August 2009 - TTEthernet – A Powerful Network Solution for Advanced Integrated Systems

Mil/Aero Insider: August 2009

TTEthernet – A Powerful Network Solution for Advanced Integrated Systems

Time-triggered technology introduces a new method for deterministic data transfer over Ethernet. This deterministic technology makes it possible to overcome the inherent lack of determinism of Ethernet networks by applying strict rules to data transmission timing. These rules are implemented by a master node that schedules network traffic and synchronizes a network clock between all network nodes.

While virtually all distributed systems require communication between the elements of the network, a subset of these networks require communication to be deterministic. These distributed applications may include:

  • Distributed motion control
  • Real-time commands
  • Industrial control and monitoring
  • Hardware-in-the-loop simulation
  • Synchronized data acquisition

For example, a flight control system on an aircraft requires near-instantaneous response. Buffering of data on an Ethernet network does not alleviate the issue of Ethernet's non-deterministic nature, because buffered data is useless in a dynamic system such as an aircraft. To meet the requirements of rapid response applications, the network itself must have a real-time (deterministic) response. Design of precision and safety-critical applications usually adopts time-triggered protocols as the communication infrastructure to achieve real-time performance.

TTEthernet (Time-Triggered Ethernet), developed by TTTech Computertechnik AG and deployed by GE Fanuc Intelligent Platforms, expands classical Ethernet with services to meet time-critical, deterministic or safety-relevant conditions. It is compatible to standard IEEE 802.3 Ethernet and integrates with other Ethernet networks. As TTEthernet supports communication among applications with various real-time and safety requirements over a network, three different message types are provided:

  • Time-triggered (TT) messages are sent over the network at predefined times and take precedence over all other message types. The occurrence, temporal delay and precision of time-triggered messages are predefined and guaranteed. The messages have as little delay on the network as possible and their temporal precision is as accurate as necessary.
  • Rate-constrained (RC) messages are used for applications with less stringent determinism and real-time requirements. These messages guarantee that bandwidth is predefined for each application and delays and temporal deviations have defined limits. RC messages are routed with little delay. If TT messages are to be transmitted via the same outgoing port at the same time, the TT messages take priority over the RC messages.
  • Best-effort (BE) messages follow a method that is well-known in classical Ethernet networks. There is no guarantee whether and when these messages can be transmitted, what delays occur and if messages arrive at the recipient. Best-effort messages use the remaining bandwidth of the network and have less priority than the other two types of messages. BE messages always have the lowest priority. This method exploits the bandwidth of the network in an optimal way.

TTEthernet sits on top of layer 2 OSI model and below layer 3. Therefore it can be seen as an extension service to existing Ethernet, which provides hard real-time and synchronization capabilities to Ethernet networks. Those services use standard Ethernet frames.

Time-Triggered Ethernet (TTEthernet) expands classical Ethernet use with powerful services (SAE AS6802) to meet the new requirements of reliable, real-time data delivery in advanced integrated systems. In addition, TTEthernet switches provide ARINC664 functionality to meet existing requirements of avionics Ethernet networks.

With TTEthernet, critical control systems, audio/video and standard LAN applications can share one network. TTEthernet facilitates design of mixed criticality systems and system-of-systems integration.

 TTEthernet
Fig. 1: TTEthernet (SAE AS6802) enables design of advanced integrated systems utilizing asynchronous and synchronous communication via IEEE802.3 Ethernet.

In the aviation domain, TTEthernet can be used for high-speed active controls, smart sensor and actuator networks, deterministic avionics and vehicle backbone networks, critical audio/video delivery, reflective memory, modular controls and integrated modular systems such as Integrated Modular Avionics (IMA) or distributed IMA. TTEthernet targets also critical embedded systems in aerospace and defense, automotive, medical, energy production, and industrial automation.

Switches in TTEthernet-enabled networks have the central role of organizing the data communication. TT messages are routed in the switch according to a predefined schedule with as little delay as possible. Precise planning at the time of system design precludes resource conflicts at runtime. TT messages have the highest priority level. If the planned transmission time of one of these messages arrives, this message is immediately transmitted. Due to the predefined transmission of the message the switch ensures that the medium is free at the time of transmission and delays are precluded.

TTEthernet switches allow the simultaneous distribution of TT messages to groups of end systems or the connection of unsynchronized TTEthernet networks. This is how TTEthernet networks can be divided into smaller application-specific sub-networks and the design can be facilitated.

IEEE 1588 specifies a synchronization protocol for Ethernet. The global time base of TTEthernet can be leveraged to synchronize native IEEE 1588 synchronization clients, too. For this purpose, additional functionality can be realized on top of a TTEthernet device that generates IEEE 1588 clock synchronization frames. TTEthernet provides means to compensate for delays through the TTEthernet network. Outside the TTEthernet network, in a native IEEE 1588 network, the clock synchronization messages can be handled as native IEEE 1588 clock synchronization messages.

Time-Triggered Ethernet supports both asynchronous and synchronous (ARINC 664 and SAE AS6802) approaches to deterministic networking, and enables parallel operation in mixed asynchronous/synchronous networks. It is designed to cover cross-industry application needs and provide deterministic network operation for a broad range of different applications. The primary reason for the integration both SAE AS6802 and ARINC664 on the same TTEthernet switch is the ensured availability of time-triggered services. Without those services, it would be impossible to define robust network partitioning for asynchronous and synchronous data flows.

TTEthernet enables design of mixed criticality systems using IEEE802.3 Ethernet, rate-constrained and time-triggered communication services. This enables more efficient use of total bandwidth (see Table 1). In comparison, the asynchronous communication is not deterministic with more than 20-25% bandwidth utilization. With both asynchronous and synchronous traffic, the deterministic bandwidth utilization can rise to 70-80%. An overview of capabilities for asynchronous vs synchronous traffic is given here:

 

Asynchronous Traffic

Synchronous

Asynchronous/Synchronous

Bandwidth utilization in real-world (mixed criticality) applications

20-25%

>80%

50-70% (assuming 50% sync, 50% async. traffic)

Bandwidth partitioning

Traffic shaping and enforcing

Exact definition of TDMA slots and time base

By using SAE AS6802 services, ARINC664 / IEEE802.3 traffic (LAN) can be integrated

Deterministic Communication

√, max. sampling rate 1kHz

√, max. sampling rate 50kHz at 1Gbit/s

√, max sampling rate >Nx10kHz

Hard Real-Time Control Loops

Limited to 1KHz, assuming non-critical functions consume minor part of the bandwidth

Fully supported under any workload

Fully supported under any workload

Audio/Video Delivery

No

Fully supported under any workload

Fully supported under any workload

Tab. 1: Mixed criticality systems and comparison of asynchronous, synchronous and mixed asynch/synch approach to data communication

Use cases for TTEthernet
 Use Cases for TTEthernet

Safety and Fault Tolerance
A high level of safety is provided by the time-triggered method of TTEthernet, which detects failures and irregularities in the network and certain systems. TTEthernet networks can be set up with multiple redundant end systems, switches and segments. Thus the system will remain in operation even if faults occur. Redundant network paths are always used in fault-tolerant TTEthernet systems so that the failure of a single system or messages can be tolerated without affecting the application. If multiple redundancies are implemented, multiple faults can be tolerated. It is important that the entire system remains in operation without interrupts under the same temporal conditions as defined before.

TTEthernet allows the integration of guardians in switches and end systems. Guardians check if the communication on the network works in compliance with the predefined parameters. If faulty systems block network segments, the guardian disconnects the network segment or port. Multiple redundant guardians can be implemented to meet the highest safety requirements.

Engineering Tools
GE Fanuc Intelligent Platforms is releasing proven time-triggered tools have been ported for TTEthernet systems. These tools cover the entire lifecycle of the network. Automatic and manual modeling tools allow the intuitive system design in terms of temporal behavior, network and topology. TT-based software applications generate configuration data that comply with the communication schedule and load the data into the involved systems. Monitoring switches can display the network traffic on-line and off-line, and check the accuracy and consistency of a designed system including the temporal behavior of TT and RC messages. These tools can also generate detailed reports for approving a system in compliance with application regulations such as DO-178B in the aerospace industry. Open XML data exchange formats allow the simple and seamless integration with third-party tools.

Conclusion
Time-Triggered Ethernet enables time-triggered communication over Ethernet networks in all application areas. The network provides all necessary mechanisms for applications as diverse as classical web services and time-critical and safety-critical control system in aircraft. TTEthernet exploits synchronous operation and resulting fault-tolerant time base to support different system dependability dimensions at once. It simplifies design challenges for complex distributed systems by robust partitioning, unambiguous definition of key system interfaces, and support for redundant and time-driven system design.

Existing networks can be extended step by step using TTEthernet-capable switches and end systems without the need to change existing applications and end systems. Reducing network solutions to established and recognized Ethernet standards opens up saving potentials that secure major advantages in competitive markets. TTEthernet has great potential not only in extremely demanding aerospace applications but also in completely new cross-industry application areas.