1 note content copyright © 2004 ian sommerville. nu-specific content copyright © 2004 m. e. kabay....
TRANSCRIPT
1 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Real-timeSoftware Design
IS301 – Software EngineeringLecture # 19 – 2004-10-13
M. E. Kabay, PhD, CISSPAssoc. Prof. Information Assurance
Division of Business & Management, Norwich University
mailto:[email protected] V: 802.479.7937
2 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Objectives
To explain the concept of a real-time system and why these systems are usually implemented as concurrent processes
To describe a design process for real-time systems
To explain the role of a real-time operating system
To introduce generic process architectures for monitoring and control and data acquisition systems
3 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Topics
Introduction to R-T SystemsSystems DesignReal-Time ExecutivesMonitoring and Control SystemsData Acquisition Systems
4 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Real-Time Systems
Systems which monitor and control their environment
Inevitably associated with hardware devicesSensors: Collect data from system
environmentActuators: Change (in some way) system's
environmentTime critical. Real-time systems MUST
respond within specified times
5 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Definition
Real-time system:Correct functioning of system depends on
results produced by system and time at which these results produced
‘Soft’ real-time system:Operation degraded if results not produced
according to specified timing requirements ‘Hard’ real-time system
Operation incorrect if results not produced according to timing specification
6 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Stimulus/Response Systems
Given stimulus, system must produce response within specified time
Periodic stimuli Occur at predictable time intervalsE.g., T° sensor polled 10 times/second
Aperiodic stimuli Occur unpredictablyE.g., system power failure
7 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Architectural Considerations
Allow fast switching between stimulus handlers
Different stimuli have different timing demandsE.g., weather station – T° vs light intensityThus simple sequential loop not usually
adequateReal-time systems
Usually designed as cooperating processes
With real-time executive controlling these processes
8 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Real-Time System Model
Real-timecontrol system
ActuatorActuator ActuatorActuator
SensorSensorSensor SensorSensorSensor
9 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
System Elements
Sensors control processesCollect information from sensors. May buffer data
Data processorCarries out processing of collected
informationComputes system response
Actuator controlGenerates control signals for actuator
10 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Sensor/Actuator Processes
Dataprocessor
Actuatorcontrol
Actuator
Sensorcontrol
Sensor
Stimulus Response
11 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
System Elements
Sensor control processesCollect information from sensors. May
buffer information collected in response to a sensor stimulus.
Data processorCarries out processing of collected
information and computes the system response.
Actuator control processesGenerates control signals for the
actuators.
12 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Topics
Introduction to R-T SystemsSystems DesignReal-Time ExecutivesMonitoring and Control SystemsData Acquisition Systems
13 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
System Design
Design both hardware and software associated with systemPartition functions to either hardware or
softwareDesign decisions should be made on basis on
non-functional system requirementsHardware delivers better performance
But potentially longer developmentLess scope for change
14 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Hardware and Software Design
Establish systemrequirements
Partitionrequirements
Hardwarerequirements
Hardwaredesign
Softwarerequirements
Softwaredesign
15 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
R-T Systems Design Process (1)
Identify stimuli to be processedRequired responses to these stimuli
For each stimulus and response, Identify timing constraints
Aggregate stimulus and response processing into concurrent processes Process may be associated with each
class of stimulus and response
16 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
R-T systems Design Process (2)
Design algorithms to process each class of stimulus and response. Meet given timing requirements
Design scheduling system Ensure processes started in time to meet
deadlines (during execution) Integrate using real-time executive or
operating system
17 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Timing Constraints
Difficult to predictExtensive simulation and experiment to
ensure that these met by systemMay mean that certain design strategies such
as object-oriented design cannot be usedToo much overhead involved
May mean that low-level programming language features have to be used For performance reasons
18 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
State Machine Modeling
Effect of stimulus in real-time system may trigger transition from one state to another.
Finite state machines (FSM) can be used for modeling real-time systems
However, FSM models lack structure. Even simple systems can have complex
model. UML includes notations for defining state
machine modelsSee also Chapter 7
19 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
State Machine Modeling
Effect of stimulus in real-time system may trigger transition from one state to another.
Finite state machines can be used for modeling real-time systems.
However, FSM models lack structure. Even simple systems can have complex model.
UML includes notations for defining state machine models
See also Chapter 7.
20 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Microwave Oven State Machine (As Shown Before)
Full power
Enabled
do: operateoven
Fullpower
Halfpower
Halfpower
Fullpower
Number
TimerDooropen
Doorclosed
Doorclosed
Systemfault
Start
do: set power = 600
Half powerdo: set power = 300
Set time
do: get numberexit: set time
Disabled
Operation
Timer
Cancel
Waiting
do: display time
Waiting
do: display time
do: display 'Ready'
do: display 'Waiting'
21 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Petrol pump State Model
Cardinserted
into reader
Timeout
Resettingdo: display CC
error
Initialising
do: initialisedisplay
Paying
Stopped
Reading
do: get CCdetails
Waiting
do: display welcome
do:deliver fuel
do: debitCC account
Payment ack.
Ready Delivering
update displayNozzle
trigger on
Nozzle trigger off
Nozzle trigger on
Hose inholster
do: validatecredit card
Validating
Invalid card
Card removedCard OK
Hose out of holster
Timeout
22 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Real-Time Programming
Hard real-time systemsOften in assembly language to ensure that
timing requirements metHigh-level languages such as C
Allow efficient programs to be written But do not have constructs to support
concurrency or shared resource management
AdaDesigned to support real-time systems
designIncludes general purpose concurrency
mechanism
23 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Java as Real-Time LanguageJava
Supports lightweight concurrency threads and synchronized methods
Can be used for some soft real-time systems
24 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Java (2)
Java 2.0 not suitable for hard RT programming or programming where precise control of timing requiredNot possible to specify thread execution
timeUncontrollable garbage collectionNot possible to discover queue sizes for
shared resourcesVariable virtual machine implementationNot possible to do space or timing analysis
25 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Topics
Introduction to R-T SystemsSystems DesignReal-Time ExecutivesMonitoring and Control SystemsData Acquisition Systems
26 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Real-Time Executives
Real-time executives Specialized operating systemsManage processes in RTS
Standard RTE kernelUsed as-is; orCan be modified for particular application
LimitedNo file management facilities
14
27 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Executive Components
Real-time clockInfo for process scheduling
Interrupt handlerManages aperiodic requests for service.
SchedulerChooses next process to be run
Resource managerAllocates memory and processor
resourcesDispatcher
Starts process execution
28 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Non-Stop System Components
Configuration managerDynamic reconfiguration of system SW,
HW without stopping systemsReplace HW modulesUpgrade SW
Fault managerDetect SW & HW faultsTake appropriate actions
E.g. switch to backup disksEnsure that system continues operation
29 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Real-Time Executive Components
Process resourcerequirements
Scheduler
Schedulinginformation
Resourcemanager
Despatcher
Real-timeclock
Processesawaitingresources
Readylist
Interrupthandler
Availableresource
list
Processorlist
Executingprocess
Readyprocesses
Releasedresources
30 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Process Priority
Processing some types of stimuli must sometimes take priority
Interrupt level priorityHighest priority allocated to processes
requiring very fast responseClock level priority
Allocated to periodic processesFurther levels of priority may be assigned
within these levels
31 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Interrupt Servicing
Control transferred automatically to pre-determined memory locationContains instruction to jump to interrupt
service routineFurther interrupts disabled, Interrupt servicedControl returned to interrupted process Interrupt service routines MUST be
short,simple and fast
32 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Periodic Process Servicing
Several classes of periodic processDifferent periods (time between
executions)Different execution timesDifferent deadlines (time by which
processing must be completed)Real-time clock ticks periodically
Each tick causes interrupt which schedules process manager for periodic processes
Process manager selects process among those ready for execution
33 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
RTE Process Management
Resource manager
Allocate memoryand processor
Scheduler
Choose processfor execution
Despatcher
Start execution on anavailable processor
34 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Process Switching
Scheduler Chooses next process to be executed by
processorDepends on scheduling strategy
May take process priority into accountResource manager
Allocates memory and processorDispatcher
Takes process from ready list, Loads it onto processorStarts execution
35 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Scheduling Strategies
Non pre-emptive schedulingProcess runs to completionOr until blocked (e.g. pending I/O)
Pre-emptive schedulingExecution of executing processes may be
stoppedIf higher-priority process requires service
Scheduling algorithmsRound-robinRate monotonicShortest deadline first
36 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Topics
Introduction to R-T SystemsSystems DesignReal-Time ExecutivesMonitoring and Control SystemsData Acquisition Systems
37 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Monitoring and Control Systems
Important class of real-time systems Continuously check sensors and take actions
depending on sensor valuesMonitoring systems examine sensors and
report their resultsControl systems take sensor values and
control hardware actuators
38 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Generic architecture
S1
S2
S3
P (S1)
P (S2)
P (S1)
Monitoringprocesses
Controlprocesses
P (A1)
P (A2)
P (A1)
A1
A2
A3
P (A4) A4
Testingprocess
Control panelprocesses
39 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Burglar Alarm System
Monitor sensors on doors and windowsDetect presence of intruders in building
When sensor indicates break-inSwitches on lights around areaCalls police automatically
Provision for operation even when external power fails / cut
40 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Burglar Alarm SystemSensors
Movement detectors, window sensors, door sensors.
50 window sensors, 30 door sensors and 200 movement detectors
Voltage-drop sensorActions
When intruder detected, police called automatically
Lights switched on in rooms with active sensors
Audible alarm switched onSystem switches automatically to backup
power when voltage drop detected
41 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
R-T System Design Process
Identify stimuli and associated responsesDefine timing constraints associated with
each stimulus and responseAllocate system functions to concurrent
processesDesign algorithms for stimulus processing
and response generationDesign scheduling system which ensures that
processes will always be scheduled to meet their deadlines
42 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Stimuli To Be Processed
Power failureGenerated aperiodically by circuit monitorSwitch to backup power within 50 ms
Intruder alarmStimulus generated by system sensorsResponse
Call policeSwitch on building lightsAudible alarm
43 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Timing Requirements
44 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Process Architecture
Lighting controlprocess
Audible alarmprocess
Voice synthesizerprocess
Alarm systemprocess
Power switchprocess
Building monitorprocess
Communicationprocess
Door sensorprocess
Movementdetector process
Window sensorprocess
560Hz
60Hz400Hz 100Hz
Power failureinterrupt
Alarmsystem
Building monitor
Alarmsystem
Alarm system
Alarm system
Detector status Sensor status Sensor status
Room number
Alert message
Room number
Room number
50 sensors @ 2/sec
45 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Control Systems
Burglar alarm systemPrimarily monitoringCollects data from sensorsNo real-time actuator control
Control systemsSystem sends control signals to actuatorsE.g., temperature-control system
Monitors T°Switches heaters on and off
46 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Temperature Control System
Thermostatprocess
Sensorprocess
Furnacecontrol process
Heater controlprocess
500Hz
500Hz
Thermostat process500Hz
Sensorvalues
Switch commandRoom number
47 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Topics
Introduction to R-T SystemsSystems DesignReal-Time ExecutivesMonitoring and Control SystemsData Acquisition Systems
48 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Data Acquisition Systems
Collect data from sensors for subsequent processing and analysis.
Data collection processes and processing processes may have different periods and deadlines
Data collection may be faster than processingE.g. collecting information about explosion
Circular or ring buffers Mechanism for smoothing speed
differencesFile where new data added at bottom
displace old data at top
49 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Data acquisition architecture
DisplayProcess
dataSensor data
bufferSensorprocess
Sensoridentifier and
value
Sensors (each data flow is a sensor value)
Sensoridentifier and
value
Processdata
Sensor databuffer
Sensorprocess
Sensoridentifier and
value
Sensoridentifier and
value
s1
s2
s3
s4
s5
s6
50 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Reactor Data Collection
System collects data Sensors monitoring neutron fluxFrom nuclear reactor
Flux data placed in ring bufferFor later processing
Ring buffer Implemented as concurrent processCollection and processing processes may
be synchronizedSize of buffer must be set to account for
discrepancy of filling (sensors) and emptying (processing) speeds
51 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Reactor Flux Monitoring
DisplayProcess
dataSensor data
bufferSensorprocess
Sensoridentifier and
value
Processedflux level
Sensors (each data flow is a sensor value)
52 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Ring Buffer
Consumerprocess
Producerprocess
53 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Mutual Exclusion (Locking)
Producer processes collect data and add it to buffer
Consumer processes take data from buffer and make elements available
Producer and consumer processes must be mutually excluded from accessing same element
Buffer must stop producer processes adding information to full buffer and consumer processes trying to take information from empty buffer
54 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Key points
Real-time system correctness depends not just on what the system does but also on how fast it reacts.
A general RT system model involves associating processes with sensors and actuators.
Real-time systems architectures are usually designed as a number of concurrent processes.
55 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Key points
Real-time operating systems are responsible for process and resource management.
Monitoring and control systems poll sensors and send control signal to actuators.
Data acquisition systems are usually organized according to a producer consumer model.
56 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
Homework
RequiredBy Wed 20 Oct 2004For 35 points,
15.1 (@5), 15.7 (@10), 15.8 (@20)Optional
By Wed 27 Oct 2004For a maximum of 15 points, answer either
or both of15.4 (@10)15.10 (@5)
57 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
DISCUSSION
58 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
59 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
60 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
61 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
62 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
63 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.
64 Note content copyright © 2004 Ian Sommerville. NU-specific content copyright © 2004 M. E. Kabay. All rights reserved.