Upload
cassia
View
58
Download
2
Tags:
Embed Size (px)
DESCRIPTION
. . Sink. Sink. T = 40 ms. Valve Regulator. Power Supervison. Source. Diesel Valve. Desired Output level. Diesel Valve. Air Valve. Air Valve. Predictable Assembly with SaveCCT. Mikael Åkerholm MRTC, Mälardalen University, http://www.mrtc.mdh.se - PowerPoint PPT Presentation
Citation preview
Predictable Assembly with SaveCCTMikael kerholmMRTC, Mlardalen University, http://www.mrtc.mdh.seCC Systems AB, http://www.cc-systems.com [email protected]
OutlineBackground and motivationCentral Concepts of Component TechnologiesSaveCCT - A Component Technology for Vehicular Systems Target DomainTechnology OverviewComponent ModelToolsExample application Adaptive Crusie Controller (ACC)
Background: Save/Save++ (and progress)Save (2003-2006)Enabling systematic development of component-based software for safety critical embedded systems. Component technologies -> SaveCCTMDH, UU, KTH, LiTH, (ABB, Bombardier, CC Systems, CR&T, Saab, Scania, Volvo Car and Volvo TD) Save++ (2006-2007) integrates as a part of the progress project (2006-2010) at MDHImproved theories, methods, technologies, and tools, based on Save and Save++, -> ( SaveCCT++ )
MotivationMore FunctionalityImprove existing FunctionalityLower priceMore ElectronicsWith SoftwareSoftware Crisis (1968):Error-ProneLateExpensive
Promising, successful in the PC domainComponent Technologies, target PC ApplicationsVehicular Software Different from PC Software
Need Better Software Engineering Approaches!Component-Based Software EngineeringComponent TechnologyFor Vehicular Applications!
Central ConceptsComponent FrameworkPlatformComponentsRepositorySupporting Tool
SaveCCT For Vehicular SystemsCharacteristcs:Many suppliersDistributed applicationsSafety Reliability Resource efficiency (Hard) Real-Time requirements
SaveCCT Design GoalsEfficient Development:Enable utilization of CBSE advantages, provide the necessary possibilities for the target domainPredictable Behavior:Need to be able to apply analysis of important run-time attributes during design-time, e.g., Timing, Safety, Reliability, Memory needs, Processor demands Run-Time Efficiency:Ideally enable CBSE without run-time cost, compared to C programming with RTOS
Process OverviewSystem RequirementsComponentRequirementsSelect and AdaptComponentVerificationSystemVerificationNeed forcomponent Develop or BuyVerify ComponentRepositorySystemCompositionSystem DecompositionInterface betweenComponent developersAnd system developers
SaveCCT Technology OverviewRepository
The SaveCCM component modelRestictive in comparision to PC/Internet component modelsCOM, .Net, EJB Enable analysis during design-time, and determinstic reproducable behaviour during run-time (test-time)Textual xml, and graphical UML influenced syntax
SaveCCM Syntax:Basic ComponentPortsTrigger, data, combinedBehaviourRead Execute Writefixed_t error = Setpoint Value;fixed_t u = fixed_mul(K, e);
if (IntegrationEnabled) u += fixed_div(NewState, T_i);
Control = LIMIT(u, 0, MAX_CONTROL);State = error;
SaveCCM Syntax:Basic ComponentPortsTrigger, data, combinedBehaviourRead Execute Writefixed_t error = Setpoint Value;fixed_t u = fixed_mul(K, e);
if (IntegrationEnabled) u += fixed_div(NewState, T_i);
Control = LIMIT(u, 0, MAX_CONTROL);State = error;
SaveCCM Syntax:SwitchPortsSetports determine active configurationConnection patternsFor static or dynamic reconfiguration
SaveCCM Syntax:AssemblyPortsInternal components and connectionsEncapsulation of a sub-system
SaveCCM Syntax:Composite ComponentPortsInternal components and connectionsRestricted behaviour, read-execute-write
SaveCCM Formal Foundation Timed Automata with TasksSaveCCM CoreBuilding blocks for SaveCCM semantics:Basic ComponentComposite ComponentConditional ConnectionPort: point of interactionWhere connection meet componentTransfer data or triggeringSingle data item, overwrite semantics
On request, John may give a lecture ;o)Finite automata with
Dense time clocks,manipulated on edges
Tasks, released whena location is reached
Dense time is possible by using a symbolic representationx 5y := 0T1u!x 10
SaveCCT Glue Code GeneratorMotivation2 GHz256 MB RAM1 MB OSSyncronisation, IPC, Timingstatic configuration
SaveCCT Glue Code Generator- Task Allocation
Analysis
TargetCompiler
RTOS RTOS Fully Automated Compile-Time StepSaveCCMComponent ModelIntermediate Task ModelsRTOSExecution ModelsCrossFire, RTXCPC/Win32, CCSimTech
SaveCCT Tools (under continous improvement) Save IDE (under continous improvement) Component compositionSeveral existing prototypes for graphical composition from masters thesis projects, currently under major revisionAutomated connectivity to analysis tools through translations of SaveCCM XML totimed automata with tasks ->Times (Timing and much more)Finite State Processes -> LTSA (Control loop liveness)TestAutomated test tools, e,g., test-complete and LabView, from CCSimTechRepositoryUnder construction, will provide means for easy selection and specialisation of components through distingushing component versions, from component variants
Example Application SaveCCT in an industrial Environment
Case Study at CC SystemsIntegrated our technology in a real industrial environment, i.e., selected development tools and hardware from the companys repertoireCrossFire ECU, CCSimTech simulation technique, target compiler Implemented a fictive vehicular control application with the technology, and used as basis for evaluation
Road Signs EnabledCurrent SpeedRoad Sign SpeedACC Max SpeedDistanceACC EnabledBrake Pedal Used
50 Hz10 HzBrake SignalThrottle
Brake Assist
Logger HMI Outputs
Object Recognition
Mode Switch
ACCController
Brake AssistACCMax SpeedACC ApplicationSpeed Limit
ACC Controllers
DistanceController
SpeedControllerDistanceControlRelativeSpeedMaxSpeed
DistanceController
CalcOutput
UpdateState
Speed Controller
CalcOutput
UpdateStateDistanceRelativeSpeedMaxSpeedCurrentSpeedCurrentSpeedControl
ACC Controllers
Automated Analysis of The ACCStatic WCET analysis through integration of the aiT Worst-Case Execution Time AnalyserWCET ~ 3% over-estimationContext dependent WCET analysis preferable, but not yet achievedTiming and more through the underlying Timed Automata modelThe Times tool checks e.g., Schedulability and Response times for end-2-end transactionsLivenessFinite State Processes (FSP), derived from SaveCCTLabeled Transition System Analyser (LTSA), is used to verify liveness
Questions