deterministic ethernet - sae as6802 (ttethernet)

1

Deterministic Ethernet: SAE AS6802 "Time-Triggered Ethernet"

Mirko Jakovljevic, TTTech / SAE AS-2D

2

SAE AS6802: „Time-TriggeredEthernet“ (TTEthernet)

Public specification available since 2008IP designed to DO-254/DO-178B Level A◦ formal proof of protocol algorithms

used for IEC61508 SIL-rated systemsStandardization at SAE◦ SAE standardization project started in 2009◦ SAE Standard release in November 2011◦ http://standards.sae.org/as6802

3

What is „Time-Triggered“?

Predictable (deterministic) communication◦ Fixed latency, µs-jitter, TDMA

System timebase available, but no master clock(alignment of local clocks in µs!)Autonomous network operation◦ based on scheduled communication and system time

Examples:◦ FlexRay◦ TTP (SAE AS6003)◦ TTEthernet (SAE AS6802)

4

A family of frame-based standards forLAN/MAN networks by IEEE802◦ Standard physical medium◦ Set of medium access control rules with fair

arbitration◦ Variable size packets in Ethernet format

What is Ethernet, really?

5

SAE AS6802: „Time-TriggeredEthernet“ (TTEthernet)

The objective was to:

◦ make Ethernet viable for any time-, safety- and mission-critical embedded system application (SAE AS6802 is a Layer 2 protocol service)◦ … and retain asynchronous communication capabilitiesThe objective was NOT to:

◦ create yet another real-time industrial Ethernet network, that is incompatible with IEEE802.3 or standard Ethernet LAN

In fact it is a service …◦ compare it to deterministic VLAN messaging with fixed

end-to-end latency and µs-jitter!

6

SAE AS6802: A Layer 2 QoS EnhancementTime-Triggered Ethernet (TTEthernet)

Allows integration of low-latency, low-jitter and standard LAN applications

7

Time-triggered extensions (Layer 2) implemented in an Ethernet switch enable deterministic unified networking◦ Synchronous startup◦ Synchronous recovery◦ Robust fault-tolerant

distributed clock◦ Foundation for synchronous

communication and robust bandwidth partitioningin Ethernet networks

SAE AS6802: A Layer 2 QoS Enhancement

8

Summary:System Designer Perspective

SAE AS6802 is just another Ethernet serviceAdd SAE AS6802 service to Ethernet switch◦ capabilities to design Ethernet-based

time-, safety- and mission critical system !Add other comptible IEEE802.1 Layer 2 servicesto gain specific capabilities and support(deterministic) unified networking◦ VLAN(IEEE802.1Q), DCB, IEEE1588/IEEE802.1AS,

Rate-contrained services with traffic shaping, etc.Use Ethernet as a deterministic network capableof handling different types of time-critical traffic

9

Deterministic Ethernet: SAE AS6802 "Time-Triggered Ethernet“

Capabilities

PAPER #

10

Capabilities: DistributedFault-tolerant Synchronization

Robust algorithm based on exchange of asynchronous IEEE802.3 messagesSynchronizes local clocks – system time (!)◦ no wall clock (external time source - e.g. GPS) requiredFail-operational: ◦ tolerates multiple faults◦ tolerates byzantine

synchronization faults◦ no search for best master

(distributed clock!)Provides defined worst-case synchronous startup& recovery time (in ms)

11

Capabilities: Synchronous Communication

System time available on switches and endsystems◦ Scheduled traffic can have fixed latency and µs-jitter◦ Switch knows when the message is forwarded

12

Capabilities: Deterministic Unified Ethernet

Synchronous and Asynchronous Traffic

„Virtual links“ are forwarded through 100BASE-TX, 1000BASE-CX, 1000BASE-SX or other Ethernet physical layer connections

13

Capabilities: Robust Partitioning forDeterministic Unified Ethernet

Mechanisms:◦ Switch knows the traffic schedule for synchronous (TT) traffic◦ Switch knows about properties of time-sensitive traffic and

possible time-violationse.g. for AFDX / ARINC664 (e.g. rate constrained – BAG, periodicity)

◦ Switch knows when the best effort (asynchronous) traffic can be scheduled to prevent violation of temporal constraints for RC and TT

Synchronous (TT)

Time-Sensitive Traffic (RC)

Asynchronous (Priority-Driven and/or Lossless)

Output Port

Configuration for TT Traffic

Configuration for RC Traffic

14

Capabilities: Deterministic Unified Ethernet

What if synchronous links (VLs) are reserved, butthe message is not sent?◦ … ECU / LRU is not installed◦ … Function is

currently inactive

Dynamic Bandwidth Release: immediate availability for asynchronous traffic

15

Comparison with other Ethernet standards

PAPER #

16

Ethernet in Critical EmbeddedSystems

2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010

IEEE DCB

IEEE AVB

ARINC 664 Part 7

SAE AS6802 (TTEthernet)

Deterministic,Time-critical,

Safety-critical,Mission-critical

Lossless,Loss-sensitive,Time-sensitive,Mission-Critical

Time-Critical,Mission-Sensitive

IEEE1588

IEEE1588

17

Positioning: SAE AS6802 forDeterministic Unified Ethernet

QoS

in s

hare

d E

ther

net n

etw

orks

18

Positioning: SAE AS6802 forDeterministic Unified Ethernet

QoS

in s

hare

d E

ther

net n

etw

orks

19

XXXMixed Criticality TTEthernet Switch

X--IEEE802.3 switchXX-Plain TTEthernet Switch

-X-TTEthernet Switch (synch. AS6802 comm. only)

-XXRC Switch w/ A/V and hard-RT

--XRC Switch

BETT(SAE AS6802)

RC (ARINC664)

Used QoS Protocol Services

TTEthernet Switch

Services

TTEthernetSwitch Behavior

TTEthernet Switch withSAE AS6802 / ARINC664-P7

20

Positioning: SAE AS6802 forDeterministic Unified Ethernet

QoS

in s

hare

d E

ther

net n

etw

orks

22

SAE AS6802 and RT-Ethernet

23

SAE AS6802 in IEC61850 Context

GOOSE Messages (low-latency, critical) can besent via time-triggered messgaes

Data

Data

24

Impact on System Design

Mirko Jakovljevic, TTTech / SAE AS-2D

PAPER #

25

Network capabilities impact architecture and application design◦ the number of ECUs, wiring and weigth◦ use of network bandwidth

and computing resources◦ level of functional integration◦ system and application complexity

cost of SW/HW design and integration

◦ maintenance, reuse and upgrades◦ obsolescence management◦ certification◦ …

Why DeterministicTime-Triggered Networks ?

26

DistributedDistributedIntegrated Modular Integrated Modular

Architectures (DIMA)Architectures (DIMA)

Many high- and low-levelfunctions share distributedcomputing and networking

resources

Integrated Modular Integrated Modular Architectures Architectures

(e.g. IMA)(e.g. IMA)

Many higher level functions on one processing module

Additional low-level functions via networked RDCs

FederatedFederated

Computing Resources (one function per box)

Networking Resources (physically separatedunidirectional links) Integ

ration Lev

el: Very

High

WholeSys

tem is

an IM

A!!!

Integration Level: High

Integration Level: Low

??HowHow DIMA DIMA coverscovers

thisthis gapgap??

Integration Level: Very Low

Federated Architectures

StatisticalMultiplexing

TDMA Multiplexing

Advanced System Integration

27

Resource Use & Complexity ReductionMaximize use of network bandwidth and computing resourcesfor critical embedded functions◦ Reduce uncertainity, jitter and unintended system statesImprove functional alignment (and separation!)◦ Simplified sensor fusion◦ Simplified distributed processing◦ Simplified redundancy management

28

Integrating many functions on fewECUs

Emulate distributed computer / reflective memoryIntegrate critical and non-critical functions

29

SAE AS6802 in Critical Applications

Robust TDM-style bandwidth partitioning(Hard) Real-time operationStrictly deterministic system operationPredictable computing and networking resourcesharingAlignment of different functions accross thesystemsDesign of advanced system architectures forminimizing SWaPSystem complexity reduction(system state explosion!)

30

SAE AS6802 in Critical Applications

If we managed to go from federated to integratedarchitectures …◦ Read: time/space partitioning at module level… we can manage transition to „distributed AND integrated“ architectures◦ Read:

time/space partitioning at module level plus time partitioning at network levelsystem-level partitioning (of all computing and networkingresources)Predictable virtualization of complex embedded systems

31

New activities on SAE AS-2D agenda?

SAE AS6802 (TTEthernet)◦ Scheduling and system design◦ Application Handbook◦ Complexity reduction◦ Linear Deterministic Networks◦ Closer work with IEEE?

32

Q&AVisit Deterministic Ethernet / LinkedIn Group (!!)

Mirko Jakovljevic, TTTech / SAE AS-2D

mirko.jakovljevic@tttech.com

PAPER #