CN111813522B - Virtual ARINC 653 simulation verification platform - Google Patents
Virtual ARINC 653 simulation verification platform Download PDFInfo
- Publication number
- CN111813522B CN111813522B CN202010655912.8A CN202010655912A CN111813522B CN 111813522 B CN111813522 B CN 111813522B CN 202010655912 A CN202010655912 A CN 202010655912A CN 111813522 B CN111813522 B CN 111813522B
- Authority
- CN
- China
- Prior art keywords
- partition
- message
- queue
- sent
- partitions
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012795 verification Methods 0.000 title claims abstract description 15
- 238000004088 simulation Methods 0.000 title claims abstract description 13
- 238000005192 partition Methods 0.000 claims abstract description 253
- 238000000034 method Methods 0.000 claims abstract description 157
- 230000008569 process Effects 0.000 claims abstract description 146
- 238000004891 communication Methods 0.000 claims abstract description 55
- 238000005070 sampling Methods 0.000 claims abstract description 38
- 238000012544 monitoring process Methods 0.000 claims abstract description 19
- 238000012545 processing Methods 0.000 claims abstract description 19
- 230000036541 health Effects 0.000 claims abstract description 17
- 230000006870 function Effects 0.000 claims abstract description 15
- 230000007246 mechanism Effects 0.000 claims abstract description 8
- 238000013507 mapping Methods 0.000 claims description 9
- 230000002159 abnormal effect Effects 0.000 claims 1
- 230000003213 activating effect Effects 0.000 claims 1
- 238000007726 management method Methods 0.000 abstract description 40
- 238000013468 resource allocation Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 15
- 238000004590 computer program Methods 0.000 description 7
- 230000000903 blocking effect Effects 0.000 description 5
- 239000000725 suspension Substances 0.000 description 5
- 238000013461 design Methods 0.000 description 4
- 238000009826 distribution Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000003860 storage Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000004075 alteration Effects 0.000 description 2
- 230000003139 buffering effect Effects 0.000 description 2
- 238000012937 correction Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000010354 integration Effects 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 230000000737 periodic effect Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 241001522296 Erithacus rubecula Species 0.000 description 1
- 230000005856 abnormality Effects 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000005059 dormancy Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000004260 weight control Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
- G06F9/4881—Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/542—Event management; Broadcasting; Multicasting; Notifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/544—Buffers; Shared memory; Pipes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
- G06F9/546—Message passing systems or structures, e.g. queues
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2209/00—Indexing scheme relating to G06F9/00
- G06F2209/48—Indexing scheme relating to G06F9/48
- G06F2209/484—Precedence
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2209/00—Indexing scheme relating to G06F9/00
- G06F2209/54—Indexing scheme relating to G06F9/54
- G06F2209/548—Queue
Abstract
The invention discloses a virtual ARINC 653 simulation verification platform, and relates to the field of onboard embedded simulation software. The method is used for solving the problems of high resource allocation requirement and poor universality of the existing real-time operating system based on ARINC 653 standard because the source code is not disclosed. The platform comprises partition management, wherein the partition management is used for creating a plurality of partitions according to an XML configuration file and carrying out partition configuration on the partitions; scheduling the multiple partitions according to a time window rotation mode, and scheduling multiple processes included in the partitions according to a priority preemption mode; communication management, which is used for completing the communication between the partitions based on the sampling port and the queue port according to the shared memory mechanism and the partition configuration; completing communication between processes in the partition based on the blackboard and the cache; and the health monitoring management is used for receiving the error codes sent by the partitions, and calling the processing functions corresponding to the error codes to perform error processing according to the error codes.
Description
Technical Field
The invention relates to the field of onboard embedded simulation software, in particular to a virtual ARINC 653 simulation verification platform.
Background
In recent years, the aviation environment of the information intelligence age is more and more complex, and the avionics system is gradually developed towards the direction of intelligence, modularization and integration. The addition of complex software and hardware resources places higher demands on the processing power and weight control of the avionics system. The traditional combined architecture lacks of safety, portability and expandability, and does not meet the development requirement of high integration of the current avionics system. Therefore, the ARINC653 standard based on the integrated modular avionics architecture (INTEGRATED MODULAR AVIONIC, IMA) is becoming more and more widely adopted in the avionics field. The ARINC653 standard is a specification formulated for avionics application program interfaces based on the IMA architecture and describes the runtime environment of an embedded real-time operating system. The partition mechanism is adopted, each partition is loaded to a standard hardware platform according to configuration requirements, the problems of non-expandability and redundancy of the original architecture are solved, and the design of safety, portability and expandability of the system is realized on the basis of ensuring the portability of the system.
The commercial operating systems based on ARINC 653 standard abroad comprise VxWorks653 of Fenghe company, lynxOS-178 of LynuxWorks company and the like, are embedded real-time operating systems based on IMA architecture, adopt a partition isolation mechanism, divide each partition into different processor units, enjoy independent resources and run configured partition operating systems, embody the independence of the partitions, and ensure that the fault of one partition cannot be propagated to other partitions; the domestic partition operating system antenna 2 airborne operating system introduces DO-178B standard to develop and verify the system, finally ensures that the antenna 2 airborne operating system meets the application requirements of comprehensive and modularized systems, and realizes effective application in the comprehensive electronic field.
The existing real-time operating system based on ARINC 653 standard has the problems of high resource allocation requirement and poor universality because the source code is not disclosed.
Disclosure of Invention
The embodiment of the invention provides a virtual ARINC 653 simulation verification platform, which is used for solving the problems of high resource allocation requirement and poor universality of the existing real-time operation system based on ARINC 653 standard because the source code is not disclosed.
The embodiment of the invention provides a virtual ARINC 653 simulation verification platform, which comprises the following steps:
partition management, which is used for creating a plurality of partitions according to the XML configuration file and carrying out partition configuration on the plurality of partitions; scheduling a plurality of partitions according to a time window rotation mode, and scheduling a plurality of processes included in the partitions according to a priority preemption mode;
Communication management, which is used for completing the communication between the partitions based on sampling ports and queue ports according to a shared memory mechanism and the partition configuration; completing communication between the processes in the partition based on a blackboard and a cache;
And the health monitoring management is used for receiving the error codes sent by the partition, and calling the processing functions corresponding to the error codes to perform error processing according to the error codes.
Preferably, the partition includes a source port, a destination port, a queue and a shared memory; the source port adopts a sampling queue mode or a sampling mode; the destination port adopts a sampling queue mode or a sampling mode;
The partition management is used for establishing a mapping relation among the source, the destination and the channel according to the XML configuration file.
Preferably, the partition management is further configured to set a main time frame, where the main time frame includes a plurality of time windows, and determine an operation period and a scheduling period of each partition according to the main time frame, where each partition occupies one or more of the time windows in the main time frame;
When the time window of the first partition operation is determined to be finished, stopping running the process in the first partition, distributing CPU resources for a second partition, and running the process in the second partition; wherein a next operating partition of the first partition is the second partition.
Preferably, the partition management is further configured to:
Establishing hash mapping of each partition ID and partition state, when a process scheduling instruction is received, scheduling the process contained in the second partition if the state of the second partition is NORMAL;
When a plurality of processes with the same priority are included in one partition, scheduling the processes according to a first-in first-out algorithm; or alternatively
When a plurality of the processes included in one of the partitions have different priorities, allocating a time slice and the CPU resource to the process having the highest priority; wherein the time window comprises a plurality of the time slices.
Preferably, the communication management is for:
the queue port is used for storing the received message to be sent in a message queue in a first-in first-out mode, and when the process sends the message from the message queue, the process sends a first message to be sent, which is included in the message queue, when the message queue is determined to be non-empty, and deletes the first message to be sent from the message queue; or alternatively
The sampling port is used for storing the message to be sent in a shared memory in a mode of covering the message to be sent with the received message to be sent, and when the process sends the message from the sampling port, the destination port of the message to be sent is determined when the shared memory is determined to be non-empty, and the message to be sent is sent according to the destination port.
Preferably, the communication management is further configured to:
When the process sends a message from the queue port, setting a delay trigger, and when the queue port is determined to be empty, converting the state of the process into a waiting state, and after a trigger period, receiving the message to be sent from the queue port by the process; or alternatively
And when the process sends the message from the sampling port, setting a delay trigger, and when the shared memory is determined to be empty, converting the state of the process into a waiting state, and after one trigger period, receiving the message to be sent from the sampling port by the process.
Preferably, the communication management is for:
When the process reads the information from the blackboard, if the blackboard is not empty, the process reads the existing information from the blackboard;
When writing the message to the blackboard, if the blackboard is not empty, covering the received message with the existing message on the blackboard; or if the blackboard is empty, writing the received message on the blackboard;
when the process reads the information from the buffer queue, if the buffer queue is not empty, reading a first information of the buffer queue, and deleting the first information from the buffer queue;
When the process writes a message into the buffer queue, if the buffer queue is full, converting the process state into a waiting state; or if the buffer queue is not full, adding the message to the tail of the buffer queue.
Preferably, the communication management is further configured to:
When the process reads the information from the blackboard, setting a delay trigger, and if the blackboard is empty, converting the state of the process into a waiting state, and after a trigger period, reading the information from the blackboard by the process;
And when the process reads the information from the buffer queue, setting a delay trigger, and if the buffer queue is empty, reading the information from the buffer queue by the process after a trigger period.
The embodiment of the invention provides a virtual ARINC 653 simulation verification platform, comprising: partition management, which is used for creating a plurality of partitions according to the XML configuration file and carrying out partition configuration on the plurality of partitions; scheduling a plurality of partitions according to a time window rotation mode, and scheduling a plurality of processes included in the partitions according to a priority preemption mode; communication management, which is used for completing the communication between the partitions based on sampling ports and queue ports according to a shared memory mechanism and the partition configuration; completing communication between the processes in the partition based on a blackboard and a cache; and the health monitoring management is used for receiving the error codes sent by the partition, and calling the processing functions corresponding to the error codes to perform error processing according to the error codes. The partition management of the platform realizes flexible configuration of CPU resources according to the real-time requirements of the tasks through the affinity setting of the Windows system, ensures the priority execution of the real-time tasks, and realizes real-time performance; the communication management establishes interface virtual mapping through the specific implementation of the shielding bottom layer of the communication layer, realizes communication virtualization and has portability; the health monitoring management ensures stable transmission of fault information and enhances the fault processing capacity of the virtual simulation platform through the data distribution service based on the publish/subscribe model.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic structural diagram of a virtual ARINC 653 simulation verification platform according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a two-level scheduling model involved in partition management according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a partition scheduler scheduling model according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of an inter-partition communication model according to an embodiment of the present invention;
fig. 5 is a schematic diagram of a health monitoring model according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Introduction to related concepts
1. Partitioning: the partition is the core concept proposed by ARINC 653, which guarantees space-time isolation of the system. There may be one or more processes that exist simultaneously within a partition and share the partition's system resources.
2. Partition scheduling: partition scheduling is to allocate CPU resources according to a preset periodic time sequence, each partition is activated to run according to a window allocated to the partition, no priority is given between the partitions, and each partition runs at least once in each period.
3. The process comprises the following steps: the process is an adjustable unit in the partition, one or more processes are arranged in the partition, each process only belongs to one partition, all processes in the same partition share the system resources of the partition, and the processes can be executed.
4. And (3) scheduling the processes, wherein each process has a current priority, and a process scheduling algorithm is a preemptive strategy based on the priority.
5. Inter-partition communication refers to communication between two or more partitions running on the same module or on different modules, the inter-partition communication being performed by messages, including the following ways:
In the sampling mode, the message of the sampling port can be sent or covered by the new message;
in the queue mode, the messages can be queued in a message queue, namely, the messages in the message queue are not allowed to be covered, the messages in the message queue are not lost, and the messages are sent in a first-in first-out order.
6. Intra-partition communication refers to communication conducted within a partition, including the following:
Buffering for inter-process data transfer within a partition, allowing storage of multiple messages carrying different data, so that no overlay is allowed;
Blackboard, which is used to transmit data between processes in partition, message is not allowed to be queued, and message of blackboard can be cleared or covered by new message.
Fig. 1 schematically illustrates a structural schematic diagram of a virtual ARINC 653 simulation verification platform provided by an embodiment of the present invention, where, as shown in fig. 1, the simulation verification platform mainly includes partition management, communication management and health monitoring management.
The partition management design is used for solving the problems of untimely scheduling and poor stability of multi-task scheduling in the existing partition scheduling method, a partition model is established by analyzing ARINC 653 two-stage scheduling strategies and combining Windows affinity setting, and the problems of the existing partition scheduling are analyzed on the basis of the partition model, so that partition scheduling and process scheduling in a Windows environment are simulated and completed.
FIG. 2 is a schematic diagram of a two-stage scheduling model included in partition management according to an embodiment of the present invention, where, as shown in FIG. 2, the partition management includes a module scheduler and a partition scheduler, where the module scheduler is used for scheduling partitions, so that the partition management may also be inter-partition scheduling, and a time slice round robin scheduling algorithm is used to schedule multiple partitions; accordingly, the partition scheduler is configured to schedule a plurality of processes in each partition, schedule the processes in the partition based on a fixed priority scheduling algorithm, and schedule the processes using a first-in first-out algorithm when there are processes having the same priority.
In the embodiment of the invention, before partition scheduling or inter-partition scheduling is performed, a virtual module is firstly established according to an XML file, virtual partitions are virtually established, and initial configuration of the virtual partitions is completed. Specifically, virtual modules are created according to the related module initial information in the XML configuration file, and the virtual modules are bound on different CPUs according to the affinity setting. Further, the required shared memory is allocated for the established virtual module, and a main time frame parameter is set in one virtual module, wherein the main time frame parameter determines the running period and the scheduling period of each partition for subsequent partition scheduling. It should be noted that each partition may occupy one time window or may occupy multiple time windows in the main time frame.
And then creating virtual partitions in the virtual module according to the related partition initial information in the XML file, and initializing the partition information. Specifically, creating ports and channels according to the port initial information and the related channel initial information in the XML file, and initializing the port information and the channel information; and establishing an initial mapping relation between the port and the channel according to the related scheduling initial information in the XML file, namely finishing the initialization of scheduling.
When inter-partition scheduling is performed, a main time frame is divided into a plurality of time windows according to main time frame parameters, each time window operates a corresponding partition, and each partition preempts CPU resources based on a time slice rotation mode so as to perform partition scheduling. Specifically, the inter-partition scheduling adopts a time window rotation mode, the main time frame is a periodic fixed-length time, each partition occupies one or more time windows in the main time frame, the partitions are executed in the time windows, and when one time window is finished, the ARINC 653 simulation verification platform performs partition switching.
The partition switching is to stop the current operation partition and start the next operation partition, when the current operation partition time is over, the stop mark in the partition is set and the event of the scheduler in the partition is set, after the event is obtained by the scheduler in the partition, the current running process is stopped after the stop mark is detected; then setting an activity identifier in a next operation partition, wherein the scheduler in the partition detects the activity identifier, wakes up a process which should be operated in the partition and occupies the operation of a processor, and completes the activation of the next operation partition; and calculating the next scheduling time according to the duration time of the partition and updating the next scheduling time, so as to finish switching among the partitions. In the embodiment of the present invention, since the partition of the ARINC653 is simulated by the process of the general-purpose operating system, and the process of the ARINC653 is simulated by the thread of the general-purpose operating system, the switching of the partition actually corresponds to the stopping of the process of one general-purpose operating system and the starting of the process of the other general-purpose operating system.
It should be noted that, in the embodiment of the present invention, the inter-partition scheduler performs detection once every 1ms, and if the current system time is greater than the next scheduling time, it indicates that the duration of the current running partition has elapsed, and partition switching should be performed.
Specifically, if inter-partition scheduling judges that the current time window is over, the module scheduler informs the partition scheduler to suspend the current running partition, withdraws resources occupied by the current partition, moves the partition into a corresponding suspension queue, and then informs the partition scheduler to recover the next partition in the scheduling table, allocate corresponding resources for the next partition, and further complete the scheduling of the partition. For example, when it is determined that the time window in which the first partition is running ends, the partition scheduler is notified to stop running processes in the first partition, then allocates CPU resources to the second partition, and starts running processes in the second partition.
When partition scheduling is performed, the partition needs to maintain a waiting queue, a ready queue, a dormancy queue and a suspension queue according to different states of different processes running in the partition, so that the processes in the partition are managed.
Specifically, when the partition is switched, the partition scheduler suspends the running process of the partition or resumes the process with the highest priority of the partition based on the instruction of partition scheduling, thereby completing the suspension or wakeup of the partition. When performing process scheduling, the partition scheduler needs to determine whether the current partition allows the process scheduling or not, not only based on the inter-partition scheduling instruction.
Specifically, the partition scheduler judges whether the current partition can perform process scheduling by maintaining a system partition state table, the partition scheduler firstly establishes hash mapping of partition IDs and partition states, after receiving a process scheduling instruction, the partition scheduler inquires partition state information corresponding to the current partition IDs, and when the partition state is NORMAL, the partition scheduler starts to perform process scheduling; if the partition status is not NORMAL, the partition scheduler needs to return an error value, which indicates that the current partition does not support process scheduling.
FIG. 3 is a schematic diagram of a partition scheduler scheduling model according to an embodiment of the present invention, as shown in FIG. 3, when the partition scheduler performs process scheduling, the partition scheduler includes the following cases:
1) The partition scheduler searches the current process with the highest priority by traversing the ready queue, and allocates time slices and processor resources for the process with the highest priority;
2) When the partition scheduler confirms that the process with higher priority exists in the ready queue, the partition scheduler needs to stop the currently running process, change the state of the running process into a suspended state and add the suspended state into the corresponding queue, and then allocate time slices and processor resources to the process with higher priority, so that the scheduling of the process in the partition is completed;
3) When the partition scheduler traverses the ready queue and determines that the ready queue comprises a plurality of processes with the same priority, the partition scheduler schedules the processes with the same priority in the ready queue according to a first-in first-out algorithm, namely, allocates time slices and processor resources for the processes arranged in the first position according to the ordering mode of the existing processes in the ready queue.
In the embodiment of the invention, the communication management is designed to solve the problems of unstable communication and large delay of communication in the existing partition communication method, realize the communication of each partition among partitions based on a sampling and queue mode by using a shared memory mechanism, realize the communication of each process among partitions based on a blackboard and a buffer mode, and meet the stable and low-delay communication requirements. The inter-partition communication and intra-partition communication cooperate to ensure the communication integrity of the whole virtual ARINC 653 system.
Before inter-partition communication or intra-partition communication, communication is required according to the mapping relationship between the source port, the destination port and the channel. The partition comprises an active port, a destination port, a queue, a shared memory and the like.
Specifically, the size of the shared memory to be created is obtained according to the parsing of the XML file, so as to create a queue and a port, in practical application, the queue is also called a queue data structure, the queue data structure is used for storing the queue name information and the address offset where the queue is located, the port includes a queue port and a sampling port, the port is used for storing the port name and the port direction, and it is to be noted that a partition may include a plurality of source ports and destination ports, where the source ports adopt a queue mode or a sampling mode, and correspondingly, the destination ports adopt a queue mode or a sampling mode. In practical applications, the queue mode communicates through a queue port, and the sampling mode communicates through a sampling port.
When the establishment of the channel is completed, communication between the partitions can be performed. In the embodiment of the invention, the ports are divided into sampling ports and queue ports. The method for managing the messages by the queue port is to store the messages in the queue in a first-in first-out mode, so that the messages are not lost, and the message integrity is ensured; the mode of sampling port management information is that new information comes to cover old information, so that the information is always the latest information read by a destination port, and timeliness of the information is ensured.
Based on the sampling port and the queue port, the inter-partition communication also includes two situations of sending a message from the sampling port and sending a message from the queue port, and fig. 4 is a schematic diagram of an inter-partition communication model provided by an embodiment of the present invention, and the two situations are described below with reference to fig. 4:
1) Before a process sends a message from a sampling port, a shared memory needs to be applied for storing the message to be sent. Specifically, when the message to be sent arrives, the received message to be sent is used to cover the message to be sent stored in the shared memory, that is, only one message to be sent is stored in the shared memory, and the message to be sent is the latest message to be sent.
When a process reads a message from a sampling port, namely, when the process needs to read the message to be sent from the sampling port, a delay trigger is set at the same time, if the fact that the message to be sent exists in a shared memory is confirmed, namely, when the shared memory is not empty, the process reads the message to be sent from the sampling port, namely, the process reads a source port of the message to be sent, and then the message to be sent is read according to the source port; if it is confirmed that the message to be sent does not exist in the shared memory, that is, the shared memory is empty, the process is suspended, the process is added into the blocking queue, and after a trigger period is passed, the suspended process is activated by the delay trigger, and the process reads the message to be sent from the sampling port again.
2) Before a process sends a message from a queue port, a shared memory is required to be applied, and the shared memory is used for storing the message to be sent. Specifically, when a message to be sent arrives, the message to be sent is added to the tail of the message queue, namely the shared memory stores a message queue composed of a plurality of messages to be sent.
The method comprises the steps that a queue port stores received messages to be sent in a message queue according to a first-in first-out method, when a process reads the messages to be sent from the queue port, a delay trigger is set, if the messages to be sent exist in the message queue, namely, the message queue is not empty, the first messages to be sent, which are arranged at the forefront in the message queue, are sent, and then the first messages to be sent are deleted from the message queue; if no message to be sent exists in the message queue, namely, the message queue is empty, the process is suspended, the process is added into the blocking queue, and after a trigger period is passed, the suspended process is activated by the delay trigger, and the process reads the message to be sent from the queue port again.
It should be noted that, the first message to be sent is a message to be sent arranged at the first position of the message queue.
Before introducing communication in a partition, the blackboard and buffering are required to be introduced first, in the embodiment of the invention, the blackboard is created in the running process of a program, the configuration is not required in advance, a plurality of blackboards exist in one partition at the same time, and the plurality of blackboards exist at the same time are managed by using a linked list; the blackboard has no message queue and therefore will directly overwrite the old message on the blackboard when a new message arrives. The buffer is created in the running process of the program, the configuration is not needed in advance, and the linked list is used for managing the buffer.
1) When the process reads the information from the blackboard, a delay trigger is set at the same time, and if the information exists on the blackboard, the information existing on the blackboard is directly read from the blackboard; if there is no message on the blackboard, the process is suspended and added to the process blocking queue of the blackboard, and after a trigger period is passed, the delay trigger activates the suspended process, and the process reads the message from the blackboard again.
2) When the process writes the message into the blackboard, if the blackboard has the message, the latest message is directly covered on the original message on the blackboard; if there is no message on the blackboard, the latest message is directly written into the blackboard.
3) When the process reads the information from the buffer, a delay trigger is set at the same time, if the buffer queue is not empty, the first information in the buffer queue is read, then the first information is deleted from the buffer queue, and the first information in the buffer queue is the information arranged at the forefront of the buffer queue; if the buffer queue is empty, the process is suspended and added to the corresponding process blocking queue of the buffer, and after a trigger period is passed, the delay trigger activates the suspended process, and the process re-reads the message from the buffer queue.
4) When a process writes a message into a buffer, if the buffer queue is full, suspending the process, converting the process state into a waiting state, and adding the process into a blocking queue of a corresponding process; if the buffer queue is not full, the message is added to the tail of the buffer queue.
Health monitoring management enables resource sharing of user partitions and health monitoring partitions through the use of underlying network communications based on data distribution services. The health monitoring management adopts a publish/subscribe model, performs data transmission based on a topic, repacks a bottom communication interface, shields a physical layer from being realized, combines an APEX interface in a partition, takes a user partition as a topic publisher and a health monitoring partition as a topic subscriber, automatically transmits data through middleware, and realizes the expandability and low coupling of functions.
The health monitoring management is set to be in a suspension state; when the user program obtains error codes such as overtime or stack abnormality, the corresponding error information in the XML configuration file is obtained through a hash mapping function; the method comprises the steps that a corresponding port is obtained through a queue port name, corresponding error information is sent to a health monitoring partition based on an error transfer function of a data distribution service, the health monitoring partition is responsible for displaying the error information, and the error information is stored locally; the system activates the error handle which is created but in the suspension state, and the error handle guides the error processing function of the user to enter the running state, thereby realizing the user-defined error processing program.
It should be noted that, in the embodiment of the present invention, in order to better assist in health monitoring management to monitor a partition in real time and obtain error information, the following two measures are adopted in the embodiment of the present invention:
1) And the delay between partitions is reduced by adopting a high-precision clock synchronization technology, so that the synchronization precision is improved. The high-precision clock synchronization system is designed by analyzing a high-precision clock protocol, acquiring a time stamp in real time and designing a precise clock to design clock synchronization software, using an internal high-precision timer of an operating system as a clock source, and performing offset correction and delay correction on the clock source by setting an offset time stamp and a delay time stamp, thereby completing the design of the high-precision clock synchronization system.
2) Stack-based fault handling is provided using a stack real-time monitoring program. The method comprises the steps of obtaining the initialization stack size of a user partition by analyzing an XML configuration file, and comparing the stack space size of a program application with the stack size of the initialization partition when a user program runs, so that static stack monitoring is completed; and recording and maintaining a stack top pointer and a stack bottom pointer of the space where the current user program is located in real time, and adding the user program offset, so that real-time dynamic stack monitoring is realized. And finally, acquiring real-time stack information of the current running task through a real-time stack monitoring program, and outputting the real-time stack information to a local file for subsequent error state analysis.
In summary, an embodiment of the present invention provides a virtual ARINC 653 simulation verification platform, including: partition management, which is used for creating a plurality of partitions according to the XML configuration file and carrying out partition configuration on the plurality of partitions; scheduling a plurality of partitions according to a time window rotation mode, and scheduling a plurality of processes included in the partitions according to a priority preemption mode; communication management, which is used for completing the communication between the partitions based on sampling ports and queue ports according to a shared memory mechanism and the partition configuration; completing communication between the processes in the partition based on a blackboard and a cache; and the health monitoring management is used for receiving the error codes sent by the partition, and calling the processing functions corresponding to the error codes to perform error processing according to the error codes. The partition management of the platform realizes flexible configuration of CPU resources according to the real-time requirements of the tasks through the affinity setting of the Windows system, ensures the priority execution of the real-time tasks, and realizes real-time performance; the communication management establishes interface virtual mapping through the specific implementation of the shielding bottom layer of the communication layer, realizes communication virtualization and has portability; the health monitoring management ensures stable transmission of fault information and enhances the fault processing capacity of the virtual simulation platform through the data distribution service based on the publish/subscribe model.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (8)
1. A virtual ARINC 653 simulation verification platform, comprising:
partition management, which is used for creating a plurality of partitions according to the XML configuration file and carrying out partition configuration on the plurality of partitions; scheduling a plurality of partitions according to a time window rotation mode, and scheduling a plurality of processes included in the partitions according to a priority preemption mode;
Communication management, which is used for completing the communication between the partitions based on sampling ports and queue ports according to a shared memory mechanism and the partition configuration; completing communication between the processes in the partition based on a blackboard and a cache;
The health monitoring management is used for receiving the error codes sent by the partitions, displaying the error codes and storing the error codes; the error code is obtained from an XML configuration file by overtime or stack abnormal error code and hash mapping function; the XML configuration file is created for the user partition, and the XML configuration file comprises the error code;
And activating an error handle created and set in a suspended state by a user partition, so that the user partition confirms an error processing function according to the error handle, and processes error processing in the running state of the error processing function.
2. The authentication platform of claim 1, wherein the partition comprises a source port, a destination port, a queue, and a shared memory; the source port adopts a sampling queue mode or a sampling mode; the destination port adopts a sampling queue mode or a sampling mode;
The partition management is used for establishing a mapping relation among the source, the destination and the channel according to the XML configuration file.
3. The verification platform of claim 1, wherein the partition management is further configured to set a master time frame, the master time frame including a plurality of the time windows, determining a run period and a schedule period for each of the partitions according to the master time frame, each of the partitions occupying one or more of the time windows within the master time frame;
When the time window of the first partition operation is determined to be finished, stopping running the process in the first partition, distributing CPU resources for a second partition, and running the process in the second partition; wherein a next operating partition of the first partition is the second partition.
4. The verification platform of claim 3, wherein the partition management is further to:
Establishing hash mapping of each partition ID and partition state, when a process scheduling instruction is received, scheduling the process contained in the second partition if the state of the second partition is NORMAL;
When a plurality of processes with the same priority are included in one partition, scheduling the processes according to a first-in first-out algorithm; or alternatively
When a plurality of the processes included in one of the partitions have different priorities, allocating a time slice and the CPU resource to the process having the highest priority; wherein the time window comprises a plurality of the time slices.
5. The authentication platform of claim 1, wherein the communication management is to:
The queue port is used for storing the received message to be sent in the message queue in a first-in first-out mode; when the process sends the message to be sent from the queue port, firstly applying for a shared memory, and adding the message to be sent to the tail of the message queue;
When the process reads the message from the queue port, setting a delay trigger, and when the message is determined to be non-empty, reading a first message to be sent which is included in the message queue, and deleting the first message to be sent from the message queue; or when the message queue is determined to be empty, converting the state of the process into a waiting state, and reading the message to be sent from the queue port by the process after a trigger period.
6. The authentication platform of claim 1, wherein the communication management is to:
the sampling port is used for storing the message to be sent in a shared memory in a mode of covering the message to be sent with the received message to be sent, and when the process sends the message to be sent from the sampling port, the process firstly applies for a shared memory and adds the message to be sent into the shared memory;
when the process reads the message from the sampling port, setting a delay trigger, and when the shared memory is determined to be non-empty, reading the message to be sent of the shared memory; or when the shared memory is determined to be not, converting the state of the process into a waiting state, and reading the message to be sent from the sampling port by the process after a trigger period.
7. The authentication platform of claim 1, wherein the communication management is to:
When the process reads the information from the blackboard, if the blackboard is not empty, the process reads the existing information from the blackboard;
When writing the message to the blackboard, if the blackboard is not empty, covering the received message with the existing message on the blackboard; or if the blackboard is empty, writing the received message on the blackboard;
When the process reads the information from the buffer queue, if the buffer queue is not empty, reading a first information of the buffer queue, and deleting the first information from the buffer queue;
When the process writes a message into the buffer queue, if the buffer queue is full, converting the process state into a waiting state; or if the buffer queue is not full, adding the message to the tail of the buffer queue.
8. The authentication platform of claim 7, wherein the communication management is further to:
When the process reads the information from the blackboard, setting a delay trigger, and if the blackboard is empty, converting the state of the process into a waiting state, and after a trigger period, reading the information from the blackboard by the process;
And when the process reads the information from the buffer queue, setting a delay trigger, and if the buffer queue is empty, reading the information from the buffer queue by the process after a trigger period.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010655912.8A CN111813522B (en) | 2020-07-09 | 2020-07-09 | Virtual ARINC 653 simulation verification platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010655912.8A CN111813522B (en) | 2020-07-09 | 2020-07-09 | Virtual ARINC 653 simulation verification platform |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111813522A CN111813522A (en) | 2020-10-23 |
| CN111813522B true CN111813522B (en) | 2024-04-19 |
Family
ID=72843259
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010655912.8A Active CN111813522B (en) | 2020-07-09 | 2020-07-09 | Virtual ARINC 653 simulation verification platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111813522B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112445631A (en) * | 2020-12-02 | 2021-03-05 | 广东博智林机器人有限公司 | RTPS process communication method, device, electronic equipment and storage medium |
| CN112527522A (en) * | 2020-12-04 | 2021-03-19 | 中国航空工业集团公司成都飞机设计研究所 | Partitioned message subscribing and publishing method based on two-stage data pool |
| CN113312186B (en) * | 2021-03-04 | 2023-12-22 | 中国航空工业集团公司西安航空计算技术研究所 | Automatic generation method for inter-partition communication configuration under IMA platform |
| CN114880102B (en) * | 2022-07-04 | 2022-10-25 | 北京智芯半导体科技有限公司 | Security chip, multitask scheduling method and device thereof, and storage medium |
| CN117033003B (en) * | 2023-10-10 | 2024-01-19 | 沐曦集成电路(上海)有限公司 | Memory management method, electronic equipment and medium based on SystemVerilog |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2408525A1 (en) * | 2000-05-09 | 2001-11-15 | Mohamed Younis | Communication handling in integrated modular avionics |
| EP2743830A1 (en) * | 2012-12-13 | 2014-06-18 | Eurocopter España, S.A. | Flexible data communication among partitions in integrated modular avionics |
| CN105117279A (en) * | 2015-07-29 | 2015-12-02 | 西北工业大学 | Partition communication method of onboard operating system under Windows |
| CN106919386A (en) * | 2017-02-15 | 2017-07-04 | 北京航空航天大学 | The method and apparatus of code is generated based on ARINC653 operating systems |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10613914B2 (en) * | 2013-04-01 | 2020-04-07 | Oracle International Corporation | Orchestration service for a distributed computing system |
-
2020
- 2020-07-09 CN CN202010655912.8A patent/CN111813522B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2408525A1 (en) * | 2000-05-09 | 2001-11-15 | Mohamed Younis | Communication handling in integrated modular avionics |
| EP2743830A1 (en) * | 2012-12-13 | 2014-06-18 | Eurocopter España, S.A. | Flexible data communication among partitions in integrated modular avionics |
| CN105117279A (en) * | 2015-07-29 | 2015-12-02 | 西北工业大学 | Partition communication method of onboard operating system under Windows |
| CN106919386A (en) * | 2017-02-15 | 2017-07-04 | 北京航空航天大学 | The method and apparatus of code is generated based on ARINC653 operating systems |
Non-Patent Citations (3)
| Title |
|---|
| 一种飞行管理软件虚拟仿真环境的设计与应用;曹永杰;蔡栋材;李永波;;航空计算技术(04);全文 * |
| 基于分时分区操作***软件架构的应用;郑智健;赵刚;孙战;薛建彬;郭燕波;;火力与指挥控制(03);全文 * |
| 基于天脉653操作***的航空应用软件开发;吴姣;戴小氐;张亦姝;;航空计算技术(05);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111813522A (en) | 2020-10-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111813522B (en) | Virtual ARINC 653 simulation verification platform | |
| CN107025205B (en) | Method and equipment for training model in distributed system | |
| CN106933669B (en) | Apparatus and method for data processing | |
| US7657890B2 (en) | Scheduling system and method in which threads for performing a real-time operation are assigned to a plurality of processors | |
| JP2677744B2 (en) | Distributed memory digital computing system | |
| US20120324460A1 (en) | Thread Execution in a Computing Environment | |
| EP1501013A2 (en) | Method and system for scheduling real-time periodic tasks | |
| US20090271796A1 (en) | Information processing system and task execution control method | |
| JP2006515690A (en) | Data processing system having a plurality of processors, task scheduler for a data processing system having a plurality of processors, and a corresponding method of task scheduling | |
| CN109697122B (en) | Task processing method, device and computer storage medium | |
| US20130332926A1 (en) | Predictable computing in virtualizated distributed computer systems based on partitioning of computation and communication resources | |
| EP1519269A2 (en) | Method and system for real-time scheduling | |
| US20100153957A1 (en) | System and method for managing thread use in a thread pool | |
| CN102375761A (en) | Business management method, device and equipment | |
| CA2536037A1 (en) | Fast and memory protected asynchronous message scheme in a multi-process and multi-thread environment | |
| JPH03126158A (en) | Method and apparatus for scheduling | |
| AU2013206117A1 (en) | Hierarchical allocation of network bandwidth for quality of service | |
| WO2014110702A1 (en) | Cooperative concurrent message bus, driving member assembly model and member disassembly method | |
| CN110471777B (en) | Method and system for realizing multi-user sharing and using Spark cluster in Python-Web environment | |
| JP2005267118A (en) | Interprocessor communication system and program in parallel processing system using os for single processor | |
| US20140068165A1 (en) | Splitting a real-time thread between the user and kernel space | |
| CA1304513C (en) | Multiple i/o bus virtual broadcast of programmed i/o instructions | |
| CN113515361B (en) | Lightweight heterogeneous computing cluster system facing service | |
| CN111597044A (en) | Task scheduling method and device, storage medium and electronic equipment | |
| CN109558235A (en) | A kind of dispatching method of processor, device and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |