A Data Centric Approach for Modular Assurance. Workshop on Real-time, Embedded and Enterprise-Scale Time-Critical Systems 23 March 2011

Similar documents
What can DDS do for You? Learn how dynamic publish-subscribe messaging can improve the flexibility and scalability of your applications.

What can DDS do for Android?

Vortex White Paper. Simplifying Real-time Information Integration in Industrial Internet of Things (IIoT) Control Systems

DDS and SOA Interfaces to ESB

DDS-Enabled Cloud Management Support for Fast Task Offloading

WIND RIVER SECURE ANDROID CAPABILITY

Integrated Development of Distributed Real-Time Applications with Asynchronous Communication

Experience with the integration of distribution middleware into partitioned systems

Repeat Success, Not Mistakes; Use DDS Best Practices to Design Your Complex Distributed Systems

JoramMQ, a distributed MQTT broker for the Internet of Things

Industrial Application of MultiPARTES

Architectures for Distributed Real-time Systems

OMG Data-Distribution Service (DDS): Architectural Overview

GSAW C2 System Advantages Sought, Lessons Learned, and Product Philosophies. Ryan Telkamp. Presenter name Presenter Title

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

Smart Grid Innovation: A Look at a Microgrid Testbed Industrial Internet Energy Summit Houston, TX June 23, Brett Burger, NI Brett Murphy, RTI

Emerging Technologies Shaping the Future of Data Warehouses & Business Intelligence

Resource Utilization of Middleware Components in Embedded Systems

A Fully Standards-Based Approach to Logging High-Throughput Distributed Real-Time Data. Leveraging the DDS and SQL Standards

A Standards-Based Integration Platform for Reconfigurable Unmanned Aircraft Systems

Virtualization: Hypervisors for Embedded and Safe Systems. Hanspeter Vogel Triadem Solutions AG

Internet of things (IOT) applications covering industrial domain. Dev Bhattacharya

Service-Oriented Architecture and Software Engineering

Policy Driven Practices for SOA

Data-Centric Programming Best Practices:

Flight Processor Virtualization

9/26/2011. What is Virtualization? What are the different types of virtualization.

Service Mediation. The Role of an Enterprise Service Bus in an SOA

HIPEAC Segregation of Subsystems with Different Criticalities on Networked Multi-Core Chips in the DREAMS Architecture

M 2 M IWG. Eclipse, M2M and the Internet of Things. Overview. M 2 M Industry WorkGroup! M2M?

Decomposition into Parts. Software Engineering, Lecture 4. Data and Function Cohesion. Allocation of Functions and Data. Component Interfaces

Real-time Operating Systems. VO Embedded Systems Engineering Armin Wasicek

Grid Computing Vs. Cloud Computing

Mixed-Criticality: Integration of Different Models of Computation. University of Siegen, Roman Obermaisser

LinuxWorld Conference & Expo Server Farms and XML Web Services

Software Testing of NoTA DIP Implementation

Tomáš Müller IT Architekt 21/04/2010 ČVUT FEL: SOA & Enterprise Service Bus IBM Corporation

Supporting SIP-based End-to-End Data Distribution Service QoS in WANs

Enterprise Service Bus

Event Management Proposal for Distribution Data Service Standard

The evolving ARINC 653 standard and it s application to IMA

UML Profile for DDS. a tutorial for OMG Specification in Government Workshop (Real-Time & Embedded Systems) July 13, 2009

Leveraging the Cloud. September 22, Digital Government Institute Cloud-Enabled Government Conference Washington, DC

evm Virtualization Platform for Windows

Contents Huntcliff, Suite 1350, Atlanta, Georgia, 30350, USA

From SOA to MOA: Transitioning from Service to Mobile Oriented Architectures

Building Test-Sites with Simware

Notes and terms of conditions. Vendor shall note the following terms and conditions/ information before they submit their quote.

Using DDS to Enable The Real-Time Enterprise Service Bus (RT-ESB)

Software Stacks for Mixed-critical Applications: Consolidating IEEE AVB and Time-triggered Ethernet in Next-generation Automotive Electronics

SOA Success is Not a Matter of Luck

Applying Multi-core and Virtualization to Industrial and Safety-Related Applications

The Enterprise Service Bus: Making Service-Oriented Architecture Real

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D

Setting Up an AS4 System

ORACLE VIRTUAL DESKTOP INFRASTRUCTURE

The Advantages of Adaptive and Disributed Systems

Assurance in Service-Oriented Environments

OpenSplice DDS. Angelo CORSARO, Ph.D. Chief Technology Officer OMG DDS Sig Co-Chair PrismTech.

Embedded Systems. 6. Real-Time Operating Systems

Persistent, Reliable JMS Messaging Integrated Into Voyager s Distributed Application Platform

Analysis of a potential use of middleware technologies for railway domain

RTI Analyzer. Getting Started Guide

The MILS Component Integration Approach To Secure Information Sharing

Considerations for Adopting PaaS (Platform as a Service)

What is virtualization

ARINC 653. An Avionics Standard for Safe, Partitioned Systems

Event based Enterprise Service Bus (ESB)

EECatalog SPECIAL FEATURE

TRAVERSE: VIRTUALIZATION AND PRIVATE CLOUD MONITORING

Accelerating the Industrial Internet with the OMG Data Distribution Service

ISOLATING UNTRUSTED SOFTWARE ON SECURE SYSTEMS HYPERVISOR CASE STUDY

Developing software for Autonomous Vehicle Applications; a Look Into the Software Development Process

Safety and Airworthiness Cases for Unmanned System Control Segments. George Romanski, Joe Wlad S5 Symposium, Dayton, OH June 12-14, 2012

Software Components for Reliable Automotive Systems

Addressing the Challenges of Mission-Critical Information Management in Next-Generation Net-Centric Pub/Sub Systems with OpenSplice DDS

Building the Internet of Things Jim Green - CTO, Data & Analytics Business Group, Cisco Systems

Service Oriented Architecture

Architecting Composite Component Systems for Heterogeneous Environments with Open Standards. Derek Dominish

DCS110 CATVisor COMMANDER

Flexible Building Blocks for Software Defined Network Function Virtualization (Tenant-Programmable Virtual Networks)

AFDX Emulator for an ARINC-based Training Platform. Jesús Fernández Héctor Pérez J. Javier Gutiérrez Michael González Harbour

Virtualization for Cloud Computing

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

New Products and New Features May, 2015

The Virtualization Practice

Enhancing Hypervisor and Cloud Solutions Using Embedded Linux Iisko Lappalainen MontaVista

Open Source Implementation of Hierarchical Scheduling for Integrated Modular Avionics

Developers Integration Lab (DIL) System Architecture, Version 1.0

QoS and Communication Performance Management

Service Oriented Architecture 1 COMPILED BY BJ

How Microsoft Designs its Cloud-Scale Servers

An Architecture Vision

CS550. Distributed Operating Systems (Advanced Operating Systems) Instructor: Xian-He Sun

Contents. Overview 1 SENTINET

QoS Management in SOAs. Service-Oriented Architectures

Cloudy Middleware MARK LITTLE TOBIAS KUNZE

Enabling Device-Independent Mobility with Dynamic Virtual Clients

SECURITY: THE KEY TO AFFORDABLE UNMANNED AIRCRAFT SYSTEMS. By Alex Wilson, Director of Business Development, Aerospace and Defense

RED HAT CONTAINER STRATEGY

Transcription:

A Data Centric Approach for Modular Assurance The Real-Time Middleware Experts Workshop on Real-time, Embedded and Enterprise-Scale Time-Critical Systems 23 March 2011 Gabriela F. Ciocarlie Heidi Schubert Rose Wahlin

Agenda Introduction Mixed criticality systems The challenge Data Centric Architecture Modularity Separation Kernels Data Distribution Service (DDS) Example Recommendations 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 2

Mixed Criticality Systems Any system that has multiple assurance requirements Safety, at different assurance levels Security, at different assurance levels Example: Unmanned Air Vehicle Flight control is safety critical Payload management is mission critical Ideally a system is built from components each with their own assurance requirements 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 3

The Challenge Design a modular plug-and-play architecture to reduce cost and reuse components Components must interact The behavior of one component can affect another It can be advantageous to have components at different criticality levels exchange data Once a component interacts with another, then the whole system must be certified, not the individual components 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 4

The Solution Move from a component-interaction model to a datacentric model The data-centric model defines the data types and attributes in the system A component complies with the data model in terms of data it sends and receives This decouples the applications 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 5

Agenda Introduction Mixed criticality systems The challenge Data Centric Architecture Modularity Separation Kernels Data Distribution Service (DDS) Example Recommendations 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 6

The Modular Approach Monolithic Approach Certify whole system Connection oriented Tightly coupled Hard to evolve Modular approach Certify components Data oriented Loosely coupled Evolvable Smart Data Bus Standardized Data Services QoS Controlled Communication 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 7

The Data Contract First, all data in the system is defined Next, data characteristics are defined For example airspeed is flagged as flight critical Then components define data delivery attributes A flight critical component specifies data rate that flight critical data must be delivered This creates a data contract 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 8

Data Centric Approach for Layered Assurance Data contract includes Data type Name Quality of Service Sender/Receiver of the data is anonymous Validation Component validation does it conform to the data model System validation is there a producer at correct assurance level for each required data 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 9

Realization in a Layered Assurance System Separation Kernels Guarantees isolation of components Controls data flow Object Management Group (OMG) Data Distribution Service Used to implement the data model and distribute data 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 10

Separation Kernels Base of the solution for mixed-criticality systems certification Isolation and Control Each guest operating system (OS) runs in its own partition Each guest OS is isolated over both time and space Information flows are tightly controlled Components can be pre-certified and composed quickly into new configurations Caveat Does not address interdependency between components or interactions between components on separate computers 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 11

Data Distribution Service (DDS) Data-centric publish-subscribe middleware for real-time communication Strong data typing Quality-of-Service (QoS) parameters e.g., deadlines for message delivery, bandwidth control, reliability model control, failover and backup specification, data filtering etc. DDS QoS parameters characterize: the data contracts between participants the properties of the overall data model real-time communication and delivery requirements on a per-data-stream basis 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 12

Agenda Introduction Mixed criticality systems The challenge Data Centric Architecture Modularity Separation kernels Data Distribution Service (DDS) Example Recommendations 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 13

Example: Wind River VxWorks MILS and RTI Data Distribution Service Apps General Network Stack Apps Linux Network Stack Apps Linux Network Stack DDS shared lib DDS shared lib DDS shared lib VxWorks Guest OS Linux Guest OS Linux Guest OS VxWorks MILS Separation Kernel Wind River Hypervisor Technology Hardware (Processor + Board) 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 14

Example Demo Overview UAV Components (SBC) Flight critical DDS Logging DDS MILS Kernel DDS Bus DDS Secondary Mission Plan App DDS Primary Mission Plan App Alarm Viewer DDS-Web Services bridge Ground control (laptop 1) DDS provides locationindependence! Remote monitor (laptop 2) High criticality Lower criticality

Scenario 1: Failover of Lower Criticality Flight critical Logging MILS Kernel DDS Bus Secondary Mission Plan Primary Mission Plan Alarm Viewer DDS-Web Services bridge High criticality Lower criticality

Scenario 2: Lower Criticality Floods the Network Filters excess data Flight critical Logging MILS Kernel DDS Bus Secondary Mission Plan Primary Mission Plan Alarm Viewer DDS-Web Services bridge Floods network High criticality Lower criticality

Agenda Introduction Mixed criticality systems The challenge Data Centric Architecture Modularity Separation kernels Data Distribution Service (DDS) Example Recommendations 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 18

Tenets for Developing Safety-Critical Software Reduce code size Consider testability in design Enable verification Avoid recursion Set limits for example limits on iterations Deterministic in time Deterministic in memory No dynamic memory allocation after startup 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 19

Challenges DDS for in Safety-Critical Systems DDS is designed to be dynamic Entities discovered at run-time Number of nodes and endpoints can change DDS adaptable to changes in the environment, for example increasing a sample queue DDS is feature rich Implementations can have many lines of code, making certification costly Many features either not suitable or not applicable to safetycritical systems 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 20

DDS Discovery The process by which domain participants find out about each other s entities Each participant maintains database on other participants in the domain and their entities Happens automatically behind the scenes anonymous publish-subscribe Dynamic discovery Participants must refresh their presence in the domain or will be aged out of database QoS changes are propagated to remote participants 2010 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 21

DDS Discovery in Safety-Critical Systems Do not want An a priori unknown number of participants connecting An a priori unknown number of remote Data Writer/Data Readers Do want To know if remote participants are up A simple protocol Solution Stage 1: the same, dynamic participant discovery Stage 2: static loading of endpoints 2010 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 22

Memory Model In DDS, queue sizes can change Discovery queues grow when more nodes join the system Data queue sizes grow to accommodate more data In a safety-critical system, memory must be deterministic Solution Set all resource limits before creating entities Memory is only allocated during _create calls There is no memory growth policy 2010 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 23

DDS Feature Set Support the same entites Domain Participant, Publisher, Subscriber, Data Reader, Data Writer, Topic Need core DDS APIs Create entities Write/Read Listener for data available Get QoS and Entities RTPS wire protocol compatibility 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 24

QoS supported QoS needed for safety-critical systems Best-effort communication Reliable communication History queue Reader and Writer Deadline Manual assertion of liveliness by topic Time-based filter Filter only on the reader Ownership Ownership strength 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 25

Conclusions Mixed-criticality systems certification can go a long way We can leverage: Isolation and control capabilities through separation kernels Modularity through a data-centric architecture It is possible to build mixed criticality systems that provide: Modularity Evolvability Fault tolerance 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 26

Acknowledgments Wind River provided their MILS platform as well as valuable feedback United States Air Force - contract FA8650-10-M-3025 The content of this work is the responsibility of the authors and should not be taken to represent the views or practices of the U.S. Government or its agencies. 2010 Real-Time Innovations, Inc. COMPANY PROPRIETARY UNCLASSIFIED 27

Thank You 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 28

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information