predictable assembly with savecct
DESCRIPTION
. . Sink. Sink. T = 40 ms. Valve Regulator. Power Supervison. Source. Diesel Valve. Desired Output level. Diesel Valve. Air Valve. Air Valve. Predictable Assembly with SaveCCT. Mikael Åkerholm MRTC, Mälardalen University, http://www.mrtc.mdh.se - PowerPoint PPT PresentationTRANSCRIPT
<<AutoComp>>
Power Supervison
Desired Output level
Source
Diesel Valve
Sink
Diesel Valve
<<AutoComp>>Valve Regulator
SinkT = 40 ms
Air Valve
Air Valve
Predictable Assembly with SaveCCT
Mikael ÅkerholmMRTC, Mälardalen University, http://www.mrtc.mdh.seCC Systems AB, http://www.cc-systems.com [email protected]
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
2OutlineBackground and motivationCentral Concepts of Component TechnologiesSaveCCT - A Component Technology for Vehicular Systems
Target DomainTechnology OverviewComponent ModelTools
Example application – Adaptive Crusie Controller (ACC)
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
3Background: Save/Save++ (and progress)
Save (2003-2006)Enabling systematic development of component-based software for safety critical embedded systems. Component technologies -> SaveCCTMDH, UU, KTH, LiTH, (ABB, Bombardier, CC Systems, CR&T, Saab, Scania, Volvo Car and Volvo TD)
Save++ (2006-2007) integrates as a part of the progress project (2006-2010) at MDH
Improved theories, methods, technologies, and tools, based on Save and Save++, -> ( SaveCCT++ )
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
4MotivationMore FunctionalityImprove existing FunctionalityLower price
More ElectronicsWith Software Software Crisis (1968):
•Error-Prone•Late•Expensive
•Promising, successful in the PC domain•Component Technologies, target PC Applications•Vehicular Software Different from PC Software
Need Better Software Engineering Approaches!Need Better Software Engineering Approaches!
Component-Based Software Engineering
Component TechnologyComponent TechnologyFor Vehicular Applications!For Vehicular Applications!
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
5Central Concepts
Component Component Framework
PlatformPlatform
Components
Components
RepositoryRepository
Supporting ToolSupporting Tool
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
6SaveCCT – For Vehicular Systems
Characteristcs:Many suppliersDistributed applicationsSafety Reliability Resource efficiency (Hard) Real-Time requirements
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
7SaveCCT Design Goals
Efficient Development:Enable utilization of CBSE advantages, provide the necessary possibilities for the target domain
Predictable Behavior:Need to be able to apply analysis of important run-time attributes during design-time, e.g., Timing, Safety, Reliability, Memory needs, Processor demands
Run-Time Efficiency:Ideally enable CBSE without run-time cost, compared to C programming with RTOS
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
8Process OverviewSystem System
RequirementsRequirements
ComponentComponentRequirementsRequirements
Select and AdaptSelect and Adapt
ComponentComponentVerificationVerification
SystemSystemVerificationVerification
Need forNeed forcomponent component
Develop or BuyDevelop or Buy
Verify Verify ComponentComponent
RepositoryRepository
SystemSystemCompositionComposition
System System DecompositionDecomposition
Interface betweenComponent developersAnd system developers
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
9SaveCCT Technology Overview
RepositoryRepository
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
10The SaveCCM component modelRestictive in comparision to PC/Internet component models
COM, .Net, EJB Enable analysis during design-time, and determinstic reproducable behaviour during run-time (test-time)
Textual xml, and graphical UML influenced syntax
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
11
SaveCCM Syntax:Basic ComponentPorts
Trigger, data, combinedBehaviour
Read Execute Write
<<SaveComp>>
CalculateOutput
State
IntergrationEnabled
Setpoint
Value
Control
New State
fixed_t error = Setpoint – Value;fixed_t u = fixed_mul(K, e);
if (IntegrationEnabled) u += fixed_div(NewState, T_i);
Control = LIMIT(u, 0, MAX_CONTROL);State = error;
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
12
SaveCCM Syntax:Basic ComponentPorts
Trigger, data, combinedBehaviour
Read Execute Write
<<SaveComp>>
CalculateOutput
State
IntergrationEnabled
Setpoint
Value
Control
New State
fixed_t error = Setpoint – Value;fixed_t u = fixed_mul(K, e);
if (IntegrationEnabled) u += fixed_div(NewState, T_i);
Control = LIMIT(u, 0, MAX_CONTROL);State = error;
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
13
SaveCCM Syntax:SwitchPorts
Setports determine active configurationConnection patterns
For static or dynamic reconfiguration
<<Switch>>
Mode
IntergrationEnabled
FeebackOut 1
FeedbackIn
FeebackOut 2
To PortFeedback Out 1Feedback Out 2
From PortFeedback InFeedback In
ExpressionIntegration Enabled Integration Enabled
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
14
SaveCCM Syntax:Assembly
PortsInternal components and connectionsEncapsulation of a “sub-system”
PI Controller<<Assembly>>
<<Switch>>
Mode
<<SaveComp>>
CalculateOutput
<<SaveComp>>
UpdateState
State
IntergrationEnabled
Setpoint
Value
FeebackOut
Feedback In
Control
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
15
SaveCCM Syntax:Composite ComponentPortsInternal components and connections
Restricted behaviour, read-execute-write
MultiplyAndAdd<<Composite>>
<<SaveComp>>
Multiply <<SaveComp>>Add
A
B
C
Q
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
16SaveCCM Formal Foundation Timed Automata with TasksSaveCCM Core
Building blocks for SaveCCM semantics:
Basic ComponentComposite ComponentConditional Connection
Port: point of interactionWhere connection meet componentTransfer data or triggeringSingle data item, overwrite semantics
On request, John may give a lecture ;o)
Finite automata with
Dense time clocks,manipulated on edges
Tasks, released whena location is reached
Dense time is possible by using a symbolic representation
x 5 y := 0T1
u!x 10
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
17SaveCCT Glue Code GeneratorMotivation
2 GHz256 MB RAM
<1 GB OSGraphics, User Accountsrun-time configuration
Component FrameworkRun-time Binding
DB Transactions, Web
Thypical target platform For component technologies
20 MHz256 kB RAM
>1 MB OSSyncronisation, IPC, Timing
static configuration
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
18SaveCCT Glue Code Generator
-
Task Allocation
Analysis
TargetCompiler
RTOS RTOS
Fully Automated Fully Automated Compile-Time StepCompile-Time Step
SaveCCMComponent Model
Intermediate Task Models
RTOSExecution Models
CrossFire, RTXCPC/Win32, CCSimTech
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
19
SaveCCT Tools (under continous improvement) Save IDE (under continous improvement)
Component compositionSeveral existing prototypes for graphical composition from masters thesis projects, currently under major revision
Automated connectivity to analysis tools through translations of SaveCCM XML to
timed automata with tasks ->Times (Timing and much more)Finite State Processes -> LTSA (Control loop liveness)
TestAutomated test tools, e,g., test-complete and LabView, from CCSimTech
RepositoryUnder construction, will provide means for easy selection and specialisation of components through distingushing component versions, from component variants
…
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
20Example Application – SaveCCT in an industrial Environment
Case Study at CC SystemsIntegrated our technology in a real industrial environment, i.e., selected development tools and hardware from the company’s repertoire
CrossFire ECU, CCSimTech simulation technique, target compiler
Implemented a “fictive” vehicular control application with the technology, and used as basis for evaluation
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
21
Road Signs Enabled
Current Speed
Road Sign SpeedACC Max Speed
Distance
ACC Enabled
Brake Pedal Used
<<Assembly>>50 Hz
10 Hz
Brake Signal
Throttle
Brake Assist
<<SaveComp>>
Logger HMI Outputs
<<SaveComp>>
Object Recognition
<<SaveComp>>
Mode Switch
<<Switch>>
ACCController
<<Assembly>>
Brake Assist
ACC
Max Speed
ACC ApplicationSpeed Limit
<<SaveComp>>
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
22
<<Assembly>>ACC Controllers
<<Assembly>>Distance
Controller
<<Assembly>>Speed
Controller
Distance
Control
RelativeSpeed
MaxSpeed
<<Assembly>>Distance
Controller
<<SaveComp>>Calc Output
<<SaveComp>>Update State
<<Assembly>>Speed
Controller
<<SaveComp>>Calc Output
<<SaveComp>>Update State
DistanceRelativeSpeed
MaxSpeed
CurrentSpeed
CurrentSpeed
Control
<<Assembly>>ACC Controllers
<<AssemblyDistance
Controller
<<Assembly>>Speed
Controller
View, hiding low level information of data flow direction and triggering.
1 23
45
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
23Automated Analysis of The ACCStatic WCET analysis through integration of the aiT Worst-Case Execution Time Analyser
WCET ~ 3% over-estimationContext dependent WCET analysis preferable, but not yet achieved
Timing and more through the underlying Timed Automata model
The Times tool checks e.g., Schedulability and Response times for end-2-end transactions
LivenessFinite State Processes (FSP), derived from SaveCCTLabeled Transition System Analyser (LTSA), is used to verify liveness
x 5 y := 0T1
u!x 10
Mikael Åkerholm, SaveCCT lecture CBSE Course 2007
24Questions