The Community for Technology Leaders
RSS Icon
Issue No.02 - April-June (2008 vol.5)
pp: 99-114
Integrated architectures in the automotive and avionic domain promise improved resource utilization and enable a better coordination of application subsystems compared to federated systems. An integrated architecture shares the system's communication resources by using a single physical network for exchanging messages of multiple application subsystems. Similarly, the computational resources (e.g., memory, CPU time) of each node computer are available to multiple software components. In order to support a seamless system integration without unintended side effects in such an integrated architecture, it is important to ensure that the software components do not interfere through the use of these shared resources. For this reason, the DECOS integrated architecture encapsulates application subsystems and their constituting software components. At the level of the communication system, virtual networks on top of an underlying time-triggered physical network exhibit predefined temporal properties (i.e., bandwidth, latency, latency jitter). Due to encapsulation the temporal properties of messages sent by a software component are independent from the behavior of other software components, in particular from those within other application subsystems. This paper presents the mechanisms for temporal partitioning of communication resources in the DECOS integrated architecture. Furthermore, experimental evidence is provided in order to demonstrate that the messages sent by one software component do not affect the temporal properties of messages exchanged by other software components. For this purpose, we use an experimental framework with an implementation of virtual networks on top of a TDMA-controlled Ethernet network.
System architectures, integration and modeling, Real-time distributed, Distributed architectures, Infrastructure protection, Network communications, Distributed Systems, Real-time and embedded systems, Design, System integration and implementation, Fault-tolerance
Roman Obermaisser, "Temporal Partitioning of Communication Resources in an Integrated Architecture", IEEE Transactions on Dependable and Secure Computing, vol.5, no. 2, pp. 99-114, April-June 2008, doi:10.1109/TDSC.2007.70232
[1] Aeronautical Radio, Inc., ARINC Specification 651: Design Guide for Integrated Modular Avionics, Nov. 1991.
[2] H. Heinecke et al., “AUTomotive Open System ARchitecture—An Industry-Wide Initiative to Manage the Complexity of Emerging Automotive E/E-Architectures,” Proc. Convergence Int'l Congress and Exposition on Transportation Electronics, Oct. 2004.
[3] R. Obermaisser and P. Peti, “A Fault Hypothesis for Integrated Architectures,” Proc. Fourth Int'l Workshop Intelligent Solutions in Embedded Systems (WISES '06), June 2006.
[4] P. Peti, R. Obermaisser, F. Tagliabo, A. Marino, and S. Cerchio, “An Integrated Architecture for Future Car Generations,” Proc. Eighth IEEE Int'l Symp. Object-Oriented Real-Time Distributed Computing (ISORC '05), May 2005.
[5] J. Swingler and J.W. McBride, “The Degradation of Road Tested Automotive Connectors,” Proc. 45th IEEE Holm Conf. Electrical Contacts, pp. 146-152, Oct. 1999.
[6] Embedded Systems Design, B. Bouyssounouse and J. Sifakis, eds., Springer, 2005.
[7] F.P. Brooks, “No Silver Bullet: Essence and Accidents of Software Engineering,” Computer, Apr. 1987.
[8] CAN Specification, Version 2.0. Robert Bosch Gmbh, 1991.
[9] R. Obermaisser and B. Huber, “Model-Based Design of the Communication System in an Integrated Architecture,” Proc. 18th IASTED Int'l Conf. Parallel and Distributed Computing and Systems (PDCS '06), pp. 96-107, 2006.
[10] H. Kopetz, Real-Time Systems, Design Principles for Distributed Embedded Applications. Kluwer Academic Publishers, 1997.
[11] J. Rushby, Partitioning for Avionics Architectures: Requirements, Mechanisms, And Assurance, NASA Contractor Report CR-1999-209347, NASA Langley Research Center, Also to be issued by the FAA, June 1999.
[12] J. Sifakis, “A Framework for Component-Based Construction,” Proc. Third IEEE Int'l Conf. Software Eng. and Formal Methods (SEFM'05), pp. 293-300, Sept. 2005.
[13] H. Kopetz and R. Obermaisser, “Temporal Composability,” Computing & Control Eng. J., vol. 13, pp. 156-162, 2002.
[14] R. Obermaisser, P. Peti, and H. Kopetz, “Virtual Networks in an Integrated Time-Triggered Architecture,” Proc. 10th IEEE Int'l Workshop Object-Oriented Real-Time Dependable Systems (WORDS '05), 2005.
[15] B. Huber, P. Peti, R. Obermaisser, and C. El Salloum, “Using RTAI/LXRT for Partitioning in a Prototype Implementation of the DECOS Architecture,” Proc. Third Int'l Workshop Intelligent Solutions in Embedded Systems (WISES '05), May 2005.
[16] G. Bauer, H. Kopetz, and W. Steiner, “The Central Guardian Approach to Enforce Fault Isolation in a Time-Triggered System,” Proc. Sixth Int'l Symp. Autonomous Decentralized Systems (ISADS 03), pp. 37-44, 2003.
[17] Node-Local Bus Guardian Specification Version 2.0.9, FlexRay Consortium, BMW AG, DaimlerChrysler AG, General Motors Corp., Freescale GmbH, Philips GmbH, Robert Bosch GmbH, and Volkswagen AG, Dec. 2005.
[18] D. Kim, Y.-H. Lee, and M. Younis, “SPIRIT—$\mu$ Kernel for Strongly Partitioned Real-Time Systems,” Proc. Seventh Int'l Conf. Real-Time Computing Systems and Applications (RTCSA '00), 2000.
[19] J. Penix et al., “Verification of Time Partitioning in the DEOS Scheduler Kernel,” Proc. 22nd Int'l Conf. Software Eng. (ICSE '00), pp. 488-497, 2000.
[20] K. Hoyme and K. Driscoll, “SAFEbus,” IEEE Aerospace and Electronic Systems Magazine, vol. 8, pp. 34-39, Mar. 1993.
[21] E. Totel, J.P. Blanquart, Y. Deswarte, and D. Powell, “Supporting Multiple Levels of Criticality,” Proc. 28th Ann. Int'l Symp. Fault-Tolerant Computing (FTCS '98), p. 70, 1998.
[22] R. Obermaisser and P. Peti, “Specification and Execution of Gateways in Integrated Architectures,” Proc. 10th IEEE Int'l Conf. Emerging Technologies and Factory Automation (ETFA '05), Sept. 2005.
[23] Software Fundamentals: Collected Papers by David L. Parnas. Addison-Wesley, Apr. 2001.
[24] H.D. Heitzer, “Development of a Fault-Tolerant Steer-by-Wire Steering System,” Auto Technology, vol. 4, pp. 56-60, Apr. 2003.
[25] Int'l Electrotechnical Commission, IEC 61508-7: Functional Safety ofElectrical/Electronic/Programmable Electronic Safety-Related Systems—Part 7: Overview of Techniques and Measures, 1999.
[26] Radio Technical Commission for Aeronautics, Inc. (RTCA), DO-178B: Software Considerations in Airborne Systems and Equipment Certification, Dec. 1992.
[27] H.A. Simon, The Sciences of the Artificial. MIT Press, 1996.
[28] A. Deicke, “The Electrical/Electronic Diagnostic Concept of the New 7 Series,” Proc. Convergence Int'l Congress and Exposition on Transportation Electronics, Oct. 2002.
[29] J. Leohold, “Communication Requirements for Automotive Systems,” Keynote Automotive Communication—Fifth IEEE Workshop Factory Communication Systems, Sept. 2004.
[30] J. Rushby, “A Comparison of Bus Architectures for Safety-Critical Embedded Systems,” technical report, SRI Int'l, 2001.
[31] R. DeLine, “Resolving Packaging Mismatch,” PhD dissertation, Carnegie Mellon Univ., June 1999.
[32] Project Deliverable D2.2.3—Virtual Communication Links and Gateways, technical report, DECOS, 2006.
[33] F. Cristian, “Understanding Fault-Tolerant Distributed Systems,” Comm. ACM, vol. 34, no. 2, pp. 56-78, 1991.
[34] L. Kleinrock, Queuing Systems Volume I: Theory. John Wiley & Sons, 1975.
[35] J. Ferreira, P. Pedreiras, L. Almeida, and J. Fonseca, “Achieving Fault Tolerance in FTT-CAN,” Proc. Fourth IEEE Int'l Workshop Factory Comm. Systems, 2002.
[36] R.W. Butler, J.L. Caldwell, and B.L. Di Vito, “Design Strategy for a Formally Verified Reliable Computing Platform,” Proc. Sixth Ann. Conf. Computer Assurance: Systems Integrity, Software Safety and Process Security (COMPASS '91), pp. 125-133, June 1991.
[37] B. Dion, “Correct-by-Construction Methods for the Development of Safety-Critical Applications,” Proc. SAE World Congress and Exhibition, Mar. 2004.
[38] H. Kopetz, A. Ademaj, P. Grillinger, and K. Steinhammer, “The Time-Triggered Ethernet (TTE) Design,” Proc. Eighth IEEE Int'l Symp. Object-Oriented Real-Time Distributed Computing (ISORC '05), May 2005.
[39] H. Kopetz and G. Grünsteidl, “TTP—A Protocol for Fault-Tolerant Real-Time Systems,” Computer, vol. 27, no. 1, pp. 14-23, 1994.
[40] FlexRay Communications System Protocol Specification Version 2.1. FlexRay Consortium, May 2005.
[41] A. Ademaj, H. Sivencrona, G. Bauer, and J. Torin, “Evaluation of Fault Handling of the Time-Triggered Architecture with Bus and Star Topology,” Proc. Int'l Conf. Dependable Systems and Networks (DSN '03), pp. 123-132, June 2003.
[42] G. Leen and D. Heffernan, “Expanding Automotive Electronic Systems,” Computer, vol. 35, no. 1, pp. 88-93, Jan. 2002.
[43] MOST Specification Version 2.2. MOST Cooperation, Nov. 2002.
[44] J. Berwanger, M. Peller, and R. Griessbach, “Byteflight a New Protocol for Safety Critical Applications,” Proc. FISITA World Automotive Congress, 2000.
[45] “LIN Specification and LIN Press Announcement,” Proc. SAE World Congress, Audi AG, BMW AG, DaimlerChrysler AG, Motorola Inc., Volcano Communication Technologies AB, Volkswagen AG, and Volvo Car Corp., 1999.
[46] A. Albert and W. Gerth, “Evaluation and Comparison of the Real-Time Performance of CAN and TTCAN,” Proc. Ninth Int'l CAN Conf., 2003.
[47] C. Wilwert, Y. Song, F. Simonot-Lion, and T. Clement, “Evaluating Quality of Service and Behavioral Reliability of Steer-by-Wire Systems,” Proc. Ninth IEEE Int'l Conf. Emerging Technologies and Factory Automation (ETFA '03), 2003.
19 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool