The time-triggered architecture

The Time-Triggered Architecture (TTA) is a computer architecture for distributed real-time systems in safety critical applications, such as computer controlled brakes, or computer assisted steering in an automobile. The TTA is a composable architecture for the design of large real-time systems. Its main characteristics are a common notion of time in all subsystems of the architecture and the provision of fully specified interfaces, called temporal firewalls, between these subsystems. This paper gives an overview of the TTA, discusses the architectural principles, describes the sensor/actuator interfaces in the TTA and informs about the implementation of fault-tolerance in the TTA.

[1]  J. Goldberg,et al.  SIFT: Design and analysis of a fault-tolerant computer for aircraft control , 1978, Proceedings of the IEEE.

[2]  Hermann Kopetz,et al.  TTP - A time-triggered protocol for fault-tolerant real-time systems , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[3]  Nancy A. Lynch,et al.  An Upper and Lower Bound for Clock Synchronization , 1984, Inf. Control..

[4]  Pierre-Jacques Courtois,et al.  On time and space decomposition of complex structures , 1985, CACM.

[5]  Hermann Kopetz,et al.  THE ARCHITECTURE OF MARS , 1995, Twenty-Fifth International Symposium on Fault-Tolerant Computing, 1995, ' Highlights from Twenty-Five Years'..

[6]  Jerome H. Saltzer,et al.  End-to-end arguments in system design , 1984, TOCS.

[7]  H. Kopetz,et al.  Dependability: Basic Concepts and Terminology , 1992, Dependable Computing and Fault-Tolerant Systems.

[8]  Friedrich W. von Henke,et al.  Mechanical Verification of Clock Synchronization Algorithms , 1998, FTRTFT.

[9]  H. Kopetz,et al.  TTP -- A New Approach to Solving the Interoperability Problem of Independently Developed ECUs , 1998 .

[10]  Hermann Kopetz,et al.  Real-time systems , 2018, CSC '73.

[11]  Hermann Kopetz Component-based design of large distributed real-time systems , 1997 .

[12]  J. Arlat,et al.  Integration and Comparison of Three Physical Fault Injection Techniques , 1995 .

[13]  Mihajlo D. Mesarovic,et al.  Abstract Systems Theory , 1989 .

[14]  Hermann Kopetz Component-based design of large distributed real-time systems , 1998 .

[15]  Eberhardt Rechtin Systems Architecting: Creating & Building Complex Systems , 1990 .

[16]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[17]  Stefan Poledna,et al.  Fault-tolerant real-time systems - the problem of replica determinism , 1996, The Kluwer international series in engineering and computer science.

[18]  Hermann Kopetz,et al.  The non-blocking write protocol NBW: A solution to a real-time synchronization problem , 1993, 1993 Proceedings Real-Time Systems Symposium.

[19]  Hermann Kopetz TTP/A - A Time-Triggered Protocol for Body Electronics Using Standard UARTS , 1995 .

[20]  Wilfried Elmenreich,et al.  A universal smart transducer interface: TTP/A , 2000, Proceedings Third IEEE International Symposium on Object-Oriented Real-Time Distributed Computing (ISORC 2000) (Cat. No. PR00607).

[21]  Bev Littlewood,et al.  Predictably Dependable Computing Systems , 2012, ESPRIT Basic Research Series.

[22]  K. H. Kim,et al.  Temporal uncertainties in interactions among real-time objects , 1990, Proceedings Ninth Symposium on Reliable Distributed Systems.

[23]  J. Davenport Editor , 1960 .

[24]  Pascal Traverse AIRBUS and ATR System Architecture and Specification , 1988 .

[25]  Werner Schütz On the testability of distributed real-time systems , 1991, [1991] Proceedings Tenth Symposium on Reliable Distributed Systems.

[26]  Algirdas Avizienis,et al.  Toward Systematic Design of Fault-Tolerant Systems , 1997, Computer.

[27]  Hermann Kopetz,et al.  Clock Synchronization in Distributed Real-Time Systems , 1987, IEEE Transactions on Computers.

[28]  Hermann Kopetz,et al.  Transparent redundancy in the time-triggered architecture , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[29]  David Powell Distributed Fault Tolerance - Lessons Learned from Delta-4 , 1993, Hardware and Software Architectures for Fault Tolerance.

[30]  Algirdas Avizienis,et al.  The STAR (Self-Testing And Repairing) Computer: An Investigation of the Theory and Practice of Fault-Tolerant Computer Design , 1971, IEEE Transactions on Computers.

[31]  Edward A. Lee,et al.  What's Ahead for Embedded Software? , 2000, Computer.

[32]  Johan Karlsson,et al.  Comparison and Integration of Three Diverse Physical Fault Injection Techniques 1 , 1994 .

[33]  Holger Pfeifer Formal Verification of the TTP Group Membership Algorithm , 2000, FORTE.

[34]  Hermann Kopetz,et al.  Software engineering for real-time: a roadmap , 2000, ICSE '00.

[35]  Jim Gray,et al.  Why Do Computers Stop and What Can Be Done About It? , 1986, Symposium on Reliability in Distributed Software and Database Systems.

[36]  Andreas Steininger,et al.  The PDCS Implementation of MARS Hardware and Software , 1995 .

[37]  Günter Grünsteidl,et al.  TTP - A Protocol for Fault-Tolerant Real-Time Systems , 1994, Computer.

[38]  Rona B. Stillman Air Traffic Control: Complete and Enforced Architecture Needed for FAA Systems Modernization , 1997 .

[39]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[40]  Hermann Kopetz,et al.  Elementary versus composite interfaces in distributed real-time systems , 1999, Proceedings. Fourth International Symposium on Autonomous Decentralized Systems. - Integration of Heterogeneous Systems -.

[41]  Edward A. Lee Embedded Software — An Agenda for Research , 1999 .

[42]  Jaynarayan H. Lala,et al.  Hardware and software fault tolerance: a unified architectural approach , 1988, [1988] The Eighteenth International Symposium on Fault-Tolerant Computing. Digest of Papers.

[43]  Hermann Kopetz,et al.  Temporal firewalls in large distributed real-time systems , 1997, Proceedings of the Sixth IEEE Computer Society Workshop on Future Trends of Distributed Computing Systems.

[44]  Francesco Tisato,et al.  ON THE DUALITY BETWEEN EVENT-DRIVEN AND TIME-DRIVEN MODELS , 1995 .

[45]  H. Pfeifer,et al.  Formal verification for time-triggered clock synchronization , 1999, Dependable Computing for Critical Applications 7.

[46]  John Rushby,et al.  Formal Verification of the Interactive Convergence Clock Synchronization Algorithm using EHDM , 1989 .

[47]  U. Voges Software Diversity in Computerized Control Systems , 1988, Dependable Computing and Fault-Tolerant Systems.

[48]  J. H. Lala,et al.  Architectural principles for safety-critical real-time applications , 1994, Proc. IEEE.

[49]  Herbert A. Simon,et al.  The Sciences of the Artificial , 1970 .

[50]  Chris J. Walter,et al.  The MAFT Architecture for Distributed Fault Tolerance , 1988, IEEE Trans. Computers.

[51]  Thomas Thurner,et al.  Time-triggered architecture for safety-related distributed real-time systems in transportation systems , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[52]  Hermann Kopetz,et al.  Distributed fault-tolerant real-time systems: the Mars approach , 1989, IEEE Micro.

[53]  K. H. Kim,et al.  A real-time object model RTO.k and an experimental investigation of its potentials , 1994, Proceedings Eighteenth Annual International Computer Software and Applications Conference (COMPSAC 94).

[54]  Algirdas Avizienis,et al.  The N-Version Approach to Fault-Tolerant Software , 1985, IEEE Transactions on Software Engineering.

[55]  Michael Paulitsch,et al.  An investigation of membership and clique avoidance in TTP/C , 2000, Proceedings 19th IEEE Symposium on Reliable Distributed Systems SRDS-2000.