From: Peter Morris <no@spam.please.net>
Subject: Re: High-integrity networking
Date: Wed, 10 Oct 2007 15:59:17 +0930
Date: 2007-10-10T15:59:17+09:30 [thread overview]
Message-ID: <l3sog357n18c6onk58a3sbru4sn1tn606d@4ax.com> (raw)
In-Reply-To: 1191845623.383675.190820@d55g2000hsg.googlegroups.com
On Mon, 08 Oct 2007 05:13:43 -0700, Maciej Sobczak
<see.my.homepage@gmail.com> wrote:
>Hi,
>
>Ravenscar describes the language subset and the usage patterns for
>multitasking within a single process.
>I'm interested in patterns and solutions for high-reliability
>networking/middleware.
>
>Just "extrapolating" Ravenscar to the distributed environment can lead
>to some imaginably constrained environment where the set of
>communicating nodes is constant, the number and configuration of
>channels is statically known, the types (and lengths) of messages are
>known up front, etc.
>There are some start-up issues with ensuring all these constraints
>(for example, the locations of other nodes would need to be first read
>from some configuration file/database before the connections can be
>established, etc., so that the initialization phase would need to be
>more pronounced than just stating that something happens at the
>package elaboration), but it seems feasible.
>
>Can you recommend some papers on this? Is there any document of the
>Ravenscar profile kind that targets high-integrity networking and
>middleware approaches?
I came across this paper:
Issues with using Ravenscar and the Ada Distributed Systems Annex for
High-Integrity Systems
http://www.acm.org/sigada/ada_letters/march2001/103-audsley_1.pdf
It identified the following problem:
"It is clear that in order to facilitate distributed
high-integrity real-time programming, the run-time
support for distributed programming itself should conform
to the Ravenscar profile. We have illustrated in this paper
that this support requires greater expressive power than that
afforded by Ravenscar. The result is greater complexity in
the run-time � the code is almost certainly less analyzable,
and definitely harder to produce and read."
I don't know if anyone has solved this problem.
However I know it is possible implement CSP channels in Ravenscar for
multi-tasking programs running on a single processor.
http://www.springerlink.com/content/j7h8rr665r0x20n9/
So it might be possible to also implement CSP channels in Ravenscar
for communication between different processors.
Eg suppose a serial link between two processors was managed at one end
by a task that relayed data to the link from a CSP channel and at the
other by a task that relayed data from the link to a CSP channel.
Then distributed application tasks could communicate entirely via CSP
channels.
That might make the code easier to read and analyse.
Regards,
Peter Morris
next prev parent reply other threads:[~2007-10-10 6:29 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-08 12:13 High-integrity networking Maciej Sobczak
2007-10-08 16:03 ` Colin Paul Gloster
2007-10-08 20:35 ` Maciej Sobczak
2007-10-15 17:14 ` Colin Paul Gloster
2007-10-16 8:44 ` Maciej Sobczak
2007-10-08 21:02 ` Jeffrey R. Carter
2007-10-09 13:17 ` Maciej Sobczak
2007-10-09 17:37 ` Jeffrey R. Carter
2007-10-09 20:57 ` Maciej Sobczak
2007-10-10 13:16 ` Brian Drummond
2007-10-10 18:13 ` anon
2007-10-10 18:54 ` Peter Morris
2007-10-10 6:29 ` Peter Morris [this message]
2007-10-10 19:40 ` Simon Wright
2007-10-11 13:00 ` Peter Morris
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox