Deterministic Ethernet:

SAE AS6802 "Time-Triggered Ethernet"

Mirko Jakovljevic, TTTech / SAE AS-2D

SAE AS6802: Time-Triggered Ethernet (TTEthernet)

Public specification available since 2008 IP designed to DO-254/DO-178B Level A
formal proof of protocol algorithms

used for IEC61508 SIL-rated systems Standardization at SAE

SAE standardization project started in 2009 SAE Standard release in November 2011
http://standards.sae.org/as6802

What is Time-Triggered?
Predictable (deterministic) communication
Fixed latency, s-jitter, TDMA

System timebase available, but no master clock (alignment of local clocks in s!) Autonomous network operation
based on scheduled communication and system time

Examples:
FlexRay TTP (SAE AS6003) TTEthernet (SAE AS6802)

What is Ethernet, really?

A family of frame-based standards for LAN/MAN networks by IEEE802
Standard physical medium Set of medium access control rules with fair arbitration Variable size packets in Ethernet format

SAE AS6802: Time-Triggered Ethernet (TTEthernet)

The objective was to:

make Ethernet viable for any time-, safety- and missioncritical embedded system application (SAE AS6802 is a Layer 2 protocol service) and retain asynchronous communication capabilities
The objective was NOT to:

create yet another real-time industrial Ethernet network, that is incompatible with IEEE802.3 or standard Ethernet LAN In fact it is a service compare it to deterministic VLAN messaging with fixed end-to-end latency and s-jitter!
5

SAE AS6802: A Layer 2 QoS Enhancement Time-Triggered Ethernet (TTEthernet)

Allows integration of low-latency, low-jitter and standard LAN applications

SAE AS6802: A Layer 2 QoS Enhancement

Time-triggered extensions (Layer 2) implemented in an Ethernet switch enable deterministic unified networking
Synchronous startup Synchronous recovery Robust fault-tolerant distributed clock Foundation for synchronous communication and robust bandwidth partitioning in Ethernet networks

Summary: System Designer Perspective

SAE AS6802 is just another Ethernet service Add SAE AS6802 service to Ethernet switch
capabilities to design Ethernet-based time-, safety- and mission critical system !

Add other comptible IEEE802.1 Layer 2 services to gain specific capabilities and support (deterministic) unified networking
VLAN(IEEE802.1Q), DCB, IEEE1588/IEEE802.1AS, Rate-contrained services with traffic shaping, etc.

Use Ethernet as a deterministic network capable of handling different types of time-critical traffic
8

Deterministic Ethernet:
SAE AS6802 "Time-Triggered Ethernet

Capabilities

PAPER #

Capabilities: Distributed Fault-tolerant Synchronization

Robust algorithm based on exchange of asynchronous IEEE802.3 messages Synchronizes local clocks system time (!) Fail-operational:
tolerates multiple faults tolerates byzantine synchronization faults no search for best master (distributed clock!)

no wall clock (external time source - e.g. GPS) required

Provides defined worst-case synchronous startup & recovery time (in ms)
10

Capabilities: Synchronous Communication

System time available on switches and endsystems
Scheduled traffic can have fixed latency and s-jitter Switch knows when the message is forwarded

11

Capabilities: Deterministic Unified Ethernet

Synchronous and Asynchronous Traffic

Virtual links are forwarded through 100BASE-TX, 1000BASE-CX, 1000BASE-SX or other Ethernet physical layer connections

12

Capabilities: Robust Partitioning for Deterministic Unified Ethernet

Mechanisms:
Switch knows the traffic schedule for synchronous (TT) traffic Switch knows about properties of time-sensitive traffic and possible time-violations
e.g. for AFDX / ARINC664 (e.g. rate constrained BAG, periodicity)

Switch knows when the best effort (asynchronous) traffic can be scheduled to prevent violation of temporal constraints for RC and TT
Configuration for TT Traffic Configuration for RC Traffic

Synchronous (TT)

Time-Sensitive Traffic (RC)

Output Port

Asynchronous (Priority-Driven and/or Lossless)

13

Capabilities: Deterministic Unified Ethernet

What if synchronous links (VLs) are reserved, but the message is not sent?
ECU / LRU is not installed Function is currently inactive

Dynamic Bandwidth Release: immediate availability for asynchronous traffic

14

Comparison with other Ethernet standards

15

PAPER #

Ethernet in Critical Embedded Systems

IEEE1588

Time-Critical, Mission-Sensitive Lossless, Loss-sensitive, Time-sensitive, Mission-Critical Deterministic, Time-critical, Safety-critical, Mission-critical

IEEE DCB IEEE AVB ARINC 664 Part 7 SAE AS6802 (TTEthernet)
2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010
IEEE1588

16

Positioning: SAE AS6802 for Deterministic Unified Ethernet

QoS in shared Ethernet networks

17

Positioning: SAE AS6802 for Deterministic Unified Ethernet

QoS in shared Ethernet networks

18

TTEthernet Switch with SAE AS6802 / ARINC664-P7

TTEthernet Switch Services TTEthernet Switch Behavior
RC Switch RC Switch w/ A/V and hard-RT TTEthernet Switch (synch. AS6802 comm. only) Plain TTEthernet Switch IEEE802.3 switch Mixed Criticality TTEthernet Switch

Used QoS Protocol Services

RC (ARINC664) X X X

TT (SAE AS6802) X X X X

BE X X X

19

Positioning: SAE AS6802 for Deterministic Unified Ethernet

QoS in shared Ethernet networks

20

SAE AS6802 and RT-Ethernet

22

SAE AS6802 in IEC61850 Context

GOOSE Messages (low-latency, critical) can be sent via time-triggered messgaes

Data

Data

23

Impact on System Design

Mirko Jakovljevic, TTTech / SAE AS-2D

24

PAPER #

Why Deterministic Time-Triggered Networks ?

Network capabilities impact architecture and application design
the number of ECUs, wiring and weigth use of network bandwidth and computing resources level of functional integration system and application complexity
cost of SW/HW design and integration

maintenance, reuse and upgrades obsolescence management certification 25

Advanced System Integration

Distributed Integrated Modular Architectures (DIMA)
Statistical Multiplexing

Many high- and low-level functions share distributed computing and networking resources

TDMA Multiplexing

Federated
Computing Resources (one function per box) Networking Resources (physically separated unidirectional links)

Integrated Modular Architectures (e.g. IMA)

Many higher level functions on one processing module Additional low-level functions via networked RDCs
High n Level: io Integrat

h ig H ! ry A!! Ve IM l: n ve s a Le i n m io ste t ra Sy g te ole In h How DIMA covers W this gap?

Integration Level: Low

Integ r Fede ation Lev rated el Arch : Very Lo itect ures w

26

Resource Use & Complexity Reduction

Maximize use of network bandwidth and computing resources for critical embedded functions Reduce uncertainity, jitter and unintended system states Improve functional alignment (and separation!) Simplified sensor fusion Simplified distributed processing Simplified redundancy management

27

Integrating many functions on few ECUs

Emulate distributed computer / reflective memory Integrate critical and non-critical functions

28

SAE AS6802 in Critical Applications

Robust TDM-style bandwidth partitioning (Hard) Real-time operation Strictly deterministic system operation Predictable computing and networking resource sharing Alignment of different functions accross the systems Design of advanced system architectures for minimizing SWaP System complexity reduction (system state explosion!)
29

SAE AS6802 in Critical Applications

If we managed to go from federated to integrated architectures
Read: time/space partitioning at module level

we can manage transition to distributed AND integrated architectures

Read:
time/space partitioning at module level plus time partitioning at network level system-level partitioning (of all computing and networking resources) Predictable virtualization of complex embedded systems

30

New activities on SAE AS-2D agenda?

SAE AS6802 (TTEthernet)
Scheduling and system design Application Handbook Complexity reduction Linear Deterministic Networks Closer work with IEEE?

31

Q&A
Visit Deterministic Ethernet / LinkedIn Group (!!)

Mirko Jakovljevic, TTTech / SAE AS-2D mirko.jakovljevic@tttech.com

32

PAPER #