FTT-CAN.bib
@inproceedings{PROENZA_ETFA_2012,
author = {Proenza, J. and Barranco, M. and Llodra, J. and Almeida, L.},
title = {Using FTT and stars to simplify node replication in CAN-based systems},
booktitle = {17th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA'2012) Proceedings},
year = {2012},
editor = {},
volume = {},
series = {},
pages = {},
address = {Krak\'{o}w, Poland},
month = {September},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {Real-Time communications, CAN, FTT-CAN, Scheduling},
note = {},
key = {},
abstract = {Nodes, among the components of distributed embedded systems, exhibit the greatest permanent failure rate among. Thus, providing tolerance to nodes faults is mandatory whenever high-reliability is required, being node replication the most common technique for that purpose. This paper proposes a novel technique suitable for CAN-based systems that simplifieses existing approaches taking advantage of a star topology and the FTT protocol}
}
@inproceedings{MARQUES_ICIT_2012,
author = {Marques, L. and Vasconcelos, V. and Pedreiras, P. and Almeida, L.},
title = {Tolerating transient communication faults with online traffic scheduling},
booktitle = {IEEE International Conference on Industrial Technology (ICIT'2012) Proceedings},
year = {2012},
editor = {},
volume = {},
series = {},
pages = {396-402},
address = {Athens, Greece},
month = {March},
organization = {},
publisher = {},
doi = {10.1109/ICIT.2012.6209970},
issn = {},
isbn = {978-1-4673-0340-8},
keywords = {Real-Time communications, FTT, CAN, Embedded systems, Scheduling, x-by-wire systems},
note = {},
key = {},
abstract = {Building distributed embedded systems that will be fault-free for all their lifetime is virtually impossible, thus the systems must deal with them if a continued correct behavior is needed. This is the case of safety-critical systems, such as X-by-wire systems in the automotive domain. Concerning transient communication faults in particular, they can be dealt with at various levels of the protocol stacks, with different techniques, e.g., temporal and spatial redundancy. In this paper we focus on temporal redundancy and we address the limitations imposed by typical time-triggered systems, commonly found in safety-critical systems, arising from their static traffic definition. In these systems the use of temporal redundancy to handle communication errors requires the pre-allocation of communication resources that, in the absence of errors, are wasted. Therefore, we propose an online traffic scheduling approach in which retransmissions are consistently scheduled with the remaining time-triggered traffic, using the unique flexibility provided by the FTT-CAN protocol (Flexible Time-Triggered communication on CAN). We address the integration of appropriate fault detectors in the FTT-CAN protocol to monitor the bus activity and re-schedule omitted messages. We show that this approach is more efficient than the static allocations, since communication resources are only allocated when necessary. We also discuss alternative realizations and validate the approach with initial results from a prototype implementation}
}
@inproceedings{MARQUES_INFORUM_2011,
author = {Marques, L. and Vasconcelos, V. and Pedreiras, P. and Almeida, L.},
title = {Towards Efficient Transient Fault Handling in Time-Triggered Systems},
booktitle = {INFORUM - Simp\'{o}sio de Inform\'{a}tica},
year = {2011},
editor = {},
volume = {},
series = {},
pages = {},
address = {Coimbra, Portugal},
month = {September},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN, Scheduling, Real-Time communications},
note = {},
key = {},
abstract = {Transient communication faults in distributed control systems (DCS) are unavoidable but must be handled adequately in order to enforce correct system behaviour. A typical way of handling transient faults is temporal redundancy by means of retransmissions. However, DCS are frequently designed with time-triggered architectures, being scheduled offline and not coping efficiently with retransmissions as these require the pre-allocation of bandwidth that, in the absence of errors, is wasted. In this paper we propose using the Flexible Time-Triggered paradigm to reconcile the Time-Triggered model with on-line scheduling of retransmissions when needed, only, leading to an efficient bandwidth usage. This is confirmed with preliminary experimental results obtained on an FTT-CAN network}
}
@inbook{MARAU_DAES_2007,
author = {Marau, R. and Silva, V. and Ferreira, J. and Almeida, L. and Pedreiras, P. and Martins, E. and Fonseca, J. A.},
title = {Distributed Automotive Embedded Systems},
chapter = {Assessment of FTT-CAN master replication mechanisms for safety-critical applications},
pages = {},
publisher = {SAE International},
year = {2007},
volume = {},
series = {},
type = {},
address = {},
edition = {},
month = {November},
doi = {},
issn = {},
isbn = {978-0-7680-1966-7},
keywords = {FTT, FTT-CAN, CAN, Real-Time communications, protocols, Embedded systems},
note = {},
key = {},
abstract = {The operational flexibility of distributed embedded systems is receiving growing attention because it is required to support on-line adaptation to varying operational conditions, either due to changes in the environment or to faults in the system. However, flexibility makes dependability more difficult to achieve, because there is less a priori knowledge. One protocol that favors flexibility and is widely used in embedded systems, particularly in automotive and robotic systems, is CAN, but some claim that it is not adequate to support safety-critical applications. We argue that CAN, deployed with an adequate overlay protocol, can provide the required support for dependability and flexibility. One such overlying protocol is Flexible Time-Triggered CAN (FTTCAN), that enforces a global notion of time and a global periodic schedule by means of specific messages issued by a master node. In this paper we assess the FTT-CAN master replication mechanisms implemented in a distributed robot control system. Above all, we provide experimental results that show the robustness of such mechanisms}
}
@inproceedings{ANTUNES_ANIPLA_2006,
author = {Antunes, A. and Pedreiras, P. and Almeida, L. and Mota, A.},
title = {Dynamic Rate Adaptation in Distributed Computer Control Systems},
booktitle = {International Congress of the Italian National Association for Automation (ANIPLA'2006) Proceedings},
year = {2006},
editor = {},
volume = {},
series = {},
pages = {},
address = {Rome, Italy},
month = {November},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN, Real-Time, Embedded systems},
note = {Best paper award; selected for journal publication},
key = {},
abstract = {There is currently a trend towards higher distribution in embedded control systems that leads to an increased information exchange among system nodes. Moreover, there are cases in which several subsystems exhibit varying communication requirements. Planning the whole distributed system according to worst-case requirements may lead to expensive and inefficient designs. On the other hand, considering lower requirements may lead to occasional run-time overloads. In this paper we propose a technique based on rate switching to adapt the communication requirements of distributed feedback control loops. This technique reduces the sampling rate of those loops to free network and processor bandwidth and oppose to the overload at the expense of a small degradation of the control quality. The dynamic rate adaptation is carried out using the built-in online scheduling and Quality-of-Service (QoS) management features of the FTT-CAN protocol. The paper includes the description of the approach together with a simulation using TrueTime that shows the effectiveness of the proposed technique}
}
@inproceedings{SANTOS_ETFA_2006,
author = {Santos, F. and Trovao, J. and Marques, A. and Pedreiras, P. and Ferreira, J. and Almeida, L. and Santos, M.},
title = {A Modular Control Architecture for a Small Electric Vehicle},
booktitle = {11th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA'2006) Proceedings},
year = {2006},
editor = {},
volume = {},
series = {},
pages = {139-144},
address = {Prague, Czech Republic},
month = {September},
organization = {},
publisher = {},
doi = {10.1109/ETFA.2006.355456},
issn = {},
isbn = {0-7803-9758-4},
keywords = {CAN, FTT-CAN, accelerate-by-wire safety critical function, brake-by-wire safety critical functions, communication infrastructure, fault-tolerant modular control architecture, small electric vehicle, steer-by-wire safety critical function, x-by-wire subsystems},
note = {},
key = {},
abstract = {This paper presents a fault-tolerant modular control architecture for an electrical vehicle (VEIL) equipped with x-by-wire sub-systems. The proposed architecture is based on COTS components and includes steer-by-wire, brake-by-wire and accelerate-by-wire safety critical functions. The communication infrastructure is based on the FTT-CAN protocol, which provides the joint scheduling of message and tasks, according to a holistic approach}
}
@article{FERREIRA_II_2006,
author = {Ferreira, J. and Almeida, L. and Fonseca, J. A. and Pedreiras, P. and Martins, E. and Rodriguez-Navas, G. and Rigo, J. and Proenza, J.},
title = {Combining operational flexibility and dependability in FTT-CAN},
journal = {IEEE Transactions on Industrial Informatics},
year = {2006},
volume = {2},
number = {2},
pages = {95--102},
month = {May},
doi = {10.1109/TII.2005.875508},
issn = {1551-3203},
isbn = {},
keywords = {CAN, FTT-CAN, distributed safety-critical systems, dynamic online traffic scheduling, dynamic traffic management, fail-silence enforcement, fault tolerance, flexible time-triggered CAN, master replication, operational dependability, operational flexibility},
note = {},
key = {},
abstract = {The traditional approaches to the design of distributed safety-critical systems, due to fault-tolerance reasons, have mostly considered static cyclic table-based traffic scheduling. However, there is a growing demand for operational flexibility and integration, mainly to improve efficiency in the use of system resources, with the network playing a central role to support such properties. This calls for dynamic online traffic scheduling techniques so that dynamic communication requirements are adequately supported. Nevertheless, using dynamic traffic management mechanisms raises additional problems, in terms of fault-tolerance, related with the weaker knowledge of the future system state caused by the higher level of operational flexibility. Such problems have been recently addressed in the scope of using flexible time-triggered CAN (FTT-CAN) in safety-critical applications in order to benefit from the high operational flexibility of this protocol. This paper gathers and reviews the main mechanisms that were developed to provide dependability to the protocol, namely, master replication and fail-silence enforcement}
}
@article{MARAU_SAE_2006,
author = {Marau, R. and Almeida, L. and Fonseca, J. A. and Ferreira, J. and Silva, V.},
title = {Assessment of FTT-CAN master replication mechanisms for safety-critical applications},
journal = {SAE 2006 Transactions Journal of Passenger Cars: Electronic and Electrical Systems},
year = {2006},
volume = {},
number = {},
pages = {},
month = {April},
doi = {10.4271/2006-01-1024},
issn = {},
isbn = {},
keywords = {CAN, FTT, FTT-CAN, Real-Time communications, Embedded systems, protocols},
note = {E XTRA-INFO-OPTIONAL},
key = {KEY-OPTIONAL},
abstract = {The operational flexibility of distributed embedded systems is receiving growing attention because it is required to support on-line adaptation to varying operational conditions, either due to changes in the environment or to faults in the system. However, flexibility makes dependability more difficult to achieve, because there is less a priori knowledge. One protocol that favors flexibility and is widely used in embedded systems, particularly in automotive and robotic systems, is CAN, but some claim that it is not adequate to support safety-critical applications. We argue that CAN, deployed with an adequate overlay protocol, can provide the required support for dependability and flexibility. One such overlying protocol is Flexible Time-Triggered CAN (FTTCAN), that enforces a global notion of time and a global periodic schedule by means of specific messages issued by a master node. In this paper we assess the FTT-CAN master replication mechanisms implemented in a distributed robot control system. Above all, we provide experimental results that show the robustness of such mechanisms}
}
@inproceedings{ANTUNES_ETFA_2005,
author = {Antunes, A. and Pedreiras, P. and Mota, A.},
title = {Adapting the sampling period of a real-time adaptive distributed controller to the bus load},
booktitle = {10th IEEE Conference on Emerging Technologies and Factory Automation (ETFA'2005) Proceedings},
year = {2005},
editor = {},
volume = {1},
series = {},
pages = {1084-1088},
address = {Catania, Italy},
month = {September},
organization = {},
publisher = {},
doi = {10.1109/ETFA.2005.1612648},
issn = {},
isbn = {0-7803-9401-1},
keywords = {CAN, FTT-CAN, communication infrastructure, distributed adaptive control system, field bus, message scheduling, network-induced jitter, pole-placement controller, real-time adaptive distributed controller},
note = {},
key = {},
abstract = {This paper presents a new method to allow more flexibility on the scheduling of messages across a fieldbus in overload situations. The method proposes the on-line adaptation of the sampling period to the bus load, trying to keep it as low as possible during overloads. The sampling period is allowed to change inside an interval corresponding to 4 to 10 samples per rise time. To assess the solution herein presented, a distributed adaptive control system was implemented in TrueTime, using the FTT-CAN protocol, for the communication infrastructure, a pole-placement controller and a model for the identification of plant parameters that takes into account the network-induced jitter}
}
@inproceedings{SILVA_ETFA_2005,
author = {Silva, V. and Marau, R. and Almeida, L. and Ferreira, J. and Calha, M. and Pedreiras, P. and Fonseca, J. A.},
title = {Implementing a distributed sensing and actuation system: The CAMBADA robots case study},
booktitle = {10th IEEE Conference on Emerging Technologies and Factory Automation (ETFA'2005) Proceedings},
year = {2005},
editor = {},
volume = {2},
series = {},
pages = {781--788},
address = {Catania, Italy},
month = {September},
organization = {},
publisher = {},
doi = {10.1109/ETFA.2005.1612753},
issn = {},
isbn = {0-7803-9401-1},
keywords = {CAN, FTT-CAN, CAMBADA, controller area network, distributed actuation system, distributed computing architecture, distributed embedded system, distributed sensing system, mobile autonomous robotics},
note = {},
key = {},
abstract = {The use of distributed computing architectures has become commonplace in complex embedded systems with potential advantages, for example, in terms of scalability, dependability and maintainability. One particular area in which that trend can be witnessed is mobile autonomous robotics in which several sensors and actuators are interconnected by means of a control network. In this paper we address one case study concerning the CAMBADA robots that were developed at the University of Aveiro for the Robocup Middle Size League. These robots have a distributed architecture with two layers, a coordination layer responsible for the global behaviors and a distributed sensing and actuating layer that conveys internal state information and executes coordination commands. This paper focuses on the latter layer, which is based on the FTT-CAN protocol, following a network-centric approach that provides an efficient framework for the synchronization of all systems activities. We describe the computing and communication requirements, the robot architecture, the system design and implementation, and finally we provide experimental results that show advantages with respect to a non-synchronized distributed approach}
}
@inproceedings{FERREIRA_WTR_2005,
author = {Ferreira, J. and Almeida, L. and Fonseca, J. A. and Pedreiras, P. and Santos, M.},
title = {On the dependability and flexibility of CAN and CAN based protocols},
booktitle = {VII Workshop de Tempo Real (WTR'2005) Proceedings},
year = {2005},
editor = {},
volume = {},
series = {},
pages = {},
address = {Fortaleza, Brazil},
month = {May},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN, FTT},
note = {},
key = {},
abstract = {The traditional approaches to the design of distributed safety-critical systems, due to fault-tolerance reasons, have mostly considered static cyclic table-based traffic scheduling. However, there is a growing demand for operational flexibility and integration, mainly to improve efficiency in the use of system resources, with the network playing a central role to support such properties. This calls for dynamic on-line traffic scheduling techniques so that dynamic communication requirements are adequately supported. Nevertheless, using dynamic traffic management mechanisms raises additional problems, in terms of fault-tolerance, related with the weaker knowledge of the future system state caused by the higher level of operational flexibility. Such problems have been recently addressed in the scope of using Flexible Time-Triggered CAN (FTT-CAN) in safety-critical applications in order to benefit from the high operational flexibility of this protocol. The paper gathers and reviews the main mechanisms that were developed to provide dependability to the protocol, namely master replication and fail-silence enforcement}
}
@inproceedings{FERREIRA_SRDS_2003,
author = {Ferreira, J. and Almeida, L. and Fonseca, J. A. and Rodriguez-Navas, G.},
title = {Enforcing Consistency of Communication Requirements Updates in FTT-CAN},
booktitle = {Workshop on Dependable Embedded Systems (SRDS'2003) Proceedings of the 22nd Symposium on Reliable Distributed Systems (DES'2003)},
year = {2003},
editor = {},
volume = {},
series = {},
pages = {},
address = {Florence, Italy},
month = {October},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN, Protocols},
note = {},
key = {},
abstract = {Traditional design approaches to safety-critical distributed systems, due to fault-tolerance reasons, have typically considered static cyclic table-based traffic scheduling. However, there is a growing demand for flexibility and integration, mainly to improve efficiency in the use of system resources, with the network playing a central role to support such properties. This calls for dynamic on-line traffic scheduling techniques so that dynamic communication requirements are adequately supported. The FTT-CAN protocol (Flexible Time-Triggered communication over Controller Area Network) has been developed specifically to deliver that kind of support with timeliness guarantees. It uses a master-slave approach with one or more master replicas for faulttolerance reasons. The communication requirements are held in a table, that is replicated in all masters. This paper considers the problem of updating the communication requirements while maintaining coherency and synchronization between the master and all its replicas. The paper also discusses the generalization of the proposed mechanism which can easily be adapted to other dynamic master-slave protocols}
}
@article{FERREIRA_SICICA_2003,
author = {Ferreira, J. and Almeida, L. and Martins, L. and Pedreiras, P.},
title = {Components to enforce fail-silent behaviour in dynamic master-slave systems},
journal = {5th IFAC International Symposium on Intelligent Components and Instruments for Control Applications (SICICA'2003)},
year = {2003},
volume = {},
number = {},
pages = {143--150},
month = {July},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN, field buses},
note = {},
key = {},
abstract = {This paper considers the case in which master-slave fieldbus networks are used in safety-critical embedded applications, such as transportation systems. Traditional approaches to system design, due to fault-tolerance reasons, have considered static cyclic table-based traffic scheduling, only. However, there is a growing demand for flexibility and integration, mainly to improve efficiency in the use of system resources, with the network playing a central role to support such properties. This calls for dynamic on-line traffic scheduling techniques so that dynamic communication requirements are adequately supported. This paper considers such dynamic master-slave architectures and addresses the problem of enforcing fail silent behavior both in the master and in the slave nodes. Two different mechanisms are proposed, one based on dynamic bus guardians for the slave nodes only, to impose fail silent behavior in the time domain, and other based on internal replication and temporized agreement, to impose fail silence both in the temporal and value domains. Despite being potentially applicable to a set of master-slave networks, this paper discusses the specific implementation of the proposed mechanisms on top of the FTT-CAN protocol}
}
@article{ALMEIDA_IE_2002,
author = {Almeida, L. and Pedreiras, P. and Fonseca, J. A.},
title = {The FTT-CAN protocol: why and how},
journal = {IEEE Transactions on Industrial Electronics},
year = {2002},
volume = {49},
number = {6},
pages = {1189--1201},
month = {December},
doi = {10.1109/TIE.2002.804967},
issn = {0278-0046},
isbn = {ISBN-OPTIONAL},
keywords = {CAN, FTT-CAN, asynchronous messaging systems, controller area network, fieldbus-based communication systems, flexible operation, flexible time-triggered communication, industrial systems, machine control, manufacturing industry, synchronous messaging systems, timing constraints, controller area networks, distributed control, electronic messaging, field buses, industrial control, protocols, real-time systems},
note = {},
key = {},
abstract = {The requirement for flexible operation is becoming increasingly important in modern industrial systems. This requirement has to be supported at all system levels, including the field level in process industry, as well as the cell and machine control levels in manufacturing industry, where fieldbus-based communication systems are commonly found. Furthermore, typical applications at these levels require both time- and event-triggered communication services, in most cases under stringent timing constraints, to convey state data in the former case and alarms and management data in the latter. However, neither the requirement for flexible operation under guaranteed timeliness nor for joint support of time and event-triggered traffic are efficiently fulfilled by most of existing fieldbus systems. This paper presents a new protocol, flexible time-triggered communication on controller area network, which fulfills both requirements: it supports time-triggered communication in a flexible way as well as being an efficient combination of both time and event-triggered traffic with temporal isolation. These types of traffic are handled by two complementary subsystems, the synchronous and the asynchronous messaging systems, respectively. The paper includes a justification for the new protocol as well as its description and worst case temporal analysis for both subsystems. This analysis shows the capability of the protocol to convey real-time traffic of either type}
}
@inproceedings{FONSECA_AFRICON_2002,
author = {Fonseca, J. A. and Ferreira, J. and Calha, M. and Pedreiras, P. and Almeida, L.},
title = {Issues on task dispatching and master replication in FTT-CAN},
booktitle = {6th IEEE African Electrical Technology Conference Proceedings (AFRICON'2002)},
year = {2002},
editor = {},
volume = {1},
series = {},
pages = {221--226},
address = {George, South Africa},
month = {October},
organization = {},
publisher = {},
doi = {10.1109/AFRCON.2002.1146838},
issn = {},
isbn = {0-7803-7570-X},
keywords = {CAN, FTT-CAN, automotive applications, controller area network, distributed embedded systems, event-triggered traffic, fault tolerance, flexible time-triggered communication, master replication, protocol, task dispatching, temporal isolation},
note = {},
key = {},
abstract = {The FTT-CAN (flexible time-triggered communication on controller area network) protocol supports time-triggered communication in a flexible way as well as the combination of both time and event-triggered traffic with temporal isolation. Previous papers have already discussed its potentialities and presented worst-case temporal analysis for both types of communication. After a brief review of the main characteristics of the protocol, we present new issues concerning its use in distributed embedded systems: the extension for task dispatching and the inclusion of techniques to improve fault tolerance, namely master replication}
}
@article{PEDREIRAS_CCEJ_2002,
author = {Pedreiras, P. and Almeida, L.},
title = {EDF message scheduling on controller area network},
journal = {Computing and Control Engineering Journal},
year = {2002},
volume = {13},
number = {4},
pages = {163--170},
month = {August},
doi = {10.1049/cce:20020402},
issn = {0956-3385},
isbn = {ISBN-OPTIONAL},
keywords = {EDF, CAN, FTT-CAN, flexible time-triggered communication, controller area networks, field buses, earliest deadline first, real-time embedded systems, flexible time-triggered communication, embedded systems},
note = {},
key = {},
abstract = {The controller area network (CAN) has a maximum transmission rate of 1 Mbit/s and its fixed priorities-based medium access control (MAC) limits the maximum bus utilisation when timeliness guarantees are required. An implementation of earliest deadline first (EDF) message scheduling on the CAN, based on the FTT-CAN (flexible time-triggered communication on CAN) protocol, is presented, which allows higher utilisation factors with timeliness guarantees. The advantages of using EDF instead of rate-monotonic scheduling on the FTT-CAN are highlighted, and a comparison with other implementations of EDF scheduling on the CAN is presented}
}
@inproceedings{FERREIRA_WFCS_2002,
author = {Ferreira, J. and Pedreiras, P. and Almeida, L. and Fonseca, J. A.},
title = {Achieving fault tolerance in FTT-CAN},
booktitle = {4th IEEE International Workshop on Factory Communication Systems (WFCS'2002) Proceedings},
year = {2002},
editor = {},
volume = {},
series = {},
pages = {125--132},
address = {V{\"a}ster{\aa}s, Sweden},
month = {August},
organization = {},
publisher = {},
doi = {10.1109/WFCS.2002.1159709},
issn = {},
isbn = {0-7803-7586-6},
keywords = {CAN, FTT-CAN, bus guardians , communication system configuration , fault hypothesis , fault tolerance techniques , flexible time triggered communication over controller area network , master node replication , master synchronization , network errors , node failures , replicated network architecture , safety-critical applications , synchronization , time triggered traffic scheduling},
note = {},
key = {},
abstract = {In order to use the FTT-CAN protocol (flexible time-triggered communication over controller area network) in safety-critical applications, the impact of network errors and node failures must be thoroughly determined and minimized. This paper presents and discusses fault-tolerance techniques to limit that impact. The particular configuration of the communication system can be more or less complex and fault-tolerant as desired by the system designer. The paper includes the fault hypothesis and presents a replicated network architecture using bus guardians. An important aspect is the replication of the master node that schedules the time-triggered traffic. In this case, it is particularly important to assure correct synchronization of the master replicas. The mechanisms that support masters' replication and synchronization are described and their performance is evaluated. The resulting architecture allows a reduction of the conflicts between safety and flexibility, supporting the use of FTT-CAN in safety critical applications}
}
@article{FERREIRA_MICRO_2002,
author = {Ferreira, J. and Pedreiras, P. and Almeida, L. and Fonseca, J. A.},
title = {The FTT-CAN protocol for flexibility in safety-critical systems},
journal = {IEEE Micro},
year = {2002},
volume = {22},
number = {4},
pages = {46--55},
month = {July/August},
doi = {10.1109/MM.2002.1028475},
issn = {0272-1732},
isbn = {},
keywords = {CAN, FTT-CAN, Time-Triggered Controller Area Network , automotive industry , communication protocol , flexible time-triggered communication on CAN , protocol , safety-critical systems},
note = {},
key = {},
abstract = {A new communication protocol for distributed embedded systems attempts to find a compromise between the often-opposing goals of system flexibility and safety}
}
@inproceedings{PEDREIRAS_RTS_2002,
author = {Pedreiras, P. and Almeida, L.},
title = {Flexible Scheduling on Controller Area Network},
booktitle = {10th International Conference on Real-Time Systems (RTS'2002) Proceedings},
year = {2002},
editor = {},
volume = {},
series = {},
pages = {},
address = {Paris, France},
month = {March},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN},
note = {},
key = {},
abstract = {The Controller Area Network (CAN) protocol was originally developed aiming at automotive applications. However, it rapidly expanded to other real-time application fields, mainly due to its prioritised medium-access control (MAC), high responsiveness, high data efficiency for short data transfers and low cost. Nevertheless, the fact that its MAC relies on fixed priorities imposes a compromise that, in particular situations, is undesired. For example, CAN does not support fairness among streams of messages that require similar quality-of-service and also, it does not allow very high bandwidth utilization levels with guaranteed timeliness for all message streams. In this paper we briefly present the FTT-CAN protocol (Flexible Time-Triggered communication on CAN) and show how this protocol can be used to efficiently support any type of message scheduling over CAN. Particularly, the paper illustrates this flexibility by focusing on the implementation of Earliest Deadline First (EDF) message scheduling on CAN. A comparison between EDF and Rate Monotonic (RM) scheduling in this environment is performed, namely concerning processing and communication overhead and achievable bus utilization. Schedulability analysis for both RM and EDF is presented, as well as a comparison with other proposals for EDF scheduling on CAN}
}
@inproceedings{PEDREIRAS_RTES_2001,
author = {Pedreiras, P. and Almeida, L.},
title = {A practical approach to EDF scheduling on controller area network},
booktitle = {IEEE/IEE Real-Time Embedded Systems Workshop (RTES'2001) at the 22nd IEEE Real-Time Systems Symposium (RTSS'2001) Proceedings},
year = {2001},
editor = {},
volume = {},
series = {},
pages = {},
address = {London, England},
month = {December},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN},
note = {},
key = {},
abstract = {The Controller Area Network (CAN) protocol was originally developed aiming at automotive applications. One of the limitations of this protocol is its maximum transmission rate, specified at 1Mb/s. In practice, the maximum transmission rate can even be lower depending on the desired bus length and available transceiver speed. Furthermore, the message scheduling defined at the medium access control is based on fixed priorities, imposing an even lower limit on the achievable utilisation when timeliness guarantees are required. This paper presents an implementation of Earliest Deadline First (EDF) message scheduling on CAN that allows higher utilisation factors with timeliness guarantees than using fixed priorities. This implementation is based on the FTT-CAN protocol (Flexible Time-Triggered communication on CAN). A comparison between EDF and RM scheduling in this environment is performed, namely concerning processing and communication overhead, bus utilization and network-induced jitter. Schedulability analysis for both RM and EDF is presented as well as a comparison with other proposals for EDF scheduling on CAN}
}
@inproceedings{PEDREIRAS_FET_2001,
author = {Pedreiras, P. and Almeida, L.},
title = {Asynchronous communication on FTT-CAN: Experimental results},
booktitle = {4th IFAC International Conference on Fieldbus Systems and their Applications (FeT'2001) Proceedings},
year = {2001},
editor = {},
volume = {},
series = {},
pages = {113--120},
address = {Nancy, France},
month = {November},
organization = {},
publisher = {INRIA},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN},
note = {},
key = {},
abstract = {Many real-time control applications require heterogeneous sets of tasks, where both periodic and sporadic computational activities must be performed. For distributed systems, this implies that also the messages that are exchanged at the fieldbus level are heterogeneous in theirs nature. A flexible real-time communication system should, therefore, efficiently support both event triggered and time-triggered communications. The authors have recently proposed a new CAN-based protocol (FTT-CAN) that supports both event-triggered and time-triggered traffic, with temporal isolation. This paper describes the asynchronous messaging system of FTT-CAN, which handles the event-triggered traffic, supporting different QOS requirements. Furthermore, an enhanced response-time analysis concerning this type of traffic and experimental results are also presented}
}
@article{FERREIRA_FET_2001,
author = {Ferreira, J. and Pedreiras, P. and Almeida, L. and Fonseca, J. A.},
title = {FTT CAN Error Confinement},
journal = {4th IFAC International Conference on Fieldbus Systems and their Applications (FeT'2001) Proceedings},
year = {2001},
volume = {},
number = {},
pages = {8--15},
month = {November},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FFT-CAN},
note = {},
key = {},
abstract = {Transmission errors in a flexible distributed communication system based on the Flexible Time-Triggered Controller Area Network protocol (FTT CAN) must be confined and controlled if such a system is to be used in a safety critical real-time environment. This paper presents a first approach to error confinement in FTT CAN using a deterministic error model. Two strategies to cope with such errors are presented. In the first one the error model is introduced in the schedulability analysis causing the allocation of extra time in each elementary cycle. The second one is based on bus traffic monitoring and on a dynamic scheduler with a schedulability analyzer. The impact of this last strategy on the FTT CAN master node architecture is discussed and a possible solution is presented}
}
@inproceedings{PEDREIRAS_DCCS_2000,
author = {Pedreiras, P. and Almeida, L. and Fonseca, J. A.},
title = {Improving the responsiveness of the synchronous messaging system in FTT-CAN},
booktitle = {16th IFAC Workshop on Distributed Computer Control Systems (DCCS'2000) Proceedings},
year = {2000},
editor = {},
volume = {},
series = {},
pages = {},
address = {Sydney, Australia},
month = {December},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN},
note = {},
key = {},
abstract = {A flexible distributed real-time communication system must support modifications to the message set which it conveys. These changes can require a degree of responsiveness ranging from a few milliseconds to some seconds. In FTT-CAN protocol, the responsiveness of the synchronous communication system depends on the plan duration, which, in general cannot be set arbitrarily short. This paper presents a method that uses the asynchronous messaging system to temporarily convey the synchronous messages until the synchronous messaging system can handle them. Furthermore, methods to evaluate offline if a set of requests for modifications can be timely handled are presented}
}
@article{PEDREIRAS_RDET_2000,
author = {Pedreiras, P. and Almeida, L. and Fonseca, J. A.},
title = {A Proposal To Improve The Responsiveness Of The Synchronous Messaging System In FTT-CAN},
journal = {Revista do Departamento de Electr\'{o}nica e Telecomunica\c{c}\~{o}es},
year = {2000},
volume = {3},
number = {2},
pages = {},
month = {October},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN},
note = {},
key = {},
abstract = {For some years there has been a debate opposing event-triggered and time-triggered traffic paradigms in fieldbuses. It has been commonly accepted that both paradigms have advantages and disadvantages and that the former is better suited to sporadic sources of information, e.g. alarms and management functions, as the latter is more suited to periodic streams of information, e.g. sensor data in control loops. However, for certain applications such as flexible real-time systems, a combination of both paradigms is desirable. In these systems, all those types of traffic can be found. To benefit from the advantages of both paradigms it is important to enforce a temporal isolation between event and time triggered traffic. With respect to this combination, current fieldbus systems that support both sorts of traffic either do not enforce temporal isolation or handle the event-triggered traffic in a bandwidth inefficient way. The authors have recently proposed a new CAN-based protocol that supports time-triggered communication in a flexible way (FTT-CAN). One of the interesting features of such protocol is that it allows an efficient combination of both time-triggered and event-triggered traffic with temporal isolation. This paper describes the asynchronous messaging system of FTT-CAN which is responsible for the support of event-triggered traffic. Furthermore, a response time analysis is carried out concerning the handling of asynchronous communication requests}
}
@inproceedings{PEDREIRAS_WFCS_2000,
author = {Pedreiras, P. and Almeida, L.},
title = {Combining event-triggered and time-triggered traffic in FTT-CAN: analysis of the asynchronous messaging system},
booktitle = {3rd IEEE International Workshop on Factory Communication Systems (WFCS'2000) Proceedings},
year = {2000},
editor = {},
volume = {},
series = {},
pages = {67--75},
address = {Porto, Portugal},
month = {September},
organization = {},
publisher = {},
doi = {10.1109/WFCS.2000.882535},
issn = {},
isbn = {0-7803-6500-3},
keywords = {CAN, FTT-CAN, Asynchronous communication , Bandwidth , Communication system control , Delay , Ergonomics, Field buses , Information resources , Phase control , Protocols , Real time systems},
note = {},
key = {},
abstract = {For some years, there has been a debate opposing event-triggered and time-triggered traffic paradigms in fieldbuses. While the former is better suited to sporadic sources of information, the latter is more suited to periodic streams of information. However, for certain applications, such as flexible real-time systems, a combination of both paradigms is desirable. The authors have recently proposed a new controller area network (CAN) based protocol, called FTT CAN (Flexible Time-Triggered communication on CAN), that supports time-triggered communication in a flexible way. It also allows an efficient combination of both time-triggered and event-triggered traffic with temporal isolation. This paper describes the asynchronous messaging system of the FTT-CAN protocol which is responsible for the support of event-triggered traffic. Furthermore, a response time analysis is carried out concerning the handling of asynchronous communication requests}
}
@inproceedings{FONSECA_ICC_2000,
author = {Fonseca, J. A. and Martins, E. and Almeida, L. and Pedreiras, P. and Neves, P.},
title = {Flexible Time-Triggered Protocol for CAN: new scheduling and dispatching solutions},
booktitle = {7th International CAN Conference (ICC'2000) Proceedings},
year = {2000},
editor = {},
volume = {},
series = {},
pages = {},
address = {New Orleans, USA},
month = {June},
organization = {},
publisher = {},
doi = {},
issn = {},
isbn = {},
keywords = {CAN, FTT-CAN},
note = {},
key = {},
abstract = {One of the possibilities to build robust communication systems with respect to their temporal behaviour is to use autonomous control based on the time-triggered paradigm. The FTT-CAN - flexible time-triggered protocol, relies on centralised scheduling but makes use of the CAN native distributed arbitration to reduce communication overhead. There, a planning scheduler is used within a master node to reduce the scheduling run-time overhead. On-line changes to the communication requirements can then be made under guaranteed timeliness. In addition FTT-CAN also allows an efficient combination of both time-triggered and event-triggered traffic with temporal isolation. In this paper, recent evolutions of the initial protocol definition concerning transmission of synchronous and asynchronous messages are presented. These consist in a time division of the elementary transmission window which optimises the available bandwidth for asynchronous messages, keeping the timeliness of synchronous messages without jeopardising their transmission jitter. A novel solution for the planning scheduler is also presented. It consists in an FPGA-based coprocessor which implements the planning scheduler technique without imposing overhead to the arbiter CPU. With it, it is possible to reduce strongly the plan duration thus allowing on-line admission demanded by system elements and, also, to extend the protocol application to high-speed networks}
}