View
213
Download
1
Tags:
Embed Size (px)
Citation preview
Transparent Environment for Replicated Ravenscar Applications
Luís Miguel Pinho
Francisco Vasques
Ada-Europe 2002
Vienna, Austria
18-20 June 2002
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 2
Summary
• Motivation
• System Model
• Replication Management Framework
• Repository of task interaction objects
• Example
• Conclusions
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 3
Motivation
• Computer Control Systems– Are present in a wide range of application domains – Are expected to perform correctly (value and time) even in
the presence of faults• Need to guarantee real-time and fault tolerance properties of
applications
– Distributed systems
Application A
Application B
BroadcastNetwork
Sensors/Actuators
Computer SystemNode Application A
Application A Replica
Application B
Application B Replica
Replication as a means to achieve fault tolerance
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 4
Motivation
• New Challenges– Commercial Off-The-Shelf Components (COTS)
• Minimise cost and time to market
• Lack of real-time and fault tolerance properties
• Requires software-based fault tolerance techniques
– Pre-emptive priority driven model• Higher flexibility
• Non-deterministic
– Increasing complexity• Manage real-time and fault tolerance requirements ...
• … together with the controlled system requirements
– A transparent and generic solution is required
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 5
System Model
• Distributed fault-tolerant hard real-time applications– Application environment
• Multitasking environment
• Guaranteed execution resources
• Replicated applications
– Tolerate COTS components faults
– Provides the sameenvironment in all nodes
Hard Real-Time Application
Hard Real-Time Application
Hard Real-Time Application
Real-Time Network
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 6
System Model• Defines a replication model
– Tasks are joined in components• The component as the replication unit
• A component may be spread over several nodes, and several components can share a node
• De-coupling replication and distribution roles
1 2 3 4
C1
C1’
C2’C2
1
1’
2’
2
3
44’
3’
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 7
• Application development approach– From the application programmer perspective, simple
objects are available to share data and to release tasks• Applications are developed without considering replication and
distribution
– Application configuration is performed by object replacement
• Framework structure
Replication Management Framework
ObjectRepository
GenericObjects
Replica Manager
Application
I nstantiatedObjects
Application-levelMechanisms
Communication Manager
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 8
Replication Management Framework
• Object Repository– Mapping common task interaction in real-time systems
• Shared Data Objects for mutual exclusion– Use of timed messages for replica determinism
• Release Event Objects for sporadic task release– With/without data
– Asynchronous task communication– Tasks can not block accessing remote data
• Remote objects are locally replicated • All writes are atomically disseminated
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 9
Replication Management Framework
• Transparency– Full transparency
• Inefficient
• Difficult to know off-line the characteristics of the application
– Solution• The objects provide a transparent interface, by which
application tasks are not aware of replication and distribution issues
• In a later configuration phase, distributed/replicated resources replace those simple resources
• Full characteristics of the application are known off-line
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 10
Object Repository
• Use of Generic Packages– Reuse of implementation mechanisms– Object parameterisation (configuration) at compile-time– Same Interfaces (except for instantiation)– Encapsulation
• Private implementation based in Protected Types– Mutual exclusion– Sporadic Tasks control
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 11
generic ---
package Object_Repository.Release_Event is
type Release_Obj is private;
function Request_Release_Obj return Release_Obj;
procedure Wait (Obj: Release_Obj); -- potentially -- blocking
procedure Release (Obj: Release_Obj);
private -- private interface
end Object_Repository.Release_Event;
Object Repository
• Interfaces
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 12
Object Repository
• Interfaces
generic ---
package Object_Repository.Inter_Group.Release_Event is
type Release_Obj is private;
function Request_Release_Obj return Release_Obj;
procedure Wait (Obj: Release_Obj); -- potentially -- blocking
procedure Release (Obj: Release_Obj);
private -- private interface
end Object_Repository.Inter_Group.Release_Event;
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 13
generic -- ... package Object_Repository.Inter_Group.Release_Event is
type Release_Obj is private; -- ... private protected type Release_Receive_Type (
Prio: System.Priority; Id: FT.Obj_Id_Type) is pragma Priority(Prio); entry Wait; procedure Release; function Get_Id return FT.Obj_Id_Type; private Obj_Id: FT.Obj_Id_Type := Id; Released: Boolean := False; end Release_Receive_Type;
type Release_Obj is access all Release_Receive_Type;
end Object_Repository.Inter_Group.Release_Event;
Object Repository
• Implementation
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 14
Application Example
• Simple Application
Release Eventwith Data Controller
ReleaseEvent
Wait
Release
SensorSharedData
WaitReleaseActuator
Write Read
Alarm
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 15
Application Example
• Application Code: Objects
1: package Device_Event is new Object_Repository.Release_Event_With_Data(Device_Data);
2: Device_Event_Obj: Device_Event.Release_Event_With_Data_Obj;
3: package Control_Shared_Data is newObject_Repository.Shared_Data(Control_Data);
4: Control_Data_Obj: Control_Shared_Data.Shared_Data_Obj;
5: package Alarm_Event is new Object_Repository.Release_Event;
6: Alarm_Obj: Alarm_Event.Release_Event_Obj;
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 16
26: task body Actuator is27: Start: Ada.Real_Time.Time := ...;28: Period: Ada.Real_Time.Time_Span := ...;29: Ctrl_Data: Control_Data;30: begin31: loop32: Replica_Manager.Request_Periodic(Start);
33: Ctrl_Data := Control_Data_Obj.Read;
34: Actuate(Ctrl_Data);
35: Start := Start + Period;36: end loop;37: end Actuator;
Application Example
• Application Code: Tasks
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 17
Application Example
• Application Configuration
Release Eventwith Data
WaitReleaseEvent
WaitRelease
Sensor
(1)
Release
I ntra-ComponentCommunication
I nter-GroupCommunication
ComponentC2
ComponentC1
Controller
(2)Alarm
(4)
SharedData
Actuator
(3)
Write
ComponentC3
Read
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 18
Application Example
• Application Configuration
C1C2’
C1’
1 2’
21’4
C2
4’
Node 1 Node 2 Node 3
C3
3
C3’
3’
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 19
Application Example
• Application Code: Node 1
1: package Device_Event is new Object_Repository.Inter_Group.Release_Event_With_Data( Device_Data);2: Device_Event_Obj: Device_Event.Release_Event_With_Data_Obj;
3: package Control_Shared_Data is newObject_Repository.Inter_Group.Shared_Data(Control_Data);
4: Control_Data_Obj: Control_Shared_Data.Shared_Data_Obj;
5: package Alarm_Event is newObject_Repository.Intra_Comp.Deterministic_Release_Event;
6: Alarm_Obj: Alarm_Event.Release_Event_Obj;
7: task Sensor; -- no changes20: task Controller; -- no changes
-- no Task Actuator47: task Alarm; -- no changes
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 20
1: package body Example_Application_Tasks is
2: package DDP renames Device_Data_Package;
3: package Device_Event_Data_P is new Object_Repository.Release_Event_With_Data ( Id => DDP.Device_Obj_Id, Prio => DDP.Device_Obj_Prio, Data_Type => DDP.Device_Data );
4: Device_Event_Obj: Device_Event_Data_P.Data_Release_Obj := Device_Event_Data_P.Request_Data_Release_Obj;
-- Other Objects and Application Tasks
5: end Example_Application_Tasks;
Application Example
• Object Instantiation: before Configuration
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 21
Application Example
• Object Instantiation: after Configuration
1: package body Example_Application_Tasks is
2: package DDP renames Device_Data_Package;
3: package Device_Event_Data_P is new Object_Repository.Inter_Group.Release_Event_With_Data(
Id => DDP.Device_Obj_Id,Prio => DDP.Device_Obj_Prio,N_Replicas => DDP.Device_Data_Replicas,Data_Type => DDP.Device_Data,Data_Array_Type => DDP.Device_Data_Array,Decide => DDP.Device_Data_Decide);
4: Device_Event_Obj: Device_Event_Data_P.Data_Release_Obj := Device_Event_Data_P.Request_Data_Release_Obj;
-- Other Objects and Application Tasks
5: end Example_Application_Tasks;
Transparent Environment for Replicated Ravenscar Applications, Luís Miguel Pinho, Francisco Vasques, Ada Europe 2002 22
Conclusions
• A suitable framework for the development of fault-tolerant hard real-time applications– Targeting
• Pre-emptive fixed priority applications• COTS-based systems
• Transparency and genericity in application development– Distribution and replication only considered in a later
configuration phase – Using the semi-transparent approach predictability is
achieved