280 research outputs found
Safety-Critical Communication in Avionics
The aircraft of today use electrical fly-by-wire systems for manoeuvring. These safety-critical distributed systems are called flight control systems and put high requirements on the communication networks that interconnect the parts of the systems. Reliability, predictability, flexibility, low weight and cost are important factors that all need to be taken in to consideration when designing a safety-critical communication system. In this thesis certification issues, requirements in avionics, fault management, protocols and topologies for safety-critical communication systems in avionics are discussed and investigated. The protocols that are investigated in this thesis are: TTP/C, FlexRay and AFDX, as a reference protocol MIL-STD-1553 is used. As reference architecture analogue point-to-point is used. The protocols are described and evaluated regarding features such as services, maturity, supported physical layers and topologies.Pros and cons with each protocol are then illustrated by a theoretical implementation of a flight control system that uses each protocol for the highly critical communication between sensors, actuators and flight computers.The results show that from a theoretical point of view TTP/C could be used as a replacement for a point-to-point flight control system. However, there are a number of issues regarding the physical layer that needs to be examined. Finally a TTP/C cluster has been implemented and basic functionality tests have been conducted. The plan was to perform tests on delays, start-up time and reintegration time but the time to acquire the proper hardware for these tests exceeded the time for the thesis work. More advanced testing will be continued here at Saab beyond the time frame of this thesis
Implementation of RTOS to the WSN node
Bezdrátové senzorické sieťe zväčša používajú `event-driven` operačné systémy. Táto práca diskutuje výhody nevýhody použitia RTOS v bezdrátových senzorických sieťach. Najvhodnejší RTOS je vybratý a sú podniknuté všetky kroky aby bolo možne demonštrovať schopnosť mikrokontrolérov Gecko od EnergyMicro prevádzkovať tento RTOS s nízkou spotrebou energie a demonštrovať jednoduchú bezdrátovú komunikáciu s Atmel AT86RF212 rádiami.Wireless sensors networks mostly use event-driven OSes. This works discusses pros and cons of using RTOS in wirless sensors networks. A most appropriate RTOS is chosen and all necessary steps are undergone to demonstrate EnergyMicro Gecko MCU's ability to run the RTOS with low energy consumption and demonstrate wireless simple communication with Atmel AT86RF212 radios.
Tolerância a falhas em sistemas de comunicação de tempo-real flexíveis
Nas últimas décadas, os sistemas embutidos distribuídos, têm sido usados em
variados domínios de aplicação, desde o controlo de processos industriais até
ao controlo de aviões e automóveis, sendo expectável que esta tendência se
mantenha e até se intensifique durante os próximos anos.
Os requisitos de confiabilidade de algumas destas aplicações são
extremamente importantes, visto que o não cumprimento de serviços de uma
forma previsível e pontual pode causar graves danos económicos ou até pôr
em risco vidas humanas.
A adopção das melhores práticas de projecto no desenvolvimento destes
sistemas não elimina, por si só, a ocorrência de falhas causadas pelo
comportamento não determinístico do ambiente onde o sistema embutido
distribuído operará. Desta forma, é necessário incluir mecanismos de
tolerância a falhas que impeçam que eventuais falhas possam comprometer
todo o sistema.
Contudo, para serem eficazes, os mecanismos de tolerância a falhas
necessitam ter conhecimento a priori do comportamento correcto do sistema
de modo a poderem ser capazes de distinguir os modos correctos de
funcionamento dos incorrectos.
Tradicionalmente, quando se projectam mecanismos de tolerância a falhas, o
conhecimento a priori significa que todos os possíveis modos de
funcionamento são conhecidos na fase de projecto, não os podendo adaptar
nem fazer evoluir durante a operação do sistema. Como consequência, os
sistemas projectados de acordo com este princípio ou são completamente
estáticos ou permitem apenas um pequeno número de modos de operação.
Contudo, é desejável que os sistemas disponham de alguma flexibilidade de
modo a suportarem a evolução dos requisitos durante a fase de operação,
simplificar a manutenção e reparação, bem como melhorar a eficiência usando
apenas os recursos do sistema que são efectivamente necessários em cada
instante. Além disto, esta eficiência pode ter um impacto positivo no custo do
sistema, em virtude deste poder disponibilizar mais funcionalidades com o
mesmo custo ou a mesma funcionalidade a um menor custo.
Porém, flexibilidade e confiabilidade têm sido encarados como conceitos
conflituais.
Isto deve-se ao facto de flexibilidade implicar a capacidade de permitir a
evolução dos requisitos que, por sua vez, podem levar a cenários de operação
imprevisíveis e possivelmente inseguros. Desta fora, é comummente aceite
que apenas um sistema completamente estático pode ser tornado confiável, o
que significa que todos os aspectos operacionais têm de ser completamente
definidos durante a fase de projecto.
Num sentido lato, esta constatação é verdadeira. Contudo, se os modos como
o sistema se adapta a requisitos evolutivos puderem ser restringidos e
controlados, então talvez seja possível garantir a confiabilidade permanente
apesar das alterações aos requisitos durante a fase de operação.
A tese suportada por esta dissertação defende que é possível flexibilizar um
sistema, dentro de limites bem definidos, sem comprometer a sua
confiabilidade e propõe alguns mecanismos que permitem a construção de
sistemas de segurança crítica baseados no protocolo Controller Area Network
(CAN). Mais concretamente, o foco principal deste trabalho incide sobre o
protocolo Flexible Time-Triggered CAN (FTT-CAN), que foi especialmente
desenvolvido para disponibilizar um grande nível de flexibilidade operacional
combinando, não só as vantagens dos paradigmas de transmissão de
mensagens baseados em eventos e em tempo, mas também a flexibilidade
associada ao escalonamento dinâmico do tráfego cuja transmissão é
despoletada apenas pela evolução do tempo.
Este facto condiciona e torna mais complexo o desenvolvimento de
mecanismos de tolerância a falhas para FTT-CAN do que para outros
protocolos como por exemplo, TTCAN ou FlexRay, nos quais existe um
conhecimento estático, antecipado e comum a todos os nodos, do
escalonamento de mensagens cuja transmissão é despoletada pela evolução
do tempo.
Contudo, e apesar desta complexidade adicional, este trabalho demonstra que
é possível construir mecanismos de tolerância a falhas para FTT-CAN
preservando a sua flexibilidade operacional.
É também defendido nesta dissertação que um sistema baseado no protocolo
FTT-CAN e equipado com os mecanismos de tolerância a falhas propostos é
passível de ser usado em aplicações de segurança crítica.
Esta afirmação é suportada, no âmbito do protocolo FTT-CAN, através da
definição de uma arquitectura tolerante a falhas integrando nodos com modos
de falha tipo falha-silêncio e nodos mestre replicados.
Os vários problemas resultantes da replicação dos nodos mestre são, também
eles, analisados e várias soluções são propostas para os obviar.
Concretamente, é proposto um protocolo que garante a consistência das
estruturas de dados replicadas a quando da sua actualização e um outro
protocolo que permite a transferência dessas estruturas de dados para um
nodo mestre que se encontre não sincronizado com os restantes depois de
inicializado ou reinicializado de modo assíncrono.
Além disto, esta dissertação também discute o projecto de nodos FTT-CAN
que exibam um modo de falha do tipo falha-silêncio e propõe duas soluções
baseadas em componentes de hardware localizados no interface de rede de
cada nodo, para resolver este problema. Uma das soluções propostas baseiase
em bus guardians que permitem a imposição de comportamento falhasilêncio
nos nodos escravos e suportam o escalonamento dinâmico de tráfego
na rede. A outra solução baseia-se num interface de rede que arbitra o acesso
de dois microprocessadores ao barramento. Este interface permite que a
replicação interna de um nodo seja efectuada de forma transparente e
assegura um comportamento falha-silêncio quer no domínio temporal quer no
domínio do valor ao permitir transmissões do nodo apenas quando ambas as
réplicas coincidam no conteúdo das mensagens e nos instantes de
transmissão. Esta última solução está mais adaptada para ser usada nos
nodos mestre, contudo também poderá ser usada nos nodos escravo, sempre
que tal se revele fundamental.Distributed embedded systems (DES) have been widely used in the last few
decades in several application fields, ranging from industrial process control to
avionics and automotive systems. In fact, it is expectable that this trend will
continue over the years to come.
In some of these application domains the dependability requirements are of
utmost importance since failing to provide services in a timely and predictable
manner may cause important economic losses or even put human life in risk.
The adoption of the best practices in the design of distributed embedded
systems does not fully avoid the occurrence of faults, arising from the nondeterministic
behavior of the environment where each particular DES operates.
Thus, fault-tolerance mechanisms need to be included in the DES to prevent
possible faults leading to system failure.
To be effective, fault-tolerance mechanisms require an a priori knowledge of
the correct system behavior to be capable of distinguishing them from the
erroneous ones.
Traditionally, when designing fault-tolerance mechanisms, the a priori
knowledge means that all possible operational modes are known at system
design time and cannot adapt nor evolve during runtime. As a consequence,
systems designed according to this principle are either fully static or allow a
small number of operational modes only. Flexibility, however, is a desired
property in a system in order to support evolving requirements, simplify
maintenance and repair, and improve the efficiency in using system resources
by using only the resources that are effectively required at each instant. This
efficiency might impact positively on the system cost because with the same
resources one can add more functionality or one can offer the same
functionality with fewer resources.
However, flexibility and dependability are often regarded as conflicting
concepts. This is so because flexibility implies the ability to deal with evolving
requirements that, in turn, can lead to unpredictable and possibly unsafe
operating scenarios. Therefore, it is commonly accepted that only a fully static
system can be made dependable, meaning that all operating conditions are
completely defined at pre-runtime.
In the broad sense and assuming unbounded flexibility this assessment is true,
but if one restricts and controls the ways the system could adapt to evolving
requirements, then it might be possible to enforce continuous dependability.
This thesis claims that it is possible to provide a bounded degree of flexibility
without compromising dependability and proposes some mechanisms to build
safety-critical systems based on the Controller Area Network (CAN).
In particular, the main focus of this work is the Flexible Time-Triggered CAN
protocol (FTT-CAN), which was specifically developed to provide such high
level of operational flexibility, not only combining the advantages of time- and
event-triggered paradigms but also providing flexibility to the time-triggered
traffic. This fact makes the development of fault-tolerant mechanisms more
complex in FTT-CAN than in other protocols, such as TTCAN or FlexRay, in
which there is a priori static common knowledge of the time-triggered message
schedule shared by all nodes. Nevertheless, as it is demonstrated in this work,
it is possible to build fault-tolerant mechanisms for FTT-CAN that preserve its
high level of operational flexibility, particularly concerning the time-triggered
traffic. With such mechanisms it is argued that FTT-CAN is suitable for safetycritical
applications, too.
This claim was validated in the scope of the FTT-CAN protocol by presenting a
fault-tolerant system architecture with replicated masters and fail-silent nodes.
The specific problems and mechanisms related with master replication,
particularly a protocol to enforce consistency during updates of replicated data
structures and another protocol to transfer these data structures to an
unsynchronized node upon asynchronous startup or restart, are also
addressed.
Moreover, this thesis also discusses the implementations of fail-silence in FTTCAN
nodes and proposes two solutions, both based on hardware components
that are attached to the node network interface. One solution relies on bus
guardians that allow enforcing fail-silence in the time domain. These bus
guardians are adapted to support dynamic traffic scheduling and are fit for use
in FTT-CAN slave nodes, only. The other solution relies on a special network
interface, with duplicated microprocessor interface, that supports internal
replication of the node, transparently. In this case, fail-silence can be assured
both in the time and value domain since transmissions are carried out only if
both internal nodes agree on the transmission instant and message contents.
This solution is well adapted for use in the masters but it can also be used, if
desired, in slave nodes
A Joint PHY/MAC Architecture for Low-Radiated Power TH-UWB Wireless Ad-Hoc Networks
Due to environmental concerns and strict constraints on interference imposed on other networks, the radiated power of emerging pervasive wireless networks needs to be strictly limited, yet without sacrificing acceptable data rates. Pulsed Time-Hopping Ultra-Wide Band (TH-UWB) is a radio technology that has the potential to satisfy this requirement. Although TH-UWB is a multi-user radio technology, non-zero cross-correlation between time-hopping sequences, time-asynchronicity between sources and a multipath channel environment make it sensitive to strong interferers and near-far scenarios. While most protocols manage interference and multiple-access through power control or mutual exclusion (CSMA/CA or TDMA), we base our design on rate control, a relatively unexplored dimension for multiple-access and interference management. We further take advantage of the nature of pulsed TH-UWB to propose an interference mitigation scheme that reduces the impact of strong interferers. A source is always allowed to send and continuously adapts its channel code (hence its rate) to the interference experienced at the destination. In contrast to power control or exclusion, our MAC layer is local to sender and receiver and does not need coordination among neighbors not involved in the transmission. We show by simulation that we achieve a significant increase in network throughput
Design and Implementation of Real-Time Transactional Memory
Abstract—Transactional memory is a promising, optimistic synchronization mechanism for chip-multiprocessor systems. The simplicity of atomic sections, instead of using explicit locks, is also appealing for real-time systems. In this paper an implementation of real-time transactional memory (RTTM) in the context of a real-time Java chip-multiprocessor (CMP) is presented. To provide a predictable and analyzable solution of transactional memory, the transaction buffer is organized fully associative. Evaluation in an FPGA shows that an associativity of up to 64-way is possible without degrading the overall system performance. The paper presents synthesis results for different RTTM configurations and different number of processor cores in the CMP system. A CMP system with up to 8 processor cores with RTTM support is feasible in an Altera Cyclone-II FPGA
Design and implementation of application-specific medium access control protocol for scalable smart home embedded systems
Thesis (M.S.) University of Alaska Fairbanks, 2016By incorporating electrical devices, appliances and house features in a system that is controlled and monitored either remotely or on-site, smart home technologies have recently gained an increasing popularity. There are several smart home systems already available, ranging from simple on-site home monitoring to self-learning and Wi-Fi enabled systems. However, current systems do not fully make use of recent technological advancement and synergy among a variable number of sensors for improved data collection. For a synergistic system to be provident it needs to be modular and scalable to match exact user needs (type of applications and adequate number of sensors for each application). With an increased number of sensors intelligently placed to optimize the data collection, a wireless network is indispensable for a flexible and inexpensive installation. Such a network requires an efficient medium access control protocol to sustain a reliable system, provide flexibility in design and to achieve lower power consumption. This thesis brings to light practical ways to improve current smart home systems. As the main contribution of this work, we introduce a novel application-specific medium access control protocol able to support suggested improvements. In addition, a smart home prototype system is implemented to evaluate the protocol performance and prove concepts of recommended advances. This thesis covers the design of the proposed novel medium access protocol and the software/hardware implementation of the prototype system focusing on the monitoring and data analysis side, while providing inputs for the control side of the system. The smart home system prototype is Wi-Fi and Web connected, designed and implemented to emphasize system usability and energy efficiency
Adaptive and power-aware mechanism in wireless sensor networks
In a very short time, the interest about Wireless Sensors Networks(WSN) and their applications has grown both within the academic community and in the industry. At the same time, the complexity of the envisaged WSN-based systems has grown from a handful of homogeneous sensors to hundreds or thousands of devices, possibly differing in terms of capability, architecture, and operating system. Recently, some deployments of WSNs have been suggested in the literature both addressing the energy-aware and the adaptability to environmental changes issues; in both cases limitations arise which either prevent a long lifetime or/and the Quality of Service(QoS) of the envisaged applications.Energy is one of the scarcest resources in WSNs; energy harvesting technologies are thus required to design credible autonomous sensor networks. In addition to energy harvesting technologies, energy saving mechanisms play an important role to reduce energy consumption in sensor nodes. Moreover, in wireless sensor networks, the network topology may change over time due to permanent or transient node and communication faults, energy availability for the nodes (despite thepossible presence of energy harvesting mechanisms) and environmental changes (e.g., a landslide phenomenon, solar powerdensity made available to the nodes, presence of vegetation subject to seasonal dynamics). Development of smart routing algorithms is hence a must for granting effective communications in large scale wireless networks with adaptation ability combined with energy-aware aspects
- …