Real-time Systems Design Designing embedded software ...sheldon/cs330/PDF/SLIDES/c16.1.pdf ·...

©Ian Sommerville 1995 Software Engineering, 5th edition. Chapter 16 Slide 1

Real-time Systems Design

⊗ Designing embedded softwaresystems whose behaviour issubject to timing constraints


Objectives

⊗ To show why real-time systems are usuallydesigned as a set of cooperating concurrentprocesses

⊗ To show the usefulness of state models in real-time systems design

⊗ To describe the platform support required by real-time systems

⊗ To introduce generic architectures for some typesof real-time system


Topics covered

⊗ Systems design

⊗ State machine modelling

⊗ Real-time executives

⊗ Monitoring and control systems

⊗ Data acquisition systems


Real-time systems

⊗ Systems which monitor and control theirenvironment

⊗ Inevitably associated with hardware devices• Sensors: Collect data from the system environment

• Actuators: Change (in some way) the system'senvironment

⊗ Time is critical. Real-time systems MUSTrespond within specified times


Definition

⊗ A real-time system is a software system where thecorrect functioning of the system depends on theresults produced by the system and the time at whichthese results are produced

⊗ A ‘soft’ real-time system is a system whose operationis degraded if results are not produced according to thespecified timing requirements

⊗ A ‘hard’ real-time system is a system whose operationis incorrect if results are not produced according to thetiming specification


Stimulus/Response Systems

⊗ Given a stimulus, the system must produce aresponse within a specified time

⊗ Periodic stimuli. Stimuli which occur atpredictable time intervals• For example, a temperature sensor may be polled 10 times

per second

⊗ Aperiodic stimuli. Stimuli which occur atunpredictable times• For example, a system power failure may trigger an

interrupt which must be processed by the system


Architectural considerations

⊗ Because of the need to respond to timing demandsmade by different stimuli/responses, the systemarchitecture must allow for fast switching betweenstimulus handlers

⊗ Timing demands of different stimuli are differentso a simple sequential loop is not usually adequate

⊗ Real-time systems are usually designed ascooperating processes with a real-time executivecontrolling these processes


A real-time system model

Real-timecontrol system

ActuatorActuator ActuatorActuator

SensorSensorSensor SensorSensorSensor


System elements

⊗ Sensors control processes• Collect information from sensors. May buffer information

collected in response to a sensor stimulus

⊗ Data processor• Carries out processing of collected information and computes the

system response

⊗ Actuator control• Generates control signals for the actuator


Sensor/actuator processes

Dataprocessor

Actuatorcontrol

Actuator

Sensorcontrol

Sensor

Stimulus Response


System design

⊗ Design both the hardware and the softwareassociated with system. Partition functions toeither hardware or software

⊗ Design decisions should be made on the basis onnon-functional system requirements

⊗ Hardware delivers better performance butpotentially longer development and less scope forchange


Hardware and software designEstablish system

requirements

Partitionrequirements

Hardwarerequirements

Hardwaredesign

Softwarerequirements

Softwaredesign


R-T systems design process

⊗ Identify the stimuli to be processed and therequired responses to these stimuli

⊗ For each stimulus and response, identify thetiming constraints

⊗ Aggregate the stimulus and response processinginto concurrent processes. A process may beassociated with each class of stimulus andresponse


R-T systems design process

⊗ Design algorithms to process each class ofstimulus and response. These must meet the giventiming requirements

⊗ Design a scheduling system which will ensure thatprocesses are started in time to meet theirdeadlines

⊗ Integrate using a real-time executive or operatingsystem


Timing constraints

⊗ May require extensive simulation and experimentto ensure that these are met by the system

⊗ May mean that certain design strategies such asobject-oriented design cannot be used because ofthe additional overhead involved

⊗ May mean that low-level programming languagefeatures have to be used for performance reasons


State machine modelling

⊗ The effect of a stimulus in a real-time system maytrigger a transition from one state to another.

⊗ Finite state machines can be used for modellingreal-time systems.

⊗ However, FSM models lack structure. Evensimple systems can have a complex model.

⊗ Thread diagrams which show en event sequenceare a means of managing the complexity in statemachine models.


Microwave oven state machine

Idle

Fullpower on

Settime

Operationenabled

Timedoperation

Cookingcomplete

Halfpower on

Operationdisabled

Idle

Fullpower

Halfpower

Halfpower

Fullpower

Timer

Timer

TimerDooropen

Doorclosed

Doorclosed

Dooropen

Start

Timeout


Microwave oven states

State DescriptionHalf power on The oven power is set to 300 wattsFull power on The oven power is set to 600 wattsSet time The cooking time is set to the user’s input

valueOperation disabled Oven operation is disabled for safety. Interior

oven light is onOperation enabled Oven operation is enabled. Interior oven light

is offTimed operation Oven in operation. Interior oven light is on.

Timer is counting down.Cooking complete Timer has counted down to zero. Audible

alarm signal is on. Oven light is off.


Microwave oven stimuli

Stimulus DescriptionHalf power The user has pressed the half power buttonFull power The user has pressed the full power buttonTimer The user has pressed one of the timer buttonsDoor open The oven door switch is not closedDoor closed The oven door switch is closedStart The user has pressed the start buttonTimeout Timer signal indicating that set cooking time

is finished


Thread diagrams

⊗ Used to structure and present state modelinformation

⊗ Show the end-to-end processing of a specific setof stimuli

⊗ Thread diagrams should be produced for messagecombinations. This means for systems withmultiple stimuli, this approach may be impractical


Thread diagram - full power

IdleFull power

onSet time Operation

enabled

Timedoperation

Cookingcomplete

Idle

Fullpower

Timer Doorclosed

Start

Timeout Timerdone


Real-time executives

⊗ Real-time executives are specialised operatingsystems which manage the processes in the RTS

⊗ Responsible for process management andresource (processor and memory) allocation

⊗ May be based on a standard RTE kernel whichis used unchanged or modified for a particularapplication

⊗ Does not include facilities such as filemanagement

14


Executive components

⊗ Real-time clock• Provides information for process scheduling.

⊗ Interrupt handler• Manages aperiodic requests for service.

⊗ Scheduler• Chooses the next process to be run.

⊗ Resource manager• Allocates memory and processor resources.

⊗ Dispatcher• Starts process execution.


Non-stop system components

⊗ Configuration manager• Responsible for the dynamic reconfiguration of the system

software and hardware. Hardware modules may be replaced andsoftware upgraded without stopping the systems

⊗ Fault manager• Responsible for detecting software and hardware faults and

taking appropriate actions (e.g. switching to backup disks) toensure that the system continues in operation


Real-time executive components

⊗ Replace with portrait slide


Process priority

⊗ The processing of some types of stimuli mustsometimes take priority

⊗ Interrupt level priority. Highest priority which isallocated to processes requiring a very fastresponse

⊗ Clock level priority. Allocated to periodicprocesses

⊗ Within these, further levels of priority may beassigned


Interrupt servicing

⊗ Control is transferred automatically to apre-determined memory location

⊗ This location contains an instruction to jump toan interrupt service routine

⊗ Further interrupts are disabled, the interruptserviced and control returned to the interruptedprocess

⊗ Interrupt service routines MUST be short,simple and fast


Periodic process servicing

⊗ In most real-time systems, there will be severalclasses of periodic process, each with differentperiods (the time between executions),execution times and deadlines (the time bywhich processing must be completed)

⊗ The real-time clock ticks periodically and eachtick causes an interrupt which schedules theprocess manager for periodic processes

⊗ The process manager selects a process whichis ready for execution


RTE process management

Resource manager

Allocate memoryand processor

Scheduler

Choose processfor execution

Despatcher

Start execution on anavailable processor


Process switching

⊗ The scheduler chooses the next process to beexecuted by the processor. This depends on ascheduling strategy which may take the processpriority into account

⊗ The resource manager allocates memory and aprocessor for the process to be executed

⊗ Despatcher takes process from ready list, loads itonto a processor and starts execution


Monitoring and control systems

⊗ Important class of real-time systems

⊗ Continuously check sensors and take actionsdepending on sensor values

⊗ Monitoring systems examine sensors andreport their results

⊗ Control systems take sensor values and controlhardware actuators


Intruder alarm system

⊗ System is required to monitor sensors on doorsand windows to detect the presence of intruders ina building

⊗ When a sensor indicates a break-in, systemswitches on lights around the area and calls policeautomatically

⊗ Includes provision for operation without a mainspower supply


Intruder alarm system

⊗ Sensors• Movement detectors, window sensors, door sensors.

• 50 window sensors, 30 door sensors and 200 movementdetectors.

⊗ Actions• When an intruder is detected, police are called

automatically.

• Lights are switched on in rooms with active sensors.

• An audible alarm is switched on.

⊗ The system switches automatically to backuppower when a voltage drop is detected.


The R-T system design process

⊗ Identify stimuli and associated responses

⊗ Define the timing constraints associated witheach stimulus and response

⊗ Allocate system functions to concurrentprocesses

⊗ Design algorithms for stimulus processing andresponse generation

⊗ Design a scheduling system which ensures thatprocesses will always be scheduled to meettheir deadlines

24


Stimuli to be processed

⊗ Power failure• Generated aperiodically by a circuit monitor. When

received, the system must switch to backup power within 50ms

⊗ Intruder alarm• Stimulus generated by system sensors. Response is to call

the police, switch on building lights and the audible alarm

25


Timing requirementsStimulus/Response Timing requirements

Power fail interrupt The switch to backup power must be completedwithin a deadline of 50 ms.

Door alarm Each door alarm should be polled twice persecond.

Window alarm Each window alarm should be polled twice persecond.

Movement detector Each movement detector should be polled twiceper second.

Audible alarm The audible alarm should be switched on within1/2 second of an alarm being raised by a sensor.

Lights switch The lights should be switched on within 1/2second of an alarm being raised by a sensor.

Communications The call to the police should be started within 2seconds of an alarm being raised by a sensor.

Voice synthesiser A synthesised message should be available within4 seconds of an alarm being raised by a sensor


Process architecture



Building_monitor process

⊗ Replace with portrait slides


Control systems

⊗ Burglar alarm system is primarily a monitoringsystem. Collects data from sensors but no real-time actuator control

⊗ Control systems are similar b, in response tosensor values, system sends control signals toactuators

⊗ Example of a monitoring and control system is asystem which monitors temperature and switchesheaters on and off


A temperature control system

30

Thermostatprocess

Sensorprocess

Furnacecontrol process

Heater controlprocess

500Hz

500Hz

Thermostat process500Hz

Sensorvalues

Switch commandRoom number


Data acquisition systems

⊗ Collect data from sensors for subsequentprocessing and analysis.

⊗ Data collection processes and processingprocesses may have different periods anddeadlines.

⊗ Data collection may be faster than processinge.g. collecting information about an explosion.

⊗ Circular or ring buffers are a mechanism forsmoothing speed differences.


Reactor data collection

⊗ System collects data from a set of sensorsmonitoring the neutron flux from a nuclearreactor.

⊗ Flux data is placed in a ring buffer for laterprocessing.

⊗ The ring buffer is itself implemented as aconcurrent process so that the collection andprocessing processes may be synchronized.


Reactor flux monitoring

DisplayProcessdata

Sensor databuffer

Sensorprocess

Sensoridentifier and

value

Processedflux level

Sensors (each data flow is a sensor value)


A ring buffer

Consumerprocess

Producerprocess


Mutual exclusion

⊗ Producer processes collect data and add it tothe buffer. Consumer processes take data from thebuffer and make elements available

⊗ Producer and consumer processes must bemutually excluded from accessing the sameelement.

⊗ The buffer must stop producer processesadding information to a full buffer and consumerprocesses trying to take information from anempty buffer.


Sensor data buffer - task specification

task Sensor_data_buffer is-- Get and Put are like procedures which may -- execute in parallel. They are the only interface to the buffer.entry Put ( Val: SENSOR_RECORD ) ;entry Get ( Val: in out SENSOR_RECORD) ;

end Sensor_data_buffer ;


Sensor data buffer

37



Key points

⊗ Real-time system correctness depends not juston what the system does but also on how fast itreacts

⊗ Delay partitioning of functions to hardware andsoftware until as late as possible in the designprocess

⊗ Real-time systems are usually designed as anumber of concurrent processes


Key points

⊗ A R-T system model may associate processeswith each class of sensor and actuator

⊗ Real-time executives are responsible forprocess and resource management.

⊗ Monitoring and control systems poll sensors andsend control signal to actuators

⊗ Data acquisition systems are usually organisedaccording to a producer consumer model

Real-time Systems Design Designing embedded software ...sheldon/cs330/PDF/SLIDES/c16.1.pdf ·...

Documents

Transcript of Real-time Systems Design Designing embedded software ...sheldon/cs330/PDF/SLIDES/c16.1.pdf ·...