Institutionen för datavetenskap Department of Computer and Information Science Final thesis Usage of databases in ARINC 653-compatible real-time systems by Martin Fri Jon Börjesson LIU-IDA/LITH-EX-A10/010--SE 2010-05-10 Linköpings universitet Linköpings universitet SE-581 83 Linköping, Sweden 581 83 Linköping Linköping University Department of Computer and Information Science Final Thesis Usage of databases in ARINC 653-compatible real-time systems by Martin Fri Jon Börjesson LIU-IDA/LITH-EX-A—10/010--SE 2010-05-10 Supervisor: Magnus Vesterlund Saab Aerosystems Examiner: Professor Simin Nadjm-Tehrani Department of Computer and Information Science Linköping University Abstract The Integrated Modular Avionics architecture , IMA, provides means for run- ning multiple safety-critical applications on the same hardware. ARINC 653 is a specification for this kind of architecture. It is a specification for space and time partition in safety-critical real-time operating systems to ensure each applica- tion’s integrity. This Master thesis describes how databases can be implemented and used in an ARINC 653 system. The addressed issues are interpartition communication, deadlocks and database storage. Two alternative embedded databases are integrated in an IMA system to be accessed from multiple clients from different partitions. Performance benchmarking was used to study the dif- ferences in terms of throughput, number of simultaneous clients, and scheduling. Databases implemented and benchmarked are SQLite and Raima. The studies indicated a clear speed advantage in favor of SQLite, when Raima was integrated using the ODBC interface. Both databases perform quite well and seem to be good enough for usage in embedded systems. However, since neither SQLite or Raima have any real-time support, their usage in safety-critical systems are limited. The testing was performed in a simulated environment which makes the results somewhat unreliable. To validate the benchmark results, further studies must be performed, preferably in a real target environment. Keywords : ARINC 653, INTEGRATED MODULAR AVIONICS, EM- BEDDED DATABASES, SAFETY-CRITICAL, REAL-TIME OPERATING SYSTEM, VXWORKS Contents 1 Introduction 7 1.1 Background . 7 1.2 Purpose . 7 1.3 Problem description . 8 1.3.1 Objectives . 8 1.3.2 Method . 8 1.3.3 Limitations . 9 1.4 Document structure . 9 2 Background 10 2.1 Safety-critical airplane systems . 10 2.1.1 DO-178B . 10 2.2 Avionics architecture . 12 2.2.1 Federated architecture . 12 2.2.2 IMA architecture . 13 2.3 ARINC 653 . 14 2.3.1 Part 1 - Required Services . 14 2.3.2 Part 2 and 3 - Extended Services and Test Compliance . 18 2.4 VxWorks . 19 2.4.1 Configuration and building . 19 2.4.2 Configuration record . 19 2.4.3 System image . 19 2.4.4 Memory . 20 2.4.5 Partitions and partition OSes . 21 2.4.6 Port protocol . 22 2.4.7 Simulator . 22 2.5 Databases . 22 2.5.1 ODBC . 23 2.5.2 MySQL . 23 2.5.3 SQLite . 23 2.5.4 Mimer SQL . 24 2.5.5 Raima . 25 3 System design and implementation 26 3.1 Architecture overview . 26 3.1.1 Interpartition communication design . 28 3.2 Database modules . 29 3.2.1 Client version . 29 1 CONTENTS 3.2.2 Server version . 32 3.2.3 Server and Client interaction - Protocol . 33 3.3 Transmission module . 37 3.3.1 Ports . 37 3.3.2 Transmission protocol . 38 3.4 Databases . 41 3.4.1 Filesystem . 41 3.4.2 SQLite specific . 42 3.4.3 RAIMA specific . 43 3.5 Database adapters . 43 3.5.1 Interface . 43 3.5.2 SQLite adapter . 43 3.5.3 Raima adapter . 44 3.5.4 Query result . 45 4 Benchmarking 46 4.1 Environment . 46 4.1.1 Simulator . 46 4.1.2 Variables . 46 4.1.3 Measurement . 47 4.2 Benchmark graphs . 48 4.2.1 SQLite Insert . 48 4.2.2 SQLite task scheduling . 50 4.2.3 SQLite select . 51 4.2.4 Raima select . 52 4.3 Benchmark graphs analysis . 53 4.3.1 Deviation . 53 4.3.2 Average calculation issues . 53 4.3.3 Five clients top . 54 4.3.4 Scaling . 55 5 Comparisons between SQLite and Raima 56 5.1 Insert performance . 56 5.2 Update performance . 58 5.3 Select performance . 59 5.4 No primary key . 60 5.5 Task scheduling . 61 5.6 Response sizes . 62 5.7 Summary . 63 6 Discussion and Conclusion 64 6.1 Performance . 64 6.1.1 Database comparison . 64 6.1.2 Scalability . 64 6.1.3 Measurement issues . 65 6.2 Design and implementation . 65 6.3 Usage and Certification . 66 6.4 Future work . 67 6.5 Final words . 67 2 CONTENTS A Benchmark graphs 70 A.1 Variables . 70 A.2 SQLite . 70 A.2.1 Insert . 70 A.2.2 Update . 74 A.2.3 Select . 77 A.2.4 Alternate task scheduling . 80 A.2.5 No primary key . 82 A.2.6 Large response sizes . 85 A.3 Raima . 87 A.3.1 Insert . 87 A.3.2 Update . 90 A.3.3 Select . 94 A.3.4 Alternate task scheduling . 97 A.3.5 No primary key . 99 A.3.6 Large response sizes . 102 3 List of Figures 1.1 An ARINC 653 system. 8 2.1 A federated architecture and an Integrated Modular Avionics ar- chitecture. [6] . 12 2.2 One cycle using the round robin partition scheduling. [6] . 15 2.3 VxWorks memory allocation example. [11] . 20 3.1 System design. 27 3.2 Channel design used in this system. 28 3.3 Statement, connection and environment relations. 30 3.4 Flowchart describing the SQLFetch routine. 31 3.5 Flowchart of a task in the database server module. 36 3.6 A connection deadlock caused by Sender Block port protocol. 40 3.7 Filesystem structure. 42 4.1 Average inserts processed during one timeslot for different num- ber of client partitions. 48 4.2 Average number of inserts processed during one timeslot of vari- ous length. 49 4.3 Average selects processed during one timeslot for different num- bers of client partitions and timeslot lengths. Task scheduling used is Yield only. .......................... 50 4.4 Average selects processed during one timeslot for different num- bers of client partitions. 51 4.5 Average selects processed during one timeslot for different num- ber of client partitions. The lines represent the average processed queries using different timeslot lengths. 52 4.6 With one client, the server manages to process all 1024 queries in one time frame. 54 4.7 With two clients, the server cannot process 2*1024 in two times- lots due to context switches. An extra time frame is required. 54 4.8 The average processing speed is faster than 1024 queries per timeslot, but it is not fast enought to earn an entire timeslot. 54 5.1 Comparison between average insert values in SQLite and Raima. Timeslots used in the graphs are 50 ms and 100ms. 57 5.2 Comparison between average update values in SQLite and Raima. Timeslot lengths are 50 ms and 100 ms. 58 4 LIST OF FIGURES 5.3 Comparison between average select values in SQLite and Raima..