Real-time & distributed Software Design
Objectives To explain the concept of a real-time system and why these systems are usually implemented as concurrent processes To describe a design process for real-time systems To explain the role of a real-time operating system To introduce generic process architectures for monitoring and control and data acquisition systems
Topics covered System design Real-time operating systems Monitoring and control systems Data acquisition systems
Real-time systems Systems which monitor and control their environment. Inevitably associated with hardware devices Sensors: Collect data from the system environment; Actuators: Change (in some way) the system's environment; Time is critical. Real-time systems MUST respond within specified times.
Definition A real-time system is a software system where the correct functioning of the system depends on the results produced by the system and the time at which these results are produced. A soft real-time system is a system whose operation is degraded if results are not produced according to the specified timing requirements. A hard real-time system is a system whose operation is incorrect if results are not produced according to the timing specification.
Stimulus/Response Systems Given a stimulus, the system must produce a response within a specified time. Periodic stimuli. Stimuli which occur at predictable time intervals For example, a temperature sensor may be polled 10 times per second. Aperiodic stimuli. Stimuli which occur at unpredictable times For example, a system power failure may trigger an interrupt which must be processed by the system.
Architectural considerations Because of the need to respond to timing demands made by different stimuli/responses, the system architecture must allow for fast switching between stimulus handlers. Timing demands of different stimuli are different so a simple sequential loop is not usually adequate. Real-time systems are therefore usually designed as cooperating processes with a real-time executive controlling these processes.
A real-time system model
Sensor/actuator processes
System elements Sensor control processes Data processor Collect information from sensors. May buffer information collected in response to a sensor stimulus. Data processor Carries out processing of collected information and computes the system response. Actuator control processes Generates control signals for the actuators.
Real-time programming Hard-real time systems may have to programmed in assembly language to ensure that deadlines are met. Languages such as C allow efficient programs to be written but do not have constructs to support concurrency or shared resource management.
Java as a real-time language Java supports lightweight concurrency (threads and synchronized methods) and can be used for some soft real-time systems. Java 2.0 is not suitable for hard RT programming but real-time versions of Java are now available that address problems such as Not possible to specify thread execution time; Different timing in different virtual machines; Uncontrollable garbage collection; Not possible to discover queue sizes for shared resources; Not possible to access system hardware; Not possible to do space or timing analysis.
System design Design both the hardware and the software associated with system. Partition functions to either hardware or software. Design decisions should be made on the basis on non-functional system requirements. Hardware delivers better performance but potentially longer development and less scope for change.
R-T systems design process Identify the stimuli to be processed and the required responses to these stimuli. For each stimulus and response, identify the timing constraints. Aggregate the stimulus and response processing into concurrent processes. A process may be associated with each class of stimulus and response.
R-T systems design process Design algorithms to process each class of stimulus and response. These must meet the given timing requirements. Design a scheduling system which will ensure that processes are started in time to meet their deadlines. Integrate using a real-time operating system.
Timing constraints May require extensive simulation and experiment to ensure that these are met by the system. May mean that certain design strategies such as object-oriented design cannot be used because of the additional overhead involved. May mean that low-level programming language features have to be used for performance reasons.
Real-time system modelling The effect of a stimulus in a real-time system may trigger a transition from one state to another. Finite state machines can be used for modelling real-time systems. However, FSM models lack structure. Even simple systems can have a complex model. The UML includes notations for defining state machine models See Chapter 8 for further examples of state machine models.
Petrol pump state model
Real-time operating systems Real-time operating systems are specialised operating systems which manage the processes in the RTS. Responsible for process management and resource (processor and memory) allocation. May be based on a standard kernel which is used unchanged or modified for a particular application. Do not normally include facilities such as file management. 14
Operating system components Real-time clock Provides information for process scheduling. Interrupt handler Manages aperiodic requests for service. Scheduler Chooses the next process to be run. Resource manager Allocates memory and processor resources. Dispatcher Starts process execution.
Non-stop system components Configuration manager Responsible for the dynamic reconfiguration of the system software and hardware. Hardware modules may be replaced and software upgraded without stopping the systems. Fault manager Responsible for detecting software and hardware faults and taking appropriate actions (e.g. switching to backup disks) to ensure that the system continues in operation.
Real-time OS components
Process priority The processing of some types of stimuli must sometimes take priority. Interrupt level priority. Highest priority which is allocated to processes requiring a very fast response. Clock level priority. Allocated to periodic processes. Within these, further levels of priority may be assigned.
Interrupt servicing Control is transferred automatically to a pre-determined memory location. This location contains an instruction to jump to an interrupt service routine. Further interrupts are disabled, the interrupt serviced and control returned to the interrupted process. Interrupt service routines MUST be short, simple and fast.
Periodic process servicing In most real-time systems, there will be several classes of periodic process, each with different periods (the time between executions), execution times and deadlines (the time by which processing must be completed). The real-time clock ticks periodically and each tick causes an interrupt which schedules the process manager for periodic processes. The process manager selects a process which is ready for execution.
Process management Concerned with managing the set of concurrent processes. Periodic processes are executed at pre-specified time intervals. The RTOS uses the real-time clock to determine when to execute a process taking into account: Process period - time between executions. Process deadline - the time by which processing must be complete.
RTE process management
Process switching The scheduler chooses the next process to be executed by the processor. This depends on a scheduling strategy which may take the process priority into account. The resource manager allocates memory and a processor for the process to be executed. The dispatcher takes the process from ready list, loads it onto a processor and starts execution.
Scheduling strategies Non pre-emptive scheduling Once a process has been scheduled for execution, it runs to completion or until it is blocked for some reason (e.g. waiting for I/O). Pre-emptive scheduling The execution of an executing processes may be stopped if a higher priority process requires service. Scheduling algorithms Round-robin; Rate monotonic; Shortest deadline first.
Monitoring and control systems Important class of real-time systems. Continuously check sensors and take actions depending on sensor values. Monitoring systems examine sensors and report their results. Control systems take sensor values and control hardware actuators.
Generic architecture
Burglar alarm system A system is required to monitor sensors on doors and windows to detect the presence of intruders in a building. When a sensor indicates a break-in, the system switches on lights around the area and calls police automatically. The system should include provision for operation without a mains power supply.
Burglar alarm system Sensors Actions Movement detectors, window sensors, door sensors; 50 window sensors, 30 door sensors and 200 movement detectors; Voltage drop sensor. Actions When an intruder is detected, police are called automatically; Lights are switched on in rooms with active sensors; An audible alarm is switched on; The system switches automatically to backup power when a voltage drop is detected.
The R-T system design process Identify stimuli and associated responses. Define the timing constraints associated with each stimulus and response. Allocate system functions to concurrent processes. Design algorithms for stimulus processing and response generation. Design a scheduling system which ensures that processes will always be scheduled to meet their deadlines.
Stimuli to be processed Power failure Generated aperiodically by a circuit monitor. When received, the system must switch to backup power within 50 ms. Intruder alarm Stimulus generated by system sensors. Response is to call the police, switch on building lights and the audible alarm.
Timing requirements
Burglar alarm system processes
Control systems A burglar alarm system is primarily a monitoring system. It collects data from sensors but no real-time actuator control. Control systems are similar but, in response to sensor values, the system sends control signals to actuators. An example of a monitoring and control system is a system that monitors temperature and switches heaters on and off.
A temperature control system
Data acquisition systems Collect data from sensors for subsequent processing and analysis. Data collection processes and processing processes may have different periods and deadlines. Data collection may be faster than processing e.g. collecting information about an explosion. Circular or ring buffers are a mechanism for smoothing speed differences.
Data acquisition architecture
Reactor data collection A system collects data from a set of sensors monitoring the neutron flux from a nuclear reactor. Flux data is placed in a ring buffer for later processing. The ring buffer is itself implemented as a concurrent process so that the collection and processing processes may be synchronized.
A ring buffer
Mutual exclusion Producer processes collect data and add it to the buffer. Consumer processes take data from the buffer and make elements available. Producer and consumer processes must be mutually excluded from accessing the same element. The buffer must stop producer processes adding information to a full buffer and consumer processes trying to take information from an empty buffer.
Key points Real-time system correctness depends not just on what the system does but also on how fast it reacts. A general RT system model involves associating processes with sensors and actuators. Real-time systems architectures are usually designed as a number of concurrent processes.
Key points Real-time operating systems are responsible for process and resource management. Monitoring and control systems poll sensors and send control signal to actuators. Data acquisition systems are usually organised according to a producer consumer model.
Distributed Systems Architectures Architectural design for software that executes on more than one processor
Distributed systems Virtually all large computer-based systems are now distributed systems Information processing is distributed over several computers rather than confined to a single machine Distributed software engineering is now very important
System types Personal systems that are not distributed and that are designed to run on a personal computer or workstation. Embedded systems that run on a single processor or on an integrated group of processors. Distributed systems where the system software runs on a loosely integrated group of cooperating processors linked by a network.
Distributed system characteristics Resource sharing Openness Concurrency Scalability Fault tolerance Transparency
Distributed system disadvantages Complexity Security Manageability Unpredictability
Distributed systems archiectures Client-server architectures Distributed services which are called on by clients. Servers that provide services are treated differently from clients that use services Distributed object architectures No distinction between clients and servers. Any object on the system may provide and use services from other objects
Middleware Software that manages and supports the different components of a distributed system. In essence, it sits in the middle of the system Middleware is usually off-the-shelf rather than specially written software Examples Transaction processing monitors Data converters Communication controllers
Multiprocessor architectures Simplest distributed system model System composed of multiple processes which may (but need not) execute on different processors Architectural model of many large real-time systems Distribution of process to processor may be pre-ordered or may be under the control of a despatcher
A multiprocessor traffic control system
Client-server architectures The application is modelled as a set of services that are provided by servers and a set of clients that use these services Clients know of servers but servers need not know of clients Clients and servers are logical processes The mapping of processors to processes is not necessarily 1 : 1
A client-server system
Computers in a C/S network
Layered application architecture Presentation layer Concerned with presenting the results of a computation to system users and with collecting user inputs Application processing layer Concerned with providing application specific functionality e.g., in a banking system, banking functions such as open account, close account, etc. Data management layer Concerned with managing the system databases
Application layers
Thin and fat clients Thin-client model Fat-client model In a thin-client model, all of the application processing and data management is carried out on the server. The client is simply responsible for running the presentation software. Fat-client model In this model, the server is only responsible for data management. The software on the client implements the application logic and the interactions with the system user.
Thin and fat clients
Thin client model Used when legacy systems are migrated to client server architectures. The legacy system acts as a server in its own right with a graphical interface implemented on a client A major disadvantage is that it places a heavy processing load on both the server and the network
Fat client model More processing is delegated to the client as the application processing is locally executed Most suitable for new C/S systems where the capabilities of the client system are known in advance More complex than a thin client model especially for management. New versions of the application have to be installed on all clients
A client-server ATM system
Three-tier architectures In a three-tier architecture, each of the application architecture layers may execute on a separate processor Allows for better performance than a thin-client approach and is simpler to manage than a fat-client approach A more scalable architecture - as demands increase, extra servers can be added
A 3-tier C/S architecture
An internet banking system
Use of C/S architectures
Distributed object architectures There is no distinction in a distributed object architectures between clients and servers Each distributable entity is an object that provides services to other objects and receives services from other objects Object communication is through a middleware system called an object request broker (software bus) However, more complex to design than C/S systems
Distributed object architecture
Advantages of distributed object architecture It allows the system designer to delay decisions on where and how services should be provided It is a very open system architecture that allows new resources to be added to it as required The system is flexible and scaleable It is possible to reconfigure the system dynamically with objects migrating across the network as required
Uses of distributed object architecture As a logical model that allows you to structure and organise the system. In this case, you think about how to provide application functionality solely in terms of services and combinations of services As a flexible approach to the implementation of client-server systems. The logical model of the system is a client-server model but both clients and servers are realised as distributed objects communicating through a software bus
A data mining system
Data mining system The logical model of the system is not one of service provision where there are distinguished data management services It allows the number of databases that are accessed to be increased without disrupting the system It allows new types of relationship to be mined by adding new integrator objects
CORBA CORBA is an international standard for an Object Request Broker - middleware to manage communications between distributed objects Several implementations of CORBA are available DCOM is an alternative approach by Microsoft to object request brokers CORBA has been defined by the Object Management Group
Application structure Application objects Standard objects, defined by the OMG, for a specific domain e.g. insurance Fundamental CORBA services such as directories and security management Horizontal (i.e. cutting across applications) facilities such as user interface facilities
CORBA application structure
CORBA standards An object model for application objects A CORBA object is an encapsulation of state with a well-defined, language-neutral interface defined in an IDL (interface definition language) An object request broker that manages requests for object services A set of general object services of use to many distributed applications A set of common components built on top of these services
CORBA objects CORBA objects are comparable, in principle, to objects in C++ and Java They MUST have a separate interface definition that is expressed using a common language (IDL) similar to C++ There is a mapping from this IDL to programming languages (C++, Java, etc.) Therefore, objects written in different languages can communicate with each other
Object request broker (ORB) The ORB handles object communications. It knows of all objects in the system and their interfaces Using an ORB, the calling object binds an IDL stub that defines the interface of the called object Calling this stub results in calls to the ORB which then calls the required object through a published IDL skeleton that links the interface to the service implementation
ORB-based object communications
Inter-ORB communications ORBs are not usually separate programs but are a set of objects in a library that are linked with an application when it is developed ORBs handle communications between objects executing on the same machine Several ORBS may be available and each computer in a distributed system will have its own ORB Inter-ORB communications are used for distributed object calls
Inter-ORB communications
CORBA services Naming and trading services Notification services These allow objects to discover and refer to other objects on the network Notification services These allow objects to notify other objects that an event has occurred Transaction services These support atomic transactions and rollback on failure
Example of a Simple CORBA Application Written in Java
Starting Clients, Servers, and Name Servers # Compile the IDL into a Java stub idltojava -fno-cpp Hello.idl # Compile the Java program and stub javac *.java HelloApp/*.java # Initiate the name server on king.mcs.drexel.edu on port 1050. tnameserv -ORBInitialPort 1050 -ORBInitialHost king.mcs.drexel.edu # Initiate the hello server (relies on the name server being on king's 1050 port.) java HelloServer -ORBInitialPort 1050 -ORBInitialHost king.mcs.drexel.edu # Initiate the hello client (relies on the name server being on king's 1050 port.) java HelloClient -ORBInitialPort 1050 -ORBInitialHost king.mcs.drexel.edu
“Hello World” IDL Specification module HelloApp { interface Hello string sayHello(); };
“Hello World” Client Java Program import HelloApp.*; import org.omg.CosNaming.*; // package used for name service import org.omg.CosNaming.NamingContextPackage.*; import org.omg.CORBA.*; public class HelloClient { public static void main(String args[]) { try{ // create and initialize the ORB ORB orb = ORB.init(args, null); // args contain info. about // name server port/host // get the root naming context org.omg.CORBA.Object objRef = orb.resolve_initial_references("NameService"); NamingContext ncRef = NamingContextHelper.narrow(objRef); // casting ... // continued on next page ...
“Hello World” Client Java Program (Cont’d) // resolve the Object Reference in Naming NameComponent nc = new NameComponent("Hello", ""); NameComponent path[] = {nc}; Hello HelloRef = HelloHelper.narrow(ncRef.resolve(path)); // call the Hello server object and print results String Hello = HelloRef.sayHello(); System.out.println(Hello); } catch (Exception e) { System.out.println("ERROR : " + e) ; e.printStackTrace(System.out); }
“Hello World” Server Java Program import HelloApp.*; import org.omg.CosNaming.*; import org.omg.CosNaming.NamingContextPackage.*; import org.omg.CORBA.*; class HelloServant extends _HelloImplBase { public String sayHello() return "\nHello world !!\n"; }
“Hello World” Server Java Program (Cont’d) public class HelloServer { public static void main(String args[]) { try{ // create and initialize the ORB ORB orb = ORB.init(args, null); // create servant and register it with the ORB HelloServant HelloRef = new HelloServant(); orb.connect(HelloRef); // HelloRef will be published ... // get the root naming context org.omg.CORBA.Object objRef = orb.resolve_initial_references("NameService"); NamingContext ncRef = NamingContextHelper.narrow(objRef); // continued on next slide ...
“Hello World” Server Java Program (Cont’d) // bind the Object Reference in Naming NameComponent nc = new NameComponent("Hello", ""); NameComponent path[] = {nc}; ncRef.rebind(path, HelloRef); // clobber old binding if any ... // wait for invocations from clients java.lang.Object sync = new java.lang.Object(); synchronized (sync) { // aquires a mutex lock on thread sync.wait(); // server sleeps ... } } catch (Exception e) { System.err.println("ERROR: " + e); e.printStackTrace(System.out);