overview of ptides project
DESCRIPTION
Overview of PTIDES Project. Jia Zou Slobodan Matic Edward Lee Thomas Huining Feng Patricia Derler University of California, Berkeley. Reliable and Evolvable Networked Time-Sensitive Systems, Integrated with Physical Processes. Cyber Physical Systems:. - PowerPoint PPT PresentationTRANSCRIPT
Overview of PTIDES Project
Jia ZouSlobodan Matic
Edward LeeThomas Huining Feng
Patricia Derler
University of California, Berkeley
2/21
Reliable and Evolvable Networked Time-Sensitive Systems, Integrated with Physical Processes
• Cyber Physical Systems:
3/21
CPS Requirements – Printing Press • Application aspects
• local (control)• distributed (coordination)• global (modes)
• Open standards (Ethernet)• Synchronous, Time-Triggered• IEEE 1588 time-sync protocol
• High-speed, high precision• Speed: 1 inch/ms• Precision: 0.01 inch
-> Time accuracy: 10us
Bosch-RexrothOrchestrated networked resources built with sound design principles on suitable abstractions
DETERMINISM TIMED SEMANTICS
4/21
PTIDES:
HW PlatformSoftware Component
Library
Ptides Model Code Generator
PtidyOS
Code
Plant Model
Network Model
HW in the Loop
Simulator
Causality Analysis Program Analysis
Schedulability Analysis
Analysis
Mixed Simulator
5/21
PTIDES Model• Programming Temporally Integrated Distributed Embedded Systems– Based on Discrete-Event model of computation
• Event processing is in time-stamp order• Deterministic under simple causality conditions
– fixed-point semantics– super-dense time
6/21
Causality Interface• Software components are actor-oriented– All actors are reactive• Consume input event(s) and produce output event(s)• Sensors react to the physical environment
• Interface represented by δ– δ is the minimum model time delay from the input to the
output
– Compositionality properties: Min-plus algebra
τ
Actor A
τ’δτ’ ≥ τ + δ
δδ
7/21
Model vs. Physical Time
t ≥ τ
t ≤ τ
i4
doτ1
• At sensors and actuators• Relate model time (τ) to physical time (t)
model time
physical time
τ10
t1
τ4
t40
8/21
Single Processor PTIDES Example
t ≥ τ , t ≤ τ + do
t ≤ τ
i4
doτ1
τ2
model time
physical time
τ2
t2
e2 at i2
0
0
• Bounded sensor latency (d0)
9/21
Single Processor PTIDES Example
t ≥ τ , t ≤ τ + do
t ≤ τ
i4
doτ1
τ2
model time
physical time
τ2
t2 τ2+d0
e2 safe to process if t > τ2 + do
0
0
10/21
Single Processor PTIDES Example
t ≤ τ + do
t ≤ τ
i4
doτ1
τ2
model time
physical time t2 τ1+ d0
τ10
0
e2 safe to process if t > τ2 + do
11/21
d 1
τ1
τ2
Distributed PTIDES Example
d01
Sensor
Actuator
do2
Network Interface
o3
τ
d 2
τ3
τ4
• Local event processing decisions:• Bounded communication latency (d0)• Distributed platforms time-synchronized with bounded error (e)
Merge
τ cannot be rendered unsafe by events from outside of the platform at:t > τ + do2 + e - d2
12/21
Distributed PTIDES Example
d01
Sensor
Actuator
do2
Network Interface
o3
τ
d 2
τ3
τ4
• Local event processing decisions:• Bounded communication latency (d0)• Distributed platforms time-synchronized with bounded error (e)
Merge
τ1
d 1
τ1 may result in future event of timestamp τ1’ ≥ τ1 + d1
13/21
General Execution Strategy
d01
Sensor
Actuator
do2
Network Interface
o3
τ
d 2
τ3
τ4
• An event e is safe to process if no other event e’ may render e unsafe• out of the platform -> clock test • within the same platform as e -> model delay test
Merge
τ1
d 1
τ cannot be rendered unsafe by events from outside of the platform at:t > τ + do2 + e - d2
For all events within the platform:τi + di ≥ τ
14/21
What Did We Gain?
e1 = (v1, τ1)Merge
δsafe to process analysis for e
First Point: Ensures deterministic data outputs
e2 = (v2, τ2)
safe to process analysis for e
e1, e2, …
t ≤ τ + do
t ≤ τ
i4
doτ1
τ2
Second Point: Ensures deterministic timing delay from Sensor to Actuator
15/21
What’s More…
Third Point: Decoupling of design from hardware platform
Schedulability analysis
16/21
PTIDES:
HW PlatformSoftware Component
Library
Ptides Model Code Generator
PtidyOS
Code
Plant Model
Network Model
HW in the Loop
Simulator
Causality Analysis Program Analysis
Schedulability Analysis
Analysis
Mixed Simulator
17/21
Schedulability Analysis
• Requires WCET of software components + event models
• Three cases:– Zero event processing time assumption (feasibility test)
• if P fails, P will not satisfy constraints on any hardware
– No resource sharing assumption (an event is processed as soon it is safe)• if P fails, P may still satisfy constraints on other hardware
– Resource sharing (a safe event is processed according to a scheduling algorithm)• if P fails, P does not satisfy this implementation (and algorithm)
18/21
PTIDES Scheduler Implementations• Two layer execution engine– Event coordination (safe-to-process)– Event scheduling (prioritize safe events)
• Earliest Deadline First foundation– EDF is optimal with respect to feasibility– Deadline based on path from input port to actuator
e1 = (v1, τ1)Actor A
δ
Actuator
Deadline(e1) = τ1 + δ
19/21
PTIDES:
HW PlatformSoftware Component
Library
Ptides Model Code Generator
PtidyOS
Code
Plant Model
Network Model
HW in the Loop
Simulator
Causality Analysis Program Analysis
Schedulability Analysis
Analysis
Mixed Simulator
20/21
PtidyOS
• Lightweight real-time operating system (RTOS)– Software components (actors) are “glued together”
by a code generator into an executable– Scheduler combine EDF with PTIDES
• Process events in deadline order– Interrupts
• All execution are done within ISR• Reentrant interrupts
– Experimenting with Luminary board with IEEE1588 support
21/21
PTIDES Program Design Workflow
HW Platform
PtidyOS