Figure 4 - uploaded by Bran Selic
Content may be subject to copyright.
Source publication
In this paper, we introduce a high-level design pattern that can be applied to a broad class of real-time systems. This pattern, which we call Recursive Control, provides a systematic method for dealing with what are traditionally considered ancillary software functions (system start up and shut down, failure detection and recovery, on-line mainten...
Similar publications
The performance of the vehicle dynamics stability control system(DSC) is dominated by the accurate estimation of tire forces in real-time.The characteristics of tire forces are determined by tire dynamic states and parameters,which vary in an obviously large scope along with different working conditions.Currently,there have been many methods based...
Presents a reference architecture for the control of mechanical
systems. The architecture, called the “Joint Architecture”,
is derived in part from existing real-time control systems and
manufacturing systems integration architectures at the National
Institute of Standards and Technology. The Joint Architecture is under
development and not yet comp...
Citations
... In short, the task of controlling software can be s u m m a r i z e d as: bringing software into the desired operational state or states (that is, states in which it can successfully perform its intended purpose) and to maintain it in those states in the face of any planned or unplanned disruptions. 2 In many cyberphysical systems, the amount of code dedicated to controlling software in the above sense can be significantly greater than the amount of code dedicated to the system's primary function. For example, in the telecom system in which the AUDIT program operated, a redundant stand-by processor configuration had to be implemented to support the extreme system availability requirement. ...
The author states that AUDIT was an embarrassing admission of defeat, reflecting a development team resigned to the poor quality of their code. It dawned on him much later that the AUDIT program was simply an example of the very ancient feedback control loop pattern. In his experience, there is little awareness of the importance and complexity of the task of controlling software among software developers.
... As suggested in this paper, to be genuinely useful, a pattern must be accompanied by a specific working example that will help developers understand and evaluate the pattern and give them a good starting point for their own implementation. For avoiding complexity that can be caused by highly coupled control and service-providing aspects of a real-time system, an architectural design pattern has been introduced in [49]. Realizing the fact that a system cannot start performing its service-level functionalities before reaching an operational state, this pattern allows encapsulation of the system service functionality within the control functionality which improves reliability and maintainability of the system. ...
Software development guidelines are a set of rules which can help improve the quality of software. These rules are defined on the basis of experience gained by the software development community over time. This paper discusses a set of design guidelines for model-based development of complex real-time embedded software systems. To be precise, we propose nine design conventions, three design patterns and thirteen antipatterns for developing UML-RT models. These guidelines have been identified based on our analysis of around 100 UML-RT models from industry and academia. Most of the guidelines are explained with the help of examples, and standard templates from the current state of the art are used for documenting the design rules.
... It is well acknowledged in this domain that it is beneficial to separate the two on the level of architecture, by defining them as different architectural entities. For instance, Selic [15] calls the principle 'separation of control from function' and defines an architectural pattern named Recursive Control Pattern. The core idea of the pattern, shown in Figure 2, is [15] to have some components responsible for coordination and other components responsible for computation. ...
... For instance, Selic [15] calls the principle 'separation of control from function' and defines an architectural pattern named Recursive Control Pattern. The core idea of the pattern, shown in Figure 2, is [15] to have some components responsible for coordination and other components responsible for computation. We denote the former as a controller and the latter as the processing part of a control software system (see Figure 1). ...
It is considered good practice in control software design to distinguish computation and coordination on the architectural level. Current component models largely fail to provide distinct abstractions for that purpose. In this paper, we introduce such distinct abstractions. In particular, we introduce controller patterns, an abstraction for defining coordination in the context of component-based software development. We present their definition and demonstrate their usage in a case study, conducted in our prototype tool.
... They stated that pattern-based control engineering is not a control design method in the classic sense but a new way of managing and exploiting existing design knowledge for control systems, leading to better solutions. With the same judgement, Selic (1996) stated that design patterns capture proven solutions, which, if applied intelligently, can result in significant benefits in terms of productivity and reliability. In summary, researchers believe that using this method leads to control systems designed better, i.e. they are more modular, adaptable, understandable, and evolvable. ...
... In the following, we will look at two well-known researches on domain-independent design patterns for generic real-time control systems. Selic (1996) presented a high-level design pattern for generic real-time control software. This pattern, which he calls Recursive Control, provides a systematic method for dealing with software functions such as system start-up and shut-down, failure detection and recovery, on-line maintenance, etc.. ...
... Therefore, complex functional components can be further decomposed in the same way into more simple functional components. Moreover, the design pattern can be applied recursively which means that it is applicable across a wide range of levels and scopes, starting from the highest system architectural level down to individual components (Selic, 1996). In this way, composite components can be built and therefore the hierarchical architecture of a real-time control system can be formed. ...
This thesis addresses two issues: (i) developing an implementation framework for Multi-Agent Control Systems (MACS); and (ii) developing a pattern-based safe-guarded MACS design method.
The Multi-Agent Controller Implementation Framework (MACIF), developed by Van Breemen (2001), is selected as the starting point because of its capability to produce MACS for solving complex control problems with two useful features:
• MACS is hierarchically structured in terms of a coordinated group of elementary and/or composite controller-agents;
• MACS has an open architecture such that controller-agents can be added, modified or removed without redesigning and/or reprogramming the remaining part of the MACS.
However, this framework still had some shortcomings that give room for improvement. An enhancement scheme has been realized: developing a new implementation framework for MACS that inherits and improves the advantages of the MACIF and simultaneously provides the missing features for the MACIF. Through evaluating four possible approaches, that can be applied to develop real-time MACS using concepts and operation mechanisms of the MACIF, the solution using the OROCOS framework (Orocos, 2009a) has been selected for developing a new implementation framework for MACS. After studying the resemblance between the MACIF and the OROCOS framework, a functional combination of the two frameworks has been realized. As a result, we obtain an OROCOS-based Implementation Framework for MACS (OROMACS framework), which supports the development of multi-threaded MACS with deterministic real-time control behavior, thread-safe real-time inter-process communication mechanism, and the capability of handling events. The way of integration used in this combination results in a low coupling between these frameworks. Hence, change of the OROCOS framework will not require much modification of the MACS developed by using the OROMACS framework.
In addition, the port-based polymorphic modeling approach (De Vries, 1994) has been brought to the OROMACS framework. Polymorphic modeling is the division of a subsystem description into a subsystem type and a subsystem specification, and the expression of a subsystem type in terms of one or more designated other types. This approach has been applied to the OROMACS framework in such a way that a controller-agent with a particular Type can be implemented in the form of different Elementary and/or Composite Specifications. This "one Type with multiple Specifications" approach makes the controller-agent and MACS polymorphic. This property, called polymorphism, opens the possibility to create libraries of structures for which the detailed implementation is unspecified. As a result, with a sufficiently rich library of multiple specifications, the design and programming of a control system becomes a matter of configuration and composition of controller-agents. Moreover, the OROMACS framework allows designers to decide beforehand a desired control strategy by selecting suitable coordinators.
Although the OROMACS framework brings with it the improvements, it still faces two shortcomings: (i) the trade-off between the desire to achieve a MACS design with good control performances and a short development time; and (ii) the lack of support for reusability of design results from previous projects into new projects. These shortcomings are tackled by using a combination of the OROMACS framework with the pattern-based design method, which results in a pattern-based safe-guarded MACS design method. This design method is demonstrated by means of two case studies.
First, we design a safe-guarded MACS for the DemoLin setup, a simple single-axis electro-mechanical motion system with the dominant compliance in the transmission. The design is required to meet three particular requirements (multi-operation modes, good control performances, and safe-guarded control equiped with capabilities: error detection, error handling, graceful degradation, and error recovery). Based on this design, we have formulated a generalized safe-guarded control solution for simple mechatronic systems, i.e. motion systems with one degree-of-freedom (1-DoF).
Next, we design a safe-guarded MACS for the TriPod setup, a complex three-axis electro-mechanical motion system. This design reuses the design results of the DemoLin setup. This reusability is proven through reusing two parts of the MACS design: the operation control and the safe-guarded control. The only thing that remains to be done is to modify application-specific settings (e.g. trajectory, controller parameters, coordinators, etc.). Based on this design, we have formulated a generalized safe-guarded control solution for complex mechatronic systems, i.e. motion systems with multiple degrees-of-freedom (n-DoF). The design method makes the design and programming of real-time safe-guarded MACS become a matter of configuration and composition of the whole design. This is done through the application of proper design patterns and selection of suitable specifications for controller-agents to quickly build up a complete MACS. As a result, the short time-to-market objective with regard to the control system development can be obtained.
This thesis has developed control system design patterns in which the Safe-Guarded Agent is one of main design patterns. This design pattern can flexibly handle faults and particularly fault propagations that may happen in n-DoF motion systems. Specifically, the Safe-Guarded Agent deals with two possibilities of fault propagations: (i) the propagations of influence spheres of faults, i.e. from faults occurring on a single axis to faults involving multiple axes; and (ii) the propagations of criticality levels of faults, i.e. from warning to serious, from serious to dangerous, and from warning to dangerous.
... De cette façon, les requêtes provenant de diérents clients n'interfèrent pas entre elles. Finalement, [46] décrit le recursive control pattern qui sépare les aspects contrôle (ensemble de services secondaires) et les aspects service (services primaires) dans un programme temps-réel, permettant que chaque aspect soit déni et modié indépendamment. Plus de détails sur l'utilisation de tels patterns pour la conception de logiciels temps-réel peuvent être trouvés dans [47]. ...
... Just like for the design of the middleware TAO (see chapter 2), the middleware presented in this document is built using the object-oriented design patterns approach [41,24,42,43,44,45,46,47] (see appendix A for an example of design pattern). The goal of this approach is to propose object-oriented solutions for design problems arising in a certain context. ...
Our objective is to propose a methodology for the development of an automotive embedded middleware that provides communication services to the applicative level software. This work is focused on the design of automotive functions, where the nowadays context demands a middleware capable of offering standard communication services, hiding the localization of the participants in the exchanges, masking the heterogeneity of communication platforms, and ensuring that the timing constraints imposed on the exchanges and on the execution of the participants are met.
The proposed methodology is aimed for the design of an optimized middleware. For this purpose, it deals with two topics: the specification of an implementation architecture, and the construction of a feasible configuration. The implementation architecture is optimized because the middleware is well adapted to its execution environment (operating system OSEK/VDX OS), and minimizes the utilization of the available resources. It contributes, on the one hand, to a specification of a software architecture (built using design patterns), and, on the other hand, to mechanisms allowing to deploy this software architecture onto a concrete platform (under the form of a set of tasks). The algorithm proposed for the construction of a configuration determines feasible timing characteristics for the middleware and for the frames exchanged over a CAN bus. It covers also the calculation of a feasible set of priorities for the applicative tasks executing on each station of the bus. The correctness of the configuration is achieved by ensuring that the timing constraints imposed on the exchanges and on the execution of the applicative and middleware tasks are met.
... As a consequence, new paradigms and methodologies for real-time software development emerged with the purpose of managing the complexity generated by these new requirements, [14, 13]. Such methodologies usually adapts existing software engineering techniques to the real-time scenario, such as middleware technologies [7, 21], distributed components [11, 20], design patterns [23], and architectural models [26] . Among these, component-based system development is a promising technique, due to its inherent ade-quacy to distribution (a component is an independent entity ) and easy maintainability (components can be easily replaced). ...
... Previous work has applied software engineering techniques on industrial S&C systems. In [23] and [26] the use of design patterns for control systems have were investigated . In [5] a CORBA-based architecture for S&C systems development has proposed, which corresponds to CORBA services and interfaces for supervision and data acquisition activities. ...
Nowadays, the development of flexible and interoperable software platforms for industry is an important issue. The CCM model captures two paramount features of such platforms, as it combines component-based middleware (easy composition of new applications and maintainability) and the openness of the CORBA standard. Though there exist an implementation of CCM devoted to real-time systems (CIAO platform), much effort is needed to validate its use in the real-time industry scenario. This paper contributes to this goal by presenting the design and implementation of a new framework over CIAO, which conforms to the DAIS standard (data acquisition from industrial systems). We discuss our design decisions and show how the framework can be used to develop distinct S&C applications. We also discuss implementation details and show performance data from a series of experiments
... Hence, besides integration and interoperability , the design of such systems has now to consider new requirements such as distribution, scalability, adaptation, reusability, and web access123. To address these new challenges, new methodologies for real-time software development emerged, adapting conventional software engineering techniques to the real-time scenario (e.g., [4, 1,567 ). Among these, component-based system development is a promising technique, due to its inherent adequacy to distribution (a component is an independent entity) and easy maintainability (components can be easily replaced). ...
Integration and interoperability are major challenges of modern supervision and control industrial systems. Such needs arise from the use of equipments from different vendors, with operating systems and communications incompatibilities, up to diverse factory machinery -each of them usually supplied by a specialized company (PLC's, numerical control machines, robot arms). The ARCOS platform has been developed to address this important issue of modern industrial systems. It is based on the CCM model, which combines component-based middleware (easy composition of new applications and maintainability) and the openness of the CORBA standard. This paper overviews the ARCOS platform and discusses its components designed to provide a flexible failure detection mechanism. Such components can be customized to handle distinct QoS requirements and be adaptive to the current system and network load.
... The idea of documenting the best practices in software development as patterns for building embedded and real-time systems is a recent research topic. The first important work on this topic was the " Recursive Control " pattern for real-time control systems [15]. Another major landmark is the collection of patterns proposed by Douglass to design object-oriented real-time systems [5]. ...
It is a common practice amongst programmers to construct parts of software programs by imitating parts of programs constructed by more experienced professionals. This “learn by example” approach can be applied at the design level by using patterns as sets of rules and recommendations to solve well-defined tasks within the development of computer-based systems. This paper describes the multi-level ICIS pattern, to be used at various design levels of industrial control-based information systems, where embedded devices are networked to interact with the industrial processes and equipment. The proposed pattern is described using several UML diagrams.
... The idea of documenting the best practices in software development as patterns for building embedded and real-time systems is a recent research topic. The first important work on this topic was the " Recursive Control " pattern for real-time control systems [15]. Another major landmark is the collection of patterns proposed by Douglass to design object-oriented real-time systems [5]. ...
It is a common practice amongst programmers to construct parts of software programs by imitating parts of programs constructed by more experienced professionals. This "learn by example" approach can be applied at the design level by using patterns as sets of rules and recommendations to solve well-defined tasks within the development of computer-based systems. This paper describes the multi-level ICIS pattern, to be used at various design levels of industrial control-based information systems, where embedded devices are networked to interact with the industrial processes and equipment. The proposed pattern is described using several UML diagrams. Full Text at Springer, may require registration or fee
... The Recursive Control pattern [Sel96] was developed by Bran Selic (ObjecTime Ltd.). It describes a systematic method for dealing with support functions. ...
The design and development of real-time software (i.e. software that must ensure timeliness while interacting with an external environment) is more difficult than for most other software. Modeling tools help deal with this complexity, allowing developers to view the system at various levels of abstraction, animate the models in a simulation environment, and even generate the code for a variety of target hardware/RTOS configurations. A natural extension to these tools is to provide support for design patterns (a method of documenting experience in the form of problem/context/solution triples for recurring problems). Such an extension provides yet another layer of abstraction to the models, and makes explicit the application of design patterns.
