- Email: [email protected]
Specification and Modelling of Time-Window Mechanisms for FIP Fieldbus
Copyright ~ IF AC Intelligent Components and Instruments for Control Applications, Annecy, France, 1997
SPECIF1CATION AND MODELLING OF TIME-WINDOW MECHANISMS FOR FIP FIELDBUS
P.LORENZ
JUT/GTR 34, rue du Grillenbreit 68008 Colmar - FRANCE Email: [email protected]
Abstract: 1bis paper introduces specification techniques to express temporal constraints in communication systems and presents a model to elaborate temporal statuses generated by a state-machine. The state-machine qualifies variable values exchanged between distributed tasks. The proposed mechanisms applied to PIP fieldbus shows how to elaborate refreshment, promptness and freshness PIP temporal statuses by invoking the previous general state-machine. Keywords: Fieldbus, Networks, Local Area Networks, Models, Real-Time Systems, Communications Networks, Time Systems.
1. IN1RODUCTION
2. TIME-WINDOWS FOR COMMUNICATION
A real-time system realizes a set of functions in which the start and/or end date of execution must respect the temporal constraints imposed by the process. Systems which must absolutely respect strict temporal constraints to avoid disasters are called time critical systems (Juanole, et aI., 1992), (Kimer, 1991), (Motus, 1992), (Northcutt and Kuemer,1993).
The temporal interval which must be respected to communicate between two entities can be cut up in several temporal sub-intervals. If a delay is assigned to every sub-interval, then it is easy to localize the reasons of temporal constraints nonrespect (Malcolm and Zhao, 1992). To have a good knowledge about temporal constraints, the communication between entities can be decomposed in several sequential steps: - production of information, - go through the different layers (Application to MAC) of the OSI model at the producer entity, - sending and propagation on the medium, - go through the different layers (MAC to Application) of the OSI model at the consumer entity, - consumption of the information.
The OSI communication model is a general model which does not integrate time in a form allowing to assure data temporal validity (Shepherd and Salmony, 1990), (Naik, 1992), (Ramamritham and Stankovic, 1989), (Marinescu, 1988), (Schreiber, 1992). So new mechanisms allowing to know if temporal constraints are met or not in time-critical systems must be defined. The time-window concept will be used to represent a temporal interval.
113
At each step of the communication, temporal statuses allow to know if temporal constraints have been satisfied or not.
For the communication between entities, the term of Activity temporal Window (noted AW) is used. The four activity temporal windows are:
The production and sending temporal status (noted respectively PS and SS), which concern the respect of temporal constraints at the production entity, are transmitted with the data to the consumer entities. Likewise the receiving and consumption temporal status (noted respectively RS and CS), which concern the respect of temporal constraints at the consumption entity, are added to the received data and to the production entity status. The elaboration of the different statuses can be represented as follows:
- . the production activity temporal window, noted prod, - "the sending activity temporal window, noted send, - the receiving activity temporal window, noted ne,
-, the consumption activity temporal window, noted CODS. The i and v parameters are used to represent the i th AW used for the transmission of the variable v. For each new production, sending, receiving or consumption operation for a variable v, a new AW with a (i+ 1) parameter is created. So, an AW can be described as follows:
=
y X (v, i) with Y (t, l or.6.) and X =(prod, send, rec or cons)
Some rules can be elaborated, for example the fact that the start of a AW appears always previously to the end of this same (production, sending, receiving or consumption) AW can be described by this following rule: tX(v, i) < lX(v, i)
V -v';Jblc
ps. prod UC%rSllaJS ss· SCDd m& st.us RS. receiver Slaus
cs •
Q)
Il5U m:r
uus
2.2 Data validity temporal windows
Fig. 1: Mechanisms for the elaboration of temporal status
2.1 Notations of temporal windows
At a given date, a produced data owns a duration of life which change according to consumers entities. For statistical application, data validity can be unlimited but not for time critical applications. So data validity depends on the utilization of this later.
Temporal window mechanisms allow to take into account earlier and later temporal constraints (Mammeri, et al., 1994).
To formalize the concept of data validity (duration of life), the term of Variable Validity time Window (noted VW) is used.
We will suppose that local clocks of production and consumption entities are synchronized. If this hypothesis is not respected, it is not possible to manipulate temporal constraints because the fact that a data production date is superior to the consumption date of this same data is not acceptable (Lamport, 1978), (Kopetz and Ocbsenreiter, 1987).
A temporal window for data validity is described as follows: Z val(v, i)
with Z
=(t, l
or .6.)
The begin of the VW, tval(v, i), represents the production date of a variable v ; the end of the VW, l val(v, i), represents the end of variable v validity. A VW is always linked up with a given A W, because the start of VW occurs always during a
A Temporal Window (ISO TR12178, 1993), noted TW, owns three parameters: start date (noted f), end date (noted J,) and duration (noted ~).
114
production AW. This case is expressed by this following rule:
tvw lvw
tvw Tune
tprod(v, i) ~ ival(v, i) ~ J.prod(v, i)
2
4
We have modelized the different relationships between A W and VW by using state-machines based on Nutt networks (Null, 1972). The symbols used by the Nutt network are:
C): a state
D:anevent
C:> an initial state
+:atest
6
3
3
3. MODELLING WITIi A STATE MACHINE
5
Fig. 3: Relationships between the different temporal windows and the corresponding states
Then the six states are: - 1 = False state: located out of a [iprod(v,i), J. prod(v,i)], out of a [i val(v,i), J. val(v,i)] and it does not exist a ival(v,i-l), - 2 = Wait state: inside the [iprod(v,i), J. prod(v,i)], out of the [ival(v,i), J.val(v,i)] and it does not exist a ival(v,i-l), - 3 = True state: inside the [iprod(v,i), J.prod(v,i)], inside the [ival(v,i), !val(v,i)], then at least one variable v has been produced respecting the timing constraints, - 4 = VW-Expirationl state: inside the [iprod(v,i), J. prod(v,i)], out of the [ival(v,i), J.val(v,i)] and it exists a ival(v,i-l), - 5 AW-Expirationl state: out of the [iprod(v,i), J. prod(v,i)], but inside the [i val(v,i), J. val(v,i)], - 6 = Expiration2 state: out of the [iprod(v,i), J.prod(v,i)], out of the [ival(v,i), J.val(v,i)] and it exists a ival(v,i-l).
~ action(s) Fig. 2: Symbols used in Nutt networks At a given time, it is important to know if the current state is located inside or outside a AW and a VW; and to know ifval(v, i-I) exists. The used symbols are: o=the condition is not verified 1 =the condition is verified.
=
InAW InVW 3a VWfora Name of the state variable v False 0 0 0 Expiration2 0 0 1 AW-Expirationl 1 0 Wait 0 1 0 VW -Expiration 1 1 1 0 True 1 1
The states 4 and 5 correspond to the Expirationl state which can be reached after the expiration of AWorVW . The state-machine described in Fig. 4 allows the elaboration of the different temporal statuses.
The cases of the previous table are: a) located out of a AW, out of a VW and it does not exist a VW for a given variable v; this state is called False state, b) located out of a AW, out of a VW and it exists a VW for a variable v; this state is called Expiration2 state, c) located out of a AW and in a VW, this state is called A W-Expirationl state, d) located in a AW, out of a VW and it does not exist a VW for a variable v; this state is called Wait state, e) located in a AW, out of a VW and it exists a VW for a variable v; this state is called VW-Expirationl state, f) located in a AW and in a VW; this state is called True state.
4. FIP STAruSES Our approach is developed in the context of FIP fieldbus (NF C46-602, 1990). FIP (Factory Information Processus) is a fieldbus that is not only a network enabling interconnection of actuators, transmitters, PLC and automata, but it is an authentic real-time database management system based on the Producer/Distributor/ Consumers model. The producer/consumers model is a mUltipoints model. The producer sends each produced data to one (or several) consumer(s). Once a data is produced, it is automatically sent to the consumers without request
A number can be associated to each case:
115
Fig. 4: General state-machine
variable. The promptness status with the "false" value means a medium failure or a later reception due to the network load, etc ... To have the best accuracy, this status must be elaborated at the lower level of the OS! architecture, i.e. by the data link level.
. To ensure correct and consistent handling of information related to physical control/command process, FIP defines several attributes of data: promptness and refreshment attributes. With these attributes one can ensure more coherence in decisions made to command the physical process and more guarantee that time constraints will be met. Thus, application safety level is increased.
4.3 Freshness Status
The freshness status indicates the validity of availability of a variable value for a consumer entity. This status allows to know whether the variable value has been consumed with respect of time constraints. This status is elaborated by all entities consuming the variable. A freshness status with the "false" value means, for example, that the consumption order has not been received with respects of time constraints. To have the best accuracy, this status must be elaborated at the higher level of the OS! architecture, i.e. by the application layer or by the companion standard.
4.1 Refreshment status
The refreshment status indicates the validity of availability of a variable value provided by a producer. This status is elaborated by the producer of the variable and it allows to know whether the variable value has been produced with respect of time constraints. The refreshment status with the "false" value means that the producer has not delivered a variable within the required time interval (because the producer has not received the production order or it has no value to produce, etc ...). To have the best accuracy, this status must be elaborated at the higher level of OS! architecture, i.e. by the application layer or by the companion standard.
The refreshment, promptness and freshness statuses can be represented as follows:
4.2 Promptness status
The promptness status indicates the validity of availability of a variable value provided by the network. This status allows to know whether the variable value has been transmitted on the medium with respect of time constraints. This status must be elaborated by all the consumers of a given
Fig. 5: Representation of the refreshment, promptness and freshness statuses
116
4.4 Characteristics of temporal statuses
The refreshment status (resp. promptness and freshness) can have different characters (asynchronous, synchronous or punctual) to know whether the production (resp. transmission and consumption) has been achieved in a given timewindow or just before a time-out. Then, the asynchronous , synchronous and punctual characters enables to specialize the general temporal statuses : Fig. 6.b: Case of synchronous freshness status - the asynchronous character with the TRUE value indicates that the production (resp. transmission and consumption) of a data has been achieved before a given time-out. The beginning AW date is not taken into account. - the synchronous character with the TRUE value indicates that the production (resp. transmission and consumption) has occurred after a synchronization order and before a given time-out. The beginning AW date and the end AW date are taken into account. - the punctual character with the TRUE value indicates that the production (resp. transmission and consumption) has occurred after .a synchronization order and this character remains true after a given time-out while no new data for a given variable is produced (resp. transmitted and consumed) after the time-out. The beginning AW date and the end VW date are taken into account. 4.5 Representation of the protocols
FIP standard (NF C46-602, 1990) introduces statemachines only for the refreshment and promptness statuses . Therefore the freshness status is introduced to complete FIP standard.
The freshness statuses can be described with these three following state machines:
Fig. 6.a: Case of asynchronous freshness status
Fig. 6.c: Case of punctual freshness status It is possible to get asynchronous, synchronous and punctual characters (for the refreshment, promptness and freshness statuses) directly from the state-machine describes in the fig. 4. For the asynchronous character: - the merge of the False, Wait, Expirationl and Expiration2 states in one state corresponds to the Asynchronous Status =FALSE, - the True State corresponds to the Asynchronous Status =TRUE. For the synchronous character: - the merge of the False, Expirationl arid Expiration2 states in one state corresponds to the Synchronous Status FALSE, - the True State corresponds to the Synchronous Status = TRUE, - the Wait state enables to test if the time-out is armed. If the time-out is armed and if no variable has been received, then the Wait state is valid. But, when the time-out is due, then one goes from the Wait state to the False state.
=
For the punctual character: - the merge of the False and Expiration2 states in one state corresponds to the Punctual Status = FALSE, - the merge the True and Expiration! states in one state corresponds to the Punctual Status =TRUE, - the Wait state enables to test if the time-out is
117
Mammeri, Z., P. Lorenz (1994). "Integration of temporal mechanisms in communication protocols for time-critical distributed systems", 12th IFAC Workshop on Distributed Computer Control Systems, DCCS'94, 28-30 September 1994, Toledo, Spain. . Marinescu, D.C. (1988). "A splitting algorithm for communication with real-time delivery constraints", Twenty-Sixth Annual Allerton Conference on Communication, Control and Computing, Vol 2, 1988, pp. 955-64. Motus, L. (1992). "Time concepts in real-time software", IFAC/IFIP, International workshop on real-time programming, WRTP'92, Bruges, Belgium, 24-26 June 1992. Naik, Y. (1992). "A temporal approach to requirements specification of real-time systems", Formal techniques in real-time and fault tolerant systems, 2nd international Symposium, The Netherlands, 8-10 January 1992, pp. 341361. NF C46-602 (1990). PIP Application Layer - MPS, Union Technique de l'Electricite, Courbevoie. Northcutt, J.D., E.M. Kuerner (1993). "System support for time-critical applications", Computer communications, Vol 16, nOlO, October 1993, pp. 619-636. Nutt, G. (1972). "Evaluation nets for computer performance analysis", AFIPS FJCC, 1972, pp. 279-286. Ramamritham, K., J.A. Stankovic (1989). "Timeconstrained communication protocols for hard real-time systems", 6 th IEEE Workshop on Real Time Operating System and Software, Pittsburg, Pensylvania, May 1989, pp. 61-66. Schreiber, F.A. (1992). "Is time a real time? An overview of time ontology in informatics", NATO, Advanced study Institute on realtime computing, 5-18 October, 1992, Sint Maarten, Dutch Antilies. Shepherd, D., M. Salmony (1990). "Extending OSI to support synchronization required by multimedia application", Computer Communications, Vol 13, n07, September 1990.
armed. If the time-out is armed and if no variable has been received, then the Wait state is valid. But, when the time-out is due, then one goes from the Wait state to the False state. 5. CONCLUSION This paper has presented some rules allowing to link together production, sending, receiving, consumption and validity variable time-windows. These rules have been translated in a general statemachine which elaborate temporal status. The proposed mechanisms are implemented and used in the industrial PIP fieldbus to elaborate refreshment, promptness, and freshness statuses. They may represent a beginning for potential extensions of OSI model to take into account communication temporal aspects in time-critical distributed applications. REFERENCES ISO TR12178 (1993). "User requirements for systems supporting time-critical communications", 1993. Juanole, G., Y . Atamna, N. Berge (1992). "Modelling time critical communication networks with stochastic timed Petri nets", International workshop on real-time programming, WRTP'92, Bruges, Belgium, 23-26 June 1992, pp. 143-148. Kirner, T.G. (1991). "Real-time systems specification: a process and a tool", ACM Sigsoft, Software engineering notes, Vol 16, n01 , 1991, pp. 62-74. Kopetz, H., W. Ochsenreiter (1987). "Clock synchronization in distributed real-time systems", IEEE Transaction on computers, Vol C-36, n08, August 1987, pp. 933-940. Lamport, L. (1978). "Time, clocks and the ordering of events in a distributed system", Communication of the ACM, Vol 21, n07, July 1978, pp. 558-565. Malcolm, N., W. Zhao (1992). "Advances in hard real-time communication with local area networks", 17 th IEEE Conference on local computer network, Minneapolis, 13-16 September 1992, pp. 548-557.
118
SPECIF1CATION AND MODELLING OF TIME-WINDOW MECHANISMS FOR FIP FIELDBUS
P.LORENZ
JUT/GTR 34, rue du Grillenbreit 68008 Colmar - FRANCE Email: [email protected]
Abstract: 1bis paper introduces specification techniques to express temporal constraints in communication systems and presents a model to elaborate temporal statuses generated by a state-machine. The state-machine qualifies variable values exchanged between distributed tasks. The proposed mechanisms applied to PIP fieldbus shows how to elaborate refreshment, promptness and freshness PIP temporal statuses by invoking the previous general state-machine. Keywords: Fieldbus, Networks, Local Area Networks, Models, Real-Time Systems, Communications Networks, Time Systems.
1. IN1RODUCTION
2. TIME-WINDOWS FOR COMMUNICATION
A real-time system realizes a set of functions in which the start and/or end date of execution must respect the temporal constraints imposed by the process. Systems which must absolutely respect strict temporal constraints to avoid disasters are called time critical systems (Juanole, et aI., 1992), (Kimer, 1991), (Motus, 1992), (Northcutt and Kuemer,1993).
The temporal interval which must be respected to communicate between two entities can be cut up in several temporal sub-intervals. If a delay is assigned to every sub-interval, then it is easy to localize the reasons of temporal constraints nonrespect (Malcolm and Zhao, 1992). To have a good knowledge about temporal constraints, the communication between entities can be decomposed in several sequential steps: - production of information, - go through the different layers (Application to MAC) of the OSI model at the producer entity, - sending and propagation on the medium, - go through the different layers (MAC to Application) of the OSI model at the consumer entity, - consumption of the information.
The OSI communication model is a general model which does not integrate time in a form allowing to assure data temporal validity (Shepherd and Salmony, 1990), (Naik, 1992), (Ramamritham and Stankovic, 1989), (Marinescu, 1988), (Schreiber, 1992). So new mechanisms allowing to know if temporal constraints are met or not in time-critical systems must be defined. The time-window concept will be used to represent a temporal interval.
113
At each step of the communication, temporal statuses allow to know if temporal constraints have been satisfied or not.
For the communication between entities, the term of Activity temporal Window (noted AW) is used. The four activity temporal windows are:
The production and sending temporal status (noted respectively PS and SS), which concern the respect of temporal constraints at the production entity, are transmitted with the data to the consumer entities. Likewise the receiving and consumption temporal status (noted respectively RS and CS), which concern the respect of temporal constraints at the consumption entity, are added to the received data and to the production entity status. The elaboration of the different statuses can be represented as follows:
- . the production activity temporal window, noted prod, - "the sending activity temporal window, noted send, - the receiving activity temporal window, noted ne,
-, the consumption activity temporal window, noted CODS. The i and v parameters are used to represent the i th AW used for the transmission of the variable v. For each new production, sending, receiving or consumption operation for a variable v, a new AW with a (i+ 1) parameter is created. So, an AW can be described as follows:
=
y X (v, i) with Y (t, l or.6.) and X =(prod, send, rec or cons)
Some rules can be elaborated, for example the fact that the start of a AW appears always previously to the end of this same (production, sending, receiving or consumption) AW can be described by this following rule: tX(v, i) < lX(v, i)
V -v';Jblc
ps. prod UC%rSllaJS ss· SCDd m& st.us RS. receiver Slaus
cs •
Q)
Il5U m:r
uus
2.2 Data validity temporal windows
Fig. 1: Mechanisms for the elaboration of temporal status
2.1 Notations of temporal windows
At a given date, a produced data owns a duration of life which change according to consumers entities. For statistical application, data validity can be unlimited but not for time critical applications. So data validity depends on the utilization of this later.
Temporal window mechanisms allow to take into account earlier and later temporal constraints (Mammeri, et al., 1994).
To formalize the concept of data validity (duration of life), the term of Variable Validity time Window (noted VW) is used.
We will suppose that local clocks of production and consumption entities are synchronized. If this hypothesis is not respected, it is not possible to manipulate temporal constraints because the fact that a data production date is superior to the consumption date of this same data is not acceptable (Lamport, 1978), (Kopetz and Ocbsenreiter, 1987).
A temporal window for data validity is described as follows: Z val(v, i)
with Z
=(t, l
or .6.)
The begin of the VW, tval(v, i), represents the production date of a variable v ; the end of the VW, l val(v, i), represents the end of variable v validity. A VW is always linked up with a given A W, because the start of VW occurs always during a
A Temporal Window (ISO TR12178, 1993), noted TW, owns three parameters: start date (noted f), end date (noted J,) and duration (noted ~).
114
production AW. This case is expressed by this following rule:
tvw lvw
tvw Tune
tprod(v, i) ~ ival(v, i) ~ J.prod(v, i)
2
4
We have modelized the different relationships between A W and VW by using state-machines based on Nutt networks (Null, 1972). The symbols used by the Nutt network are:
C): a state
D:anevent
C:> an initial state
+:atest
6
3
3
3. MODELLING WITIi A STATE MACHINE
5
Fig. 3: Relationships between the different temporal windows and the corresponding states
Then the six states are: - 1 = False state: located out of a [iprod(v,i), J. prod(v,i)], out of a [i val(v,i), J. val(v,i)] and it does not exist a ival(v,i-l), - 2 = Wait state: inside the [iprod(v,i), J. prod(v,i)], out of the [ival(v,i), J.val(v,i)] and it does not exist a ival(v,i-l), - 3 = True state: inside the [iprod(v,i), J.prod(v,i)], inside the [ival(v,i), !val(v,i)], then at least one variable v has been produced respecting the timing constraints, - 4 = VW-Expirationl state: inside the [iprod(v,i), J. prod(v,i)], out of the [ival(v,i), J.val(v,i)] and it exists a ival(v,i-l), - 5 AW-Expirationl state: out of the [iprod(v,i), J. prod(v,i)], but inside the [i val(v,i), J. val(v,i)], - 6 = Expiration2 state: out of the [iprod(v,i), J.prod(v,i)], out of the [ival(v,i), J.val(v,i)] and it exists a ival(v,i-l).
~ action(s) Fig. 2: Symbols used in Nutt networks At a given time, it is important to know if the current state is located inside or outside a AW and a VW; and to know ifval(v, i-I) exists. The used symbols are: o=the condition is not verified 1 =the condition is verified.
=
InAW InVW 3a VWfora Name of the state variable v False 0 0 0 Expiration2 0 0 1 AW-Expirationl 1 0 Wait 0 1 0 VW -Expiration 1 1 1 0 True 1 1
The states 4 and 5 correspond to the Expirationl state which can be reached after the expiration of AWorVW . The state-machine described in Fig. 4 allows the elaboration of the different temporal statuses.
The cases of the previous table are: a) located out of a AW, out of a VW and it does not exist a VW for a given variable v; this state is called False state, b) located out of a AW, out of a VW and it exists a VW for a variable v; this state is called Expiration2 state, c) located out of a AW and in a VW, this state is called A W-Expirationl state, d) located in a AW, out of a VW and it does not exist a VW for a variable v; this state is called Wait state, e) located in a AW, out of a VW and it exists a VW for a variable v; this state is called VW-Expirationl state, f) located in a AW and in a VW; this state is called True state.
4. FIP STAruSES Our approach is developed in the context of FIP fieldbus (NF C46-602, 1990). FIP (Factory Information Processus) is a fieldbus that is not only a network enabling interconnection of actuators, transmitters, PLC and automata, but it is an authentic real-time database management system based on the Producer/Distributor/ Consumers model. The producer/consumers model is a mUltipoints model. The producer sends each produced data to one (or several) consumer(s). Once a data is produced, it is automatically sent to the consumers without request
A number can be associated to each case:
115
Fig. 4: General state-machine
variable. The promptness status with the "false" value means a medium failure or a later reception due to the network load, etc ... To have the best accuracy, this status must be elaborated at the lower level of the OS! architecture, i.e. by the data link level.
. To ensure correct and consistent handling of information related to physical control/command process, FIP defines several attributes of data: promptness and refreshment attributes. With these attributes one can ensure more coherence in decisions made to command the physical process and more guarantee that time constraints will be met. Thus, application safety level is increased.
4.3 Freshness Status
The freshness status indicates the validity of availability of a variable value for a consumer entity. This status allows to know whether the variable value has been consumed with respect of time constraints. This status is elaborated by all entities consuming the variable. A freshness status with the "false" value means, for example, that the consumption order has not been received with respects of time constraints. To have the best accuracy, this status must be elaborated at the higher level of the OS! architecture, i.e. by the application layer or by the companion standard.
4.1 Refreshment status
The refreshment status indicates the validity of availability of a variable value provided by a producer. This status is elaborated by the producer of the variable and it allows to know whether the variable value has been produced with respect of time constraints. The refreshment status with the "false" value means that the producer has not delivered a variable within the required time interval (because the producer has not received the production order or it has no value to produce, etc ...). To have the best accuracy, this status must be elaborated at the higher level of OS! architecture, i.e. by the application layer or by the companion standard.
The refreshment, promptness and freshness statuses can be represented as follows:
4.2 Promptness status
The promptness status indicates the validity of availability of a variable value provided by the network. This status allows to know whether the variable value has been transmitted on the medium with respect of time constraints. This status must be elaborated by all the consumers of a given
Fig. 5: Representation of the refreshment, promptness and freshness statuses
116
4.4 Characteristics of temporal statuses
The refreshment status (resp. promptness and freshness) can have different characters (asynchronous, synchronous or punctual) to know whether the production (resp. transmission and consumption) has been achieved in a given timewindow or just before a time-out. Then, the asynchronous , synchronous and punctual characters enables to specialize the general temporal statuses : Fig. 6.b: Case of synchronous freshness status - the asynchronous character with the TRUE value indicates that the production (resp. transmission and consumption) of a data has been achieved before a given time-out. The beginning AW date is not taken into account. - the synchronous character with the TRUE value indicates that the production (resp. transmission and consumption) has occurred after a synchronization order and before a given time-out. The beginning AW date and the end AW date are taken into account. - the punctual character with the TRUE value indicates that the production (resp. transmission and consumption) has occurred after .a synchronization order and this character remains true after a given time-out while no new data for a given variable is produced (resp. transmitted and consumed) after the time-out. The beginning AW date and the end VW date are taken into account. 4.5 Representation of the protocols
FIP standard (NF C46-602, 1990) introduces statemachines only for the refreshment and promptness statuses . Therefore the freshness status is introduced to complete FIP standard.
The freshness statuses can be described with these three following state machines:
Fig. 6.a: Case of asynchronous freshness status
Fig. 6.c: Case of punctual freshness status It is possible to get asynchronous, synchronous and punctual characters (for the refreshment, promptness and freshness statuses) directly from the state-machine describes in the fig. 4. For the asynchronous character: - the merge of the False, Wait, Expirationl and Expiration2 states in one state corresponds to the Asynchronous Status =FALSE, - the True State corresponds to the Asynchronous Status =TRUE. For the synchronous character: - the merge of the False, Expirationl arid Expiration2 states in one state corresponds to the Synchronous Status FALSE, - the True State corresponds to the Synchronous Status = TRUE, - the Wait state enables to test if the time-out is armed. If the time-out is armed and if no variable has been received, then the Wait state is valid. But, when the time-out is due, then one goes from the Wait state to the False state.
=
For the punctual character: - the merge of the False and Expiration2 states in one state corresponds to the Punctual Status = FALSE, - the merge the True and Expiration! states in one state corresponds to the Punctual Status =TRUE, - the Wait state enables to test if the time-out is
117
Mammeri, Z., P. Lorenz (1994). "Integration of temporal mechanisms in communication protocols for time-critical distributed systems", 12th IFAC Workshop on Distributed Computer Control Systems, DCCS'94, 28-30 September 1994, Toledo, Spain. . Marinescu, D.C. (1988). "A splitting algorithm for communication with real-time delivery constraints", Twenty-Sixth Annual Allerton Conference on Communication, Control and Computing, Vol 2, 1988, pp. 955-64. Motus, L. (1992). "Time concepts in real-time software", IFAC/IFIP, International workshop on real-time programming, WRTP'92, Bruges, Belgium, 24-26 June 1992. Naik, Y. (1992). "A temporal approach to requirements specification of real-time systems", Formal techniques in real-time and fault tolerant systems, 2nd international Symposium, The Netherlands, 8-10 January 1992, pp. 341361. NF C46-602 (1990). PIP Application Layer - MPS, Union Technique de l'Electricite, Courbevoie. Northcutt, J.D., E.M. Kuerner (1993). "System support for time-critical applications", Computer communications, Vol 16, nOlO, October 1993, pp. 619-636. Nutt, G. (1972). "Evaluation nets for computer performance analysis", AFIPS FJCC, 1972, pp. 279-286. Ramamritham, K., J.A. Stankovic (1989). "Timeconstrained communication protocols for hard real-time systems", 6 th IEEE Workshop on Real Time Operating System and Software, Pittsburg, Pensylvania, May 1989, pp. 61-66. Schreiber, F.A. (1992). "Is time a real time? An overview of time ontology in informatics", NATO, Advanced study Institute on realtime computing, 5-18 October, 1992, Sint Maarten, Dutch Antilies. Shepherd, D., M. Salmony (1990). "Extending OSI to support synchronization required by multimedia application", Computer Communications, Vol 13, n07, September 1990.
armed. If the time-out is armed and if no variable has been received, then the Wait state is valid. But, when the time-out is due, then one goes from the Wait state to the False state. 5. CONCLUSION This paper has presented some rules allowing to link together production, sending, receiving, consumption and validity variable time-windows. These rules have been translated in a general statemachine which elaborate temporal status. The proposed mechanisms are implemented and used in the industrial PIP fieldbus to elaborate refreshment, promptness, and freshness statuses. They may represent a beginning for potential extensions of OSI model to take into account communication temporal aspects in time-critical distributed applications. REFERENCES ISO TR12178 (1993). "User requirements for systems supporting time-critical communications", 1993. Juanole, G., Y . Atamna, N. Berge (1992). "Modelling time critical communication networks with stochastic timed Petri nets", International workshop on real-time programming, WRTP'92, Bruges, Belgium, 23-26 June 1992, pp. 143-148. Kirner, T.G. (1991). "Real-time systems specification: a process and a tool", ACM Sigsoft, Software engineering notes, Vol 16, n01 , 1991, pp. 62-74. Kopetz, H., W. Ochsenreiter (1987). "Clock synchronization in distributed real-time systems", IEEE Transaction on computers, Vol C-36, n08, August 1987, pp. 933-940. Lamport, L. (1978). "Time, clocks and the ordering of events in a distributed system", Communication of the ACM, Vol 21, n07, July 1978, pp. 558-565. Malcolm, N., W. Zhao (1992). "Advances in hard real-time communication with local area networks", 17 th IEEE Conference on local computer network, Minneapolis, 13-16 September 1992, pp. 548-557.
118