|
Open License Society reinvents
RTOS Developed using formal
modeling, OpenComRTOS is the perfect Trustworthy RTOS for deeply embedded
and distributed systems Details online at www.OpenLicenseSociety.org Inspired by a revealing market
research While there are 100's of RTOS (Real Time Operating Systems) on the market, most of them cannot be certified. This was the result of a market study conducted by Open License Society in 2003 for the European Space Agency. It was found that while some specific ports of RTOS have been certified, most of the Commercial RTOS cannot be certified at all, and certainly not verified. Often for the simple reason that there is no design document. Open Source Software on the other hand comes with source code, but often doesn’t even have a user manual. Most of the time, the source code will have few comments and generally there will be no design document either. This can come as a surprise as the use of a RTOS is often a basic building block for embedded applications, that increasingly must meet stringent requirements in terms of safety and security. Another conclusion from the study was that the market offers inadequate and inefficient solutions, in particular for multi-processor target systems. Tackling the challenge using
experience and formal modeling Open License Society tackled
the challenge in an innovative way. While it was a new development, it
inherited years of experience with the Virtuoso RTOS
of Eonic Systems, before it was acquired by Wind River Systems in
2001.
OpenComRTOS breaks new ground
in the RTOS market OpenComRTOS breaks new ground in the field of Real-Time Operating Systems. Firstly, from the start it was developed as a scalable communication layer to support multi-processor systems ranging from multi-core chips with little memory to widely distributed systems that are physically connected trough third party communication networks. Secondly, it was from the ground up developed using formal modeling*. While the first approach was inspired by the Virtual Single Processor model adopted by the Virtuoso RTOS, the second approach was instrumental not only in achieving a trustworthy component, but also in achieving unparalleled performance with a very clean and portable architecture. An additional benefit of the architectural approach is that the RTOS kernel can even be multiplied on the same processing node, e.g. to provide monitoring and supervision functions for safety critical applications. The first release of OpenComRTOS features the so-called L0 layer. It provides kernel services for starting and stopping tasks, priority based preemptive scheduling, Packet allocation and deallocation and sending and receiving such Packets between the Tasks using intermediate Ports for synchronisation and communication. Entirely written in ANSI-C (MISRA checked), except the context switch, it can be optimized to about 840 bytes in a single processor implementation and 1600 bytes in a multi-processor implementation. The data memory needs are then less than 50 bytes for the single processor version. All services can be called in a blocking, non-blocking, blocking with time-out and asynchronous mode (at least when appropriate for the service). The kernel itself as well as the Drivers are also Tasks, increasing the modularity and decreasing the critical sections. While from the RTOS point of view the kernel essentially shuffles Packets around, for the application the Ports play the dominant role. Packets are sent to a Port where they synchronise with Packet receive request from other Tasks (or vice versa) . If no request is available, the Packets are put in a priority sorted waiting list. By its design, the L0-buffers cannot overflow. The L0 services have been designed as the basic functions that are needed in embedded (distributed or not) applications. While already rich in semantic behaviour, more elaborate and specialised services can be added using the L1 and L2 layer. The L1 layer will typically be used to provide traditional RTOS support like e.g. events, semaphores, FIFO queues, mailboxes, memory pools and resources. The first L1 layer to be developed is an emulation of the Virtuoso API** but the architecture allows supporting other RTOS API as well, although often only in a Single Processor version. In the L2 layer, more elaborate often application specific services can be added. The L1 and L2 layer however are optional. The formal modeling approach has also proven to be very effective for this work. Although the Virtuoso RTOS has been in use for 15 years and 3 successive generations were developed, the new architecture is much cleaner and smaller and novel approaches for providing more real-time predictability in less code were discovered. Details will be announced in a later release. To reduce further the code and
memory requirements, L0 and L1 objects are statically linked with all
datastructures being generated at compile time. The developer specifies
his topology and application objects in an xml database file. Support is
currently added in Eclipse to provide a graphical configuration
tool. Melexis as first
customer The first customer of
OpenComRTOS is Melexis (www.melexis.com), a leading supplier of
semiconductor chips for the automotive and consumer markets. Melexis is
mostly known for its smart sensor solutions that integrate extended
temperature and high voltage resistant analog sensors, MEMS and digital
controllers is a small package. The latest range of products, called the
MelexCM, features a dual-core CPU with up to 32 KBytes of on-chip program
flash memory and just 2KBytes of on-chip data memory. An OpenComRTOS test
program using 2 tasks continually sending and receiving 8byte packets
through an intermediate ports were benchmarked at 9574 Packets/second
on the 7.5 Mips MelexCM chip. In the continuous loop consisting of
2 task switches, 2 send and 2 receive services, this comes down
to 103 microseconds for each loop. Total memory requirements were
1230 Bytes of flash memory and 228 Bytes of data. Timing measurements were done
using the on-chip high resolution timer. Interrupt latency measured as the
time from a hardware interrupt to reading the data in a task was measured
at 55 microseconds on this 7.5 Mips processor. The application domain for OpenComRTOS is wide. As a trustworthy component, it forms a good basis for a developing applications that need safety and security support but have few processing and memory resources available. Portability itself is straightforward as it is completely written in ANSI-C. High performance, communication intensive applications will benefit from its very low memory requirements and transparent support for multi-processor applications. A natural candidate are FPGA based systems used in high band-width DSP applications. Sensor networks are another interesting application domain. OpenComRTOS also addresses the market of embedded chips that increasingly use multi-core CPUs for higher performance and lower power consumptions. In all such systems, zero-wait state memory is a scarce resource and the performance benefits from the low latency communication as well as from the low memory requirements. At the other end of the spectrum, OpenComRTOS can be used as a thin communication layer that connects heterogeneous systems together. About Open License Society.
Open License Society ( www.OpenLicenseSociety.org ) was created to research and develop a systematic Systems Engineering methodology. A key objective is the development of Trustworthy components, by applying such a systematic systems engineering methodology and formal modeling when possible. A first trustworthy component to be released is OpenComRTOS. Open License Society was founded by Eric Verhulst, formerly the founder of Eonic Systems. Eonic systems developed the Virtuoso RTOS that featured transparent parallel processing and focused on the DSP market. Virtuoso was the de facto market leader in high-end DSP systems until it was acquired in 2001 by Wind River Systems. *The formal modeling of
OpenComRTOS was done using TLA+/TLC of Leslie Lamport in cooperation with
the Contact data: Eric Verhulst, Open License Society Zavelstraat 160 Tel.: +32 407 608
339 email: eric.verhulst (@)
openlicensesociety.org |
|
|
