A Time-Triggered Constraint-Based Calculus for Avionic Systems

The Integrated Modular Avionics (IMA) architec- ture and the Time-Triggered Ethernet (TTEthernet) network have emerged as the key components of a typical architecture model for recent civil aircrafts. We propose a real-time constraint-based calculus targeted at the analysis of such concepts of avionic embedded systems. We show our framework at work on the modelisation of both the (IMA) architecture and the TTEthernet network, illustrating their behavior by the well-known Flight Management System (FMS)

Modeling and Analysis of Mixed Synchronous/Asynchronous Systems

Practical safety-critical distributed systems must integrate safety critical and non-critical data in a common platform. Safety critical systems almost always consist of isochronous components that have synchronous or asynchronous interface with other components. Many of these systems also support a mix of synchronous and asynchronous interfaces. This report presents a study on the modeling and analysis of asynchronous, synchronous, and mixed synchronous/asynchronous systems. We build on the SAE Architecture Analysis and Design Language (AADL) to capture architectures for analysis. We present preliminary work targeted to capture mixed low- and high-criticality data, as well as real-time properties in a common Model of Computation (MoC). An abstract, but representative, test specimen system was created as the system to be modeled

A Methodology for Evaluating Artifacts Produced by a Formal Verification Process

The goal of this study is to produce a methodology for evaluating the claims and arguments employed in, and the evidence produced by formal verification activities. To illustrate the process, we conduct a full assessment of a representative case study for the Enabling Technology Development and Demonstration (ETDD) program. We assess the model checking and satisfiabilty solving techniques as applied to a suite of abstract models of fault tolerant algorithms which were selected to be deployed in Orion, namely the TTEthernet startup services specified and verified in the Symbolic Analysis Laboratory (SAL) by TTTech. To this end, we introduce the Modeling and Verification Evaluation Score (MVES), a metric that is intended to estimate the amount of trust that can be placed on the evidence that is obtained. The results of the evaluation process and the MVES can then be used by non-experts and evaluators in assessing the credibility of the verification results

Scheduling of the TTEthernet communication

TTEthernet je rozšířením Ethernetu o prostředky pro deterministickou komunikaci. V této práci TTEthernet stručně představíme a uvedeme stávající metody rozvrhování provozu v něm. Následně formulujeme tento rozvrhovací problém jako MRCPSP-GPR (také znám jako multimodální RCPSP/max) a zhodnotíme možnosti použití existujících řešičů MRCPSP-GPR pro rozvrhování provozu v síti TTEthernet. S využitím heuristiky, kterou jsme navrhli, se tento postup jeví jako realistický. Mimo to ještě uvádíme opravu nedávno publikované metody pro odhad maximálního zpoždění rate-constrained (RC) provozu v síti TTEthernet.TTEthernet is an extension of Ethernet for deterministic communication. We present an overview of TTEthernet and existing methods for scheduling TTEthernet traffic. Then we present a formulation of the scheduling problem as a MRCPSP-GPR (also known as multi-mode RCPSP/max) and evaluate the possibility of using existing MRCPSP-GPR solvers for scheduling TTEthernet traffic. With a heuristic we introduce, this approach appears practical. Apart from this, we present a correction of a state-of-the-art method for estimating worst-case delays of rate-constrained (RC) TTEthernet traffic

On TTEthernet for Integrated Fault-Tolerant Spacecraft Networks

There has recently been a push for adopting integrated modular avionics (IMA) principles in designing spacecraft architectures. This consolidation of multiple vehicle functions to shared computing platforms can significantly reduce spacecraft cost, weight, and de- sign complexity. Ethernet technology is attractive for inclusion in more integrated avionic systems due to its high speed, flexibility, and the availability of inexpensive commercial off-the-shelf (COTS) components. Furthermore, Ethernet can be augmented with a variety of quality of service (QoS) enhancements that enable its use for transmitting critical data. TTEthernet introduces a decentralized clock synchronization paradigm enabling the use of time-triggered Ethernet messaging appropriate for hard real-time applications. TTEthernet can also provide two forms of event-driven communication, therefore accommodating the full spectrum of traffic criticality levels required in IMA architectures. This paper explores the application of TTEthernet technology to future IMA spacecraft architectures as part of the Avionics and Software (A&S) project chartered by NASA's Advanced Exploration Systems (AES) program