Design of embedded real-time operating system
Embedded in the traditional real-time operating system, the kernel and applications running on the same privilege level, the application can be unrestricted access to the entire system address space. Therefore, in some cases, the application of the potential dangers of action will affect other applications and the normal operation of the kernel, or even lead to system crashes or misoperation.
In order to meet the aviation electronics for high reliability, high availability and high service requirements, in January 1997 ARINC released ARINC653 (Avionics Application software Standard Interface), and in July 2003 released ARINC653 Supplement 1, on the range of management, range of communications and health monitoring of the added part to standardize the avionics and systems.
Then, the major foreign developers have embedded support for the introduction of such ARINC653, with the kernel and applications of the operating system protection mechanisms. However, embedded in the domestic field, so there is still a certain gap in the research. Based on this, this paper, a real-time operating system for embedded avionics (A-RTOS, Avionics RTOS) a design concept, and with MMU and support the goal of high-level protected mode to achieve the completion of on-board.
ARINC653 avionics standards
ARINC653 mainly on integrated modular avionics IMA (Integrated Modular Avionics) software used in the baseline operating environment. It defines the application and the lower air interface between the operating environment and data exchange, as well as the mode of behavior, and describes the avionics software embedded runtime environment.
ARINC653 Supplement 1 on the supplementary ARINC653 include the following: the structure of the system and put forward the concept of the System Partition, the application of a clear zone should be interval-level scheduling, and application sharing between these resources; range management on the range Scheduling in the definition of the main principles of time-frame, adding a range of model evolution; on the principles of communication range of more detailed explanation; increase in health monitoring on an error-level error handling and interpretation.
Software constitutes a
Avionics software in the core modules, including two categories: applications and core software. Application software and operating system is located in os between the APEX (APplication EXecutive) interface, the definition of the system application software to provide a feature set. Take advantage of this feature a collection of application software can control the scheduling system, communications, and internal status information. APEX interface applications is equivalent to a high-level language. As for the OS is on the parameters and the definition of the import mechanism.
Figure 1 gives the ARINC653 in the relationship between the various parts.
Zoning and range management
Zoning (Partitioning) is a core concept ARINC653. In the IMA (Integrated Modular Avionics) system, a core module will contain one or more avionics applications, and these applications should be able to operate independently. Avionics Application Division is a functional. District known as the unit interval, each interval of a unit known as the process of implementation. Each range has its own independent data, context and operating environment, the benefits of doing so is to prevent a range of error affect the other interval. In addition, the entire system makes it easy to verify, confirm and certification.
Interval and the interval of the management and scheduling is achieved by the OS. ARINC653 scheduling interval provides for a time window-based scheduling algorithm cycle. The principle of this scheduling algorithm as shown in Figure 2.
Figure 2 of the cycle based on the time window scheduling algorithm
In order to complete the cyclical nature of the interval scheduling, by the OS to maintain a fixed length of time the main time frame, the time frame for the operation of the module during cyclical repetition. Each time frame can be divided into a number of time window. System using a pre-defined table, in the time window to activate the corresponding interval operation. This will ensure that every application can be assigned to it in time to visit the cycle of public resources will not be interrupted.
ARINC supplement 1 time frame for the main definition of the principle of the time additional. It provides the size of the main time frame is the core module of the least common multiple of all the cycle interval is several times the whole, and should take into account each time interval each time the length and frequency.
ARINC653 Supplement 1 issued in time and increase the system range of attributes and attribute start conditions. Range of operating modes including idle, cold start, hot start-up and the normal four, as shown in Figure 3. Resources required for each interval specified in the System, in the interval between the completion of initialization to create the object. OS operating mode when entering the zone to start the application, and then enter the normal operation mode interval. Monitoring and management functions in response to a fatal error or when the restart interval to stop the operation interval.
Figure 3 state into the model range
A-RTOS system design and implementation of
A-RTOS system structure shown in Figure 4. In this system, all applications in their range of work environments and applications and the kernel and various applications have been isolated to protect the wall, not mutual destruction, thus ensuring the reliability of the core module.
Figure 4 A-RTOS system architecture
Isolation and protection mechanisms
Isolation and protection is the primary emphasis on the characteristics of ARINC653 is also one of the key points that must be addressed. A-RTOS mainly two ways to achieve application and the kernel and the application of the isolation and protection between.
The first way is to use the memory management unit MMU. MMU can be achieved through the logical address to physical address conversion, and control access. This can protect the operating system kernel from the application of the damage intentionally or unintentionally, but also prevents the effective application of mutual destruction between. Figure 5 gives the MMU page directory / page table address translation process approach.
Figure 5 directory / page table address translation process approach
The second approach is the system call. In order to achieve A-RTOS kernel and the applications of the protection provided by running two forms: the user state and system state. Which the operating system kernel is running in the system state. Application of state so that users can not directly call kernel functions provide interfaces to a system call TRAP way.
In this way, when users need to call the application of state provided by the kernel system call, the first to perform a special set of instructions allowing the system to enter the system state needs to implement the system call, when the call is completed, the kernel will be the implementation of another characteristics of a set of instructions the system state to return to the user.
Support the protection mode of each system to provide a special command to complete the soft-interrupt state from the user into the system state functions. System articulated a soft interrupt handling function, the system calls all through the software interrupt to enter and with different parameter values (that is, its system calls) to be distinguished.
System call is known as another form of the CALL-LIB library call mechanism. Such a mechanism similar to windows system dynamic-link library, dynamic loading and updating to meet the needs of components, but also the characteristics of A-RTOS one.
Interval Scheduling Mechanism
ARINC653 provides scheduling interval of the main features of model are: 1) The scheduling unit is the interval; 2) there is no priority area; 3) scheduling algorithm is pre-determined, in accordance with a fixed repeat cycle, and can only be carried out by the system integrator to configure. Each cycle, at least for the interval between the allocation of a window.
In the A-RTOS, the system in order to facilitate processing and to better meet the ARINC653 norms, the provisions of the above amendments to a certain extent: scheduling interval and the system unit is the process; interval has priority. However, these amendments do not affect the operating system range, and application layer POS users, so the external characteristics of the provisions are not violated and ARINC653.
In addition, A-RTOS range also introduces two systems: Kernel and Idle Interval interval. Kernel range of the highest priority for the operation of the entire system to provide support; and a number of system-level process, is also a Kernel interval to facilitate scheduling. Idle interval with the lowest priority, used to fill the time. When the system can run any other interval, the interval running Idle.
A-RTOS interval scheduling principle is the first priority-based scheduling, priority on the same interval of time slices to use Web-scheduling or time-based scheduling strategy cycle window.
2 A-RTOS scheduling mechanism used. System with a range of digital maps and the priority level corresponding to each of the priority list in place, each interval also contains the priority of system processes and the corresponding bitmap list ready. The use of digital maps and the priority list in place, you can easily achieve the range of the scheduling process and systems. Figure 6 gives such a scheduling model.
Figure 6 A-RTOS scheduling model range
Scheduling module in the system the first priority of the interval between bitmap and ready list for scheduling interval, the interval was re-scheduling the interval of the process in accordance with priorities and processes bitmap list system in place for the activation process. This method is compared with the level in terms of scheduling methods, to ensure that the activation time of uncertainty, the system will not be the activation time interval the number of process and system changes, in line with the definition of real-time operating system.
During the time window based on the scheduling, the two systems are involved in actually scheduling interval. Kernel run-time interval will be calculated in the interval scheduling table in the operation of the current time interval. Application for a certain range, therefore, it's run-time interval actually contains the operating system.
Process pool mechanism
In the A-RTOS, the process refers to a group of pool system maintained by the process, these processes can provide a set of services. Applications through the system call interface provided by the application of the system the request of the application system to process the request pool, the process of automatic selection of a pool of its services free process, when the service finished, the system will process the recovery of the system.
Process used in the main pool timer clock service, and asynchronous IO interrupt the operation of services.
Asynchronous signal and asynchronous IO mechanism
A-RTOS support for asynchronous signaling mechanism that allows, in some cases, COS to send asynchronous signals to the top of the POS. Asynchronous signal is a typical use of asynchronous IO. This is because in ARINC653 applications, POS in the process of system calls generated through the IO request obstructive, if not the asynchronous IO, then the process will be blocked at this time, waiting for the return of system calls. COS did not know POS but in the existence of the application process, when a process which, when blocked, the entire range will be blocked. Asynchronous IO can be used to avoid this from happening.
When an application requests for the obstruction of IO services, A-RTOS will activate a system known as the application process to request the IO operation, which is asynchronous IO mechanism. A-RTOS for the realization of this asynchronous IO operation to create a systematic process known as the worker process.
Figure 7, in the ARINC653 applications, when the POS in a process called asynchronous IO system call, the system calls to check whether the obstruction of the IO work and, if so, is to create a worker process to complete this requirement, IO and returns a value AIO_PENDING to the POS. POS check the return value of the future, the ongoing process of asynchronous IO calls removed from the ready queue waiting on the queue, and then re-scheduling. When the worker process to complete the requirements of the IO operation, asynchronous signal that is sent to the POS, so as to awaken the original blocking process.
Figure 7 Asynchronous IO workflow diagram
Embedded Systems Articles
- LPC2131-based CPLD CAN-Interface Design
- To reduce power consumption in portable applications
- FPGA-based iterative tomography reconstruction in the fractional approach to
- FPGA-based digital TV Signal Generator Design and Implementation of
- Embedded NVM to improve power management flexibility
- The advantages of FPGA co-processor
- The use of video on the video package to accelerate FPGA development
- ARM9-based embedded gateway Research
- Real-time operating system, μC / OS-II Improvement and Application of Research
- ARM-based remote control of intelligent home design
- Compact ARM-based image acquisition system
- Multi-core and multi-threaded embedded system solutions
- ARM high-speed flash memory-based MCU needs to deal with a wide range of embedded
- AT91 RM9200 used to build highly reliable embedded systems
- Space embedded image processing technology
- ARM7 and FPGA combination
- Embedded System LCD interactive menu design
- Design of embedded real-time operating system
- Linux2.4 kernel scheduler and Linux2.6 Comparative Study
- An improved version of UML in Embedded System
Can't Find What You're Looking For?
Rating: Not yet rated