Cover ERCIM News 52

This issue in pdf
(64 pages; 7,6 Mb)

cover ERCIM News No. 51
previous issue

(Number 51
October 2002):
Special theme:
Semantic Web

all previous issues

Next issue:
April 2003

Next Special theme:
Cognitive Systems

About ERCIM News

Valid HTML 4.01!

< Contents ERCIM News No. 52, January 2003
Special Theme: Embedded Systems

DECOS - Dependable Embedded Components and Systems

by Dieter Donhoffer and Erwin Schoitsch

A proposal for the 'Integrated Project' DECOS for the 6th Framework Programme of the EU is being prepared by ARC Seibersdorf Research. Research on dependable embedded systems will result in certified generic commercial-off-the-shelf (COTS) components for safety-critical systems.

Embedded systems already play an important role not only in consumer electronics but also in many important and safety-critical systems in applications such as avionics, space, railway and transport, process control and medical systems. There are, for instance, already many embedded systems in cars with critical control functions (eg ABS braking systems, airbags), and these will become much more widely used in the automotive industry once they can be delivered at prices acceptable to the automotive market.

A study by Allied Business Intelligence Inc, 'X-by-Wire: A Strategic Analysis of Time-Triggered Architectures and Next-Generation Automotive Control Systems' ( study/ab8859_x_by_wire.html), expects the global market for automotive x-by-wire systems to grow from approximately $600 million in 2001 to over $27 billion in 2010.

Figure 1: Embedded Systems in modern cars.
Figure 1: Embedded Systems in modern cars.

The DECOS project, which is being prepared in cooperation with Prof. Hermann Kopetz at the Vienna University of Technology, is intended to develop dependable components and systems that will be applied in various control systems in the automotive and aerospace/avionics industries, as well as in railways and transport, industrial automation and medical instruments and systems. These 'embedded' computer systems, which realise various distributed, safety-relevant functions, will have enormous economic and societal relevance in the future.

The mission of DECOS is to develop an architecture-based design methodology and the associated COTS hardware and software components together with certified development tools and advanced hybrid control technologies. This will significantly reduce the design, deployment and life-cycle cost of dependable embedded applications and will integrate these applications seamlessly into the global information infrastructure. DECOS will contribute to strengthening Europe's leading position in highly developed control systems in the avionics (Airbus) and automotive industries and in the area of dependability of software-intensive systems.

The industry vision of DECOS was expressed by one of our partners, Mr. J. Rennhack from Airbus Germany, at the Embedded Systems concertation meeting in Brussels: "Aerospace and automotive industry have to work together to achieve Aerospace Safety at Automotive Cost."
The specific integration aspects of DECOS are twofold (see Figure 2):

  • Horizontal integration over a number of application sectors: automotive, aerospace, railways/transport, industrial automation/process control, medical devices and systems.
  • Vertical integration over the following levels:
    • highly integrated chips (SoC - systems on chip)
    • hard real-time core systems (integrating several available time-triggered protocols (TTP) such as TTA, FlexRay, TTCan, TT-Ethernet etc)
    • integration of time-triggered and event-triggered systems (see Figure 3)
    • integration of hard real-time, soft real-time and high-level environments (IP, other buses, legacy components, RT-CORBA etc).
Figure 2: DECOS Integration
Figure 2: DECOS Integration

DECOS will deal with the following research areas:

  • application architecture design and validation (design methodology, formal design methods, UML, design tools, composability, partitioning, security, dependability modelling, configuration management, tractability of requirements, interface specification)
  • component design and validation (programming models and tools, synchronous languages, worst-case execution time analysis, programmers' work bench for TT systems, operating systems, scheduling, tractability of requirements, component parameterisation, reuse of components)
  • mixed traffic integration (ET-TT integration, gigabit time-triggered network with integrated guardian in the star, integration of legacy protocols, dependable real-time networking issues)
  • middleware for dependable systems (dual-processor hardware, operating systems, fault-masking algorithms, fault-tolerance layer, standard API, dynamic reconfiguration, security, predictability, power awareness, CORBA)
  • smart transducers (hardware, meta-level description by XML, wireless transducer networks, EMI robustness, dynamic reconfiguration, remote diagnosis, location-aware sensors, low-power devices, CORBA)
  • distributed real-time control networks (system identification, model building, control algorithms, automatic code generation, hybrid systems, validation strategies)
  • distributed simulation (real-time simulation of a design, hardware in the loop, application demonstrators, eg Virtual Car including cockpit and visualisation, other simulation case studies)
  • certification (safety case, formal analysis, failure mode and effect analysis (FMEA), testing strategies, collection of evidence, fault-injection, software quality assurance, certification tools)
  • standardisation and training (project management standards, technical standards, quality assurance, version control, development of a training course, embedded system laboratory)
  • time-triggered applications (application-specific research projects in the field of dependable embedded systems along the TT paradigm, eg in the automotive industry, railway, aerospace/ avionics, process control and medical electronics).

The time-triggered architecture assumes that:

  • a large distributed control system is structured into clusters of components
  • every component has access to a fault-tolerant sparse global time-base of known preci-sion. Important time-critical actions are triggered by the progression of this global time
  • components communicate by the exchange of messages with a priori known latency and minimal jitter across well-specified (in the domains of time and value) interfaces
  • a component is a fault-containment unit (FCU).
Figure 3
Figure 3: Mixed Traffic Integration of different networks
( © Kopetz ).

Research on all these issues will be performed in the DECOS project. DECOS builds on the experience and results of more than twenty years of research in the field of dependable distributed real-time computing carried out by Prof. Kopetz at the Vienna University of Technology and, among others, the following EU-sponsored research projects:

  • PDCS: Predictably Dependable Computing Systems
  • DEVA: Design for Validation
  • TTA: Time-Triggered Architectures
  • X-by-WIRE: Safety Related Fault-Tolerant Systems in Vehicles
  • SETTA: Software Engineering for Time-Triggered Architectures
  • PAMELA: Prospective Analysis for Modular Electronic Integration in Airborne Systems
  • DSOS: Dependable Systems of Systems
  • FIT: Fault-Injection into the Time-Triggered Architectur
  • NEXT TTA: High-Confidence Architecture for Distributed Control Applications
  • HRTC: Hard Real-Time CORBA.

Over 100 interested partners from research and industry have already declared their interest in participating in the project. Close cooperation with the ERCIM Working Group on Embedded Systems will be maintained and the participation of ERCIM WG members in the DECOS project is encouraged.


Please contact:
Dieter Donhoffer, ARC Seibersdorf Research (AARIT)