Re: Need help with PowerPC/Ada and realtime tasking

[JP Thornley <jpt@diphi.demon.co.uk>]

In article: <d-struble.107.001A95C3@ti.com>  d-struble@ti.com (Dave 
Struble) writes:
> 
> I am an experienced real time system designer who is just learning
> how to use Ada.  I am also just learning how to use the Power PC
> (my target system).
	[snip]
> The intent is to design the software in such a way that dependence 
> on the number of processors is minimized.
> 
> This is very "hard" real time -- life critical application and 
> interrupts occurring at a frequency roughly 1/100 the speed of
> the memory during peak situations (although most of the
> time it is somewhat less frequently).
> 

My first response is that safety-critical software does not go well
with interrupts and the use of tasking.  The main requirement of 
safety-critical code is predictability, which is made impossible if
you are coping with unpredictable interrupts and with hard-to-analyse
tasking syncronisations.

> I seek two kinds of information:
> I. - generic information on implementing hard real time applications
>   in Ada - applications where the Ada tasking model cannot be used
>   because: [snip]

I wouldn't expect to see anything other than a cyclic executive in 
safety-critical software.

> The kinds of things I seek are:
> - a textbook on real time applications in Ada

Have a look at Concurrency in Ada - Alan Burns, Andy Wellings,
Cambridge University Press 1995, ISBN 0 521 41471 7, hardback

> - a white paper or technical paper 
> - an on-line document of some kind
> - a series of hints or whatever from an expert

Both of the authors above are at the University of York (UK) so
you might find something on the University web site - I don't have
a web address, but try an address based on york.ac.uk

> 
> The kinds of information/questions I have are:
> 
> 1) What sorts of approaches do people use for tasking when
>    the Ada tasking model is too slow?  How machine independent
>    can these be?

In safety-critical systems, predictability of operation comes first,
second and third - factors such as speed and platform independence
come a long way behind - in fact I don't see any way that you can
qualify the system without defining the hardware it will be running 
on as software cannot be qualified on its own.

> 2) What approaches can be used for sharing memory between
>   processes that may or may not be located in the same processor
>   (but the processors do have some shared memory and some
>   local memory)

Ada provides mechanisms for data structures to be mapped to specific
memory addresses.

> 3) What techniques are commonly used to synchronize?
> 4) What kinds of features do off-the-shelf run time systems
>   offer to support these kinds of applications and what are
>   the advantages and drawbacks of different systems/approaches?

Look at the CSMART run-time from Thompson (used for some of the 
safety-critical code on the Boeing 777 - does not include any 
tasking) and ask about the future availability of a run-time 
with restricted tasking features.

Otherwise you will have to produce your own run-time as none of the 
others are (AFAIK) suitable for safety-critical systems.

> 5) What other questions should I be asking and what are their
>   answers?
> 6) What pitfalls are likely?

It is not clear what (if any) authority will be responsible for 
certifying your system, but you should look for some relevant 
software development standards for safety-critical code.  In the
civil field the usual one is DO178B (I don't have a reference to 
hand but can get it if you want).

Hope this helps,

Phil Thornley

-- 
------------------------------------------------------------------------
| JP Thornley    EMail jpt@diphi.demon.co.uk                           |
------------------------------------------------------------------------