SlideShare a Scribd company logo

automtoive embedded flexray in embedded systems

Download as PPT, PDF
D
dpitsystems22

The document discusses time-triggered protocols (TTP) and FlexRay, focusing on their features such as fault tolerance, deterministic data transmission, and real-time capabilities for safety-critical systems. It outlines system structures, communication mechanisms, fault hypotheses, clock synchronization methods, and startup protocols while comparing the two systems across various attributes like flexibility and security. Key points include the importance of clock synchronization algorithms and the role of bus guardians in ensuring reliable message delivery and error detection.

Automotive
1 of 21
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
TTP and FlexRay
Time Triggered Protocols • Global time by fault tolerant clock synchronisation • Exact time point of a certain message is known (determinism) • Real time capable, for safety-critical systems • Each node gets a time slot in the transmission loop where only it can send a message + No arbitration necessary + No address field – Less flexible
Requirements 1. General • Higher bandwidth • Fault tolerance • Deterministic data transmission with guaranteed latency and minimal jitter. • Support for distributed systems • Unifications of bus systems within vehicles • Composability 2. Automotive • Configurable synchronous and asynchronous transmission • Support of scaleable redundancy. • Prompt error detection and error reporting. • Fault-containment at the level of the physical layer. • Media-access without arbitration. • Support for a fiber-optics and electrical physical layer. • Flexibility, expandability and easy configuration in automotive applications.
Requirements (Priorities) TTP/C 1. Security 2. Composability 3. Flexibility FlexRay 1. Flexibility 2. Composability 3. Security
System Structure • The CNI (implemented as a Dual Ported RAM) is an interface between the application layer and protocol layer of a TTP node. • The TTP/C protocol runs on the TTP/C communication controller • Applications run on the host subsystem.
Topology TTP/C FlexRay Bus Star
Nodes TTP FlexRay
Message Transmission TTP • Max data field length = 236B • MEDL, TDMA round, Cluster cycle • Event channel on top of TTP – specified no. of bytes in message reserved – Event triggered protocol can be implemented at a higher level – CNI continues to be defined in temporal domain – Error correction possible – Async traffic protected by BG FlexRay • Max data field length = 12B • Schedule determined at runtime • Event channel in parallel – two recurring intervals (synchronous for high priority & asynchronous for low priority) • Asynchronous messages controlled by Byteflight “minislotting” protocol • use TDMA strategy • protect communication channel with Bus Guardian
Frames TTP FlexRay
Fault Hypothesis (introduction) • Fault mode + No. of faults + Fault arrival rate • Level 1 and Level 2 faults. • FCU ’s and the partitioning strategy • Faults can affect – time,value and space • Hybrid Fault Model – manifest,symmetric and asymmetric faults. • Faults – active or passive • Self – checking pairs • Fail silence • Slightly Off Specification (SOS) Faults • Reconfiguration and Reconfiguration rate •Never Give Up (NGU) Strategy
Fault Hypothesis (TTP/C) • Fault modes: 1. Arbitrary active faults in controllers and the hub of TTA-star 2. Arbitrary passive faults in the guardians and buses of TTA-bus 3. Spatial proximity faults that take out nodes and a hub in TTA-star • Maximum faults: TTA adopts a single-fault hypothesis. In more detail, the fault hypothesis of TTA assumes the following numbers of faults. 1. For TTA-bus: in each node either the controller or the bus guardian may fail (but not both). One of the buses may fail. To retain single fault tolerance, at least four controllers and their bus guardians must be nonfaulty, and both buses must be nonfaulty. Provided at least one bus is nonfaulty, the system may be able to continue operation with fewer nonfaulty components. 2. For TTA-star: to retain single fault tolerance, at least four controllers and both hubs must be nonfaulty. Provided at least one hub is nonfaulty, the system may be able to continue operation with fewer nonfaulty components. • Fault arrival rate: At most one fault every two rounds
Fault Hypothesis (FlexRay) inferences • A node consisting of a microcontroller host, a communication controller, and two bus guardians will be fabricated on a single chip. It appears that all four components will use separate clock oscillators • Fault modes: 1. Asymmetric (and presumably, therefore, also arbitrary) faults in controllers for the purposes of clock synchronization 2. Fault modes for other services and components are not described 3. Spatial proximity faults may take out nodes and an entire hub • Maximum faults: 1. It appears that a single-fault hypothesis is intended: in each node, at most one bus guardian, or the controller, may be faulty. At most one of the interconnects may be faulty. 2. For clock synchronization, fewer than a third of the nodes may be faulty. • Fault arrival rate: The fault arrival rate hypothesis is not described.
Clock Synchronisation • Throughput of the bus = tightness of bus schedule = quality of global clock synchronisation = quality of local oscillators + synchronisation algorithm • Two classes of synchronisation algorithm – Average based (eg. Welch-Lynch)  “fault tolerant midpoint”  assume n clocks and the maximum number of simultaneous faults to be tolerated is t (3t < n); the fault-tolerant midpoint is the average of the t + 1’st and n – t ‘ th when arranged from smallest to largest – Event based (eg. Srikant-Touleg) • Both averaging and event-based algorithms require at least 3a + 1 nodes to tolerate a arbitrary faults.
Clock Sychronisation (TTP/C) • Welch-Lynch algorithm for t = 1 • does not use dedicated wires , exploits the fact that communication is time triggered by a global schedule. • TTP nodes that have accurate clocks are marked with SYF(synchronisation frame) flag in the MEDL and time of these nodes are used for synchronisation. • Four registers per node used to maintain most recent accurate clock- difference readings • When the current slot has the synchronization field (CS) set in the MEDL, each node runs the synchronization algorithm using the four clock readings stored in its queue.(The largest and smallest discarded) • As the TTP algorithm is designed to tolerate one arbitrary (Byzantine) fault in every TDMA round, there must be at least four slots in every TDMA round with the SYF flag set. • Group membership service is used to exclude nodes with very faulty clocks
Clock Sychronisation (FlexRay) • Welch-Lynch algorithm • No membership service • No mechanism for detecting faulty nodes • No reconfiguration to exclude them • To tolerate two arbitrary faults at least – seven nodes (3t + 1) – five disjoint communication paths or three broadcast channels (2t + 1, and t + 1)
Bus Guardian TTP/C • Share power supply and physical space with controller • Synchronised by start of round signal from controller • In TTA-Star BG is moved to hub FlexRay • Two guardians per node hence greater cost • is a separate FCU that has an independent copy of the schedule and knowledge of the global time • mediates message transmission by an interface to an interconnect • prevents ‘babbling idiot’ problem
Startup and Restart • Failure of system must be detected by bus • Restart must be automatic and fast • Restart is initiated when an interface detects no activity on any bus line for some interval – interface will then send the ‘wake-up’ signal • Components that detect faults in themselves or are notified of a fault perform local restart and self-test.
Startup and Restart TTP/C • Use I-frames and C- State data in them • If it does not receive one it transmits one itself on any one bus • Problem of colliding restarts • Problem of bad restarts. FlexRay • Difficult to implement with incomplete schedule • Difficult to initialise the Welch-Lynch algorithm if faults are present at startup and with no clique avoidance • Self stabilising algorithms based on randomization??
Services • Basic purpose of these architectures is to build reliable distributed application. • Basic services – clock synchronization – time-triggered activation – reliable message delivery • Fault tolerant replication – Approximate agreement – Exact agreement • the problem of distributing data consistently in presence of fault is variously called interactive consistency – Agreement: all nonfaulty receivers obtain the same message. – Validity: if the transmitter is nonfaulty, then nonfaulty receivers obtain the message actually sent.
Services • Implementing interactive consistency – State machine approach (Majority voting) – Master/shadow – Compensation • Group membership service – Each node maintains a private membership list – Agreement: the membership lists of all nonfaulty nodes are the same. – Validity: the membership lists of all nonfaulty nodes contain all nonfaulty nodes and atmost one faulty node. – “Clique Avoidance” – maintain agreement, sacrifice validity
Services TTP/C • Membership service = Clique Avoidance + Implicit Acknowledgement FlexRay • Only clock sychronisation and reliable message delivery

More Related Content

PPT
Time triggered arch.
Gichelle Amon
 
PDF
FlexRay.pdf
ssuser9756be1
 
PPTX
Dcn ppt by roma
boraroma
 
PPTX
Computer network coe351- part4- final
Taymoor Nazmy
 
PPTX
Dcn ppt on data link layer
roma bora
 
PPTX
WSN-IEEE 802.15.4 -MAC Protocol
ArunChokkalingam
 
PPTX
MAC COMPUTER NETWORK DATA LINK LAYER PROTOCOLS.pptx
troqia
 
PPT
9_Network.ppt
SushmaShivani
 
Time triggered arch.
Gichelle Amon
 
FlexRay.pdf
ssuser9756be1
 
Dcn ppt by roma
boraroma
 
Computer network coe351- part4- final
Taymoor Nazmy
 
Dcn ppt on data link layer
roma bora
 
WSN-IEEE 802.15.4 -MAC Protocol
ArunChokkalingam
 
MAC COMPUTER NETWORK DATA LINK LAYER PROTOCOLS.pptx
troqia
 
9_Network.ppt
SushmaShivani
 

Similar to automtoive embedded flexray in embedded systems (20)

PPTX
SOC Interconnect modified version 2019 course
deepaliyewale1
 
PPTX
Computer networks unit iv
JAIGANESH SEKAR
 
PPTX
RACH Procedures
Issa Haidar
 
PPTX
Lecture 2 data link layer 1 v1
Ronoh Kennedy
 
PPT
CN_unit2.ppt Data Link Layer characteristics, categories
VSrilakshmi2
 
PPT
connecting devices part-2: Router and its uses
khushboos0911
 
PPT
Controlled Area Networks in embedded systems
GRAJESH27
 
PPT
CAN(controlled area network) presentation
1210YASHJADHAV
 
PPT
CAN bus basic_engineering_pptMulti-Master Architecture.ppt
ubalearchana6
 
PPT
CONTROL AREA NETWORK FOR AUTOMOBILES.ppt
NAVEENSBASANDI
 
PPT
CANCANCANCANCANCANCANCANCANCANCANCANCANCAN
manirnaidu1
 
PPT
CAN.ppt
DhiebYoussef
 
PDF
can bus theory solution
Md. Mashiur Rahman
 
DOCX
Satellite communications notes.thurd module
simranbisti
 
PPTX
FlexRay
RojaRamaniPradhan
 
PPTX
Module 2.pptx.............sdvsdcdssdfsdf
Shivakrishnan18
 
PPTX
Thesis Presentation on Renewal theory based 802.15.6 latest.pptx
ssuserc02c1f
 
PPTX
Switching Concepts presentation
zameer Abbas
 
PDF
DS Unit-4-Communication .pdf
SantoshUpreti6
 
PPTX
Multiple Access Methods
Prateek Soni
 
SOC Interconnect modified version 2019 course
deepaliyewale1
 
Computer networks unit iv
JAIGANESH SEKAR
 
RACH Procedures
Issa Haidar
 
Lecture 2 data link layer 1 v1
Ronoh Kennedy
 
CN_unit2.ppt Data Link Layer characteristics, categories
VSrilakshmi2
 
connecting devices part-2: Router and its uses
khushboos0911
 
Controlled Area Networks in embedded systems
GRAJESH27
 
CAN(controlled area network) presentation
1210YASHJADHAV
 
CAN bus basic_engineering_pptMulti-Master Architecture.ppt
ubalearchana6
 
CONTROL AREA NETWORK FOR AUTOMOBILES.ppt
NAVEENSBASANDI
 
CANCANCANCANCANCANCANCANCANCANCANCANCANCAN
manirnaidu1
 
CAN.ppt
DhiebYoussef
 
can bus theory solution
Md. Mashiur Rahman
 
Satellite communications notes.thurd module
simranbisti
 
FlexRay
RojaRamaniPradhan
 
Module 2.pptx.............sdvsdcdssdfsdf
Shivakrishnan18
 
Thesis Presentation on Renewal theory based 802.15.6 latest.pptx
ssuserc02c1f
 
Switching Concepts presentation
zameer Abbas
 
DS Unit-4-Communication .pdf
SantoshUpreti6
 
Multiple Access Methods
Prateek Soni
 
Ad

Recently uploaded (20)

PPTX
Culture by Design.pptxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ddwc381
 
PPTX
building_blocks.pptxdcsDVabdbzfbtydtyyjtj67
Muthupriyadharshini1
 
PDF
EC300D LR EC300DLR - Volvo Service Repair Manual.pdf
Service Repair Manual
 
PDF
Volvo EC290C NL EC290CNL excavator weight.pdf
Service Repair Manual
 
PDF
Presentation.pdf ...............gjtn....tdubsr..........
dennypaul888
 
PPTX
Gayatri Cultural Educational Society.pptx
HardikShukl
 
PDF
Journal Meraj.pdfuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
emonmian100
 
PPTX
laws of thermodynamics with complete explanation
parvindersinghsandhu1
 
PPTX
1. introduction-to-bvcjdhjdfffffffffffffffffffffffffffffffffffmicroprocessors...
eeshakhanzadi43
 
PDF
Renesas R-Car_Cockpit_overview210214-Gen4.pdf
wenhu10
 
PPTX
Robot_ppt_YRG[1] [Read-Only]bestppt.pptx
Shivam463160
 
PPTX
Small Fleets, Big Change: Market Acceleration by Niki Okuk
Forth
 
PDF
RPL-ASDC PPT PROGRAM NSDC GOVT SKILLS INDIA
lalitsmart1995
 
PPTX
Understanding Machine Learning with artificial intelligence.pptx
324MOHAMMADFARAZ
 
PDF
Marketing project 2024 for marketing students
hatimfahad17
 
PDF
industrial engineering and safety system
samy709581
 
PDF
computer system to create, modify, analyse or optimize an engineering design.
norazamaliman1
 
PPTX
UNIT-2(B) Organisavtional Appraisal.pptx
chahalharry627
 
PDF
Todays Technician Automotive Heating & Air Conditioning Classroom Manual and ...
solutionsmanual3
 
PPTX
Fire Fighting Unit IV industrial safety.pptx
samy709581
 
Culture by Design.pptxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
ddwc381
 
building_blocks.pptxdcsDVabdbzfbtydtyyjtj67
Muthupriyadharshini1
 
EC300D LR EC300DLR - Volvo Service Repair Manual.pdf
Service Repair Manual
 
Volvo EC290C NL EC290CNL excavator weight.pdf
Service Repair Manual
 
Presentation.pdf ...............gjtn....tdubsr..........
dennypaul888
 
Gayatri Cultural Educational Society.pptx
HardikShukl
 
Journal Meraj.pdfuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
emonmian100
 
laws of thermodynamics with complete explanation
parvindersinghsandhu1
 
1. introduction-to-bvcjdhjdfffffffffffffffffffffffffffffffffffmicroprocessors...
eeshakhanzadi43
 
Renesas R-Car_Cockpit_overview210214-Gen4.pdf
wenhu10
 
Robot_ppt_YRG[1] [Read-Only]bestppt.pptx
Shivam463160
 
Small Fleets, Big Change: Market Acceleration by Niki Okuk
Forth
 
RPL-ASDC PPT PROGRAM NSDC GOVT SKILLS INDIA
lalitsmart1995
 
Understanding Machine Learning with artificial intelligence.pptx
324MOHAMMADFARAZ
 
Marketing project 2024 for marketing students
hatimfahad17
 
industrial engineering and safety system
samy709581
 
computer system to create, modify, analyse or optimize an engineering design.
norazamaliman1
 
UNIT-2(B) Organisavtional Appraisal.pptx
chahalharry627
 
Todays Technician Automotive Heating & Air Conditioning Classroom Manual and ...
solutionsmanual3
 
Fire Fighting Unit IV industrial safety.pptx
samy709581
 
Ad

automtoive embedded flexray in embedded systems

  • 2. Time Triggered Protocols • Global time by fault tolerant clock synchronisation • Exact time point of a certain message is known (determinism) • Real time capable, for safety-critical systems • Each node gets a time slot in the transmission loop where only it can send a message + No arbitration necessary + No address field – Less flexible
  • 3. Requirements 1. General • Higher bandwidth • Fault tolerance • Deterministic data transmission with guaranteed latency and minimal jitter. • Support for distributed systems • Unifications of bus systems within vehicles • Composability 2. Automotive • Configurable synchronous and asynchronous transmission • Support of scaleable redundancy. • Prompt error detection and error reporting. • Fault-containment at the level of the physical layer. • Media-access without arbitration. • Support for a fiber-optics and electrical physical layer. • Flexibility, expandability and easy configuration in automotive applications.
  • 4. Requirements (Priorities) TTP/C 1. Security 2. Composability 3. Flexibility FlexRay 1. Flexibility 2. Composability 3. Security
  • 5. System Structure • The CNI (implemented as a Dual Ported RAM) is an interface between the application layer and protocol layer of a TTP node. • The TTP/C protocol runs on the TTP/C communication controller • Applications run on the host subsystem.
  • 8. Message Transmission TTP • Max data field length = 236B • MEDL, TDMA round, Cluster cycle • Event channel on top of TTP – specified no. of bytes in message reserved – Event triggered protocol can be implemented at a higher level – CNI continues to be defined in temporal domain – Error correction possible – Async traffic protected by BG FlexRay • Max data field length = 12B • Schedule determined at runtime • Event channel in parallel – two recurring intervals (synchronous for high priority & asynchronous for low priority) • Asynchronous messages controlled by Byteflight “minislotting” protocol • use TDMA strategy • protect communication channel with Bus Guardian
  • 10. Fault Hypothesis (introduction) • Fault mode + No. of faults + Fault arrival rate • Level 1 and Level 2 faults. • FCU ’s and the partitioning strategy • Faults can affect – time,value and space • Hybrid Fault Model – manifest,symmetric and asymmetric faults. • Faults – active or passive • Self – checking pairs • Fail silence • Slightly Off Specification (SOS) Faults • Reconfiguration and Reconfiguration rate •Never Give Up (NGU) Strategy
  • 11. Fault Hypothesis (TTP/C) • Fault modes: 1. Arbitrary active faults in controllers and the hub of TTA-star 2. Arbitrary passive faults in the guardians and buses of TTA-bus 3. Spatial proximity faults that take out nodes and a hub in TTA-star • Maximum faults: TTA adopts a single-fault hypothesis. In more detail, the fault hypothesis of TTA assumes the following numbers of faults. 1. For TTA-bus: in each node either the controller or the bus guardian may fail (but not both). One of the buses may fail. To retain single fault tolerance, at least four controllers and their bus guardians must be nonfaulty, and both buses must be nonfaulty. Provided at least one bus is nonfaulty, the system may be able to continue operation with fewer nonfaulty components. 2. For TTA-star: to retain single fault tolerance, at least four controllers and both hubs must be nonfaulty. Provided at least one hub is nonfaulty, the system may be able to continue operation with fewer nonfaulty components. • Fault arrival rate: At most one fault every two rounds
  • 12. Fault Hypothesis (FlexRay) inferences • A node consisting of a microcontroller host, a communication controller, and two bus guardians will be fabricated on a single chip. It appears that all four components will use separate clock oscillators • Fault modes: 1. Asymmetric (and presumably, therefore, also arbitrary) faults in controllers for the purposes of clock synchronization 2. Fault modes for other services and components are not described 3. Spatial proximity faults may take out nodes and an entire hub • Maximum faults: 1. It appears that a single-fault hypothesis is intended: in each node, at most one bus guardian, or the controller, may be faulty. At most one of the interconnects may be faulty. 2. For clock synchronization, fewer than a third of the nodes may be faulty. • Fault arrival rate: The fault arrival rate hypothesis is not described.
  • 13. Clock Synchronisation • Throughput of the bus = tightness of bus schedule = quality of global clock synchronisation = quality of local oscillators + synchronisation algorithm • Two classes of synchronisation algorithm – Average based (eg. Welch-Lynch)  “fault tolerant midpoint”  assume n clocks and the maximum number of simultaneous faults to be tolerated is t (3t < n); the fault-tolerant midpoint is the average of the t + 1’st and n – t ‘ th when arranged from smallest to largest – Event based (eg. Srikant-Touleg) • Both averaging and event-based algorithms require at least 3a + 1 nodes to tolerate a arbitrary faults.
  • 14. Clock Sychronisation (TTP/C) • Welch-Lynch algorithm for t = 1 • does not use dedicated wires , exploits the fact that communication is time triggered by a global schedule. • TTP nodes that have accurate clocks are marked with SYF(synchronisation frame) flag in the MEDL and time of these nodes are used for synchronisation. • Four registers per node used to maintain most recent accurate clock- difference readings • When the current slot has the synchronization field (CS) set in the MEDL, each node runs the synchronization algorithm using the four clock readings stored in its queue.(The largest and smallest discarded) • As the TTP algorithm is designed to tolerate one arbitrary (Byzantine) fault in every TDMA round, there must be at least four slots in every TDMA round with the SYF flag set. • Group membership service is used to exclude nodes with very faulty clocks
  • 15. Clock Sychronisation (FlexRay) • Welch-Lynch algorithm • No membership service • No mechanism for detecting faulty nodes • No reconfiguration to exclude them • To tolerate two arbitrary faults at least – seven nodes (3t + 1) – five disjoint communication paths or three broadcast channels (2t + 1, and t + 1)
  • 16. Bus Guardian TTP/C • Share power supply and physical space with controller • Synchronised by start of round signal from controller • In TTA-Star BG is moved to hub FlexRay • Two guardians per node hence greater cost • is a separate FCU that has an independent copy of the schedule and knowledge of the global time • mediates message transmission by an interface to an interconnect • prevents ‘babbling idiot’ problem
  • 17. Startup and Restart • Failure of system must be detected by bus • Restart must be automatic and fast • Restart is initiated when an interface detects no activity on any bus line for some interval – interface will then send the ‘wake-up’ signal • Components that detect faults in themselves or are notified of a fault perform local restart and self-test.
  • 18. Startup and Restart TTP/C • Use I-frames and C- State data in them • If it does not receive one it transmits one itself on any one bus • Problem of colliding restarts • Problem of bad restarts. FlexRay • Difficult to implement with incomplete schedule • Difficult to initialise the Welch-Lynch algorithm if faults are present at startup and with no clique avoidance • Self stabilising algorithms based on randomization??
  • 19. Services • Basic purpose of these architectures is to build reliable distributed application. • Basic services – clock synchronization – time-triggered activation – reliable message delivery • Fault tolerant replication – Approximate agreement – Exact agreement • the problem of distributing data consistently in presence of fault is variously called interactive consistency – Agreement: all nonfaulty receivers obtain the same message. – Validity: if the transmitter is nonfaulty, then nonfaulty receivers obtain the message actually sent.
  • 20. Services • Implementing interactive consistency – State machine approach (Majority voting) – Master/shadow – Compensation • Group membership service – Each node maintains a private membership list – Agreement: the membership lists of all nonfaulty nodes are the same. – Validity: the membership lists of all nonfaulty nodes contain all nonfaulty nodes and atmost one faulty node. – “Clique Avoidance” – maintain agreement, sacrifice validity
  • 21. Services TTP/C • Membership service = Clique Avoidance + Implicit Acknowledgement FlexRay • Only clock sychronisation and reliable message delivery