From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=0.2 required=5.0 tests=BAYES_00,INVALID_MSGID, REPLYTO_WITHOUT_TO_CC autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,59dddae4a1f01e1a X-Google-Attributes: gid103376,public From: JP Thornley Subject: Re: Need help with PowerPC/Ada and realtime tasking Date: 1996/05/18 Message-ID: <1026696wnr@diphi.demon.co.uk>#1/1 X-Deja-AN: 155693240 x-nntp-posting-host: diphi.demon.co.uk references: x-mail2news-path: relay-4.mail.demon.net!post.demon.co.uk!diphi.demon.co.uk organization: None reply-to: jpt@diphi.demon.co.uk newsgroups: comp.lang.ada Date: 1996-05-18T00:00:00+00:00 List-Id: In article: d-struble@ti.com (Dave Struble) writes: > > I am an experienced real time system designer who is just learning > how to use Ada. I am also just learning how to use the Power PC > (my target system). [snip] > The intent is to design the software in such a way that dependence > on the number of processors is minimized. > > This is very "hard" real time -- life critical application and > interrupts occurring at a frequency roughly 1/100 the speed of > the memory during peak situations (although most of the > time it is somewhat less frequently). > My first response is that safety-critical software does not go well with interrupts and the use of tasking. The main requirement of safety-critical code is predictability, which is made impossible if you are coping with unpredictable interrupts and with hard-to-analyse tasking syncronisations. > I seek two kinds of information: > I. - generic information on implementing hard real time applications > in Ada - applications where the Ada tasking model cannot be used > because: [snip] I wouldn't expect to see anything other than a cyclic executive in safety-critical software. > The kinds of things I seek are: > - a textbook on real time applications in Ada Have a look at Concurrency in Ada - Alan Burns, Andy Wellings, Cambridge University Press 1995, ISBN 0 521 41471 7, hardback > - a white paper or technical paper > - an on-line document of some kind > - a series of hints or whatever from an expert Both of the authors above are at the University of York (UK) so you might find something on the University web site - I don't have a web address, but try an address based on york.ac.uk > > The kinds of information/questions I have are: > > 1) What sorts of approaches do people use for tasking when > the Ada tasking model is too slow? How machine independent > can these be? In safety-critical systems, predictability of operation comes first, second and third - factors such as speed and platform independence come a long way behind - in fact I don't see any way that you can qualify the system without defining the hardware it will be running on as software cannot be qualified on its own. > 2) What approaches can be used for sharing memory between > processes that may or may not be located in the same processor > (but the processors do have some shared memory and some > local memory) Ada provides mechanisms for data structures to be mapped to specific memory addresses. > 3) What techniques are commonly used to synchronize? > 4) What kinds of features do off-the-shelf run time systems > offer to support these kinds of applications and what are > the advantages and drawbacks of different systems/approaches? Look at the CSMART run-time from Thompson (used for some of the safety-critical code on the Boeing 777 - does not include any tasking) and ask about the future availability of a run-time with restricted tasking features. Otherwise you will have to produce your own run-time as none of the others are (AFAIK) suitable for safety-critical systems. > 5) What other questions should I be asking and what are their > answers? > 6) What pitfalls are likely? It is not clear what (if any) authority will be responsible for certifying your system, but you should look for some relevant software development standards for safety-critical code. In the civil field the usual one is DO178B (I don't have a reference to hand but can get it if you want). Hope this helps, Phil Thornley -- ------------------------------------------------------------------------ | JP Thornley EMail jpt@diphi.demon.co.uk | ------------------------------------------------------------------------