Abstract
The correct operation of time-triggered protocols highly depends on the well-synchronized clocks of the system. To maintain the global time, one strict constraint must be exerted on communication activities (e.g. temporal padding and sparse time base etc.), which not only increases complexity of the protocol design but also incurs a penalty in the network utilization. While for event-triggered protocols, it is difficult to achieve the real-time requirement and determinism. Therefore, it is necessary to explore the combination of the advantages of these two categories of protocol for applications in different scenarios. This paper proposes the Safe Node Sequence Protocol (SNSP), which is a variant of full time-triggered protocol TTP/C. In SNSP, a strict node sequence is defined and the order of communication events is established by this pre-configured order without binding to global time, so the protocol changes communication activities and error detection to an event-triggered model. Therefore, SNSP possesses the characteristics of both time-triggered and event-triggered model. Also, the potential impact of global time, such as byzantine clock failure, on the protocol is eliminated. At the same time, the formal verification of SNSP is much easier in the absence of global time. Moreover, we model the protocol and use formal checker SPIN to validate the basic fault-tolerant requirement of SNSP. The simulation results show the protocol enables better resource utilization and is more effective.
Similar content being viewed by others
References
Kopetz H (1991) Event-triggered versus time-triggered real-time systems, operating systems of the 90s and beyond. Lecture Notes Comput Sci 563:86–101
Kopetz H (2011) Real-time systems: design principles for distributed embedded applications, 2nd edn. Springer, Germany
Trawczynski D, Sosnowski J, Zalewski J (2007) The effect of large clock drifts on performance of event and time triggered network interfaces. In: 2nd international conference on dependability of computer systems (DepCoS-RELCOMEX ’07), Szklarska, pp 344–351
Kopetz H (1992) Sparse time versus dense time in distributed real-time systems. In: Proceedings of 12th international conference on distributed computing systems, Yokohama, pp 460–467
Sinha A, Lobiyal DK (2013) Performance evaluation of data aggregation for cluster-based wireless sensor network. Human Centric Comput Inf Sci 3(13):1–17
Li CJ, McGuire N, Zhou QG (2009) A new real-time network protocol-node order protocol. In: Proceedings of 11th real time Linux workshop, Dresden
Correll K, Barendt N, Branicky M (2005) Design consideration for software only implementations of the ieee 1588 precision time protocol. In: Conference on IEEE 1588 standard for a precision clock synchronization protocol for networked measurement and control systems, Winterthur, pp 1–6
Hartwich F, Müller B, Führer T, Hugel R (2002) Timing in the TTCAN network. In: Proceedings of the 8th international CAN conference (iCC’02), Las Vegas, pp 1–8
Leen G, Heffernan D (2002) TTCAN: a new time-triggered controller area network. Microprocessors Microsyst 26(2):77–94
Kopetz H, Grunsteidl G (1993) TTP—a time-triggered protocol for fault-tolerant real-time systems,. In: The twenty-third international symposium on fault-tolerant computing (FTCS-23), Toulouse, pp 524–533
Zaidi S, Boutekkouk F (2013) Design and simulation of the timed triggered protocol (TTP) using agents. In: Proceeding of 2013 AASRI conference on intelligent systems and control, vol 4, Vancouver. Published in AASRI Procedia, pp 110–117
Karlsson A (2002) X-by-wire systems and time-triggered protocols, Master Thesis. Uppsala University, Sweden
Koptez H (2001) A comparison of TTP/C and FlexRay, Research Report, Technische Universität Wien, Austria. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.87.2330&rep=rep1&type=pdf. Accessed 19 Feb 2014
ROBERT BOSCH GmbH (1991) CAN Specification Version 2.0. http://esd.cs.ucr.edu/webres/can20.pdf. Accessed 19 Feb 2014
Tovar E, Vasques F (1999) Real-time fieldbus communications using profibus networks. IEEE Trans Ind Electron 46(6):1241–1251
Berwanger J, Peller M, Griessbach R (2000) Byteflight—a new protocol for safety critical applications. In: Seoul 2000 FISITA world automotive congress, Seoul, pp 1–7
Cena G, Valenzano A (2004) Performance analysis of byteflight networks. In: Proceedings of 2004 IEEE international workshop on factory communication systems, Vienna, pp 157–166
Ethernet POWERLINK Standardization Group (2008) Ethernet POWERLINK communication profile specification EPSG DS 301 V1.1.0. http://www.ethernet-powerlink.org
Tindell K, Burns A, Wellings A (1995) Calculating controller area network (can) message response times. Control Eng Pract 3(8):1163–1169
Davis RI, Burns A, Bril RJ, Lukkien JJ (2007) Controller area network (CAN) schedulability analysis: refuted, revisited and revised. Real Time Syst 35(3):239–272
Zhang S, Burns A, Chen J, Lee E (2004) Hard real-time communication with the timed token protocol: current state and challenging problems. Real Time Syst 27(3):271–295
Pop T, Pop P, Eles P, Peng Z, Andrei A (2008) Timing analysis of the FlexRay communication protocol. Real Time Syst 39(1–3):205–235
Wang Z, Song YQ, Chen JM, Sun YX (2002) Real time characteristics of ethernet and its improvement. In: Proceedings of the 4th world congress on intelligent control and automation, vol 2, Shanghai, pp 1311–1318
Alves M, Tovar E, Vasques F (2000) Ethernet goes real-time: a survey on research and technological developments, Technical Report. Polytechnic Institute of Porto. http://www.cister.isep.ipp.pt/docs/ethernet+goes+real%252Dtime%253A+a+survey+on+research+and+technological+developments/68/view.pdf. Accessed 19 Feb 2014
Decotignie J-D (2005) Ethernet-based real-time and industrial communications. Proc IEEE 93(6):1102–1117
Kopetz h, Ademaj A, Grillinger P, Steinhammer K (2005) The time-triggered Ethernet (TTE) design. In: Eighth IEEE international symposium on object-oriented real-time distributed computing (ISORC 2005), Seattle, pp 22–33
Smith MA, Ramakrishnan KK (2002) Formal specification and verification of safety and performance of TCP selective acknowledgment. IEEE/ACM Trans Netw 10(2):193–207
Wang A, Jia L, Zhou W, Ren Y, Loo BT, Rexford J, Nigam V, Scedrov A, Talcott C (2012) FSR: formal analysis and implementation toolkit for safe interdomain routing. IEEE/ACM Trans Netw 20(6):1814–1827
Thong TV (2012) Formal verification of secure ad-hoc network routing protocols using deductive model-checking, Technical Report. Budapest University of Technology and Economics, Budapest
de Renesse R, Aghvami AH (2004) Formal verification of ad-hoc routing protocols. Using SPIN model checker. In: Proceedings of IEEE MELECON 2004, Dubrovnik, pp 1177–1182
Deng Y, Grumbach S, Monin J-F (2011) A framework for verifying data-centric protocols. In: Bruni R, Dingel J (eds) FMOODS/FORTE 2011, ser. LNCS, vol 6722. Springer, Reykjavik, pp 106–120
Chen M, Monin J-F (2012) Formal verification of netlog protocols. In: Proceedings of 2012 sixth international symposium on theoretical aspects of software engineering, Beijing, pp 43–50
Zhou R, Min R, Yu Q, Li CJ, Sheng Y, Zhou QG, Wang X, Li KC (2014) Formal verification of fault-tolerant and recovery mechanisms for safe node sequence protocol. In: The 28th IEEE international conference on advanced information networking and applications (AINA-2014), Victoria
Wei Y-H, Leng Q, Han S, Mok AK, Zhang WL, Tomizuka M (2013) RT-WiFi: real-time high-speed communication protocol for wireless cyber-physical control applications. In: 2013 IEEE 34th real-time systems symposium (RTSS 2013), Vancouver, pp 140–149
Edlinger R, Zauner M, Rokitansky W (2013) RRTLAN—a real-time robot communication protocol stack with multi threading option. In: 2013 IEEE international symposium on safety, security, and rescue robotics (SSRR), Linkoping, pp 1–5
Tran AT, Kim MK (2012) A real-time communication protocol considering load balancing in Ad hoc network. In: Proceeding of 2012 7th international forum on strategic technology (IFOST), Tomsk, pp 1–4
Yoon M, Kim Y-K, Chang J-W (2013) An energy-efficient routing protocol using message success rate in wireless sensor networks. J Converg 4(1):15–22
Lamport L, Shostak R, Pease M (1982) The Byzantine generals problem. ACM Trans Program Lang Syst 4(3):382–401
Bauer G, Kopetz H, Puschner P (2001) Assumption coverage under different failure modes in the time-triggered architecture. In: Proceedings of 8th IEEE international conference on emerging technologies and factory automation, Antibes-Juan les Pins, pp 333–341
Holzmann GJ (1990) Design and verification of computer protocols. Prentice Hall, USA
Poledna S (1996) Fault-tolerant real-time systems: the problem of replica determinism. Kluwer Academic Publishers, USA
European Committee for Electrotechnical Standardization (CENELEC)(2001) Railway applications-communication, signalling and processing systems-part 1: Safety-related communication in closed transmission systems, BS EN 50159–1, Std
Tovar E, Vasques F (1998) Scheduling real-time communications with P-NET. IEE colloquium on real-time systems (Digest No. 1998/306), York, pp 9/1–9/5
Park S, Jung IY, Eom H, Yeom HY (2013) An analysis of replication enhancement for a high availability cluster. J Inf Process Syst 9(2):205–216
Broster I, Burns A (2003) An analysable bus-guardian for event-triggered communication. In: 24th IEEE real-time systems symposium (RTSS 2003), Cancun, pp 410–419
Temple C (1998) Avoiding the babbling-idiot failure in a time-triggered communication system. Twenty-eighth annual international symposium on fault-tolerant computing. Munich, pp 218–227
Rushby J (2002) An overview of formal verification for the time-triggered architecture. In: Proceedings of the 7th international symposium on formal techniques in real-time and fault-tolerant systems: co-sponsored by IFIP WG 2.2, Oldenburg, published in Lecture Notes in Computer Science, vol 2469, pp 83–105
Holzmann GJ (2003) The SPIN model checker: primer and reference manual. Addison-Wesley, USA
Li CJ, McGuire N, Zhou QG, Yang MQ (2010) Using spin model checking for node sequence protocol verification. In: Proceedings of 12th real-time Linux workshop, Nairobi
Lamport L, Shostak R, Pease M (1982) The Byzantine general problem. ACM Trans Program Lang Syst 4(3):382–401
Huth M, Ryan M (2004) Logic in Computer science: modelling and reasoning about systems, 2nd edn. Cambridge University Press, UK
Schwarz M (2002) Implementation of a TTP/C cluster based on commercial gigabit ethernet components, Master Thesis. Technische Universität Wien, Vienna
Acknowledgments
This work is supported in part by National Natural Science Foundation of China under Grant No. 60973137, Program for New Century Excellent Talents in University under Grant No. NCET-12-0250, Gansu Sci.&Tech. Program under Grant No. 1104GKCA049, 1204GKCA061, 1304GKCA018 and 1212RJYA003, The Fundamental Research Funds for the Central Universities under Grant No. lzujbky-2013-k05, lzujbky-2013-43, lzujbky-2013-44 and lzujbky-2012-44, Gansu Telecom Cuiying Research Fund under Grant No. lzudxcy-2013-4, Google Research Awards, Google Faculty Award, and Providence University research program, under grant PU102-11100-A12.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhou, R., Li, C., Min, R. et al. On design and formal verification of SNSP: a novel real-time communication protocol for safety-critical applications. J Supercomput 69, 1254–1283 (2014). https://doi.org/10.1007/s11227-014-1157-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-014-1157-2