TTEthernet (SAE AS6802) for Time-, Mission- and Safety-Critical Systems
Time-triggered QoS enhancements for Ethernet satisfy requirements of backplane and backbone applications in aerospace, automotive, energy production and industrial systems.
DO-254 compliant TTEthernet switches enable hard real-time messaging, redundant networking, and fully support ARINC 664-P7 protocol services for avionics, vetronics and critical control architectures.
TTEthernet is suited for a broad range of demanding avionics and vetronics applications benefiting from minimized system complexity and reduced size, weight and power (SWaP).
Ethernet in Critical Applications
Ethernet is a family of frame-based communication standards and a versatile networking technology, which enjoys tremendous support in different commercial and industry applications. However, Ethernet was not designed for use in highly critical embedded applications.
It relies on asynchronous communication and statistical bandwidth multiplexing which imposes severe constraints on resource sharing and deterministic, real-time operation in complex distributed systems. This severely limits design of advanced integrated systems. One way around those limitations is to use other specialized networks (e.g., Fibre Channel, Infiniband, FireWire, or RapidIO) and overcome the Ethernet capability gap. Another approach is to add missing capabilities to Ethernet using QoS enhancements in the form of protocol service standards such as priority-based VLAN (IEEE 802.1Q), lossless and low-latency IEEE DCB, avionics ARINC 664-P7 standard or critical embedded system networking standard SAE AS6802 (TTEthernet). This allows use of Ethernet for different critical embedded system applications.
TTEthernet: A Strictly Deterministic Ethernet Service
TTEthernet (SAE AS6802) is an Ethernet protocol service, designed by aerospace and automotive network experts. It complements IEEE 802.3 Ethernet and provides strict determinism, hard real-time messaging, fault-tolerant synchronization, synchronous communication, robust TDMA partitioning and supports design of non-redundant, double, triple and quad-redundant systems.
TTEthernet services execute network algorithms utilizing standard asynchronous messaging and standard Ethernet frame format, without modifying any of the existing Ethernet capabilities. TTEthernet allows different traffic classes on one switch: time-triggered (synchronous), rate-constrained and best-effort, to operate in one shared network.
Synchronous time-triggered communication is congestion-free, hard real-time and independent of the network load. Therefore, TTEthernet switches can be used for both high-speed backbone and switched fabrics (e.g., OpenVPX or ATCA backplane).
Time-triggered messages are strictly deterministic and have fixed latency, message order and Âµs-jitter, and cannot be influenced by asynchronous network traffic. A TTEthernet switch can successfully emulate circuit-switching behavior on top of an asynchronous packet-switched network.
The system time is created by the execution of distributed clock synchronization algorithms defined in SAE AS6802. It is based on continuous adjustments of local clocks in the system, using a two-step approach (see image).
The TTEthernet timebase is designed to be resistant against multiple faults and complicated fault scenarios. This guarantees continuous system synchronization for time-triggered communication driven by time progression. All algorithms are formally verified by aerospace, automotive, and defense experts.
Dataflow Integration and Bandwidth Partitioning
TTEthernet protocol services establish a â€œnetwork hypervisorâ€ capability via time-partitioning (TDMA bandwidth partitioning). This allows different types of traffic to reliably operate in a shared Ethernet network.
TTEthernet services provide robust isolation of synchronous and asynchronous data streams and help to emulate physical separation of different distributed functions with dedicated network resource.
Finally, this allows seamless integration of time-triggered communication and rate- constrained ARINC 664-P7 service on one switch.
ARINC 664-P7 with A/V and Hard
SAE AS6802 (TTEthernet) and ARINC 664-P7 target similar challenges in avionics design, but use very different operation principles. Time-triggered messages are driven by the progression of time, while ARINC 664-P7 relies on asynchronous rate-constrained communication with defined maximum latency.
SAE AS6802 (TTEthernet) communication complements ARINC 664-P7 with strictly deterministic behavior. Time-critical (hard real-time) applications, audio and video can be easily integrated into large ARINC 664-P7 networks using time-triggered messages, without influencing other distributed functions integrated in the network.
From the perspective of the ARINC 664-P7 network designer and integrator, time-triggered (SAE AS6802) messages can be seen as ARINC 664-P7 messages with fixed latency and jitter, and the network design can still rely on best practices for avionics network design associated with the ARINC 664-P7 standard. As an advantage, the designer will not have any issues with integration and performance of critical time-triggered datastreams, which could save months in program schedule and thus improve time-to-market.
With ARINC 664-P7 service implemented on a TTEthernet switch, the user will be able to design complex ARINC 664-P7 networks with synchronous audio/video streaming and hard real-time functions and efficiently use available bandwidth. In addition, TTEthernet services support design methodologies which can reduce complexity, enhance design of system architectures, simplify software applications, and minimize system lifecycle costs.
TTEthernet is standardized with the Society of Automotive Engineers (SAE) and will be released in 2011. Beyond commercial and defense system application, critical energy, industrial and telecom infrastructure, as well as the automotive industry, can profit from its capabilities.
Production programs that plan to use COTS components compliant with SAE AS6802 include NASAâ€™s Orion spacecraft in the scope of the U.S. human spaceflight program. Lockheed Martin works on several advanced integrated system programs using this technology. Due to its ARINC 664-P7 capability and DO-254 Level A compliance, TTEthernet switch modules are suitable for application in commercial aircraft systems, and offer an extended set of networking capabilities for time-, mission-, and safety-critical applications.
Reducing System Complexity
A communication network is an essential part of a total distributed software and hardware platform. The platform influences sharing of computing and networking resources, helps align operation of distributed functions, constrains the number of system states, and minimizes related complexity. The objective of the platform is to minimize system integration and application design effort, and simplify certification, modification, upgrades, reuse, incremental modernization and obsolescence management.
By providing unambiguous definition of temporal behavior and key system interfaces at the network level, time-triggered services in TTEthernet support less complex distributed computing and networking, enhance resource sharing (or separation) among critical and non-critical functions, and simplify coordination of critical functions. With TTEthernet it is possible to emulate conflict-free shared system memory via periodic and synchronized global data exchange to guarantee high levels of software abstraction. This minimizes application design effort, code size, and exposure to transient faults or unintended system states.
With ARINC 664-P7 services added to the TTEthernet switch, the designer has freedom to utilize different types of QoS and design methodologies using a shared TTEthernet network infrastructure.
As a result there is a direct link between communication network capabilities, related complexity and lower system lifecycle cost for advanced integrated systems.
COTS-Based System Platforms
System architecture design decisions are influenced by available network technologies. For example, the lack of robust bandwidth partitioning and the capability to run both hard real-time controls and less demanding real-time or soft time functions, either mandates separation of physical resources and design of hierarchical architectures or limits efficient use of computing resources.
In a case where system integration allows placement of functions anywhere in the vehicle or aircraft without impact on function performance, there are countless opportunities to design more efficient systems and architectures.
It is fair to say that TTEthernet capabilities close the gap between federated and integrated architectures, and represent a new tool for system architects utilizing high-bandwidth Ethernet as a system integration technology of choice. This simplifies design of advanced integrated platforms and reconfigurable architectures based on open COTS standards.
TTEthernet enables synchronous time-triggered, rate-constrained and best-effort traffic in shared networks.Two-step synchronization algorithm