7,706 research outputs found
Services for safety-critical applications on dual-scheduled TDMA networks
Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200
LunaNet: a Flexible and Extensible Lunar Exploration Communications and Navigation Infrastructure
NASA has set the ambitious goal of establishing a sustainable human presence on the Moon. Diverse commercial and international partners are engaged in this effort to catalyze scientific discovery, lunar resource utilization and economic development on both the Earth and at the Moon. Lunar development will serve as a critical proving ground for deeper exploration into the solar system. Space communications and navigation infrastructure will play an integral part in realizing this goal. This paper provides a high-level description of an extensible and scalable lunar communications and navigation architecture, known as LunaNet. LunaNet is a services network to enable lunar operations. Three LunaNet service types are defined: networking services, position, navigation and timing services, and science utilization services. The LunaNet architecture encompasses a wide variety of topology implementations, including surface and orbiting provider nodes. In this paper several systems engineering considerations within the service architecture are highlighted. Additionally, several alternative LunaNet instantiations are presented. Extensibility of the LunaNet architecture to the solar system internet is discussed
Advanced flight control system study
The architecture, requirements, and system elements of an ultrareliable, advanced flight control system are described. The basic criteria are functional reliability of 10 to the minus 10 power/hour of flight and only 6 month scheduled maintenance. A distributed system architecture is described, including a multiplexed communication system, reliable bus controller, the use of skewed sensor arrays, and actuator interfaces. Test bed and flight evaluation program are proposed
Recommended from our members
Technical Review of Residential Programmable Communicating Thermostat Implementation for Title 24-2008
CarRing IV- Real-time Computer Network
Ob in der Automobil-, Avionik- oder Automatisierungstechnik, die Fortschritte in der
Echtzeitkommunikation richten sich auf weitere Verbesserungen bereits existierender
Lösungen. Im Kfz-Bereich führen die steigenden Zahlen computerbasierter Systeme,
Anwendungen und Anschlüsse sowie die Verwendung mehrerer proprietärer Kommunikationsstandards zu einem immer komplexeren Kabelbaum. Ursächlich hierfür sind
inkompatible Standards, wodurch nicht nur die Kosten, sondern auch das Gewicht
und damit der Kraftstoffverbrauch negativ beeinflusst werden.
Im ersten Teil der Dissertation wird das Echtzeitprotokoll von CarRing IV (CRIV) vorgestellt. Es bietet isochrone und harte Echtzeitgarantien, ohne dass eine netzwerkweite Synchronisation erforderlich ist. Mit bis zu 16 Knoten pro Ring kann
ein CR-IV-Netz aus bis zu 256 Ringen bestehen, die durch Router miteinander verbunden sind. CR-IV verwendet ein reduziertes OSI-Modell (Schichten 1-3, 7), das
für seine Anwendungsbereiche sowohl typisch als auch vorteilhaft ist. Außerdem
unterstützt es sowohl ereignis- als auch zeitgesteuerte Kommunikationsparadigmen.
Der Transparent-Modus ermöglicht es CR-IV, als Backbone für bestehende Netze
zu verwenden, wodurch Inkompatibilitätsprobleme beseitigt werden und der Wechsel zu einer einheitlicheren Netzlösung erleichtert wird. Mit dieser Funktionalität
können Nutzergeräte über ein CR-IV-Netz miteinander verbunden werden, ohne dass
der Nutzer eingreifen oder etwas ändern muss. Durch Multicast unterstützt CRIV auch die Emulation von Feldbussen. Der zweite Teil der Dissertation stellt den
anderen wichtigen Aspekt von CR-IV vor. Alle Schichten des OSI-Modells sind in
einem FPGA mit Hardware Description Languages (HDLs) ohne Hard- oder Softprozessoren implementiert. Das Register-Transfer-Level (RTL)-Hardwaredesign von
CR-IV wird mit einem neuen Ansatz erstellt, der am besten als tokenbasierter Datenfluss beschrieben werden kann. Der Ansatz ist sowohl vertikal als auch horizontal
skalierbar. Er verwendet lose gekoppelte Processing Elements (PEs), die stateless arbeiten, sowie Arbiter/Speicherzuordnungspaare. Durch die granulare Kontrolle und
die Aufteilung aller Aspekte einer Lösung eignet sich der Ansatz für die Implementierung anderer Software-Level-Lösungen in Hardware.
Viele Testszenarios werden durchgeführt, um die in CR-IV erzielten Ergebnisse zu
verdeutlichen und zu überprüfen. Diese Szenarien reichen von direkten Leistungsmessungen bis hin zu verhaltensspezifischen Tests. Zusätzlich wird eine Labor-Demo
erstellt, die grundsätzlich auf ein Proof of Concept zielt. Die Demo stellt einen
praktischen Test anstelle szenariospezifischer Tests dar. Alle Testszenarien und die
Labor-Demo werden mit den Prototyp-Boards des Projekts durchgef¨uhrt, d.h. es sind
keine Simulationstests. Die Ergebnisse stellen die realistischen Leistungen von CR-IV
mit bis zu 13,61 Gbit/s dar.Whether be it automotive, avionics or automation, advances in their respective real-time communication technology focus on further improving preexisting solutions. For
in-vehicle communication, the ever-increasing number of computer-based systems,
applications and connections as well as the use of multiple proprietary communication
standards results in an increasingly complex wiring harness. This is in-part due to
those standards being incompatible with one another. In addition to cost, this also
impacts weight, which in turn affects fuel consumption.
The work presented in this thesis is in-part theoretical and in-part applied. The
former is represented by a new protocol, while the latter corresponds to the protocol’s
hardware implementation. In the first part of the thesis, the real-time communication protocol of CarRing IV (CR-IV) is presented. It provides isochronous and hard
real-time guarantees without requiring network-wide clock synchronization. With up
to 16 nodes per ring, a CR-IV network can consist of as many as 256 rings interconnected by routers. CR-IV uses a reduced OSI model (layers 1-3, 7), which is both
typical of and preferable for its application areas. Moreover, it supports both event- and time-triggered communication paradigms. The transparent mode feature allows
CR-IV to act as a backbone for existing networks, thereby addressing incompatibility
concerns and easing the transition into a more unified network solution. Using this
feature, user devices can communicate with one another via a CR-IV network without
requiring user interference, or any user device or application changes. Combined with
the protocol’s reliable multicast, the feature extends CR-IV’s capabilities to include
field bus emulation. The second part of the thesis presents the other important aspect
of CR-IV. All of its OSI model layers are implemented in a FPGA using Hardware
Description Languages (HDLs) without relying-on or including any hard or soft processors. CR-IV’s Register-Transfer Level (RTL) hardware design is created using a new
approach that can best be described as token-based data-flow. The approach is both
vertically and horizontally scalable. It uses stateless and loosely coupled Processing
Elements (PEs) as well as arbiter/memory allocation pairs. By having granular control and compartmentalizing every aspect of a solution, the approach lends itself to
being used for implementing other software-level solutions in hardware.
Many test scenarios are conducted to both highlight and examine the results
achieved in CR-IV. Those scenarios range from direct performance measurements to
behavior-specific tests. Moreover, a lab-demo is created that essentially amounts to
a proof of concept. The demo represents a practical test as opposed to a scenariospecific one. Whether be it test scenarios or the lab-demo, all are carried-out using the
project’s prototype boards, i.e. no simulation tests. The results obtained represent
CR-IV’s real-world realistic outcomes with up to 13.61 Gbps
A critical analysis of research potential, challenges and future directives in industrial wireless sensor networks
In recent years, Industrial Wireless Sensor Networks (IWSNs) have emerged as an important research theme with applications spanning a wide range of industries including automation, monitoring, process control, feedback systems and automotive. Wide scope of IWSNs applications ranging from small production units, large oil and gas industries to nuclear fission control, enables a fast-paced research in this field. Though IWSNs offer advantages of low cost, flexibility, scalability, self-healing, easy deployment and reformation, yet they pose certain limitations on available potential and introduce challenges on multiple fronts due to their susceptibility to highly complex and uncertain industrial environments. In this paper a detailed discussion on design objectives, challenges and solutions, for IWSNs, are presented. A careful evaluation of industrial systems, deadlines and possible hazards in industrial atmosphere are discussed. The paper also presents a thorough review of the existing standards and industrial protocols and gives a critical evaluation of potential of these standards and protocols along with a detailed discussion on available hardware platforms, specific industrial energy harvesting techniques and their capabilities. The paper lists main service providers for IWSNs solutions and gives insight of future trends and research gaps in the field of IWSNs
Technology Directions for the 21st Century
New technologies will unleash the huge capacity of fiber-optic cable to meet growing demands for bandwidth. Companies will continue to replace private networks with public network bandwidth-on-demand. Although asynchronous transfer mode (ATM) is the transmission technology favored by many, its penetration will be slower than anticipated. Hybrid networks - e.g., a mix of ATM, frame relay, and fast Ethernet - may predominate, both as interim and long-term solutions, based on factors such as availability, interoperability, and cost. Telecommunications equipment and services prices will decrease further due to increased supply and more competition. Explosive Internet growth will continue, requiring additional backbone transmission capacity and enhanced protocols, but it is not clear who will fund the upgrade. Within ten years, space-based constellations of satellites in Low Earth orbit (LEO) will serve mobile users employing small, low-power terminals. 'Little LEO's' will provide packet transmission services and geo-position determination. 'Big LEO's' will function as global cellular telephone networks, with some planning to offer video and interactive multimedia services. Geosynchronous satellites also are proposed for mobile voice grade links and high-bandwidth services. NASA may benefit from resulting cost reductions in components, space hardware, launch services, and telecommunications services
Technology 2003: The Fourth National Technology Transfer Conference and Exposition, volume 2
Proceedings from symposia of the Technology 2003 Conference and Exposition, Dec. 7-9, 1993, Anaheim, CA, are presented. Volume 2 features papers on artificial intelligence, CAD&E, computer hardware, computer software, information management, photonics, robotics, test and measurement, video and imaging, and virtual reality/simulation
NSSDC Conference on Mass Storage Systems and Technologies for Space and Earth Science Applications, volume 1
Papers and viewgraphs from the conference are presented. This conference served as a broad forum for the discussion of a number of important issues in the field of mass storage systems. Topics include magnetic disk and tape technologies, optical disks and tape, software storage and file management systems, and experiences with the use of a large, distributed storage system. The technical presentations describe, among other things, integrated mass storage systems that are expected to be available commercially. Also included is a series of presentations from Federal Government organizations and research institutions covering their mass storage requirements for the 1990's
Tolerância a falhas em sistemas de comunicação de tempo-real flexíveis
Nas últimas décadas, os sistemas embutidos distribuídos, têm sido usados em
variados domínios de aplicação, desde o controlo de processos industriais até
ao controlo de aviões e automóveis, sendo expectável que esta tendência se
mantenha e até se intensifique durante os próximos anos.
Os requisitos de confiabilidade de algumas destas aplicações são
extremamente importantes, visto que o não cumprimento de serviços de uma
forma previsível e pontual pode causar graves danos económicos ou até pôr
em risco vidas humanas.
A adopção das melhores práticas de projecto no desenvolvimento destes
sistemas não elimina, por si só, a ocorrência de falhas causadas pelo
comportamento não determinístico do ambiente onde o sistema embutido
distribuído operará. Desta forma, é necessário incluir mecanismos de
tolerância a falhas que impeçam que eventuais falhas possam comprometer
todo o sistema.
Contudo, para serem eficazes, os mecanismos de tolerância a falhas
necessitam ter conhecimento a priori do comportamento correcto do sistema
de modo a poderem ser capazes de distinguir os modos correctos de
funcionamento dos incorrectos.
Tradicionalmente, quando se projectam mecanismos de tolerância a falhas, o
conhecimento a priori significa que todos os possíveis modos de
funcionamento são conhecidos na fase de projecto, não os podendo adaptar
nem fazer evoluir durante a operação do sistema. Como consequência, os
sistemas projectados de acordo com este princípio ou são completamente
estáticos ou permitem apenas um pequeno número de modos de operação.
Contudo, é desejável que os sistemas disponham de alguma flexibilidade de
modo a suportarem a evolução dos requisitos durante a fase de operação,
simplificar a manutenção e reparação, bem como melhorar a eficiência usando
apenas os recursos do sistema que são efectivamente necessários em cada
instante. Além disto, esta eficiência pode ter um impacto positivo no custo do
sistema, em virtude deste poder disponibilizar mais funcionalidades com o
mesmo custo ou a mesma funcionalidade a um menor custo.
Porém, flexibilidade e confiabilidade têm sido encarados como conceitos
conflituais.
Isto deve-se ao facto de flexibilidade implicar a capacidade de permitir a
evolução dos requisitos que, por sua vez, podem levar a cenários de operação
imprevisíveis e possivelmente inseguros. Desta fora, é comummente aceite
que apenas um sistema completamente estático pode ser tornado confiável, o
que significa que todos os aspectos operacionais têm de ser completamente
definidos durante a fase de projecto.
Num sentido lato, esta constatação é verdadeira. Contudo, se os modos como
o sistema se adapta a requisitos evolutivos puderem ser restringidos e
controlados, então talvez seja possível garantir a confiabilidade permanente
apesar das alterações aos requisitos durante a fase de operação.
A tese suportada por esta dissertação defende que é possível flexibilizar um
sistema, dentro de limites bem definidos, sem comprometer a sua
confiabilidade e propõe alguns mecanismos que permitem a construção de
sistemas de segurança crítica baseados no protocolo Controller Area Network
(CAN). Mais concretamente, o foco principal deste trabalho incide sobre o
protocolo Flexible Time-Triggered CAN (FTT-CAN), que foi especialmente
desenvolvido para disponibilizar um grande nível de flexibilidade operacional
combinando, não só as vantagens dos paradigmas de transmissão de
mensagens baseados em eventos e em tempo, mas também a flexibilidade
associada ao escalonamento dinâmico do tráfego cuja transmissão é
despoletada apenas pela evolução do tempo.
Este facto condiciona e torna mais complexo o desenvolvimento de
mecanismos de tolerância a falhas para FTT-CAN do que para outros
protocolos como por exemplo, TTCAN ou FlexRay, nos quais existe um
conhecimento estático, antecipado e comum a todos os nodos, do
escalonamento de mensagens cuja transmissão é despoletada pela evolução
do tempo.
Contudo, e apesar desta complexidade adicional, este trabalho demonstra que
é possível construir mecanismos de tolerância a falhas para FTT-CAN
preservando a sua flexibilidade operacional.
É também defendido nesta dissertação que um sistema baseado no protocolo
FTT-CAN e equipado com os mecanismos de tolerância a falhas propostos é
passível de ser usado em aplicações de segurança crítica.
Esta afirmação é suportada, no âmbito do protocolo FTT-CAN, através da
definição de uma arquitectura tolerante a falhas integrando nodos com modos
de falha tipo falha-silêncio e nodos mestre replicados.
Os vários problemas resultantes da replicação dos nodos mestre são, também
eles, analisados e várias soluções são propostas para os obviar.
Concretamente, é proposto um protocolo que garante a consistência das
estruturas de dados replicadas a quando da sua actualização e um outro
protocolo que permite a transferência dessas estruturas de dados para um
nodo mestre que se encontre não sincronizado com os restantes depois de
inicializado ou reinicializado de modo assíncrono.
Além disto, esta dissertação também discute o projecto de nodos FTT-CAN
que exibam um modo de falha do tipo falha-silêncio e propõe duas soluções
baseadas em componentes de hardware localizados no interface de rede de
cada nodo, para resolver este problema. Uma das soluções propostas baseiase
em bus guardians que permitem a imposição de comportamento falhasilêncio
nos nodos escravos e suportam o escalonamento dinâmico de tráfego
na rede. A outra solução baseia-se num interface de rede que arbitra o acesso
de dois microprocessadores ao barramento. Este interface permite que a
replicação interna de um nodo seja efectuada de forma transparente e
assegura um comportamento falha-silêncio quer no domínio temporal quer no
domínio do valor ao permitir transmissões do nodo apenas quando ambas as
réplicas coincidam no conteúdo das mensagens e nos instantes de
transmissão. Esta última solução está mais adaptada para ser usada nos
nodos mestre, contudo também poderá ser usada nos nodos escravo, sempre
que tal se revele fundamental.Distributed embedded systems (DES) have been widely used in the last few
decades in several application fields, ranging from industrial process control to
avionics and automotive systems. In fact, it is expectable that this trend will
continue over the years to come.
In some of these application domains the dependability requirements are of
utmost importance since failing to provide services in a timely and predictable
manner may cause important economic losses or even put human life in risk.
The adoption of the best practices in the design of distributed embedded
systems does not fully avoid the occurrence of faults, arising from the nondeterministic
behavior of the environment where each particular DES operates.
Thus, fault-tolerance mechanisms need to be included in the DES to prevent
possible faults leading to system failure.
To be effective, fault-tolerance mechanisms require an a priori knowledge of
the correct system behavior to be capable of distinguishing them from the
erroneous ones.
Traditionally, when designing fault-tolerance mechanisms, the a priori
knowledge means that all possible operational modes are known at system
design time and cannot adapt nor evolve during runtime. As a consequence,
systems designed according to this principle are either fully static or allow a
small number of operational modes only. Flexibility, however, is a desired
property in a system in order to support evolving requirements, simplify
maintenance and repair, and improve the efficiency in using system resources
by using only the resources that are effectively required at each instant. This
efficiency might impact positively on the system cost because with the same
resources one can add more functionality or one can offer the same
functionality with fewer resources.
However, flexibility and dependability are often regarded as conflicting
concepts. This is so because flexibility implies the ability to deal with evolving
requirements that, in turn, can lead to unpredictable and possibly unsafe
operating scenarios. Therefore, it is commonly accepted that only a fully static
system can be made dependable, meaning that all operating conditions are
completely defined at pre-runtime.
In the broad sense and assuming unbounded flexibility this assessment is true,
but if one restricts and controls the ways the system could adapt to evolving
requirements, then it might be possible to enforce continuous dependability.
This thesis claims that it is possible to provide a bounded degree of flexibility
without compromising dependability and proposes some mechanisms to build
safety-critical systems based on the Controller Area Network (CAN).
In particular, the main focus of this work is the Flexible Time-Triggered CAN
protocol (FTT-CAN), which was specifically developed to provide such high
level of operational flexibility, not only combining the advantages of time- and
event-triggered paradigms but also providing flexibility to the time-triggered
traffic. This fact makes the development of fault-tolerant mechanisms more
complex in FTT-CAN than in other protocols, such as TTCAN or FlexRay, in
which there is a priori static common knowledge of the time-triggered message
schedule shared by all nodes. Nevertheless, as it is demonstrated in this work,
it is possible to build fault-tolerant mechanisms for FTT-CAN that preserve its
high level of operational flexibility, particularly concerning the time-triggered
traffic. With such mechanisms it is argued that FTT-CAN is suitable for safetycritical
applications, too.
This claim was validated in the scope of the FTT-CAN protocol by presenting a
fault-tolerant system architecture with replicated masters and fail-silent nodes.
The specific problems and mechanisms related with master replication,
particularly a protocol to enforce consistency during updates of replicated data
structures and another protocol to transfer these data structures to an
unsynchronized node upon asynchronous startup or restart, are also
addressed.
Moreover, this thesis also discusses the implementations of fail-silence in FTTCAN
nodes and proposes two solutions, both based on hardware components
that are attached to the node network interface. One solution relies on bus
guardians that allow enforcing fail-silence in the time domain. These bus
guardians are adapted to support dynamic traffic scheduling and are fit for use
in FTT-CAN slave nodes, only. The other solution relies on a special network
interface, with duplicated microprocessor interface, that supports internal
replication of the node, transparently. In this case, fail-silence can be assured
both in the time and value domain since transmissions are carried out only if
both internal nodes agree on the transmission instant and message contents.
This solution is well adapted for use in the masters but it can also be used, if
desired, in slave nodes
- …