Task set design tools for an embedded distributed control system

Abstract

The design of an advanced distributed embedded control system, e.g., in the automotive or aerospace industry, is often approached cooperatively by a system manufacturer and several subsystem suppliers. Therefore a decomposition of the system into smaller subsystems with well-defined, stable interfaces among them must be developed. The internal design of these subsystems can then be based on the definition and the properties of the subsystem interfaces. In this paper we present the Time-Triggered Architecture (TTA) supporting such a design approach and concentrate on the design and implementation of a subsystem developed by one supplier. We propose a set of local design tools for the application developer that supports the systematic and efficient development of application tasks on top of a time-triggered operating system. 1 I n t r o d u c t i o n The design of an embedded distributed control system is often carried out by the system manufacturer in close cooperation with the subsystem suppliers, e.g., in the automotive or the aerospace industry. A well known example from the aerospace industry is the Integrated Modular Avionics (IMA) *This work was supported by the Esprit OMI Project 23396, Time-Triggered Architecture (TTA). where the modules provided by different suppliers are integrated into a cabinet by the SAFEbus [HD92] (Honeywell's implementation of ARINC 659[Inc93]). This manufacturer/supplier relationship is the main reason why we have structured the design process in the Time-Triggered Architecture (TTA)[SHS+97] into two phases and put special emphasis on the design of the interfaces between the system manufacturer and the subsystem suppliers. More information concerning the Time-Triggered Architecture can be found in the book by Kopetz [Kop97] and concerning the communication subsystem in [KG94, KHK~-97]. We will first describe the global design issues as they are the basis for the local design on which we will concentrate in the rest of the paper. The global design deals with all issues that are relevant for more than one subsystem and where the activities at the different subsystems must be coordinated to operate in a consistent and highly synchronized manner. The tool set described in this paper is based on an adapted and extended version of TRAPPER, a software engineering environment for parallel applications [SSKF95]. In Section 2 the main activities and tools required for the design of all system-level issues are briefly addressed. The main topic of this paper, the task model and the local design tools are addressed in Sections 3 and 4. The paper concludes in Section 5.