Designing Reliable Networked Embedded

Systems Jan Beutel, ETH Zurich

National Competence Center in Research – Mobile Information and Communication Systems

Trends in Information and Communication

New Applications andSystem Paradigms

Large-scaleDistributed Systems

CentralizedSystems

NetworkedSystems

Internet

The State of Wireless Sensor Network Design

• More an “art” than a coordinated effort yielding predictable results

• First generation research provided the proof-of-concept– Performance is poor– Causes are not fully understood– We are often lacking the

necessary (scientific) rigor

• Contributions in this talk– System architecture– Development tools and

design methodology– Application case study

[Phil

Levis

, Sta

nfo

rd]

Upcoming Keynote at EWSN 2009

Wireless Sensor Networks: Time for Real-Time? John A. Stankovic

THE BTNODE PLATFORMSystem Architecture for Sensor Networks

BTnodes – Research Impact & Technology Transfer

A system solution for fast-prototyping sensor

network applications BTnut System Software Webpage & mailing list Installer CDROM Developer kit & tutorial

2004

2001

2000

BTnode rev1

BTnode rev2

BTnode rev3

Mote-class devices Dual-radio (Bluetooth

and ISM band low-power)

TinyOS compatible Commercialized with

industrial partner

[SENSYS2003/2004, EWSN2004]

100+ scientific publications based on or related to BTnodes

DISTRIBUTED TEST AND VALIDATION

Development Tools and Methodology

Methodology and Development Tools

Continuous

Integration

Testbeds

Physical

Emulation

Advanced Software Engineering• Best practices in enterprise-level SW

development• Regression (unit) testing

Extending the Logical View• Detailed physical

characterization• Control of the environment• Physical stimulation• Control of resources

Execution on Real Platforms• Distributed, native execution• Influence of the environment• Remote reprogramming• Stimuli and log file analysis

Testbed – The Deployment-Support Network

Target Sensor Network

DSN Testbed Key Differentiators

• Distributed observers• Mobility: Wireless, battery powered

DSN Testbed Functionality• Remote reprogramming• Extraction of log data• Stimuli, e.g. fault injection• Time synchronization

[SenSys2004, IPSN2005, EWSN2007]

• Centralized logging• Detailed behavioral

analysis

DSN Impact – Automated Test Case Generation

• Detailed control, analysis and replay of simulation and testbed

• Developed and in-use at Siemens Building Technologies, Zug, CH– Protocols for high reliability wireless applications (fire alarm)

[DCOSS2007,INSS2007/2008]

Regression Testing Using Continuous Integration

On code change applications are built from scratch and analyzed– Standard practice in enterprise level software development– Deeper understanding of long term development trends– Service to the TinyOS community, increasing software quality

+4500 TinyOS-2.x regression builds

over the last 2 years at ETHZ

[http://tik42x.ee.ethz.ch:8080]

WSN Design and Development Tools

Virtualization &

Emulation EmStar arrays [Ganesan2004,Cerpa03/04]

BEE [Chang2003,Kuusilinna2003]

Sca

le

Reality Figure abridged from D. Estrin/J. Elson

Simulation TOSSIM [Levis2003]

PowerTOSSIM [Shnayder2004]

Avrora [Titzer2005]

Test Grids moteLab [Werner-

Allen2005]

Twist [Handziski2006]

Kansei [Dutta2005]

Can we Emulate Reality in the

Lab?

DSN Wireless

Testbed

Physical Emulation Architecture

• Influence of power sources/quality

• Detailed physical characterization

• Emulation of environment and resources– Temperature Cycle Testing (TCT)– Controlled RF attenuation– Sensor stimuli and references

Integration and automation

with DSN Testbed

[EmNets2007]

Visualizing Long Term Development Trends – Power

• Assertions based on reference traces/specification• Integrated with each build (regression testing)

Detailed Tracing – Validation using Formal Bounds

[WEWSN2008,SUTC2008]

Test and Validation – Research Outlook

• Past accomplishments– Developed a baseline infrastructure– Involved in numerous interesting case studies– Gained valuable experience and lots of data

• Large quantity of data requires automation and tools

• Fundamental differences in networked embedded systems require novel approaches– Unreliable wireless medium– Distribution nature– Tight embedding in the environment

• Recent focus on formalization of our methods– E.g. by using Uppaal for trace analysis

THE PERMASENSE PROJECT

A Compelling Application Driving Technology Research

PermaSense – Aims and Vision

Geo-science and engineering collaboration aiming to:– provide long-term high-quality sensing in harsh

environments– facilitate near-complete data recovery and near real-

time delivery– obtain better quality data, more effectively– obtain measurements that have previously been

impossible– provide relevant information for research or decision

making, natural hazard early-warning systems

PermaSense Deployment Sites 3500 m a.s.l.

A scientific instrument for precision sensing and data recovery in environmental extremes

PermaSense – Matterhorn Site Details

• Site of recent rockfall due to extreme warming (07/2003)

• ~25 nodes

• Different sensors– Temperatures, electrodes, crack

motion, ice stress, water pressure

• Environmental extremes– −40 to +65° C, ΔT ≦5° C/min– Rockfall, snow and ice,

avalanches

• Long-term reliability– 1-60 min. DAQ duty-cycle– ≧99% data yield– 3 years unattended lifetime

PermaDAQ: Precision Sensing and Data Recovery

• Sensor node architecture– Shockfish TinyNode584– Customized sensor interface board– Modular sensor concept– 1 GB storage (redundancy and

validation)– Single battery power supply

(~300 uA power budget)

• TinyOS based on Dozer system[submitted to IPSN2009]

Dozer Low-Power System Integration

• Dozer ultra low-power data gathering system– Beacon based, 1-hop synchronized TDMA– Optimized for ultra-low duty cycles

• System-level, round-robin scheduling– “Application processing window” between data transfers and beacons– Custom DAQ/storage routine

time

jitter

slot 1 slot 2 slot k

data transfer

contention window beaco

n

courtesy of R. Wattenhofer [IPSN2007]

Physical Reality Impacts Sampling Performance

• Storage duration

• Temperature

• ADC duration

Watchdog resets

Sensor Station Mounted on the Mountain

• Powerful embedded Linux

• 4 GB storage, all data duplicated

• Solar power (2x 90W, 100 Ah, ~3 weeks)

• GPRS connectivity, 2nd backup modem

PermaSense – Base Station Installation

Site Visit & Maintenance in November 2008

Base Station and Solar Panels On Matterhorn

Real Challenges of Sensor Networks Revisited

System Integration Correct Test and Validation

Actual Data Interdisciplinary Team

PermaSense Achievements – Current Status

• Dozer integration successful– Best-in-class low power– DAQ vs. COM power consumption– Extreme installation effort (time)– Relative relaxation of multihop requirement

• Continuous data since mid July

• Media attention

• First joint geo-science publications

• Started data-integration with the Swiss-Experiment

[NICOP2008]

148 uA average power

Acknowledgements

• BTnode core team– Matthias Dyer, Oliver Kasten, Kay Roemer, Matthias Ringwald

• PhD students– Matthias Woehrle, Andreas Meier, Matthias Keller

• PermaSense/Swiss-Experiment collaboration– ETHZ, EPFL, Uni Basel, Uni Zurich, University Paderborn, SLF, Art of

Technology

• Funding– SNSF (NCCR MICS), FOEN, CCES/Microsoft Research (Swiss-Experiment)

• Further information and publications– http://www.tik.ee.ethz.ch/~beutel– http://www.permasense.ch