From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,eb0daafec4ae827a X-Google-Attributes: gid103376,public,usenet X-Google-Language: ENGLISH,ASCII Path: g2news2.google.com!news1.google.com!border1.nntp.dca.giganews.com!border2.nntp.dca.giganews.com!nntp.giganews.com!news1.optus.net.au!optus!newsfeeder.syd.optusnet.com.au!news.optusnet.com.au!not-for-mail From: Peter Morris Newsgroups: comp.lang.ada Subject: Re: High-integrity networking Date: Wed, 10 Oct 2007 15:59:17 +0930 Message-ID: References: <1191845623.383675.190820@d55g2000hsg.googlegroups.com> X-Newsreader: Forte Free Agent 2.0/32.652 MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit NNTP-Posting-Host: 58.110.87.148 X-Trace: 1191997724 19339 58.110.87.148 X-Original-Bytes: 3243 Xref: g2news2.google.com comp.lang.ada:2400 Date: 2007-10-10T15:59:17+09:30 List-Id: On Mon, 08 Oct 2007 05:13:43 -0700, Maciej Sobczak wrote: >Hi, > >Ravenscar describes the language subset and the usage patterns for >multitasking within a single process. >I'm interested in patterns and solutions for high-reliability >networking/middleware. > >Just "extrapolating" Ravenscar to the distributed environment can lead >to some imaginably constrained environment where the set of >communicating nodes is constant, the number and configuration of >channels is statically known, the types (and lengths) of messages are >known up front, etc. >There are some start-up issues with ensuring all these constraints >(for example, the locations of other nodes would need to be first read >from some configuration file/database before the connections can be >established, etc., so that the initialization phase would need to be >more pronounced than just stating that something happens at the >package elaboration), but it seems feasible. > >Can you recommend some papers on this? Is there any document of the >Ravenscar profile kind that targets high-integrity networking and >middleware approaches? I came across this paper: Issues with using Ravenscar and the Ada Distributed Systems Annex for High-Integrity Systems http://www.acm.org/sigada/ada_letters/march2001/103-audsley_1.pdf It identified the following problem: "It is clear that in order to facilitate distributed high-integrity real-time programming, the run-time support for distributed programming itself should conform to the Ravenscar profile. We have illustrated in this paper that this support requires greater expressive power than that afforded by Ravenscar. The result is greater complexity in the run-time � the code is almost certainly less analyzable, and definitely harder to produce and read." I don't know if anyone has solved this problem. However I know it is possible implement CSP channels in Ravenscar for multi-tasking programs running on a single processor. http://www.springerlink.com/content/j7h8rr665r0x20n9/ So it might be possible to also implement CSP channels in Ravenscar for communication between different processors. Eg suppose a serial link between two processors was managed at one end by a task that relayed data to the link from a CSP channel and at the other by a task that relayed data from the link to a CSP channel. Then distributed application tasks could communicate entirely via CSP channels. That might make the code easier to read and analyse. Regards, Peter Morris