An approach to the design of software for distributed real-time systems
- 格式:pdf
- 大小:232.20 KB
- 文档页数:49
当前位置:文档之家 › An approach to the design of software for distributed real-time systems
合集下载
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
AnApproachtotheDesignofSoftwareforDistributedReal-TimeSystems
AndrewJ.Vickers†andJohnA.McDermid
DepartmentofComputerScience
UniversityofYork
Heslington
York
Y015DD
ABSTRACT
Thedesignofdistributedreal-timesystemsisdifficultbecauseofthelargenumber
ofissuesinvolvedwiththeirdesign—inter-processcommunication,module
structure,timingconstraints,hardwareconstraints,reliability,etc.Inthispaper,we
showhowsuchissuesmayusefullybepartitionedthroughtheuseofviewpoints
beforebeingcombinedtogethertoprovideanoveralldesignsolution.Ourdesign
approachandnotationisbaseduponasetofconceptswhichareanalagoustothe
constructionindustry’snotionofanarchitecturewhichactsasthecentralartefact
withinthecivilengineeringdesignprocess.Theapproachisintroducedbywayof
asmallcasestudywhichallowsthereadertobeexposedtothedetailofthe
notationasitbecomesnecessarywithinthedevelopmentoftheexampledesign.
1.Introduction
Distributedreal-timesystemsarebecomingmoreandmorewidelyusedinapplicationssuch
aspowerstationmonitoringsystems,aeroplanecontrolsystems,etc.Adistributedsystem
typicallycontainslogicallyseparatemultipleprocessingunitsthatcommunicatebywayofsome
underlyingelectronicnetwork[1].Suchunitsmaybehousedtogetherorbephysicallyseparate
andmayormaynotsharememory.Distributedreal-timesoftwarecontrolssuchsystemsandin
doingsomustsatisfymanyoftherequirementsoftraditionaldataprocessingsoftware.Inaddition
suchsoftwaremustservicetheneedsofitsenvironmentwithinwell-definedtimingdeadlines(the
penaltiesintermsofriskandsafetytomanandtheenvironmentareoftensevereifsuchdeadlines
aremissed).Thisissue,andotherslikeit(includingreliability)areoftentermednon-functional
andareprevalentinthistypeofsoftware[2].
Itistypicallythesekindsofrequirementthatmakethesuccessfuldesignandimplementation
ofreal-timesystemssodifficult.Theserequirementsaredifficulttospecify,difficulttovalidate
againstanddifficulttosatisfyinimplementation.Perhapshowever,themaindifficultyinrealising
distributedreal-timesystemsisthattherequirementsarehardtodesignwith;atleastinpartthisis
becausethenon-functionalpropertiesareemergent,ratherthanbeingpropertieswhichwecan
allocateorbudgetinsometop-downdesignprocess[3].Itisusuallythecasethatsuchnon-
functionalissuesaredealtwithlateinthedesignprocess,i.e.duringimplementation[4,5]where
theyareoftenaddressedthroughtheuseof‘tinkering’or‘optimisation’techniques.Whilstthis
worksoccasionally,itfailswhentheissuewasultimatelydecidedbysomepreviousdesign
decision(forexample,noamountofoptimisationwillincreasesystemperformanceifsome
structuraldesigndecisionwastakenwhichintroducedbottlenecksatalloftheperformance
†AndrewVickersisfundedbyanSERCStudentship.sensitiveareas).Theanswertothisproblemistodesignwiththeseissuesinmind—havea
designthatincorporatesallaspectsofthesolution[5].Wemustfindwaysofbringingsomeof
theseemergentpropertiesexplicitlyintothedesignprocess.Thisistheunderlyingconceptofan
architecture.
Turningforthemomenttoaconstructionindustryviewofthisproblem,wenotethatthe
architectureofabuildingisdevisedbyanArchitectasa‘‘grandplan’’[6]ofwhatistobebuilt
—thearchitectureisthecentralartefactofthedesignprocess.Analysisofpoorlyunderstood
requirementsisstillimportant,butitisnotundertakeninisolationwithoutthedesignbeing
considered,atleasttosomeextent.Requirementsareexpectedtochangeastheproblembecomes
betterunderstoodandarethemselvesmergedwithstatementsconcerningthesolution[7].
InthiswaytheArchitectbuildsupanevolvabledescriptionofthesolutiontotheproblem—
thedesignisprogressivelyshapedastherequirementsbecomeclearer.Requirementsissueswhich
wouldonlyberelevantintermsofcertaindesigndecisionsaredelayeduntilthosedecisionshave
beenmade—forexample,thedetailedrequirementsforafloor-to-floormovingpathwaywould
onlybeconsideredoncethefloorsthemselveshadbeencommittedtoinadesignsense.The
resultantarchitectureisthenusedasaworkplanfortheactualimplementationaswellasproviding
an‘assuredyardstick’withwhichtomeasurethecorrectnessofthebuildingconstruction.Inthis
waythearchitectureisabletoactasthebasisforcontractualagreementbetweenthecustomerand
thedeveloper.
ThisshouldbecontrastedwithconventionalSoftwareEngineeringwisdomwherethe
requirementsspecificationisusuallywhatisagreedto—whichisessentiallywhatthedeveloper
thinksthatthecustomerthinksiswanted.Thereisadifferenceinemphasisbetweenthetwo
industries:theimportanceofrequirementsinSoftwareEngineeringasopposedtoarchitecturein
CivilEngineering.
Amajortenetofourworkisthatasimilarphilosophyneedstobe,andcanbe,usedin
developingsoftwaresystems,especiallydistributedreal-timesystemswherewhatisrequiredis
heavilycontingentuponwhatcanberealised(suchanapproachacknowledgestherealitiesand
constraintsofconcurrentengineering).Withinthiscontextonecanconsideracomputational
architectureashavingtoservetwopurposes:
1.Itshouldincludealloftheinformationnecessarytosubsequentlyalloweachpartofthe
systemtobedevelopedindependently.
2.Itshouldtellyoueverythingyouneedtoknowtoshowthattherequirementswillbesatisfied
ifandonlyifthecomponentsareimplementedasspecified.
Inordertoallowforsubsequentdevelopment,thenotationusedtodescribethearchitecture
mustbesufficientlycompletetoallowfortherepresentationandmanipulationofallrelevant
information.Itisimportantthatthearchitecturaldesignnotationisnot‘‘representationally
myopic’’[8]—itneedstobecapableofrepresentingtheissuesthatcaninfluenceandeffecta
distributedreal-timesystem’sdesign[2].Thecompletenessalsoprovidesconfidencefromthe
assessmentthatmustbemadeindeterminingwhetherthearchitecturedescribesasuitablesolution
tothegivenproblemdefinition.Ifalltherelevantinformationconcerningsubsequentconstruction
hasbeendeclared,thentechniquesshouldbeavailablefordecidingwhetherthesolutionisgoing
tobeanadequateonewithouthavingtoimplementit.Clearlythisisanidealisedview—butour