Topics

1

Developing Reliable Systems withSDL Design Patterns and Design Components

Christian Webel, Ingmar Fliege, Alexander Geraldy,Reinhard Gotzhein

University of Kaiserslautern

{webel, fliege, geraldy, gotzhein}@informatik.uni-kl.de

Christian Webel2

Topics

1. Motivation

2. SDL Design Patterns

3. Micro Protocols

4. Comparison

5. Example: “Airship Control”

6. Conclusion

Christian Webel3

1. Motivation

• Problem: – solution from scratch– existing systems: lack of reliability– difficult to integrate reliability

• Solution:– defining SDL design patterns and design components– using these software artefacts to augment system reliability step-

by-step– reuse– SDL as a design language to develop reliable systems

Christian Webel4

1. Motivation

Concepts

Reliability:

ability of a system to perform its tasks under given conditions for a certain period of time

Watchdog:

component or functionality monitoring the operation of a system by observing an alive-signal

Heartbeat:

component or functionality sending a periodic alive-signal

Christian Webel5

2. Adding Reliability through SDL Design Patterns

• generic solution for recurring design problems

• reusable software artefact

• SDL as design language

• to be selected, adapted and embedded

Christian Webel6


• B provides data for A• B needs to be monitored by A• A is refined by applying the Watchdog pattern• B by applying the Heartbeat pattern

Christian Webel7


Design pattern Watchdog

Christian Webel8


Design pattern Heartbeat

Christian Webel9

3. Adding Reliability through Micro Protocols

• encapsulate a single (distributed protocol) functionality using a specific mechanism

• self-contained and ready-to-use

• well-defined interfaces (operators)

• can be composed yielding macro protocols

Christian Webel10


• A, B, Watchdog and Heartbeat as described• ready-to-use solutions, no modifications within A or B needed• useful if A or B cannot or should not be modified (e.g. 3rd party

components)

Christian Webel11


Micro protocol

Watchdog

• one single process type

• may be refined to match the requirements of the embedding context

• needs a periodic trigger alive

process type Watchdog

Timer watchdogT;DCL safeInterval Duration;

OPTIONAL REFINE GATE:extend gate with signal sigX

disabled

virtual alive

safeInterval := 3; redefine with correcttimeout interval

set(NOW + safeInterval, watchdogT)

disabled enabled

enabled dead

OPTIONAL REFINE STATE:add new transition to disable watchdog-> input sigX -> TASK: reset(watchdogT)[-> sigX]->nextstate disabled

alive virtualwatchdogT

virtual alive

OPTIONAL REFINE:add output of reanimatesignal sigZ

REFINE:add output of fail-safesignal sigYset(NOW +

safeInterval, watchdogT)set(NOW +

safeInterval, watchdogT)

- dead REFINE GATE:extend gate with signal sigY [sigX,sigZ]

enabled

wdInalive

wdOut

Christian Webel12


Micro protocol

Heartbeat

• one single process type

• may be refined to match the requirements of the embedding context

• provides a periodic trigger alive

process type Heartbeat

TIMER heartbeatT;DCL heartbeatInterval Duration := 1;

virtual beating

/*optionalheartbeatInterval Duration := X */

heartbeatT

set(NOW +heartbeatInterval, heartbeatT)

alive

beating set(NOW +heartbeatInterval, heartbeatT)

optional:redefine start transitionto set needed heartbeat interval

-

g

alive

Christian Webel13

Design Patterns vs. Micro Protocols

4. Comparison

Advantages

• no change of the system architecture necessary

• optimization of heartbeat traffic

• reusable solution

• no change of the behaviour of the other system components necessary

• ready-to-use solution

• reusable solution

Disadvantages

• engineering knowledge required • change of the system architecture necessary

Christian Webel14


• application to control an airship via WLAN

• two parts:– airshipClient

transmits the control values to the airship

– airshipServerreceives the values and controls the airship hardware

• reliability is needed !!!

Christian Webel15


Application of the Heartbeat pattern

process airShipClientDCL id ID, newVal Integer, val1 CtrlValue := 0, val2 CtrlValue := 0, val3 CtrlValue := 0;

Timer heartbeatT;DCL hbInterval Duration := 1;processValue

/*start*/ disabled enabled *

disabled value(id, newVal)

value(id, newVal)

heartbeatT

id id alive

processValuestartAirshipvia airship

stopAirshipvia airship

newCtrlValues(val1, val2,val3)via airship

set(NOW +hbInterval, heartbeatT)

reset(heartbeatT) set(NOW +hbInterval, heartbeatT)

enabled - disabled - -

StartStop

elseelse

StartStop

Christian Webel16


Application of the Watchdog pattern

process airShipServerTIMER t := 0.1;

DCL val1 CtrlValue := 128, val2 CtrlValue := 0, val3 CtrlValue := 128;

TIMER watchdog;DCL safeInterval Duration := 3;

DCL fail1 CtrlValue := 128, fail2 CtrlValue := 0, fail3 Ctrlvalue := 128;

disabled running *

disabled startAirship newCtrlValues(val1,val2,val3)

t stopAirship alive watchdog

set(t) ctrlValue(val1)via servo

ctrlValue(val1)via servo

SET(NOW + safeInterval, watchdog);

ctrlValue(fail1)via servo

running ctrlValue(val2)via motor1

ctrlValue(val2)via motor1

ctrlValue(fail2)via motor1



RESET(t) ctrlValue(fail3)via motor2

SET(t) SET(t) RESET(watchdog) val1 := fail1;val2 := fail2;val3 := fail3;

- - disabled - -

Christian Webel17


Using the Watchdog and Heartbeat Micro Protocols

• selected and glued together

• Watchdog:– redefine timeout-transition– add stop-transition

• Heartbeat:– just select and integrate

• also possible to use design patterns und micro protocols together

INHERITS Watchdog;

process type MyWatchdog

enabled

redefinedwatchdogT

stopAirship

newCtrlValues(128,0,128)

stopAirshipvia wdOut

reset(watchdogT)

dead disabled

wdInstopAirship

wdOut

newCtrlValues,stopAirship

Christian Webel18

6. Conclusion

• systematic approach to augment existing systems with reliability aspects

• reuse and reliability (design patterns, micro protocols)

Outlook:• Validation

• Compositional testing– Each component tested– Resulting system tested for composition faults

• Developing more micro protocols– QoS, Routing, Scheduling, Medium Access, Flow Control, …

Christian Webel19

Thank you for your attention!

Questions?

Documents

Topics