lecture - 1 - introduction - tsea81 · lecture - 1 - introduction computer engineering and...

Lecture - 1 -Introduction

ComputerEngineering

and Real-timeSystems

Lecture - 1 - IntroductionTSEA81

Computer Engineering and Real-time Systems

Linkoping UniversitySweden


ComputerEngineering


This document is released - 2014-11-03 - first version

Author - Ola Dahl, Andreas Ehliar


ComputerEngineering


Therac-25

• Radiation therapy machine

• Three modes: X-Ray treatment, electron beam treatment,field light

• Someone had an idea: Hardware can degrade, softwaredoes not degrade. Ergo: Lets put as many safety checks insoftware as possible.


ComputerEngineering


Therac-25 user interface

PATIENT NAME : JOHN DOETREATMENT MODE : FIX BEAM TYPE: X ENERGY (MeV): 25

ACTUAL PRESCRIBED UNIT RATE/MINUTE 0 200 MONITOR UNITS 50 50 200 TIME (MIN) 0.27 1.00

GANTRY ROTATION (DEG) 0.0 0 VERIFIEDCOLLIMATOR ROTATION (DEG) 359.2 359 VERIFIEDCOLLIMATOR X (CM) 14.2 14.3 VERIFIEDCOLLIMATOR Y (CM) 27.2 27.3 VERIFIEDWEDGE NUMBER 1 1 VERIFIEDACCESSORY NUMBER 0 0 VERIFIED

DATE : 84-OCT-26 SYSTEM : BEAM READY OP.MODE: TREAT AUTOTIME : 12:55. 8 TREAT : TREAT PAUSE X-RAY 173777OPR ID : T25VO2-RO3 REASON : OPERATOR COMMAND:


ComputerEngineering


Therac-25

• Race condition between the user interface and othercritical parts of the software

• An example: When selecting X-ray mode, it takes about 8seconds to setup the bending magnets

• If the operator changes mode from X-ray to electron modeduring those 8 seconds this change is shown in the userinterface, but the mode change is not fully detected byother parts of the system.


ComputerEngineering


Therac-25: Result of this bug

• Extremely high dose delivered (16500-25000 rads insteadof 200 rads)

• The hospital initially couldn’t diagnose the injury sincethey had never seen such a severe radiation injury

• As a comparison: 50% chance of death in 60 days afterfull body exposure: 500 rads)


ComputerEngineering


Therac-25: Manufacturer response(simplified)

• First response: It is impossible for this to happen

• Later response: Therac-25 owners should physicallyremove the up arrow key from the terminal

• Even later response: Problem was identified and fixed forreal


ComputerEngineering


Therac-25 summary

• Six patients were injured or killed by the machinesbetween 1985-1987. (To be fair, many more were saved bythe radiotherapy)

• The manufacturer did not initially seem to consider thesoftware to be a potential source of problem

• Also, the programmer did not seem to be aware of how tosafely do concurrent programming (although at this pointin time this is not as damning as it would be today)

• For more information, seehttp://computingcases.org/case materials/therac/case history/Case%20History.html


ComputerEngineering


Northeast America, August 13,2003

Image source: http://commons.wikimedia.org/wiki/File:2003 North American Blackout Before.jpg


ComputerEngineering


Northeast America, August 14,2003

Image source: http://commons.wikimedia.org/wiki/File:2003 North American Blackout After.jpg


ComputerEngineering


Northeast Blackout of 2003

• XA/21 SCADA Energy Management System

• Due to a software bug in the alert monitoring system (a socalled race condition), two processes tried to update thesame data structure simultaneously

• The alert monitoring system went into an infinite loop


ComputerEngineering


Northeast Blackout of 2003

• The personell didn’t realize the alert monitoring systemwasn’t working

• The severity of the situation was therefore not evident

• Final toll: Over 50 million people without electricity

• Estimated cost: $4.5-$10 billion


ComputerEngineering


Dishonorable mentions:Real-time/Concurrency

programming bugs

• Many security related race conditions(Time-of-check/Time-of-use)–¿

• Patriot Missile bug (Time drifts slowly)


ComputerEngineering


Honorary mentions: Somepioneering and contemporary

examples of real-time systems

• SAGE - Semi Automatic Ground Environment (Networkedair defense system. Vacuum tube based behemoth runninga stunning 75000 instructions per second. In use from1958-1984!)

• AGC - Apollo Guidance Computer (Landing on the moonwith a 2MHz computer running dynamically scheduledreal-time tasks (It almost failed though: Look up 1201 and1202 errors.)

• Cell phone network (Keeping track of all active andinactive terminals connected to the basestation, includinghand-off to neighbouring basestation when appropriate)

• Any modern car (Over 100 processors in each car, withstrict real-time requirements for most)


ComputerEngineering


The aim of the course, from the course syllabus

• To develop an understanding of hardware/softwareinteractions in computer systems with parallel activitiesand time constraints, and to develop basic skills forintegration of software using a real-time operating system.


ComputerEngineering


Course site: http://www.da.isy.liu.se/courses/tsea81/Course contents:

• Assignments (scheduled as labs in TimeEdit)

• Labs

• Lectures


ComputerEngineering


After a completed course, the student shall be able to

• give examples of hardware/software interactions forhandling of parallel activities and time constraints

• explain properties of software with parallel activities

• describe the structure, and give examples from theimplementation, of a real-time kernel

• summarize how the underlying computer architecture andinstruction set influences the implementation of areal-time operating system

• design and implement software with parallel activities andtime constraints

• use a real-time operating system

• exhibit basic skills in integration of software and areal-time operating system for a specific computerarchitecture


ComputerEngineering


Assignments

• Development tasks

• Groups of two students each

• Evaluation, examination, and feedback on scheduledoccasions

NOTE: main work effort outside of lesson time.


ComputerEngineering


Assignments

• Assignment 1 - Introduction, Shared Resources

• Assignment 2 - Alarm Clock

• Assignment 3 - Lift with Monitors

• Assignment 4 - Lift with Message passing

• Assignment 5 - Performance characteristics


ComputerEngineering


Labs

Labs will be in a computer lab (e.g. Bussen), Groups of twostudents each, Apply knowledge from assignments,

• Lab 1 -Realtime programming in Linux


ComputerEngineering


Lectures

1 Introduction

2 Shared Resources (A1)

3 Task synchronization (A2)

4 Monitors, message passing (A3, A4)

5 Real-time kernel

6 Real-time operating system

7 Embedded systems

8 Linux

9 Realtime tasks in Linux

10 Scheduling

11 Course wrapup, exam information


ComputerEngineering


Real-time systems

• Real-time systems are computer systems with specialrequirements regarding response times

• Response times - the computer communicates with itsenvironment


ComputerEngineering


Real-time systems


ComputerEngineering

and Real-timeSystems • Interrupts - normal flow of execution is changed, interrupt

handler executes, normal flow is resumed when interrupthandler has finished

• Processor registers - captures the state of the executingprogram, needs saving while servicing an interrupt (whileinterrupt handler executes), the registers for programcounter and stack pointer are of special interest in thiscourse

• Stacks - A stack is a LIFO-list in memory, can beaddressed using the stack pointer register, can also beaddressed by other means (e.g. by a pointer variable)


ComputerEngineering


Foreground/background scheduling

• Use a main-loop

• Add interrupt handlers

• A concurrent system is obtained, where the CPU is sharedbetween the main-loop and the interrupt handlers

• The main-loop and the interrupt handlers can be regardedas parallel activities


ComputerEngineering


A real-time operating system is an operating system designedfor real-time requirements. A real-time operating system canhandle parallel activities, often referred to as tasks.


ComputerEngineering


Task states

• A - a task wants to use a shared resource, and theresource is used by another task

• B - a shared resource, for which the task is waiting,becomes available, and the task is allowed to execute

• C - a task with higher priority than the currently executingtask becomes ready for execution

• D - as in C, but also when the currently executing task isblocked, e.g. due to a shared resource not being available

• E - a shared resource, for which a task is waiting, becomesavailable, but the task waiting for the resource is notallowed to execute


ComputerEngineering


Assignment 1 - Introduction,Shared Resources

• Introduction to real-time systems

• Real-time programming using a real-time operating system

• Mutual exclusion


ComputerEngineering


Mutual exclusion

• Only one task at a time is allowed access to a sharedresource

• A shared resource can be protected using a mutex

• A critical region is a segment of code where a sharedresourse is used

• When using a mutex for protecting a shared resource,critical regions shall start with a lock-operation on themutex protecting the shared resource, and critical regionsshall finish with an unlock-operation on the mutexprotecting the shared resource


ComputerEngineering


Declaration of a mutex

/* a mutex, to protect the common variables */

pthread_mutex_t Mutex;

Initialization of mutex

/* initialise mutex */

pthread_mutex_init(&Mutex, NULL);

Lock-operation on mutex

/* reserve shared resource */

pthread_mutex_lock(&Mutex);

Unlock-operation on mutex

/* release shared resource */

pthread_mutex_unlock(&Mutex);

lecture - 1 - introduction - tsea81 · lecture - 1 - introduction computer engineering and...

Documents