Time-triggered fieldbuses, such as Time-Triggered Protocol (TTP) and FlexRay communication protocol, have the potential to solve many systems integration and concurrent engineering issues in the aerospace industry. They can significantly impact the design of modern aircraft avionics and control system architectures for next generation aircraft.
Data bus features determine how different units interact with each other, thus directly influencing the system architecture and the complexity, scalability and interoperability of interconnected functions and systems.
System complexity and integration challenges can be directly related to data bus technologies and fault-tolerant services built on top of them.
In new aircraft programs, with hundreds of fieldbus networks, data buses represent only a fraction of the total aircraft cost, but can be one of the key technologies to support shorter time-to-market and improve total program profitability.
TTP is the first high-speed (max. 25 Mbps per channel), low-cost time-triggered fieldbus flying on commercial and military aircraft.
TTP is a time-triggered fieldbus with built-in, high-level services for fault-tolerant distributed embedded computing. It is an open and modular control system platform technology that enables a linearly scalable parametric system architecture design, thus making applications independent of the used hardware or software.
Over the total lifecycle of the system, TTP-based systems are responsive to the need for planned adaptations, extensions and incremental modernization from airframe to airframe or from mission to mission.
"Value-added" system options, expansion packs and updates can be easily implemented without affecting other critical functions in the system. The standard ARINC 429 fieldbus, with unidirectional links in highly integrated, distributed subsystems, requires excessive wiring, having an impact on the resulting weight and connector count.
Except for applications in simple, non-critical systems comprising a few units, the event-driven Controller Area Network (CAN) data bus does not offer predictable (deterministic) communication and system-level partitioning. Therefore, it rarely leads to scalable, reusable and easy-to-integrate modular solutions for safety-critical aerospace control applications.
By integrating several subsystems using a time-triggered fieldbus and bringing control subsystems in the vicinity of controlled units, many point-to-point CAN or ARINC 429 connections can be replaced. This helps to reduce connector count and wiring weight and simplifies diagnostics and maintenance.
As the control system processing can be distributed and encapsulated in subsystems, smart actuators and sensors, the backbone bus can be off-loaded for high level tasks and control loops. This enables the use of lower-cost COTS hardware in both central and remote distributed systems.
Balanced distribution of data processing between centralized integrated modular avionics (IMA) and distributed subsystems simplifies resource sharing and accurate data transmission scheduling — some of the key issues for integration, upgradeability and reusability in complex integrated aerospace systems.
Time-triggered technology and fieldbuses offer significant improvements, which are reflected in reduced complexity of system-of-systems aircraft design.
Time-Triggered Fieldbuses for Aerospace Subsystem Integration
Designed as a fieldbus for safety-critical aerospace applications, TTP has been flying on military and "more electric" commercial aircraft since 2004, with TTP controllers, hardware and software components complying with the RTCA DO-254 and DO-178B Level A standards.
Hamilton Sundstrand has selected TTP and TTTech products for the Electric Power System and Electric Environmental Control System on the Boeing 787.
With the certification of the Airbus A380, the first commercial aircraft is flying with time-triggered technology. TTP is also used in Honeywell’s Modular Avionics Controls architecture for engine control systems.
TTP is a fault-tolerant distributed embedded computing technology, which provides a robust basis for control system platforms. It supports standard physical layers and DC-free coding. TTP protocol specification has been stable since 2002 (www.ttagroup.org).
Meanwhile, FlexRay is emerging as a result of a joint automotive industry effort, including BMW, DaimlerChrysler, General Motors, Volkswagen and others. FlexRay is a time-triggered fieldbus designed as a communication infrastructure for future generation high-speed automotive control applications (www.flexray.com).
FlexRay is a high-speed (10 Mbps) time-triggered protocol and also offers a physical layer with NRZ-coding tailored for automotive needs. FlexRay is used in the electronic damping system of the BMW X5 2007 model for the first time. The development and evaluation of the FlexRay specification set is based on automotive requirements.
Currently the FlexRay consortium contract limits its usage to automotive applications, but the technology is expected to be opened for non-automotive applications at a later point in time.
Lifecycle Costs
System design with a time-triggered fieldbus minimizes complex temporal interdependencies among modules. It helps to determine and plan precisely what happens if one unit is added, changed or reconfigured. This has a tremendous impact on total lifecycle costs, including development, testing, integration, maintenance, reuse, modular certification and obsolescence management.
Solving Integration and Concurrent Engineering Challenges
There are several factors that help to solve integration challenges and significantly reduce the effort, especially if the system is designed to synchronize application tasks with a communication system.
First, the control of key system interfaces is seamless in the time domain for TTP and FlexRay. Every unit in the system knows the temporal communication behavior of all the other units per default, even before a single line of application code is written. Second, the designed behavior is strictly enforced by TTP’s data integrity mechanisms and continuously monitored using formally verified distributed algorithms. Third, control errors do not propagate through the network as the communication is independent of the application. True modularity of TTP-based systems is accomplished by different techniques, including resource partitioning and layering.
As a result, the integration of a unit or subsystem into a system does not change the behavior of key system interfaces (temporal behavior and latency jitter). Even the legacy software applications using time-triggered communication can profit from predictable communication latencies with negligible jitter.
In a subsystem where all temporal behavior is specified at design time, using a central architecture design database, it is straightforward for a multi-vendor design team to agree on baselines, changes and their impact. By using TTTech’s mature tool chain for the design of distributed time-triggered applications, global multi-vendor teams retain complete overview of the system behavior and minimize system design and integration costs.
Differences Among Time-Triggered Fieldbuses
Common to all time-triggered protocols (FlexRay, TTP) is deterministic Time Division Multiple Access (TDMA) broadcasting with full system synchronization and microsecond jitter (1-5µs).
At the datalink layer level, major differences exist in frame formats, size of data slots, communication speed, overhead and other specific features (communication cycle limitations, dynamic and static slots etc.). Those features can impact the context for system application development, depending on application-specific constraints.
The list of differences is extensive, even with similar basic underlying time-triggered communication principles.
In real applications, data efficiency with time-triggered protocols can vary from 30 to 70 percent. Both protocols can handle event-driven messages. In FlexRay, this works over dynamic slots, and in TTP, event-driven transfer is emulated via static slots. Star and bus topologies are supported. TTP provides a distributed fault-tolerant startup.
At a higher level, extended system services can create completely different platform solutions. They can have a significant impact on different aspects of lifecycle cost equation and applicability. As communication is not the only aspect of integration and system networking, data integrity mechanisms, system health monitoring and redundancy management are important functionalities characteristic of all integrated fault-tolerant systems.
TTP includes the following services: system and communication health monitoring, data integrity, system configuration check, fault isolation and deterministic fault-tolerant computing services, which are otherwise developed and certified with severe costs and project scheduling risks. With FlexRay, those functions can be implemented in the software.
Time-Triggered and Flying
All of the mentioned services used for fault-tolerant distributed computing and networking are implemented on a single DO-254 certified TTP controller chip as part of the communication protocol. With DO-178B Level A embedded COTS software and qualified design verification tools used in production programs, TTTech Group provides a complete certifiable solution for time-triggered systems.
Conclusion
In order to better manage system complexity and weight, future trends point toward distributed system integration using time-triggered fieldbuses. They facilitate the design of time-driven architectures and support shorter time-to-market at lower system lifecycle costs.
Fault-Tolerant Distributed Embedded Computing with TTP
TTP-based control systems can be designed to behave as one fault-tolerant distributed computer, independent of physical distances among units. All units in a system are synchronized using a decentralized and formally verified, fault-tolerant clock synchronization mechanism.
Distributed applications exchange data over a conflict-free shared system memory. With TTP-based system integration, the partitioning known from the OS area can be extended to the whole system, which may significantly reduce design, testing, integration, maintenance and other lifecycle costs.
Several subsystems can be integrated on one TTP databus and operate without resource conflicts, complex interdependencies or latency jitters.
So called "Distributed IMA" supported by distributed embedded computing, as described in RTCA DO-297 helps incremental and modular application development, reuse and certification, guaranteeing software application independence from the underlying hardware, topology or architecture.
Advanced High-Speed Control Systems with FlexRay
Advanced automotive applications require a comprehensive communication system, providing speed, flexibility and scalability for complex networks at low cost. FlexRay is designed to satisfy these automotive requirements.
With a gross data rate of 10 Mbps, FlexRay delivers approximately 20 times higher net bandwidth than the CAN protocol currently used in automotive control applications. Applications such as active and passive safety systems, collision avoidance systems, powertrain management systems and driver assistance systems are expected to be enabled by the FlexRay protocol.
FlexRay offers scalable synchronous and asynchronous data transmission, and supports single, dual and mixed channel architectures. Systems can be synchronized using master or distributed time-triggered synchronization.
High-volume automotive applications facilitate design and cost efficiencies with a wide choice of system-on-chip components, which could reduce costs in aerospace and other industries in the future.
About TTTech Group
Since 1998, TTTech has been a leading supplier of time-triggered technology, products and services for the aerospace and automotive industries.
Its core technologies, Time-Triggered Protocol (TTP) and the Time-Triggered Architecture (TTA), are safety-critical communication platforms for fault-tolerant distributed embedded computing in the aerospace industry.
TTAutomotive is TTTech’s dedicated subsidiary for FlexRay solutions. It is a premium associate member in the FlexRay and AUTOSAR consortia. AUTOSAR works on an open software standard for automotive electronic architectures.
As a visionary partner, TTTech also works on breakthrough time-triggered technologies and high-end products to give aerospace customers the competitive advantage they need.
Its expertise in time-triggered technologies, complemented by DO-254 and DO-178 Level A development process knowledge, make TTTech an ideal partner for delivering complex platform solutions for advanced aerospace applications.