Towards a Flexible Time-Triggered Replicated Star forEthernet David Gessner, Juli´ an Proenza, Manuel Barranco ∗ DMI, Universitat de les Illes Balears, Spain davidges@gmail.com Lu´ ıs Almeida IT, Universidade do Porto, Portugal lda@fe.up.pt Abstract Distributed embedded systems have traditionally been designed using static approaches, i.e., assuming a static environment. Such approaches, however, cannot guaran- tee continuous operation under dynamic environments that impose new requirements upon a system as time passes. As a solution, flexible approaches have been proposed. One such approach that allows a system to adapt to chang- ing real-time requirements is the Flexible Time-Triggered (FTT) communication paradigm. Nevertheless, if continu- ous operation under dynamic environments is desired, then flexibility is not enough. Indeed, it is also crucial for the system to be sufficiently reliable. In this paper we there- fore explore some design ideas to make FTT highly reliable through fault tolerance by using replication. As a starting point we will use the switch of the Hard Real-Time Ethernet Switching (HaRTES) implementation of FTT. 1. Introduction Traditionally, distributed embedded systems (DES) have been designed to operate in environments that do not change over time. This has led to static approaches that are inadequate for continuous and correct operation un- der dynamic environments. The alternative are flexible ap- proaches. However, flexibility alone is not enough to guar- antee continuous operation: reliability is also essential. The goal of the project titled Fault Tolerance for Flexi- ble Time-Triggered communication (FT4FTT) is to demon- strate that it is possible to build a highly reliable DES that can change its real-time operation upon changing re- quirements imposed by a dynamic environment. For this it takes as a basis a master/multi-slave communication paradigm known as Flexible Time-Triggered communica- tion (FTT) [9], which is a bandwidth efficient approach to achieve flexibility with high reactivity. Previous work has been done to increase FTT’s reliabil- ity. However, it focused on FTT master replication without using any channel replication [7] or using replicated buses * c 2013 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redis- tribution to servers or lists, or reuse of any copyrighted component of this work in other works. doi:10.1109/ETFA.2013.6648137 HaRTES (master) Slave A Slave B Slave C Figure 1. HaRTES architecture. only [4], even though buses have significant disadvantages in terms of reliability when compared with replicated star topologies [2]. Moreover, these approaches were partial in the sense that they only focused on the communication channel. Having a reliable channel alone, however, does not necessarily improve the reliability of the whole system by much. In fact, it has been shown that without being able to tolerate the failures of nodes, introducing channel redun- dancy in an attempt to improve the system’s reliability, at least in the case of replicated stars, only improves the over- all reliability to a small degree [3]. The FT4FTT project therefore focuses on the whole system, including both the communication channel and the nodes. In this paper we present some design ideas for FTTRS, a Flexible Time-Triggered Replicated Star, which will pro- vide the communication channel for FT4FTT. FTTRS uses as its basis the switch of the Hard Real- Time Ethernet Switching (HaRTES) architecture, which is an implementation of FTT for Ethernet [6]. This switch allows the communication to be flexible, but it has not been designed with high reliability in mind, such as it is required in highly reliable DES. To make a system more re- liable, a classic approach is to use fault tolerance. FTTRS will therefore replicate the HaRTES switch, which includes the FTT master it embeds, to increase the reliability of the communication channel. This paper describes some ideas on how to do this replication. The paper is organized as follows. Section 2 gives an overview of HaRTES; Section 3 presents the basic archi- tecture for FTTRS; sections 4 and 5 discuss some specific details of channel and master replication, respectively; and Section 6 gives the conclusions and mentions future work. 2. HaRTES: an overview As shown in Figure 1, HaRTES implements a simplex (not replicated) microsegmented star topology, with the