EMB424 Implementing Fault Tolerant Systems in Windows CE 5.0 Nat Frampton President Real Time Development
M anagement T ools C ommunications & M essaging Device Update Agent Software Update Services Live Communications Server Exchange Server Internet Security and Acceleration Server Speech Server Image Update L ocation S ervices M ultimedia MapPoint DirectX Windows Media Visual Studio 2005 D evelopment T ools MFC 8.0, ATL 8.0 Win32 N ative M anaged S erver S ide L ightweight R elational SQL Server 2005 Express EditionEDB D ata P rogramming M odel D evice B uilding T ools D evice B uilding T ools H ardware/ D rivers Windows XP DDK Windows Embedded Studio Platform Builder OEM/IHV Supplied BSP (ARM, SH4, MIPS) OEM Hardware and Standard Drivers Standard PC Hardware and Drivers SQL Server 2005SQL Server 2005 Mobile Edition ASP.NET Mobile ControlsASP.NET.NET Compact Framework.NET Framework Microsoft Operations Manager Systems Management Server
Overview Background History – Definitions – Ground Rules OS Properties Fault Tolerant Techniques Partitioning into Threads and Processes Watchdogs Exception Handling Interrupt level Fault Tolerance Conclusions
Background – History (1) Hardware has improved Software has become the primary cause of faults! Building complex systems from unreliable parts has been addressed from years Space applications served as the catalyst for fault tolerant system design Fault tolerant system design includes Carefully designed hardware Redundant software
Background – History (2) We have to accept that systems ship with failures Reliability Engineering Leveraged the concepts of MBTFs from HW End User describes failures and tolerances Statistical models -> probability of a failure Systems can ship with failures the user can tolerate Tradeoff Lower the probability of failure vs. cost
Background – Definitions (1) Dependability of a computing system is the ability to deliver service that can justifiably be trusted Service delivered by a system is its behavior perceived by another system (physical, human) that interacts with the former at the service interface Function of a system is what the system is intended to do, as described by the functional specification A system failure occurs when the service delivered does not comply with the specification An error is a system state, which may lead to failure; An error is detected if an error message or signal is produced within the system, or latent if not detected A fault is the cause of an error, and is active when it results in an error, otherwise is dormant
Background – Definitions (2) Fault tolerance is ability of a system to deliver of correct service in the presence of faults Applications may emphasize different attributes of dependability, including Availability: readiness for correct service Reliability: the continuity of that service Safety: the avoidance of catastrophic consequences on the environment Security: the prevention of unauthorized access
Background – OS Properties Processes and Threads Synchronization Objects Priorities Interrupt Architecture
Windows CE 5.0 Priority Map PriorityComponent 0-19 Open – Real Time Above Drivers 20 Permedia Vertical Retrace Open – Real Time Above Drivers 99 Power management Resume Thread USB OHCI UHCI, Serial Irsir1, NDIS, Touch 130KITL 131VMini 132CxPort Open – Device Drivers 145 PS2 Keyboard Open – Device Drivers 148IRComm TAPI Open – Real Time Below Drivers 248 Power Management 249 WaveDev, TVIA5000,Mouse,PnP,Power 250WaveAPI 251 Power Manager Battery Thread Open
Kernel Interrupt Architecture HW All Higher Enabled All Except IDAll OAL Thread ISR SetEvent ID ISR ISR 1 ISR N ISRLatency IST IST Latency
Thread A Priority 1 Priority 2 Thread C Thread B Windows CE 5.0 M[A,B]M[B,C] Mutex Thread A Priority 1 Priority 2 Thread C Thread B Thread C Thread A Thread B Windows CE 2.x M[A,B]M[B,C] Mutex Thread A Priority Inversion
Fault Tolerant Techniques Partitioning into Threads and Processes Watchdogs Exception Handling Interrupt level Fault Tolerance The good, the bad, the ugly! Now for some code!
Conclusions Windows CE 5.0 has created a new class of complex embedded software Complexity brings Responsibility Microsoft’s Windows CE 5.0 Rich framework of features and capabilities You must understand the OS features and capabilities! Fault Tolerance is achieved through understanding of the OS and existing and future techniquest
Windows CE 5.0 Fault Tolerant Techniques “The White Paper” enus/dncenet/html/faulttol.asp
While at MEDC 2005… Fill out an evaluation for this session Randomly selected instant WIN prizes! Randomly selected instant WIN prizes! Use real technology in a lab Instructor led Reef E/F & Breakers L Self-paced Reef B/C Self-paced Reef B/C Visit the Microsoft Product Pavilion in the Exhibit Hall Shorelines B in the Exhibit Hall Shorelines B
After The Conference… Develop Build InstallBuildJoin Install Enter Enter Join Full-featured trial versions of Windows CE and/or Windows XP Embedded Cool stuff & tell us about it: msdn.microsoft.com/embedded/community msdn.microsoft.com/embedded/community Windows Embedded Partner Program: Windows Mobile 5.0 Eval Kit including Visual Studio 2005 Beta 2 Mobile2Market Contest and win up to $25000: mobile2marketcontest.com mobile2marketcontest.com Microsoft Solutions Partner Program: partner.microsoft.com partner.microsoft.com
Tools & Resources msdn.microsoft.com/ embedded microsoft.public. windowsxp.embedded windowsce.platbuilder windowsce.platbuilder windowsce.embedded.vc windowsce.embedded.vc blogs.msdn.com/ mikehall Windows CE 5.0 Eval Kit Windows XP Embedded Eval Kit msdn.microsoft.com/ mobility microsoft.public. pocketpc.developer smartphone.developer dotnet.framework.compactframework blogs.msdn.com/ windowsmobile vsdteam netcfteam Windows Mobile 5.0 Eval Kit Websites Newsgroups Blogs Tools Build Develop
© 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.