This “Product How-To” article focuses how to use a certain product in an embedded system and is written by a company representative.
TTE Systems' RapidiTTy IDE provides aself-contained environment for developers who wish to create”time-triggered” microcontroller software in order to improve overallsystem reliability. RapidiTTy (Figure1, below ) is intended to addressdeeply-embedded applications including control and monitoringoperations in medical, defence, automotive and industrial sectors, aswell as in white and brown goods.
The key characteristic of a time-triggered (TT)system is that the developer defines, during the software designprocess, how the system will behave throughout its continuousoperation: i.e. TT system behaviour is entirely predictable (e.g. “atthis time, the system will be running task X”).
Not only is such a system inherently reliable but,by knowing exactly what the system should be doing at any giveninstant, additional steps can be taken to monitor and even correctdeviations from expected behaviour.
|Figure1. RapidTTy: a self-contained correct by construction IDE|
This differs from the more familiar approach of”event-triggered” (ET) systems where the software developer defines howthe system should respond to each of a set of events. ET systembehaviour is, at best, determined statistically (e.g. “90% of the time,given this series of previous events, the system should be running taskY”), but it is not strictly predictable. As such, much less rigorouschecks can be made on system behaviour at design time (and at run time).
At present, it is clear that the mainstream methodfor commercial embedded software design is based on ET principles. Thisoften involves the use of multiple interrupt-based event handlers inconjunction with a real-time operating system (RTOS). In part at leastthis is because the ET approach has traditionally been viewed as beingeasier to design and even – potentially – more resource efficient.
The efficiency argument arises because an ET systemis demand-driven and only sufficient processing resource to cover theworst-case that is statistically considered likely needs to beprovided. By contrast, TT systems are provisioned to account for theworst-case loading that can possibly occur.
With the advent of 32-bit microcontrollers foraround £0.50, the amount of processing resource available for themajority of embedded systems has grown significantly when compared tothe heavily resource-constrained 8-bit systems upon which many RTOSdesign decisions were originally made.
A time-triggered design may therefore now be usedin many cases where such an approach would previously have beenconsidered impractical. In addition, a TT design will not generallyrequire an RTOS, with the consequence that a switch to TT may evenresult in a lowering of resource requirements (and often a reduction inroyalty payments too).
This leaves the development time argument against TT software. Manyacademic studies have looked at this issue. In summary, these studieshave concluded that TT systems are “correct by construction” and ” assuch – may require some additional effort at the development stage.
By contrast, ET systems have what has beendescribed as “construct by correction” characteristics: with suchdesigns, the initial construction may be comparatively straightforward,but significant additional costs can arise during testing andverification stages.
What has also become much clearer in recent years,as system complexity has increased, is that the time required for theverification of ET software has grown to such an extent that, for manyprojects, testing and debugging takes much more time than the initialcode development.
Compared to the unbounded number of code-and-verifycycles of an ET approach, the key steps to developing a time-triggeredapplication are clearly defined:
1. Adopt good design practice so that individual tasksmeet TT guidelines
2. Establish the maximum duration of each task
3. Use this information to create an overallprocessing schedule that covers all possible scenarios.
This development process is straightforward. Thesteps scale easily, even to large systems. However, current tools donot assist with this process.
Overall, given increases in process performance andrecent advances in development techniques for TT systems, the mainchallenge facing developers who wish to improve system reliability bymeans of TT techniques has been a lack of appropriate tool support.
RapidiTTy is an IDE that simplifies the TT designprocess. The IDE includes four main features in order to achieve this.Firstly, a set of design templates are provided. These help the user toincorporate time-triggered design features very easily. Secondly, theIDE allows the user to determine the maximum duration of tasks in thesystem automatically (from multiple task executions): the resultingdata are then presented in a user in a form that can be used to makescheduling decisions.
These data can also be exported from the IDE indifferent forms (e.g. PDF or XML) for use in system documentation.Thirdly, the IDE helps the user to select an appropriate schedulingpolicy. Finally, the IDE creates a resource-efficient run-timeexecutable.
The RapidiTTy IDE is based on the Eclipseframework, which will ultimately allow a variety of compilers,debuggers and other utility software to be “plugged-in” to the tools.The first version, RapidiTTy Preview, includes the GNU/ARM tool chainand OpenOCD and runs under Windows XP.
RapidiTTy Preview offers a complete developmentenvironment for single-processor time-triggered design targetingARM7-based microcontrollers. This version also includes “previews”(i.e. restricted-use evaluations) of a number of advanced features thatwill be fully available in later versions of RapidiTTy Professional,such as multiprocessor communication, task protection and correctionmechanisms and interfaces to other compilers.
Dr. Michael J. Pont is chiefexecutive officer at TTE Systems, Ltd.