reliable scheduling again – just a single hit onto a very large area
TRANSCRIPT
Reliable Scheduling
Again – just a single hit
onto a very large area
DAIMI Henrik Bærbak Christensen 2
Literature
Christensen and Eriksen 2003: – An Architectural Style for Closed-loop Process-
Control– Center for Pervasive Computing Tech Report
Van der Linden 2007– Dependability Experience in Philips
DAIMI Henrik Bærbak Christensen 3
Center for Object Technology
Late 1990’s I was involved in the Center for Object Technology
Purpose:– The overall goal of Centre for Object Technology
(COT) is to carry out research, development and technology transfer in the area of object-oriented software construction. The activities in COT are based on actual needs from the participating industrial partners.
DAIMI Henrik Bærbak Christensen 4
One Case
Danfoss was very happy about the outcome and continued into a new project together with us.
Purpose– Develop a new embedded motor control system
• Basically a closed-loop control system:– Sample process variable, calculate response, enact
– Architectural Drivers• Performance:
– Extremely high sampling rate to provide ultra high motor control
• Modifiability– Plug-n-play configuration of distributed system
DAIMI Henrik Bærbak Christensen 5
Deployment view, Archecture 1
Digital Input Card C
A/D Card
Discrete Input
Sampling Input
Sampling Input
Sampling Store
Sampling Store
Event Store
Reference Handler
Feedback Handler
Command Handler
Reference (setpoint): The freq. the motor must operate at.Feedback (input): Measured freq.
DAIMI Henrik Bærbak Christensen 6
Problem
Problem:– Handling of state information in feedback closed-loop
process-control distributed embedded systems (inhale!)
– Hard deadlines for state information delivery– Very short control intervals– Need for secure synchronisation of input variables– Minimal memory footprint– Focus on maintainability of solution
DAIMI Henrik Bærbak Christensen 7
First Idea
The project was called OO-Dist = Object-oriented Distributed (something).
Proposal: Distributed Objects and RMI/CORBA like
semantics.
DAIMI Henrik Bærbak Christensen 8
Deployment view, Archecture 1
Digital Input Card C
A/D Card
Discrete Input
Sampling Input
Sampling Input
Sampling Store
Sampling Store
Event Store
Reference Handler
Feedback Handler
Command Handler
Commandhandler:run() { SamplingStore ss1 = lookup(“s1”); double v = ss1.fetchValue(); …
DAIMI Henrik Bærbak Christensen 9
Scheduling
… is problematic. Timing is everything!
– Must know time of sampling precisely!• Otherwise the control calculations become wrong
– Must finish motor control tasks within a N millisecond cycle
• Otherwise we do not control the motor precisely
C
Reference Handler
Feedback Handler
Command Handler
DAIMI Henrik Bærbak Christensen 10
Global clock
Time is divided into control intervals The global clock ensure that all nodes agree on
start time of these periods
Node 1
Node 2
Node 3
Node 4
control interval i
control interval i+1
DAIMI Henrik Bærbak Christensen 11
A scenario
P-Node 1
P-Node 2
C-Node
Input signal - early computationStore - early computationConsumer – fixed time computation
All stores are consistent
PC-Node
DAIMI Henrik Bærbak Christensen 12
Challenges
Concurrency– In each device there are concurrent tasks, and how to
ensure consistency of read/written state variables?
Timing– How to guaranty that all input/feedback variables are
read, stable (all nodes agree), and available in time for the control algorithm to process them
– How to guaranty that there is enough time within each control interval to finish the control algorithm
DAIMI Henrik Bærbak Christensen 13
A Proposal
Blackboard architecture, using CAN bus
Digital Input CardC
A/D Card
Discrete Input
Sampling Input
Sampling Input
Sampling Store
Sampling Store
Event Store
Reference Handler
Feedback Handler
Command Handler
BlackBoard
DAIMI Henrik Bærbak Christensen 14
A Proposal
All communication between processes/objects is only via reading or writing state variables in the distributed store– i.e. no ‘method calls’ between (remote) objects
Strict sequence of each task’s run method– A.step(); B.step(); C.step();
• [start over again once the next control interval starts]
DAIMI Henrik Bærbak Christensen 15
Scenario
A feedback value is read (using one node) and used by the motor control (on another node).
DAIMI Henrik Bærbak Christensen 16
What do we gain?
No synchronization problems– CAN bus ensures distributed store consistency across
all nodes– No concurrent access due to strict sequencing of
each process’ execution
Strict timing analysis possible– Read/write variable is constant time, thus time budget
of each task can be made isolated• Compare if all components could call methods in all other
components!!! Require global analysis
– Task sequencing under strict control
DAIMI Henrik Bærbak Christensen 17
What do we gain?
Performance– The main architectural driver– Simple analysis can guaranty the deadlines are met
Modifiability– Distributed system, adding new devices is simple– Configurable set of tasks– Simple component model, easy to understand and
reason about
Testability– Easy to test components on a PC rather than on
embedded device
Relations
Philips Experience
DAIMI Henrik Bærbak Christensen 19
Virtual Processors
van der Linden describe virtual processors:– Processes are assigned a category (own, MMI, …)– Specific time is guarantied for each category
• Round robin scheduling: – Round-robin (RR) is one of the simplest scheduling algorithms
for processes in an operating system, which assigns time slices to each process in equal portions and in circular order, handling all processes without priority.
– If time slice not used, handedover to other categories asoutlined
DAIMI Henrik Bærbak Christensen 20
What do they gain?
No starvation/competition between processes– Each category has its own “virtual processor”
Even in overload situations, core processing is guarantied– As e.g. background tasks cannot steal processing
power from OWN tasks– Operators/users can always interact with device
DAIMI Henrik Bærbak Christensen 21
What they both require!
That you can write your own process scheduler!
Most OS view this as such an intimate detail that you cannot alter it– Instead you express yourself in complex concepts like
priorities etc., but these are not easy to translate into hard-real time constraints
DAIMI Henrik Bærbak Christensen 22
Summary
If dependability rely in hard-real time processing– Like controlling the motor of a crane holding 100 tons
of cargo above the head of workers…
Then the scheduling algorithms and the architecture / component model becomes vital for dependability and performance
Traditional OS scheduling models not always the obvious choice.