performance bounds in a switched aircraft cabin
play

Performance Bounds in a Switched Aircraft Cabin Emanuel Heidinger - PowerPoint PPT Presentation

Chair for Network Architectures and Services Prof. Carle Department of Computer Science TU Mnchen Performance Bounds in a Switched Aircraft Cabin Emanuel Heidinger Supervision TUM: Prof. Carle Supervision EADS: Stefan Schneele 1


  1. Chair for Network Architectures and Services – Prof. Carle Department of Computer Science TU München Performance Bounds in a Switched Aircraft Cabin Emanuel Heidinger Supervision TUM: Prof. Carle Supervision EADS: Stefan Schneele 1 Network Security, WS 2008/09, Chapter 9

  2. Outline Introduction to Communication Networks in Aeroplanes • Goal of this Work • Safety Criticality in the Aircraft Cabin • State of the Art Cabin System • Novel Approach based on Switched Ethernet • DIMTOOL: A Platform for Determining WC Bounds • The framework Network Calculus • MIP Approach to determine the Worst Case • Moving the Switched Aircraft Cabin towards deployment • Conclusions • 2 Network Security, WS 2008/09, Chapter 9

  3. Communication networks in Airbus Aeroplanes Impression of the aircraft … • Installation may look simple at system level, but … • very complex at a/c level • Various Protocols like LVDS, RS-232, RS-485, CAN, Ethernet 3 Network Security, WS 2008/09, Chapter 9

  4. Goal of this Work Can we employ Standard Switched Ethernet in the Aircraft Cabin ? By „standard“ we mean • PHY/MAC Layer • IEEE 802.1D/Q, Intserv, Diffserv • Switching to Gigabit Backbones • Upcoming standards as Audio Video Bridging, BroadR-Reach What are the pitfalls when addressing this goal ? Can we provide Inflight Entertainment (IFE) over same network ? • Video • Games • Internet Surfing Overall-goal in Aernonautics: Safe weight, reduce kerosine, reduce complexity 4 Network Security, WS 2008/09, Chapter 9

  5. Domains in the Aircraft [ARINC664P5] Aircraft Airline Passenger Passenger Control Information Information Owned (ACD) Services Entertainment Devices (AISD) Services (PODD) (PIESD) Embedded CIDS IFE higher criticality (usually) decreases lower 5 Network Security, WS 2008/09, Chapter 9

  6. Objectives in Safety Relevant Aircraft Cabin • The Cabin Core Functions mainly cover safety relevant functions • Their requirements have to fulfill the [DO214] • Other safety relevant functions as Cabin Surveillance are expected on same network Device Description Signaling Audio Differential Latency Latency Delay Requirement Requirement Requirement PSU Passenger Announcement 100 ms 10 ms - Lighted Signs IBU Illumination 100 ms - - Handset Cabin Interphone 100 ms 10 ms 1ms Camera Cabin Video Monitoring - - - Smoke Smoke Detector 100 ms - - 6 Network Security, WS 2008/09, Chapter 9

  7. Safety in Aeronautics Expressed in terms of Design Assurance Level [DO254], [ARP4754A] DAL Classification DAL Definitions Failure Requirement [failures / hour] Level A Catastrophic Catastrophic failure condition for the aircraft < 10 − 9 p Level B Hazardous / Severe-Major Hazardous / severe-major failure condition for the aircraft < 10 − 7 p 10 − < 5 p Level C Major Major failure condition for the aircraft Level D Minor Minor failure condition for the aircraft - Level E No Effect No effect on aircraft operational capability or flight crew - workload • Cabin Core Functions are „usually“ DAL-C • Cabin Entertainment (IFE) is DAL-E • Extensive use of redundancy in networks covering safety relevant functions • Failure value is determined by Fault Tree Analysis • Determinism must be presented in those networks ⇒ Necessity to determine the worst case 7 Network Security, WS 2008/09, Chapter 9

  8. State of the Art – Today’s Aircraft Cabin / CIDS • Based on 10Base2 Ethernet, Physical Layer • TDMA (Time Division Multiple Access) Techniques • Bus System, same medium Advantage • Bus System, so one single line • Worst case relatively easy determined by measurement Disadvantage • Bus System, so Collision Avoidance / Detection • Smaller IFG (8 Bytes), not all PHYs can do that • Different CRC Polynomial, not all stacks can do that • Small Bandwidth, 10 MBit/s But when talking about GigaBit and later, there will be no bus support anymore (due to echo cancellation) ⇒ Moving towards switched network 8 Network Security, WS 2008/09, Chapter 9

  9. Topology of Full Switched Aircraft Cabin Up to 22 lines • Up to 16 cascade switches • per line Up to 8 end devices per • switch  No star topology for saving wires A380 Configuration, Number of Devices Device Number Description  Number highly depends on PSU 1536 Service Unit Aircraft type, IBU 1512 Light Scenario be it A380, A350 or A30x Handset 20 Cabin Interphone FAP 20 Panel for Cabin Control Challenge: Determine Worst Case CVMS 25 Video Surveillance in Switched Network 9 Network Security, WS 2008/09, Chapter 9

  10. Network Latencies  Propagation Delay Queuing delay  stable and almost negligible  (1/factor) * speed of light  Processing Delay  Hardware dependent  relatively stable Propagation delay  Transmission Delay  Time it takes to transmit the whole frame  Queuing Delay  If output port is busy, frames must be queued  Sum of transmission delay of Processing delay other frames, that have to be served before Transmission delay 10 10 Network Security, WS 2008/09, Chapter 9

  11. Toolchain DIMTOOL – Worst Case Estimation (I) System Integration Certification Topology Toolbox DIMTOOL(Matlab) Deployment CabinConfigurator (C++) • Generate VLAN configuration for switches • Extracting topology and flow information and forward to DIMTOOL • DIMTOOL generates reports according to simulation, NC & worst case scheduling analysis Heidinger, E.; Burger, S.; Schneele S., Klein, A. & Carle, G., DIMTOOL: A Platform for Determining Worst Case Latencies in Switched Queuing Networks, ValueTools 2012 Page 11 11 11 Network Security, WS 2008/09, Chapter 9

  12. Toolchain DIMTOOL – Worst Case Estimation (II) Topology Toolbox Backends DIMTOOL(Matlab) Certification • Generate VLAN configuration for switches CabinConfigurator (C++) • Extracting topology and flow information and forward to DIMTOOL • DIMTOOL generates reports according to simulation, NC & worst case scheduling analysis Page 12 12 12 Network Security, WS 2008/09, Chapter 9

  13. Toolchain DIMTOOL – Worst Case Estimation (III) Topology Toolbox Backends DIMTOOL(Matlab) System Integration • Generate VLAN configuration for switches CabinConfigurator (C++) • Extracting topology and flow information and forward to DIMTOOL • DIMTOOL generates reports according to simulation, NC & worst case scheduling analysis Page 13 13 13 Network Security, WS 2008/09, Chapter 9

  14. Toolchain DIMTOOL – Worst Case Estimation (IV) Topology Toolbox Backends DIMTOOL(Matlab) Deployment • Generate VLAN configuration for switches CabinConfigurator (C++) • Extracting topology and flow information and forward to DIMTOOL • DIMTOOL generates reports according to simulation, NC & worst case scheduling analysis Page 14 14 14 Network Security, WS 2008/09, Chapter 9

  15. Toolchain DIMTOOL – Worst Case Estimation (V) Topology Toolbox Backends DIMTOOL(Matlab) • Generate VLAN configuration for switches CabinConfigurator (C++) • Extracting topology and flow information and forward to DIMTOOL • DIMTOOL generates reports according to simulation, NC & worst case scheduling analysis Page 15 15 15 Network Security, WS 2008/09, Chapter 9

  16. DIMTOOL Graphical User Interface Provide several Performance Evaluation Backends • Topology creator for A380, A350, A30x • Topology converter for different input formats, Camfigurator, Network • Notepad, OPNET Results shall be employable in certification • ⇒ Deliver performance reports 16 16 Network Security, WS 2008/09, Chapter 9

  17. Refreshing Token Bucket Model • Extended version of [Tan2002] and [Sta2001] which allows some burstiness • Shaping does not occur until burst is consumed Token Bucket Scheme Network Calculus Representation (accumulated arrivals)  Textmasterformate durch Klicken bearbeite  Zweite Ebene • Dritte Ebene – Vierte Ebene » Fünfte Ebene 17 17 Network Security, WS 2008/09, Chapter 9

  18. Introduction to Network Calculus (I) Flows in terms of Arrival Envelopes / Arrival Curves • Service experienced by switch in terms of Service Curve • Example of fluid flows, preemptive f1 and f2 are multiplexed and traverse • two servers / switches Flow of interest is f1 • Delay given by horizontal deviation • Node-by-Node Analysis 18 18 Network Security, WS 2008/09, Chapter 9

  19. Introduction to Network Calculus (II) Flows in terms of Arrival Envelopes / Arrival Curves • Service experienced by switch in terms of Service Curve • Example of fluid flows, preemptive f1 and f2 are multiplexed and traverse • two servers / switches Flow of interest is f1 • Delay given by horizontal deviation • Node-by-Node Analysis 19 19 Network Security, WS 2008/09, Chapter 9

  20. Tightness of Network Calculus Bounds However, with the so called Node-by-Node Analysis (as seen before)  Latency is determined at each node, such that burst is paid at every server, i.e., s1 as well as s2  Also known as algorithm: Total Flow Analysis (TFA) Tightening bounds  „Pay Bursts Only Once“ [RIZ2005] • Burst will only be paid at first node • Edge-by-Edge Analysis (First: Service Curve over all edges, Then: horizontal deviation) • Also known as algorithm: Separated Flow Analysis (SFA) • Addresses the following case 20 20 Network Security, WS 2008/09, Chapter 9

Recommend


More recommend