Real-Time Systems. Design Principles for Distributed Embedded Applications. Herman Kopetz. Second Edition (811374), страница 29
Текст из файла (страница 29)
Weassume that a cycle is associated with every time-triggered activity.4.2Component StateThe concept of state of a component is introduced in order to separate past behaviorfrom future behavior of a real-time component. The concept of state requires a cleardistinction between past events and future events, i.e., there must be a consistenttemporal order among the events of significance (refer to Sect. 3.3.2).4.2.1Definition of StateThe notion of state is widely used in the computer science literature, albeitsometimes with meanings that are different from the meaning of state that is useful4.2 Component State85in a real-time system context. In order to clarify the situation, we follow the precisedefinition of Mesarovic [Mes89, p.
45], which is the basis for our elaborations:The state enables the determination of a future output solely on the basis of the future inputand the state the system is in. In other words, the state enables a “decoupling” of the pastfrom the present and future.
The state embodies all past history of a system. Knowing thestate “supplants” knowledge of the past. . . . Apparently, for this role to be meaningful, thenotion of past and future must be relevant for the system considered.The sparse time model introduced in Sect. 3.3.2 makes it possible to establishthe consistent system-wide separation of the past from the future that is necessaryto define a consistent system state in a distributed real-time computer system.4.2.2The Pocket Calculator ExampleLet us look at the familiar example of a pocket calculator to investigate the conceptof state in more detail. An operand, i.e., a number of keyboard digits, must beentered into the calculator before the selected operator, e.g., a key for the trigonometric function sine, can be pressed to initiate the computation of the selectedfunction.
After the computation terminates, the result is displayed at the calculatordisplay. If we consider the computation to be an atomic operation and observethe system immediately before or after the execution of this atomic operation, theinternal state of this simple calculator device is empty at the points of observationLet us now observe the pocket calculator (Fig. 4.2) during the interval betweenthe start of the computation and the end of the computation. If the internals of thedevice can be observed, then a number of intermediate results that are stored in thelocal memory of the pocket calculator can be traced during the series expansion ofthe sine function. If the computation is interrupted at an instant between the instantsstart and end, the contents of the program counter and all memory cells that hold theintermediate results form the state at this instant of interruption.
After the endinstant of the computation, the contents of these intermediate memory cells are nolonger relevant, and the state is empty again. Figure 4.3 depicts a typical expansionand contraction of the state during a computation.Let us now analyze the state (sometimes also called history state or h-state) of apocket calculator used to sum up a set of numbers. When entering a new number,the sum of the previously entered numbers must be stored in the device. If weinterrupt the work after having added a subset of numbers and continue the additioncomputational deviceh-stateFig. 4.2 Model of a pocketcalculatorinputcomputationstartoutputend4 Real-Time ModelFig. 4.3 Expansion andcontraction of the state duringa computationh-state86startterminationreal-timewith a new calculator, we first have to input the intermediate result of the previouslyadded numbers. At the user level, the state consists of the intermediate result of theprevious additions.
At the end of the operation, we receive the final result and clearthe memory of the calculator. The state is empty again.From this simple example we can conclude that the size of the state of a systemdepends on the instant of observation of the system. If the granularity of observations is increased, and if the observation points are selected immediately before orafter an atomic operation at the chosen level of abstraction, then, the size of the statecan be reduced.The state at any instant of interruption is contained in the contents of the programcounter and all state variables that must be loaded into a virgin hardware device toresume the operation from the instant of interruption onward.
If an interruption iscaused by a failure of a component and we must reintegrate the component into arunning system, then the size of the state that must be reloaded into the repairedcomponent is of concern.If our hardware device is a programmable computer, we must first load thesoftware, i.e., operating system, the set of application programs, and the initialvalues for all state variables, into a virgin hardware device before we can start acomputation. We call the totality of software that has to be loaded into a virginhardware device the core image or the job.
Normally, the job is a data structure thatis static, i.e., it is not changed during the execution of the software. In someembedded hardware devices the job is stored in a ROM (read-only memory) andthus the software becomes literally a part of the hardware.4.2.3Ground StateIn order to facilitate the dynamic reintegration of a component into a runningsystem, it is necessary to design periodic reintegration instants into the behavior,where the size of a component’s state at the reintegration instant contained is asmall set of well-defined application specific state variables.
We call the state at thereintegration instant the ground state (g-state) of a component and the temporalinterval between two reintegration points the ground cycle.The ground state at the reintegration point is stored in a declared g-state datastructure. Designing a minimal ground state data structure is the result of an explicitdesign effort that involves a semantic analysis of the given application. The designer4.2 Component StateFig.
4.4 Task executions:without (above), and with(below) ground state87task Atask Bactivetask Creal-timetask Atask Bactivetask Cground statereal-timehas to find periodic instants where there is a maximum decoupling of future behaviorfrom past behavior. This is relatively easy in cyclic applications, such as in controlapplications and multimedia applications. In these applications, a natural reintegration instant is immediately after the termination of one cycle and before thebeginning of the next cycle. Design techniques for the minimization of the groundstate are discussed in Sect.
6.6.At the reintegration instant, no task may be active and all communicationchannels must be flushed, i.e., there are no messages in transit [Ahu90]. Considera node that contains a number of concurrently executing tasks that exchangemessages among each other and with the environment of the node. Let us choosea level of abstraction that considers the execution of a task as an atomic action. Ifthe execution of the tasks is asynchronous, then, the situation depicted in the upperpart of Fig. 4.4, can arise; at every instant, there is at least one active task, thusimplying that there is no instant when the ground state of the node can be defined.In the lower part of Fig.
4.4, there is an instant when no task is active and whenall channels are empty, i.e., when the system is in the g-state. If a node is in theg-state, then the entire state that is essential for the future operation of the node iscontained in the declared ground state data structure.Example: Consider the relation between the size of the g-state and the duration of theground (g) cycle in the design of a clock. If the g-cycle is 24 h and the start of a new day isthe reintegration instant, then the g-state is empty. If every complete hour is a reintegrationinstant, then the g-state contains 5 bits (to identify one out of 24 h per day).
If everycomplete minute is a reintegration instant, then the g-state is 11 bits (to identify one of1,440 min per day). If every complete second is a reintegration instant, then the g-state is17 bits (to identify one out of 86,400 s per day). It depends on the application characteristicsto determine which one of the above alternatives is optimal for a given application. If theclock is an alarm clock that can store up to five alarms and the accuracy of an alarm is5 min, then the g-state for every alarm is 9 bits (8 bit for the alarm and 1 bit to denotewhether the alarm is on or off). If we assume that the reintegration cycle is 1 s and 5 alarmsmust be supported, then the g state message in this simple example is 62 bits in lengths. Thisg-state can be stored in an 8-byte data structure.
In the restart message, the time field mustbe corrected such that it contains the precise time value at the restart instant.Table 4.1 shows that g-state recovery is substantially different from checkpointrecovery that is used to establish a consistent state after a failure in a non-real-timedata-intensive system.884 Real-Time ModelTable 4.1 Comparison of g-state recovery and checkpoint recoveryG-state recoveryCheckpoint recoveryAll data elements that have beenData selectionApplication specific small data set thatmodified since the start of theis essential for the future operationcomputation.of the system.DataG-state data is modified to establishNo modification of checkpointmodificationconsistency between the g-statedata. Consistency isand the state of the environmentestablished by rolling theat the future reintegration instant.(data) environment back to theRollback of the environment is notinstant when the checkpointpossible in a real-time system.data was captured.4.2.4Database ComponentsWe call a component where the number of dynamic data elements, i.e., data elementsthat are modified by the computations, is too large for storing them in a single groundstate message a database component.
The data elements that are contained in adatabase component can be either part of the state or archival data.The term archival data refers to data that has been collected for archivalpurposes and does and not have a direct influence on the future behavior of thecomponent. Archival data is needed to record the history of production processvariables in order to be able to analyze a production process at some later time line.It is a good practice to send archival data to a remote storage site for archival data assoon as possible.Example: The legendary black box in an airplane contains archival data.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
