Time-Triggered Communication (Embedded Systems)

Time-Triggered Communication helps readers build an understanding of the conceptual foundation, operation, and application of time-triggered communication, which is widely used for embedded systems in a diverse range of industries. This book assembles contributions from experts that examine the differences and commonalities of the most significant protocols including: TTP, FlexRay, TTEthernet, SAFEbus, TTCAN, and LIN. Covering the spectrum, from low-cost time-triggered fieldbus networks to ultra-reliable time-triggered networks used for safety-critical applications, the authors illustrate the inherent benefits of time-triggered communication in terms of predictability, complexity management, fault-tolerance, and analytical dependability modeling, which are key aspects of safety-critical systems. Examples covered include FlexRay in cars, TTP in railway and avionic systems, and TTEthernet in aerospace applications. Illustrating key concepts based on real-world industrial applications, this book: Details the underlying concepts and principles of time-triggered communication Explores the properties of a time-triggered communication system, contrasting its strengths and weaknesses Focuses on the core algorithms applied in many systems, including those used for clock synchronization, startup, membership, and fault isolation Describes the protocols that incorporate presented algorithms Covers tooling requirements and solutions for system integration, including scheduling The information in this book will be extremely useful to industry leaders who design and manufacture products with distributed embedded systems based on time-triggered communication. It will also benefit suppliers of embedded components or development tools used in this area. As an educational tool, this material can be used to teach students and working professionals in areas including embedded systems, computer networks, system architectures, dependability, real-time systems, and automotive, avionics, and industrial control systems. Contents......Page 6 List of Figures......Page 18 List of Tables......Page 24 Editor ......Page 26 Contributors......Page 28 1. Introduction......Page 29 1.1 Scope of the Book......Page 30 1.2 Structure of the Book......Page 31 2. Basic Concepts and Principles of Time-Triggered Communication......Page 33 2.2 System Structure......Page 34 2.3 Concepts of Dependability......Page 37 2.3.3 Failure Modes......Page 38 2.3.4 Fault Hypothesis......Page 39 2.4 Global Time and State......Page 40 2.4.1 Time and Clocks......Page 41 2.4.2 Precision and Accuracy......Page 43 2.4.3 Global Time......Page 44 2.4.4 Sparse Time......Page 45 2.4.5 State of a System......Page 47 2.5.1.1 Event Triggers......Page 48 2.5.3 Temporal Firewall......Page 49 2.5.4 Transport Protocols......Page 50 2.5.5 Flow Control......Page 51 3. Properties of Time-Triggered Communication Systems......Page 53 3.1 Introduction......Page 54 3.2.1 Component-Based Design......Page 55 3.2.2 Component Interfaces......Page 56 3.2.3 Linking Interface Specification......Page 58 3.2.4 Composition of Nodes......Page 59 3.3.1 The Concept of Determinism......Page 61 3.3.2 Replica Determinism......Page 62 3.3.3 Building a Replica Determinate System......Page 64 3.4 Diagnosability......Page 65 3.4.1 Detection of Errors and Anomalies......Page 66 3.4.2 Decision Making – Analysis of Diagnostic Information......Page 67 3.4.3 Use of Diagnostic Information and Analysis Results......Page 68 3.5.1 Safety Case......Page 69 3.5.3 Certification in Application Domains......Page 71 3.5.4 Time-Triggered Communication Protocols and Certification......Page 72 3.6 Fault Containment and Error Containment......Page 73 3.6.2 Strict Control on Node Interactions......Page 74 3.6.4 Recovery and Repair......Page 75 3.7.1 Periodic, Sporadic and Aperiodic Messages......Page 76 3.7.2 Performance Attributes......Page 77 4. Core Algorithms......Page 81 4.1 Introduction......Page 82 4.2 Clock Synchronization......Page 83 4.2.1 Principle of Operation of Clock Synchronization......Page 84 4.2.2 Classifications of Clock Synchronization Algorithms......Page 87 4.2.4 Related Work on Clock Synchronization Algorithms......Page 89 4.2.5 Time Standards and Sources......Page 93 4.2.6 Time Aspects from an Application-Specific View......Page 95 4.3.1 Introduction and Overview......Page 96 4.3.2 Startup......Page 98 4.3.3 Restart......Page 105 4.4 Integration of Event-Triggered and Time-Triggered Communication......Page 108 4.4.1 Integration of Event-Triggered and Time-TriggeredCommunication at MAC Layer......Page 109 4.4.2 Event-Triggered Overlay Networks......Page 111 4.4.3 Generic Event Service......Page 112 4.5.1 Error Detection......Page 116 4.5.2 Membership Agreement......Page 118 5. Time-Triggered Protocol (TTP/C)......Page 121 5.1 Protocol Overview......Page 122 5.2 Protocol Services......Page 123 5.2.1 Communication Services......Page 124 5.2.2 Clock Synchronization......Page 127 5.2.3 Restart, Re-Integration, Integration......Page 128 5.2.4 Diagnostic Services......Page 129 5.2.5 Fault Isolation......Page 132 5.2.6 Configuration Services......Page 134 5.3.1 Message Descriptor List......Page 136 5.4.1 Status Area......Page 138 5.4.2 Control Area......Page 141 5.5 Protocol States......Page 142 5.6.1 Formal Analysis of Clock Synchronization Algorithm......Page 144 5.6.3 Formal Analysis of Membership Service and Clique Avoidance......Page 145 5.6.4 Fault Injection Experiments......Page 146 5.7 Example Configurations and Implementations......Page 147 6. FlexRay......Page 149 6.2.1 Communication Services......Page 150 6.2.2 Protocol Operation Control......Page 158 6.2.3 Clock Synchronization......Page 160 6.2.4 Wakeup and Startup......Page 162 6.3.2 Bus Guardians......Page 165 6.3.3 Checks on the Reception of a Frame......Page 167 6.4.1 Cluster Parameters......Page 168 6.4.2 Node Parameters......Page 169 6.5.1 Overview of the E-Ray IP Module......Page 170 6.5.2 Programmers Model......Page 172 6.6.1 Topology and Layout of a FlexRay Network......Page 176 7. SAFEbus......Page 181 7.1.1 Background......Page 182 7.2 Protocol Overview......Page 183 7.3.1 Communication Services......Page 185 7.3.2 Clock Synchronization......Page 191 7.3.3 Restart, Re-Integration, Integration......Page 192 7.3.4 Diagnostic Services......Page 197 7.3.5 Fault Isolation......Page 198 7.3.6 Configuration Services......Page 200 7.3.7 Protocol Parameterization......Page 201 7.4 Communication Interface......Page 204 7.6 Example Configurations and Implementations......Page 206 8. Time-Triggered Ethernet......Page 209 8.1 Protocol Overview......Page 210 8.2 Protocol Services......Page 212 8.2.1 Communication Services......Page 213 8.2.2 Clock Synchronization......Page 224 8.2.3 Startup and Restart......Page 229 8.2.4 Diagnostic Services......Page 234 8.2.5 Fault Isolation......Page 235 8.3.1 Physical Topology......Page 238 8.3.3 Dataflow Parameterization......Page 239 8.4 Communication Interface......Page 241 8.5.1 Formal Verification and Analysis......Page 242 8.5.3 Model-Based Testing......Page 243 8.6.1 Configurations......Page 244 8.6.2 Implementations......Page 247 9.1 Protocol Overview......Page 249 9.2.1 Communication Services......Page 250 9.2.2 Clock Synchronization......Page 252 9.2.3 Sending and Receiving Messages in TTCAN......Page 257 9.2.4 Restart, Re-Integration, Integration......Page 258 9.2.5 Diagnostic Services......Page 260 9.2.6 Error Detection and Fault Isolation......Page 262 9.2.7 Configuration Services......Page 266 9.3 Protocol Parameterization......Page 267 9.4 Communication Interface......Page 269 9.5 Validation and Verification Efforts......Page 270 9.6 Example Configurations and Implementations......Page 271 10.1 Protocol Overview......Page 273 10.2.1 Communication Services......Page 274 10.3 LIN 2.x......Page 275 10.3.3 Diagnostic Services......Page 276 10.3.4 Error Detection and Fault Isolation......Page 277 10.3.5 Configuration Services and Protocol Parameterization......Page 278 10.4 Communication Interface......Page 280 10.6 Example Configurations and Implementations......Page 281 11. TTP/A......Page 283 11.3 Interface File System (IFS)......Page 284 11.4.1 Communication Services......Page 287 11.4.2 Clock Synchronization......Page 289 11.4.4 Diagnostic Services......Page 290 11.4.6 Configuration Services and Protocol Parameterization......Page 291 11.5 Communication Interface......Page 292 11.7.1 TTP/A Slave Nodes......Page 293 11.7.2 TTP/A Master......Page 294 12. BRAIN......Page 297 12.1.1 Development History and Design Goals......Page 298 12.1.2 Minimal Overhead Replication and Input Agreement......Page 301 12.2.1 High-Integrity Data Propagation......Page 302 12.2.2 Clock Synchronization, Startup and Clique Resolution......Page 307 12.3.1 Time-Triggered Sequenced Guardian Roles......Page 314 12.3.2 Asynchronous Guardian Roles......Page 317 12.4.1 Host Task Set Agreement......Page 319 12.6 Example Configurations, Implementations and Deployment Considerations......Page 320 13.1 Protocol Overview......Page 323 13.2.2 Clock Synchronization, Restart, Re-Integration and Integration......Page 324 13.2.4 Fault Isolation......Page 327 13.4 Communication Interface......Page 328 13.6 Example Configurations and Implementations......Page 329 14. Industrial Applications......Page 331 14.2 Time-Triggered Communication in Aerospace......Page 332 14.2.1 Requirements......Page 333 14.2.2 A General Discussion of Time-Triggered Communication to Meet Requirements......Page 339 14.2.3 Use of Time-Triggered Communication Networks in Aerospace and Space......Page 343 14.3 Time-Triggered Communication in Automotive Applications......Page 361 14.3.1 Typical Design of Automotive Applications......Page 365 14.3.2 Migration from CAN to FlexRay......Page 367 14.3.3 Practical Experience with the Time-Triggered Approach in Automotive Subsystems......Page 373 14.4.1 Railway Applications......Page 374 14.4.2 Requirements on Railway Applications......Page 376 14.4.3 Requirements on Communication Systems......Page 377 14.4.4 Generic System Architecture......Page 378 14.4.5 Application of Time-Triggered Protocols in the Railway Domain......Page 383 14.4.6 Safety Concept......Page 385 14.4.7 Conclusion and Outlook......Page 387 15. Development Tools......Page 389 15.1 Introduction......Page 391 15.2 Design Tasks......Page 393 15.3 Schedule Generation......Page 396 15.3.1 Requirements and Application Model......Page 399 15.3.2 Scheduling Complexity and Scheduling Strategies......Page 402 15.3.3 Schedule Visualization......Page 411 15.4 Holistic Scheduling and Optimization......Page 419 15.4.1 System Model......Page 420 15.4.2 The FlexRay Communication Protocol......Page 421 15.4.3 Timing Analysis......Page 424 15.4.4 Bus Access Optimization......Page 430 15.5 Incremental Design......Page 436 15.5.1 Preliminaries......Page 438 15.5.2 Problem Formulation......Page 442 15.5.3 Characterizing Existing and Future Applications......Page 444 15.5.4 Quality Metrics and Objective Function......Page 447 15.5.5 Mapping and Scheduling Strategy......Page 450 15.5.6 Experimental Results......Page 459 15.6.1 Software Architecture......Page 465 15.6.2 Optimization Problem......Page 466 15.6.3 Schedulability Analysis......Page 467 15.6.4 Optimization Strategy......Page 474 15.6.5 Experimental Results......Page 480 15.7 Configuration and Code Generation......Page 483 15.7.1 Communication Configuration......Page 484 15.7.2 Middleware Configuration......Page 486 15.7.3 Code Generation......Page 496 15.7.4 Configuration of Third-Party Software......Page 504 15.8 Verification......Page 505 15.8.1 Process Requirements......Page 506 15.8.2 Verification Best Practices......Page 510 15.8.3 Verification Tooling Approach......Page 514 Bibliography......Page 523 A......Page 551 B......Page 552 C......Page 553 D......Page 557 E......Page 558 F......Page 560 G......Page 561 I......Page 562 L......Page 563 M......Page 564 P......Page 566 R......Page 567 S......Page 568 T......Page 571 V......Page 574 Z......Page 575 **Time-Triggered Communication** helps readers build an understanding of the conceptual foundation, operation, and application of time-triggered communication, which is widely used for embedded systems in a diverse range of industries. This book assembles contributions from experts that examine the differences and commonalities of the most significant protocols including: TTP, FlexRay, TTEthernet, SAFEbus, TTCAN, and LIN. Covering the spectrum, from low-cost time-triggered fieldbus networks to ultra-reliable time-triggered networks used for safety-critical applications, the authors illustrate the inherent benefits of time-triggered communication in terms of predictability, complexity management, fault-tolerance, and analytical dependability modeling, which are key aspects of safety-critical systems. Examples covered include FlexRay in cars, TTP in railway and avionic systems, and TTEthernet in aerospace applications. Illustrating key concepts based on real-world industrial applications, this book: * Details the underlying concepts and principles of time-triggered communication * Explores the properties of a time-triggered communication system, contrasting its strengths and weaknesses * Focuses on the core algorithms applied in many systems, including those used for clock synchronization, startup, membership, and fault isolation * Describes the protocols that incorporate presented algorithms * Covers tooling requirements and solutions for system integration, including scheduling The information in this book is extremely useful to industry leaders who design and manufacture products with distributed embedded systems based on time-triggered communication. It also benefits suppliers of embedded components or development tools used in this area. As an educational tool, this material can be used to teach students and working professionals in areas including embedded systems, computer networks, system architectures, dependability, real-time systems, and automotive, avionics, and industrial control systems. "Addressing key concepts, properties, and algorithms, this book offers a conceptual foundation of time-triggered communication. Contributions from experts help readers understand the various time-triggered communication protocols, including their differences and commonalities. Communication protocols covered include TTP, FlexRay, TTEthemet, SAFEbus, TTCAN and LIN. Protocols range from low-cost time-triggered fieldbus networks to ultra-reliable time-triggered networks for safety-critical applications. The text also presents information about the use of FlexRay in cars, TTP in railway and avionic systems, and TTEthemet in aerospace applications"-- "Embedded computers are by far the most common type of computer in use today. Ninety-eight percent of all computing devices are embedded in different kinds of electronic equipment such as automotive, industrial automation, telecommunications, consumer electronics and health/medical systems. Due to the many different and, partially, contradicting requirements, there exists no single model for building embedded systems. Well-known tradeoffs are predictability versus flexibility or resource adequacy versus best-effort strategies. Therefore, the chosen system model depends strongly on the requirements of the application"-- "Embedded computers are by far the most common type of computer in use today. Ninety-eight percent of all computing devices are embedded in different kinds of electronic equipment such as automotive, industrial automation, telecommunications, consumer electronics and health/medical systems. Due to the many different and, partially, contradicting requirements, there exists no single model for building embedded systems. Well-known tradeoffs are predictability versus flexibility or resource adequacy versus best-effort strategies. Therefore, the chosen system model depends strongly on the requirements of the application"-- Provided by publisher