, Computer Science Laboratory SRI International, 333 Ravenswood Avenue, Menlo Park, CA 94025, USA.
Rushby, J. (2002): An overview of formal verification for the time-triggered architecture. In: Damm, W., Olderog, E.-R. (eds.): Formal techniques in real-time and fault-tolerant systems. Vol. 2469 of Lecture Notes in Computer Science. Oldenburg, Germany: Springer. 83–105.
Simon, H. A. (1996): The sciences of the artificial. MIT Press.
Swanson, D. L. (1998): Evolving avionics systems from federated to distributed architectures. In: Proc. of the 17th Digital Avionics Systems Conf. (DASC). Vol. 1: D26/1–D26/8. AIAA/IEEE/SAE.
Swingler, J., McBride, J. W. (1998): The synergistic relationship of stresses in the automotive connector. In: Proc. of the 19th Int. Conf. on Electric Contact Phenomena: 141–145.
Toyota (2004): A guide to hybrid synergy drive. Toyota Motor Corporation. Japan.
Walter, C. J., Hugue, M. M., Suri, Neeraj (1995): Advances in ultra-dependable distributed systems. IEEE Computer Society, 10662 Los Vaqueros Circle, Los Alamitos, CA 90720.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Obermaisser, R., Peti, P., Huber, B. et al. DECOS: an integrated time-triggered architecture. Elektrotech. Inftech. 123, 83–95 (2006). https://doi.org/10.1007/s00502-006-0323
Issue Date:
DOI: https://doi.org/10.1007/s00502-006-0323