DOCSLIB.ORG

Real-Time Operating Systems and Software Architecture for Next Generation’S UAV

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Real-Time Operating Systems and Software Architecture for Next Generation’S UAV Degree Project Real-Time Operating Systems and Software Architecture for Next Generation’s UAV Student: Johan Nyman (F02) Company supervisor: Olivier Vanel Tutor Supaero: Jacques Lamaison Tutor LTH: Per Andersson September 2007 Real-Time Operating System and Software Architecture in next generation’s UAV ACKNOWLEDGEMENTS First of all I want to thank my supervisor at the company where I did this work, Mr. Olivier VANEL, who gave me the opportunity to carry out this internship. Your advice and introduction to the engineering process have been very helpful. The work presented in this report would not have been possible without the contribution of many persons. In particular I want to thank Mr. Jean-David POMMEPUY who has provided a lot of help and guidance when it comes to avionics software, and all the norms and standards that applies. On the hardware side, Mr. Gregory FREVA has never hesitated to provide his expertise, and to discuss the different combinations of hardware and software choices. The software team, led by Mr. Jean-David POMMEPUY, including Didier LHOTE and Arnaud COURVOISIER, has provided their help and feedback whenever necessary. I also want to thank the rest of the team that worked in my department at the company, for their availability and help when needed. The reason I ever got here is because of the education provided by LTH and SUPAERO, thank you for that. A special thanks goes to J-L GONNAUD at EADS, responsible for the Airbus A400M IMA integration, who explained some of the particularities of IMA, and conditions that applies to the certification of the system. Master thesis 2007 Johan Nyman Page 2 of 110 Real-Time Operating System and Software Architecture in next generation’s UAV ABBREVIATIONS ADU Air Data Unit AFDX Avionics Full DupleX switched Ethernet APEX APplication/EXecutive API Application Programming Interface ARINC Aeronautical Radio Incorporated ARP Aerospace Recommended Practice BAT Block Address Translation BSP Board Support Package COTS Commercial Off The Shelf cPCI compact PCI CPU Central Processing Unit CSP CPU Support Package DKM Downloadable Kernel Module FAA Federal Aviation Authority FIFO First In First Out GCS Ground Control Station HM Health Monitor HNS Hybrid Navigation System IDE Integrated Development Environment IEEE Institute of Electrical and Electronics Engineers IMA Integrated Modular Avionics I/O Input(s)/Output(s) IOU Input/Output Unit ISR Interrupt Service Routine JAR Joint Airworthiness Requirements JSF Joint Strike Fighter JTAG Joint Test Action Group J-UCAS Joint Unmanned Combat Aerial System KDI Kernel Downloadable Image LRM Line Replaceable Module LRU Line Replaceable Unit MCCU Mission and Critical Computer Unit MISRA Motor Industry Software Reliability Association MMU Memory Management Unit NDA Non Disclosure Agreement OS Operating System PCB Printed Circuit Board Master thesis 2007 Johan Nyman Page 3 of 110 Real-Time Operating System and Software Architecture in next generation’s UAV PCI Peripheral Component Interconnect PGU Piloting/Guidance Unit PMT Processeur Multi Technique POSIX Portable Operating System Interface for computer environments PTE Page Table Entry PXE Pre-boot eXecution Environment ROS Rules Of Security RPC Remote Procedure Call RSC Reusable Software Component RTCA Radio Technical Commission for Aeronautics RTOS Real-Time Operating System RTP Real Time Process TFTP Trivial File Transfer Protocol UAV Unmanned Aerial Vehicle VCT Virtual machine Configuration Table VM Virtual Machine VME Versa Module Eurocard GLOSSARY Host Machine used to develop the software Cross compiler Used on host to produce object code executable on target. Emulator Entity accepting the same input and producing the same output as a given system, using the same object code. Native compiler Compiles on host to execute on host. Used for development. Simulator Same as emulator but with different (derived) object code. Smart actuator An “intelligent” actuator in the sense that it receives a reference value and then uses a closed control loop to reach and maintain this value itself. Target Machine used to execute the software Test bed Permits to run equipment while simulating its environment. Master thesis 2007 Johan Nyman Page 4 of 110 Real-Time Operating System and Software Architecture in next generation’s UAV CONTENTS PART A: INTRODUCTION..................................................................................................9 A 1 Introduction.....................................................................................................................................9 A 1.1 Document Outline ......................................................................................................................9 A 1.2 Scope.........................................................................................................................................9 A 1.3 Problem formulation .................................................................................................................10 A 1.4 Methodology used....................................................................................................................11 A 1.5 Realization ...............................................................................................................................11 PART B: APPLICABLE NORMS, STANDARDS AND CONSTRAINTS IN AVIONICS ..13 B 1 DO-178B ........................................................................................................................................13 B 1.1 Reusable Software Component, RSC......................................................................................13 B 2 Integrated Modular Avionics .......................................................................................................14 B 2.1 Background..............................................................................................................................14 B 2.2 The concept of Integrated Modular Avionics............................................................................15 B 2.3 IMA Particularities ....................................................................................................................17 B 2.4 Certification Aspects ................................................................................................................20 B 2.5 Isolation and Independence between partitions.......................................................................20 B 3 Constraints....................................................................................................................................21 B 3.1 Hardware..................................................................................................................................21 B 3.2 Certification ..............................................................................................................................21 B 3.3 Industrial...................................................................................................................................21 PART C: REAL TIME OPERATING SYSTEMS ...............................................................23 C 1 Real-Time Operating Systems.....................................................................................................23 C 1.1 Worst Case Scenarios .............................................................................................................24 C 1.2 Complete Operating System or Simple Scheduler?.................................................................24 C 1.3 The Board Support Package....................................................................................................25 C 1.4 Make or Buy? ...........................................................................................................................26 C 2 Criteria for choosing RTOS .........................................................................................................26 C 2.1 Perennity..................................................................................................................................27 C 2.2 Norms and Standards ..............................................................................................................27 C 2.3 Supported Hardware ................................................................................................................28 C 2.4 Development............................................................................................................................28 C 2.5 Design......................................................................................................................................29 C 2.6 Functionality.............................................................................................................................29 C 2.7 Performance.............................................................................................................................31 C 2.8 Cost..........................................................................................................................................32 C 2.9 References...............................................................................................................................33 C 2.10 Ease of Use..............................................................................................................................33 C 3 Conclusion on CRITERIA.............................................................................................................33
Load more

Recommended publications
  • Wind River Vxworks Platforms 3.8
    Wind River VxWorks Platforms 3.8 The market for secure, intelligent, Table of Contents Build System ................................ 24 connected devices is constantly expand- Command-Line Project Platforms Available in ing. Embedded devices are becoming and Build System .......................... 24 VxWorks Edition .................................2 more complex to meet market demands. Workbench Debugger .................. 24 New in VxWorks Platforms 3.8 ............2 Internet connectivity allows new levels of VxWorks Simulator ....................... 24 remote management but also calls for VxWorks Platforms Features ...............3 Workbench VxWorks Source increased levels of security. VxWorks Real-Time Operating Build Configuration ...................... 25 System ...........................................3 More powerful processors are being VxWorks 6.x Kernel Compatibility .............................3 considered to drive intelligence and Configurator ................................. 25 higher functionality into devices. Because State-of-the-Art Memory Host Shell ..................................... 25 Protection ..................................3 real-time and performance requirements Kernel Shell .................................. 25 are nonnegotiable, manufacturers are VxBus Framework ......................4 Run-Time Analysis Tools ............... 26 cautious about incorporating new Core Dump File Generation technologies into proven systems. To and Analysis ...............................4 System Viewer ........................
    [Show full text]
  • Last Time Today Response Time Vs. RM Computing Response Time More Second-Priority Task I Response Time
    Last Time Today Priority-based scheduling Response time analysis Static priorities Blocking terms Dynamic priorities Priority inversion Schedulable utilization And solutions Rate monotonic rule: Keep utilization below 69% Release jitter Other extensions Response Time vs. RM Computing Response Time Rate monotonic result WC response time of highest priority task R Tells us that a broad class of embedded systems meet their 1 time constraints: R1 = C 1 • Scheduled using fixed priorities with RM or DM priority Hopefully obvious assignment • Total utilization not above 69% WC response time of second-priority task R 2 However, doesn’t give very good feedback about what is Case 1: R 2 ≤ T1 going on with a specific system • R2 = C 2 + C 1 Response time analysis R T T Tells us for each task, what is the longest time between R1 2 1 2 when it is released and when it finishes Then these can be compared with deadlines 1 1 Gives insight into how close the system is to meeting / not 2 meeting its deadline Is more precise (rejects fewer systems) More Second-Priority Task i Response Time Case 2: T 1 < R 2 ≤ 2T 1 General case: R = C + 2C Ri 2 2 1 Ri = Ci + ∑ Cj j ∀j∈hp (i) T R1 T1 R2 2T 1 T2 1 1 1 hp(i) is the set of tasks with priority higher than I 2 2 Only higher-priority tasks can delay a task Case 3: 2T 1 < R 2 ≤ 3T 1 Problem with using this equation in practice? R2 = C 2 + 3C 1 General case of the second-priority task: R2 = C 2 + ceiling ( R 2 / T 1 ) C 1 1 Computing Response Times Response Time Example Rewrite
    [Show full text]
  • Comparison of Contemporary Real Time Operating Systems
    ISSN (Online) 2278-1021 IJARCCE ISSN (Print) 2319 5940 International Journal of Advanced Research in Computer and Communication Engineering Vol. 4, Issue 11, November 2015 Comparison of Contemporary Real Time Operating Systems Mr. Sagar Jape1, Mr. Mihir Kulkarni2, Prof.Dipti Pawade3 Student, Bachelors of Engineering, Department of Information Technology, K J Somaiya College of Engineering, Mumbai1,2 Assistant Professor, Department of Information Technology, K J Somaiya College of Engineering, Mumbai3 Abstract: With the advancement in embedded area, importance of real time operating system (RTOS) has been increased to greater extent. Now days for every embedded application low latency, efficient memory utilization and effective scheduling techniques are the basic requirements. Thus in this paper we have attempted to compare some of the real time operating systems. The systems (viz. VxWorks, QNX, Ecos, RTLinux, Windows CE and FreeRTOS) have been selected according to the highest user base criterion. We enlist the peculiar features of the systems with respect to the parameters like scheduling policies, licensing, memory management techniques, etc. and further, compare the selected systems over these parameters. Our effort to formulate the often confused, complex and contradictory pieces of information on contemporary RTOSs into simple, analytical organized structure will provide decisive insights to the reader on the selection process of an RTOS as per his requirements. Keywords:RTOS, VxWorks, QNX, eCOS, RTLinux,Windows CE, FreeRTOS I. INTRODUCTION An operating system (OS) is a set of software that handles designed known as Real Time Operating System (RTOS). computer hardware. Basically it acts as an interface The motive behind RTOS development is to process data between user program and computer hardware.
    [Show full text]
  • Software Model Checking of ARINC-653 Flight Code with MCP Sarah J
    Software Model Checking of ARINC-653 Flight Code with MCP Sarah J. Thompson Guillaume Brat SGT Inc., NASA Ames Research Center CMU, NASA Ames Research Center MS269-1, Moffett Field, California MS-269-1, Moffett Field, California [email protected] [email protected] Arnaud Venet SGT Inc., NASA Ames Research Center MS269-1, Moffett Field, California [email protected] Abstract The ARINC-653 standard defines a common interface for Integrated Modular Avionics (IMA) code. In particular, ARINC-653 Part 1 specifies a process- and partition-management API that is analogous to POSIX threads, but with certain extensions and restrictions intended to support the implementation of high reliability flight code. MCP is a software model checker, developed at NASA Ames, that provides capabilities for model checking C and C++ source code. In this paper, we present recent work aimed at implementing extensions to MCP that support ARINC-653, and we discuss the challenges and opportunities that consequentially arise. Providing support for ARINC-653’s time and space partitioning is nontrivial, though there are implicit benefits for partial order reduction possible as a consequence of the API’s strict interprocess communication policy. 1 Introduction NASA missions are becoming increasingly complex, and, more and more of this complexity is imple- mented in software. In 1977, the flight software for the Voyager mission amounted to only 3000 lines. Twenty years later, the software for Cassini had grown by a factor of ten, and more strikingly, the soft- ware for the Mars Path Finder mission amounted to 160 KLOCs (thousands of lines of code).
    [Show full text]
  • Application Note: QP/C MISRA-C:2004 Compliance Matrix
    QP/C MISRA Compliance Matrix Application Note QP/C™ MISRA-C:2004 Compliance Matrix Document Revision D February 2013 Copyright © Quantum Leaps, LLC [email protected] www.state-machine.com MISRA”, “MISRA C”, and the triangle logo are registered trademarks of MISRA Limited Table of Contents 1 Introduction ..................................................................................................................................................... 1 1.1 About MISRA-C:2004 ............................................................................................................................... 1 1.2 About QP™ ............................................................................................................................................... 1 2 Checking MISRA Compliance with PC-Lint/FlexeLint .................................................................................. 2 2.1 Structure of PC-Lint Options for QP/C ...................................................................................................... 2 2.2 QS Software Tracing and the Spy (Q_SPY) Configuration ....................................................................... 6 2.3 Checking MISRA Compliance of a QP/C Source Code ............................................................................ 6 2.4 Checking MISRA Compliance of a QP/C Application Code ...................................................................... 7 2.5 Testing Rule Coverage Against the MISRA-C Exemplar Suite ................................................................
    [Show full text]
  • Preemption-Based Avoidance of Priority Inversion for Java
    Preemption-Based Avoidance of Priority Inversion for Java Adam Welc Antony L. Hosking Suresh Jagannathan [email protected] [email protected] [email protected] Department of Computer Sciences Purdue University West Lafayette, IN 47906 Abstract their actions via mutual exclusion locks. The resulting programming model is reasonably simple, Priority inversion occurs in concurrent programs when but unfortunately unwieldy for large-scale applications. A low-priority threads hold shared resources needed by some significant problem with using low-level, lock-based syn- high-priority thread, causing them to block indefinitely. chronization primitives is priority inversion. We propose a Shared resources are usually guarded by low-level syn- new solution for priority inversion that exploits close coop- chronization primitives such as mutual-exclusion locks, eration between the compiler and the run-time system. Our semaphores, or monitors. There are two existing solu- approach is applicable to any language that offers the fol- tions to priority inversion. The first, establishing high- lowing mechanisms: level scheduling invariants over synchronization primitives to eliminate priority inversion a priori, is difficult in practice • Multithreading: concurrent threads of control execut- and undecidable in general. Alternatively, run-time avoid- ing over objects in a shared address space. ance mechanisms such as priority inheritance still force • Synchronized sections: lexically-delimited blocks high-priority threads to wait until desired resources are re- of code, guarded by dynamically-scoped monitors. leased. Threads synchronize on a given monitor, acquiring it We describe a novel compiler and run-time solution to on entry to the block and releasing it on exit.
    [Show full text]
  • Evidence Company Description …And Future Challenges
    1 Evidence Company description …and future challenges Paolo Gai, [email protected] IWES Workshop Pisa, 21 September 2016 2 The company Founded in 2002 as spin-off company of the Real-Time Systems Lab at Scuola Superiore S.Anna ~20 qualified people with an average age of 34 years 10+ years of experience in academic and industrial projects One third of the company has a PhD degree Our Mission : design and development software for small electronic devices 3 The company Partner in several European and Italian research projects (FP6, FP7, Ind.2015, Reg. Tuscany, H2020) Founded SSG Srl in November 2011 http://www.ssginnovation.com/ - (link to SSG slides) Evidence won the first prize at Start Cup Pisa 2005 March 12, 2007 - selected by ”Corriere della Sera ” as one of the most innovative Italian young entrepreneurs 4 (some) customers OSEK, microcontrollers, schedulability analysis, code generation Linux, SW devel. Listed as 3 rd party 5 products and services RTOS , Firmware, Embedded Linux Model-based design • OSEK/VDX, • Matlab/Simulink/Stateflow AUTOSAR, device drivers • Embedded Linux: 8 Yrs experience • National Instruments custom BSPs, GCC, U-Boot, LabView Kernel drivers • Initial developers of the • E4Coder toolset for code SCHED_DEADLINE patch generation • QEMU and emulators • UML/SYSML/Ecore/ Application Development Eclipse/Acceleo 6 Something about ERIKA Enterprise http://erika.tuxfamily.org • ERIKA Enterprise is an RTOS OSEK/VDX certified • ERIKA Enterprise implements an API inspired to a subset of the AUTOSAR API • open-source license
    [Show full text]
  • Communications for Integrated Modular Avionics
    Communications for Integrated Modular Avionics Richard L. Alena [email protected] John P. Ossenfort IV, SAIC Kenneth I. Laws, QSS Andre Goforth NASA Ames Research Center Moffett Field, CA 94035 Fernando Figueroa, NASA Stennis Space Center TABLE OF CONTENTS Abstract—The aerospace industry has been adopting avionics architectures to take advantage of advances in computer engineering. Integrated Modular Avionics (IMA), 1. INTRODUCTION ..................................................... 1 as described in ARINC 653, distributes functional modules 2. INTEGRATED MODULAR AVIONICS...................... 2 into a robust configuration interconnected with a “virtual 3. NETWORKS FOR AEROSPACE ............................... 4 backplane” data communications network. Each avionics 4. MISSION COMPUTER DESIGN............................... 8 module’s function is defined in software compliant with the 5. LAB EVALUATION............................................... 12 APEX Application Program Interface. The Avionics Full- 6. CONCLUSIONS..................................................... 16 Duplex Ethernet (AFDX) network replaces the point-to- REFERENCES........................................................... 17 point connections used in previous distributed systems with BIOGRAPHY ............................................................ 18 “virtual links”. This network creates a command and data path between avionics modules with the software and 1. INTRODUCTION network defining the active virtual links over an integrated physical network.
    [Show full text]
  • RT-ROS: a Real-Time ROS Architecture on Multi-Core Processors
    Future Generation Computer Systems 56 (2016) 171–178 Contents lists available at ScienceDirect Future Generation Computer Systems journal homepage: www.elsevier.com/locate/fgcs RT-ROS: A real-time ROS architecture on multi-core processors Hongxing Wei a,1, Zhenzhou Shao b, Zhen Huang a, Renhai Chen d, Yong Guan b, Jindong Tan c,1, Zili Shao d,∗,1 a School of Mechanical Engineering and Automation, Beihang University, Beijing, 100191, PR China b College of Information Engineering, Capital Normal University, Beijing, 100048, PR China c Department of Mechanical, Aerospace, and Biomedical Engineering, The University of Tennessee, Knoxville, TN, 37996-2110, USA d Department of Computing, The Hong Kong Polytechnic University, Hong Kong, China article info a b s t r a c t Article history: ROS, an open-source robot operating system, is widely used and rapidly developed in the robotics Received 6 February 2015 community. However, running on Linux, ROS does not provide real-time guarantees, while real-time tasks Received in revised form are required in many robot applications such as robot motion control. This paper for the first time presents 20 April 2015 a real-time ROS architecture called RT-RTOS on multi-core processors. RT-ROS provides an integrated Accepted 12 May 2015 real-time/non-real-time task execution environment so real-time and non-real-time ROS nodes can be Available online 9 June 2015 separately run on a real-time OS and Linux, respectively, with different processor cores. In such a way, real-time tasks can be supported by real-time ROS nodes on a real-time OS, while non-real-time ROS nodes Keywords: Real-time operating systems on Linux can provide other functions of ROS.
    [Show full text]
  • Real-Time Operating Systems (RTOS)
    Real-Time Operating Systems (RTOS) 101 Real-Time System Characteristics RTOS Architecture Rate Monotonic • A real-time system is a computer system which is required by its specification to adhere to: Scheduling (RMS) – functional requirements (behavior) • A priority is assigned based on the inverse of its pe- – temporal requirements (timing constraints, deadlines) riod • Specific deterministic timing (temporal ) requirements – Shorter execution periods = higher priority – “Deterministic" timing means that RTOS services consume only – Longer execution periods = lower priority known and expected amounts of time. • Common way to assign fixed priorities • Small size (footprint) – If there is a fixed-priority schedule that meets all dead- lines, then RMS will produce a feasible schedule Types of Real-Time Systems • Simple to understand and implement • A generic real-time system requires that results be produced RTOS Task Services • P1 is assigned a higher priority than P2. within a specified deadline period. • An embedded system is a computing device that is part of a • Scheduling and Dispatching larger system. • Inter-task Communication • A safety-critical system is a real-time system with catastro- phic results in case of failure. • Memory System Management • A hard real-time system guarantees that real-time tasks be Earliest Deadline First (EDF) • Input / Output System Management completed within their required deadlines. Failure to meet a single deadline may lead to a critical catastrophic system • Scheduling Time Management & Timers failure such as physical damage or loss of life. • Priorities are assigned according to deadlines: • Error Management • A firm real-time system tolerates a low occurrence of missing – the earlier the deadline, the higher the priority a deadline.
    [Show full text]
  • Avionics Applications on a Time-Predictable Chip-Multiprocessor
    Avionics Applications on a Time-predictable Chip-Multiprocessor Andre´ Rocha and Claudio´ Silva Rasmus Bo Sørensen, Jens Sparsø, and Martin Schoeberl GMV Department of Applied Mathematics and Computer Science Lisbon, Portugal Technical University of Denmark Email: [andre.rocha, claudio.silva]@gmv.com Email: [rboso, jspa, masca]@dtu.dk Abstract—Avionics applications need to be certified for The demonstrators were ported to the T-CREST platform the highest criticality standard. This certification includes using its compiler tool-chain and analysis tools. The demon- schedulability analysis and worst-case execution time (WCET) strators validate the T-CREST platform. Part of the exercise, analysis. WCET analysis is only possible when the software is written to be WCET analyzable and when the platform is however, is to evaluate the added value of the platform. The time-predictable. In this paper we present prototype avionics platform shall enable application developers to determine the applications that have been ported to the time-predictable WCET of their applications more precisely or more easily. T-CREST platform. The applications are WCET analyzable, Therefore, we compare the T-CREST platform with a well- and T-CREST is supported by the aiT WCET analyzer. This established platform in the avionics domain. combination allows us to provide WCET bounds of avionic tasks, even when executing on a multicore processor. The T-CREST platform was evaluated with the aid of the following three real-world avionic applications: (1) an Airlines Operational Centre (AOC), (2) a Crew Alerting I. INTRODUCTION System (CAS), and (3) an I/O Partition (IOP). We chose The mission of the T-CREST project [1], [2] is to develop T-CREST as platform for avionics applications as this is and build a multicore processor that is time-predictable and currently the only multicore processor where static WCET easy to analyze for the worst-case execution time (WCET).
    [Show full text]
  • WIND RIVER Vxworks 653 PLATFORM 2.4 and 2.5
    WIND RIVER VxWORKS 653 PLATFORM 2.4 AND 2.5 TABLE OF CONTENTS RTCA DO-178C Certification Evidence .......................................... 2 VxWorks 653 Platform Benefits ................................................. 2 VxWorks 653 Runtime Components ............................................ 3 VxWorks 653 Module OS ................................................... 4 Partition Management ..................................................... 4 Partition Scheduling ....................................................... 4 Partition Operating System ................................................. 4 COIL .................................................................... 5 APEX Application Support .................................................. 5 FACE Technical Reference 2.0 and 2.1 Support ................................ 5 Inter-partition Communication ............................................... 6 Intra-partition Communication ............................................... 6 Health Monitor ........................................................... 6 Wind River Workbench ..................................................... 7 Included Runtime Products .................................................. 12 Wind River DO-178C Network Stack ......................................... 12 Wind River Highly Reliable File System ....................................... 12 Technical Specifications ..................................................... 12 Supported Target Architectures ...........................................
    [Show full text]