-
8/8/2019 ESE-RTOS-2004
1/73
3 Unit Course, Winter 2004
CS Department, Univ. of Salzburg
Chapter 1: RTOS Concepts
Embedded Software Engineering
www.cs.uni-salzburg.at/~ck/teaching/ESE-Winter-2004
Christoph Kirsch
-
8/8/2019 ESE-RTOS-2004
2/73
2004 C. Kirsch -2-
Environment
Software
Embedded Programming
The Art of Embedded Programming
-
8/8/2019 ESE-RTOS-2004
3/73
2004 C. Kirsch -3-
Environment
Software
Software Processes
Environment Processes
What Do We Really Need From an RTOS?
-
8/8/2019 ESE-RTOS-2004
4/73
2004 C. Kirsch -4-
Environment
Software
Environment Communication Services
Sensing
Actuating
Memory
-
8/8/2019 ESE-RTOS-2004
5/73
2004 C. Kirsch -5-
Environment
Software
Environment Trigger Services
-
8/8/2019 ESE-RTOS-2004
6/73
2004 C. Kirsch -6-
Software
Software Communication Services
Sending
Receiving
Software
Memory
-
8/8/2019 ESE-RTOS-2004
7/73
2004 C. Kirsch -7-
Software
Software Trigger Services
Software
-
8/8/2019 ESE-RTOS-2004
8/73
2004 C. Kirsch -8-
Software
Software Scheduling Services
Software
Real-Time Scheduler
-
8/8/2019 ESE-RTOS-2004
9/73
2004 C. Kirsch -9-
Summary: RTOS Services
Device DriversSensing/Actuating
SchedulerSoftware Scheduling
SignalsSoftware Triggering
Shared VariablesSoftware Communication
Interrupt HandlersEnvironment Triggering
ImplementationService
-
8/8/2019 ESE-RTOS-2004
10/73
2004 C. Kirsch -10-
Software
The Illusion of Concurrent Software
Software
t1 t2 t1 t3 t2 t1
-
8/8/2019 ESE-RTOS-2004
11/73
2004 C. Kirsch -11-
Abstractions for Multiprogramming
Process
Thread
Task
Subroutine/Coroutine
Protected Behavioral Function
Behavioral Function
Triggered Function Subroutine
Coroutine
Coroutine/MMU
Function Stack/List
Programming Abstraction Runtime Overhead
-
8/8/2019 ESE-RTOS-2004
12/73
2004 C. Kirsch -12-
Environment Ports
Task Ports
reads
reads actuates
updates
Driver PortsReal-Time
Operating System
reads
writes
Memory Model
-
8/8/2019 ESE-RTOS-2004
13/73
2004 C. Kirsch -13-
Definition: Task
A task is afunction from its input and state ports to
its output and state ports
A taskruns to completion (cannot be killed)
A task ispreemptable
A task does not usesignals (except at completion)
A task does not usesemaphores (as a consequence)
API (used by the RTOS): initialize {task: state ports}
release {task}
dispatch {task: function}
-
8/8/2019 ESE-RTOS-2004
14/73
2004 C. Kirsch -14-
So, whats the difference between a task and a function?
A task has an operational semantics:
A task is implemented by asubroutine and a trigger
A task is eitherenvironment- orsoftware-triggered
The completion of a task may trigger another task
-
8/8/2019 ESE-RTOS-2004
15/73
2004 C. Kirsch -15-
Task t2
Task t2 Preempts Task t1
Task t1
t1
t2
-
8/8/2019 ESE-RTOS-2004
16/73
2004 C. Kirsch -16-
Task t2
Who Triggers Task t2?
t1
t2
Environment
-
8/8/2019 ESE-RTOS-2004
17/73
2004 C. Kirsch -17-
Definition: Event and Signal
An event is a change of state in some environment ports
A signal is a change of state in some taskports
A synchronous signal is a change of state in some
driverports
-
8/8/2019 ESE-RTOS-2004
18/73
2004 C. Kirsch -18-
Definition: Trigger
A trigger is apredicate on environment, task, driverports
A triggerawaits events and/or signals
A trigger is enabledif its predicate evaluates to true
Trigger evaluation is atomic (non-preemptable)
A trigger can be activatedby the RTOS
A trigger can be cancelledby the RTOS
A trigger can be enabledby an event or a signal
API (used by the RTOS): activate {trigger}
cancel {trigger}
evaluate {trigger: predicate}
-
8/8/2019 ESE-RTOS-2004
19/73
2004 C. Kirsch -19-
My First RTOS
react() {
tasks t: initialize(t);
triggers g: activate(g);
while (true) {
if trigger g: evaluate(g) == truethen released-tasks
:=to-be-released-tasks t: release(t);
schedule();
}
}
schedule() {
released-tasks t: dispatch(t);
released-tasks := {};
}
-
8/8/2019 ESE-RTOS-2004
20/73
2004 C. Kirsch -20-
Environment
Software
Tasks
Events
schedule()
react()
RTOS Model: Reaction vs. Scheduling
-
8/8/2019 ESE-RTOS-2004
21/73
2004 C. Kirsch -21-
Reactorvs. Schedulervs. Processor(Kirsch in the Proceedings of
EMSOFT 2002)
Tasks
Processor
SchedulerStrategy
ReactorEvents
Disabled
Code
Enabled
Code
Running
Code
-
8/8/2019 ESE-RTOS-2004
22/73
2004 C. Kirsch -22-
RTOS with Preemption
react() {
tasks t: initialize(t);
triggers g: activate(g);
while (true) {
if trigger g: evaluate(g) == truethen released-tasks
:=to-be-released-tasks t: release(t);
schedule_concurrently();
}
}
schedule_concurrently() {
released-tasks t: dispatch(t);
released-tasks := {};
}
-
8/8/2019 ESE-RTOS-2004
23/73
2004 C. Kirsch -23-
Corrected RTOS with Preemption
react() {
tasks t: initialize(t);
triggers g: activate(g);
while (true) {
if trigger g: evaluate(g) == truethen released-tasks :=
released-tasks
to-be-released-tasks t: release(t);}}
schedule() {
while (true) { t := select(released-tasks);
dispatch(t);
released-tasks := released-tasks \ { t }; }}
-
8/8/2019 ESE-RTOS-2004
24/73
2004 C. Kirsch -24-
Environment
Software
Tasks
Events
schedule()
react()
Signals
RTOS Model with Signals
-
8/8/2019 ESE-RTOS-2004
25/73
2004 C. Kirsch -25-
Definition: Thread
A thread is a behavioral function (with a trace semantics)
A thread may be killed
A thread ispreemptable
A thread may usesignals
A thread may usesemaphores
API (used by the RTOS or threads):
initialize{thread: ports} release{thread}
dispatch{thread: function}
kill{thread}
-
8/8/2019 ESE-RTOS-2004
26/73
2004 C. Kirsch -26-
So, whats the difference between a thread and a task?
A thread is a collection of tasks:
A thread is implemented by a coroutine
A thread requires signals
-
8/8/2019 ESE-RTOS-2004
27/73
2004 C. Kirsch -27-
Task t2
Task t2 Kills Task t1
Task t1
t1
t2
Kill t1
-
8/8/2019 ESE-RTOS-2004
28/73
2004 C. Kirsch -28-
Signal API
A signal can be awaitedby a thread
A signal can be emittedby a thread
Signal emission is atomic (non-preemptable)
API (used by threads): wait{signal}
emit{signal}
Literature:
emit: send(signal)
-
8/8/2019 ESE-RTOS-2004
29/73
2004 C. Kirsch -29-
Definition: Semaphore
A semaphore consists of asignaland aport
A semaphore can be lockedby a thread
A semaphore can be releasedby a thread
Semaphore access is atomic (non-preemptable)
API (used by threads): lock{semaphore}
release{semaphore}
Literature:
lock: P(semaphore)
release: V(semaphore)
-
8/8/2019 ESE-RTOS-2004
30/73
2004 C. Kirsch -30-
Binary Semaphore (Signal)
lock(semaphore) {
if (semaphore.lock == true) then
wait(semaphore.signal);
semaphore.lock := true;}
release(semaphore) {
semaphore.lock := false;
emit(semaphore.signal);}
must be atomic
-
8/8/2019 ESE-RTOS-2004
31/73
2004 C. Kirsch -31-
Binary Semaphore (Busy Wait)
lock(semaphore) {
while (semaphore.lock == true) do {}
semaphore.lock := true;
}
release(semaphore) {
semaphore.lock := false;
}
each round
must be atomic
-
8/8/2019 ESE-RTOS-2004
32/73
2004 C. Kirsch -32-
The Embedded Machine
Environment
Software
Tasks
Events
schedule(): The Scheduler and Dispatcher
react(): The Embedded Machine
-
8/8/2019 ESE-RTOS-2004
33/73
2004 C. Kirsch -33-
Environment
Software
Human: Programming in terms of environment time
Compiler: Implementation in terms of platform time
Proposal
-
8/8/2019 ESE-RTOS-2004
34/73
-
8/8/2019 ESE-RTOS-2004
35/73
2004 C. Kirsch -35-
Environment
Software
Programming in terms of environment time
yields platform-independent code
Portability
-
8/8/2019 ESE-RTOS-2004
36/73
2004 C. Kirsch -36-
Environment
Software
Programming in terms of environment time
yields deterministic code
Predictability
-
8/8/2019 ESE-RTOS-2004
37/73
2004 C. Kirsch -37-
Environment
Software
sense actuate
endstart
The Task Model
-
8/8/2019 ESE-RTOS-2004
38/73
2004 C. Kirsch -38-
Environment
Software
sense actuate
endstart
Preemptable
-
8/8/2019 ESE-RTOS-2004
39/73
2004 C. Kirsch -39-
Environment
Software
1 2
f( ) =1
but Atomic
-
8/8/2019 ESE-RTOS-2004
40/73
2004 C. Kirsch -40-
Environment
Software
1 2
The Driver Model
-
8/8/2019 ESE-RTOS-2004
41/73
2004 C. Kirsch -41-
Environment
Software
1 2
f( ) = 1
f( ) = 2
Non-preemptable, Synchronous
-
8/8/2019 ESE-RTOS-2004
42/73
2004 C. Kirsch -42-
Environment
Software
1 2
s
a
t1
Syntax
-
8/8/2019 ESE-RTOS-2004
43/73
2004 C. Kirsch -43-
Program
A Triggerg
g
g: c c
b:
c
-
8/8/2019 ESE-RTOS-2004
44/73
2004 C. Kirsch -44-
Environment
Software
1 2
s
a
t1call(s)
release(t)
future(g,b)
call(a)b:
2
a
1
s
An Embedded Machine Program
-
8/8/2019 ESE-RTOS-2004
45/73
2004 C. Kirsch -45-
Environment
Software
1 2
s
a
t1call(s)
release(t)
future(g,b)
call(a)b:
2
a
1
s
Synchronous vs. Scheduled Computation
-
8/8/2019 ESE-RTOS-2004
46/73
2004 C. Kirsch -46-
INACTIVE
Synchronous vs. Scheduled Computation
releases
Scheduled computation
User context
Synchronous computation
Kernel context
Trigger related interrupts disabled
gc:
READY RUN
gb:
c
e
-
8/8/2019 ESE-RTOS-2004
47/73
2004 C. Kirsch -47-
Environment
Software
1 2
Environment-triggered Code
-
8/8/2019 ESE-RTOS-2004
48/73
2004 C. Kirsch -48-
Environment
Software
1 2
Software-triggered Code
-
8/8/2019 ESE-RTOS-2004
49/73
2004 C. Kirsch -49-
Triggerg: Input-, Environment-Triggered
gcall(s)
release(t)
future(g,b)
call(a)b:
-
8/8/2019 ESE-RTOS-2004
50/73
2004 C. Kirsch -50-
Environment
Software
1 2
Time Safety
-
8/8/2019 ESE-RTOS-2004
51/73
2004 C. Kirsch -51-
Environment
Software
1
s
11 t 2a
ss
t 2a2
Input-determined If Time Safe
-
8/8/2019 ESE-RTOS-2004
52/73
2004 C. Kirsch -52-
Environment
Software
1
s
1
s
t 2
a
1
s
2
a
2
a
t
Environment-determined If Environment-triggered
-
8/8/2019 ESE-RTOS-2004
53/73
2004 C. Kirsch -53-
The Zrich Helicopter
-
8/8/2019 ESE-RTOS-2004
54/73
2004 C. Kirsch -54-
Navigation
Control
Sensor
Actuator10
5
Helicopter Control Software
a
s
i
g
cClock
g: c = c + 5
-
8/8/2019 ESE-RTOS-2004
55/73
2004 C. Kirsch -55-
sensor gps_typeGPS uses c_gps_device ;
actuator servo_typeServo := c_servo_inituses c_servo_device
;
output
ctr_typeCtrOutput := c_ctr_init ;nav_typeNavOutput := c_nav_init
;
driver sensing (GPS) output (gps_type gps){ c_gps_pre_processing
( GPS, gps ) }
task Navigation (gps_typegps) output (NavOutput){
c_matlab_navigation_code ( gps, NavOutput ) }
Giotto Syntax (Functionality)
-
8/8/2019 ESE-RTOS-2004
56/73
2004 C. Kirsch -56-
mode Flight ( )period10ms
{
actfreq 1 do Servo( actuating ) ;
taskfreq 1 doControl( input );
taskfreq 2 doNavigation ( sensing) ;
}
Giotto Syntax (Timing)
-
8/8/2019 ESE-RTOS-2004
57/73
2004 C. Kirsch -57-
a ia
s
Navigation Navigation
Control
i
s s
Block of synchronous
code(nonpreemptable)
Scheduled tasks
(preemptable)
Environment Timeline0ms 5ms 10ms
-
8/8/2019 ESE-RTOS-2004
58/73
2004 C. Kirsch -58-
a ia
s
Navigation Navigation
Control
i
s s
E Code0ms 5ms 10ms
b1: call(a_ctuating)
call(s_ensing)
call(i_nput)release(Control[10])
release(Navigation[5])
future(g,b2)
-
8/8/2019 ESE-RTOS-2004
59/73
2004 C. Kirsch -59-
a ia
s
Navigation Navigation
Control
i
s s
E Code0ms 5ms 10ms
b2: call(s_ensing)
release(Navigation[5])
future(g,
b1)
-
8/8/2019 ESE-RTOS-2004
60/73
2004 C. Kirsch -60-
a ia
s
i
s s
Platform Timeline: EDF0ms 5ms 10ms
2ms 2ms
5ms
Navigation
Control3ms
-
8/8/2019 ESE-RTOS-2004
61/73
2004 C. Kirsch -61-
Environment
Software
1 2
s
a
t1
Time Safety
-
8/8/2019 ESE-RTOS-2004
62/73
2004 C. Kirsch -62-
Environment
Software
1 2
s
a call(a_ctuating)
Runtime Exceptions I
-
8/8/2019 ESE-RTOS-2004
63/73
2004 C. Kirsch -63-
Environment
Software
1 2
s
a
call(s_ensing)
Runtime Exceptions II
-
8/8/2019 ESE-RTOS-2004
64/73
2004 C. Kirsch -64-
Environment
Software
1 2
s
a
release(t)
Runtime Exceptions III
-
8/8/2019 ESE-RTOS-2004
65/73
2004 C. Kirsch -65-
Environment
Software
1 2
s
a
release(t,e)
call(a)e:call(s)
release(t)
future(g,b)
call(a)b:
a
An Exception Handlere
-
8/8/2019 ESE-RTOS-2004
66/73
2004 C. Kirsch -66-
a ia
s
i
s s
0ms 5ms 10ms
2ms 4ms
2msNavigation
Control2ms
How to Loose Determinism: Task Synchronization
3ms
-
8/8/2019 ESE-RTOS-2004
67/73
2004 C. Kirsch -67-
Environment
Software
1 2
s
a
terminate(t)
How to Loose Determinism: Termination
-
8/8/2019 ESE-RTOS-2004
68/73
2004 C. Kirsch -68-
Environment
Software
1 2
s
a
s
1
Time Liveness: Infinite Traces
-
8/8/2019 ESE-RTOS-2004
69/73
2004 C. Kirsch -69-
Dynamic Linking
t
Functionality
CodeE Code
E Machine
d
call(s)
release(t)
future(g,b)
call(a)b:
g
-
8/8/2019 ESE-RTOS-2004
70/73
2004 C. Kirsch -70-
The Berkeley Helicopter
-
8/8/2019 ESE-RTOS-2004
71/73
2004 C. Kirsch -71-
t+10mst+10mst t t+5ms t+5ms t+7ms
HeliCtr
HeliNav
TDMA Slot
HeliNet
Platform Timeline: Time-triggered Communication
-
8/8/2019 ESE-RTOS-2004
72/73
2004 C. Kirsch -72-
t+10mst+10mst t t+5ms t+5ms t+7ms
HeliCtr
HeliNav
b2: call(s_ensing)release(Navigation[2])
release(Connection[(7,10)])
future(g,b1)
Code Generation for HeliNav
-
8/8/2019 ESE-RTOS-2004
73/73
Instructions
Triggering: future(g,b)b:
Scheduled
Task:
release(t)
tSynchronous
Driver:
call(d)
d
g: c c
g
