A Successful Example of a Layered Architecture Based Embedded - - PowerPoint PPT Presentation

A Successful Example of a Layered Architecture Based Embedded Development with Ada 83 for Standard-Missile Control

Kelly L. Spicer Raytheon Missile Systems Missile Software Engineering Center Tucson, Arizona 520-663-7020 klspicer@west.raytheon.com

Nov 14, 2000

UNCLASSIFIED

Overview

• SM-3 Software Overview
• S3CC Context Diagram
• S3CC Requirements
• Design Notation
• Software Architecture Overview
• Layering Scheme Description
• Purpose of Each Layer
• Conventions for Each Layer
• Examples
• Build Approach Using Layers
• A little about Tasking and the Block IV Kernel
• Reuse of Algorithms
• Reuse - Architecture Typing (Archi-typing)

UNCLASSIFIED

SM-3 CSCIs

• Target, Missile States
• Time Message
• Clear to Radiate
• BIT Request/Response
• Cryo Initiated
• Status Message
• Telemetry
• Ejection Warning
• Test Pattern/Echo
• Time Sync
• Initialization
• Selected Uplink Data
• BIT Status
• Launch Detect
• Initialization Msg
• Missile State Data
• Target State Correction
• Mode Status
• Telemetry
• BIT Request/Response
• Reformatted Uplink
• Missile Body Rate
• Missile Body Attitude
• Position Cmds
• Telemetry Msg
• Test Pattern/Echo
• Commands
• Status
• Squib Cmds
• Valve Cmds
• Pressure Status
• Solenoid Cmds

Stage 2 Control Computer Stage 3 Control Computer Kinetic Warhead Guidance Processor Kinetic Warhead Signal Processor Inertial Navigation System GPS-Aided Steering Control Section Telemetry IMU TVA Controller KW SDACS IR Sensor GPS Receiver

Uplink / Downlink Messages GPS Hot Start Data

AEGIS Weapon System

Initialization Message

EED

Missile CSCIs AEGIS Launcher Other Configuration Items

Missile Ship

• Pointing Error
• Inertial Data
• Time Sync
• Flight Configuration

Parameters

• Status
• Telemetry Data

UNCLASSIFIED

S3CC Software Context Diagram

GAINS KW

• BIT Report
• Telemetry
• Missile Data
• Ship Radar Bias Correction

Telemetry-BIT Response Position Cmd Msg

• Telemetry Msgs
• Formatted CCSDS
• Squib, Solenoid,

ACS Valve Cmds

• ACS Pressures
• EED Errors
• BIT Request
• Msl/Tgt State
• Body Attitude
• Cryo On
• Eject Warning
• BIT Request
• Init Msg
• Ship Uplink
• Launch Detect

TSRM EED Board

• BIT Report
• Telemetry

Telemetry

• BIT Request
• Init Msg
• Tgt Pos

S2CC Test Equipment S3CC Software

• Test Cmds
• Overrides
• Test Menus

& Status

• BIT Reports
• Downlink Data

UNCLASSIFIED

S3CC SW Requirements Summary

• Interfaces
• Serial (TSRM, GAINS, KW, Telemetry)
• Direct control (ACS, squibs, solenoids, discretes)
• MLI bus (stage 2)
• Mission state control, two timelines:
• Since launch,
• To-go (to prepare and eject KW)
• BIT - functions and reporting
• Autopilot/attitude control (100 Hz updates), three modes:
• Cold gas, warm gas, Thrust Vector Control (TVC)
• Guidance (10 Hz updates)
• Burnout reference guidance
• Adjust for non-nominal TSRM burn-rate
• Adaptation parameters (capability to load system-defined

constants separate from software)

UNCLASSIFIED

System-Level State Transition Diagram

RPU Power On IM Received IM Reset Missile Power On Performing Pitchover Performing Exo-atmospheric Control Booster Separation Stage-2 Separation Stage-3 Separation Launch Detected Idle BIT Failed BIT Passed Initializing RPU Waiting for IM Waiting for Launch Performing BIT Performing Endo-atmospheric Control

UNCLASSIFIED

Capture & Inter-pulse Delay Pulse-1 burnout Pulse 2 burning for 1.4 seconds Altitude or Inter-pulse time-out Nose Cone Clear

S3CC Mission Sequencer States

Pulse-1 burning for 1.4 seconds Burnout Reference Guidance - Pulse 2 Separation Altitude Achieved Stage-2 Separation Burnout Reference Guidance - Pulse 1 Ditch Nose Cone Eject KW Pulse-2 burnout

UNCLASSIFIED

Buhr-Based Design Notation

Put Get Get Put

data_name

GenericPart

Package with Body Package with Body Passed Data Passed Data Procedure Procedure Queue Queue Types Package Types Package Task Task Generic Generic Instantiation Instantiation Interrupt Handler Interrupt Handler Set Semaphore Set Semaphore Package containing Task Package containing Task Ada Ada ‘With” ‘With”

SubSystem SubSystem

data_name QUICC Interrupt

UNCLASSIFIED

S3CC Task Hierarchy

<= Gas Status C

• n

t r

• l

V a l v e C

• m

m a n d s = > Data Lines

Timing Control Tasks

Target State Data

S q u i b I D T V C P

• s

i t i

• n

C m d M s g s = > Control Lines

TSRM ACS EED Board KW GAINS Telemetry Stage 2 MLI Bus RS-232 Serial

<= Telemetry Msg

Direct Squibs Serial

IM/ Rspn

IM

IM/Rspn

ACS L i n e a r S t a t e Requests for modes and

• verrides

form other subsystems

BIT Req/Rspn

Serial Serial Test Term

W a r m / C

• l

d G a s P r e s s u r e s

Mission Algorithm Tasks Startup Tasks Hardware Interface Tasks

Missile position, velocity & body rqmts Plug State Separate Warning

Serial

KW Messages

Autopilot Loop Guidance Loop

Missile Control Mission Sequencer Missile State TSRM Motor Scaling Target State Guidance 10 Hz 100 Hz BIT

Handle Init Msg Comm Startup TSRM QUICC Squib IO KW QUICC GAINS QUICC Test Mode Telemetry S2IO

Direction of Ada Withing

UNCLASSIFIED

SM-3 Stage-3 Software Architecture

TVAC

TSRMMI S2CCIO MgrMI Test Mode

GAINS Telemetry Stage 2 EED Board Valves Squibs Solenoids Test Terminal

TlmMgrMI

IM

Timing Control Mission Task Startup Mission Interface Hardware Interface Hardware

TSRM QUICC KWMI GAINSMI KW QUICC GAINS QUICC

Comm Startup

S2MLI TlmIO Text_IO Squib IO

Gas ValveIO

Solenoid IO

KW

BIT

Missile ControlMT GPS 100 Hz GPS 10 Hz

Autopilot Loop Guidance Loop Missile StateMA Scale TsrmMA GuidanceMA Target StateMA ACSGas MgmtMA ThrstVctr CntrlMA AutopilotMA KWState ContrlMA S3State ControlMA

Mission Algorithm

Direct Serial MLI Bus Serial Serial Serial Direct Direct Direct Discretes Discretes RS-232

S3Msn SeqMT Missile StateMT Scale TSRMMT Target StateMT GuidanceMT

Direction of Ada Withing

UNCLASSIFIED

Stage-3 Layering Scheme

• Hierarchical Approach
• Lower Layers Provide Services
• Higher Layers Provide Management
• Commands Flow Down
• Data Flows up and Down
• No “withing” up the Architecture, Down

Only

UNCLASSIFIED

• 6. Timing Control

Mission

• 3. Startup
• 2. Mission Interface
• 1. Hardware Interface
• 5. Mission Task
• 4. Mission Algorithm

6 Logical Layers in the Hierarchy

UNCLASSIFIED

• 1. Hardware Interface
• Hardware Direct Interface
• Works in Hardware Addresses, Register Formats,

Interrupt Handling, etc.

• Generics Used Across Interfaces when they’re

Sufficiently Similar

UNCLASSIFIED

• 2. Mission Interface
• Provides a Consistent, High-Level I/O Interface to

the Mission Tasks

• Implements Interface Protocols defined in the IRSs
• Contains Tasks for Completion of Receiving

Message Data on External Interface.

• Converts Data Between External and Internal

Format

• Transfers Data to/From Store Manager

UNCLASSIFIED

• 3. Startup
• Calls the Mission Interface to Execute Startup

Activities Like Starting the Interfaces, Conducting BIT, & Handling the Initialization Message

• Startup Tasks Terminate Themselves Before

Launch After Their Job is Done

UNCLASSIFIED

• 4. & 5 Mission
• The Mission Layer Implements Most of the Mission

Algorithms and Logic Defined as Requirements in the SRS

• Implements All Mission Intelligence (i.e. Guidance,

Autopilot, Missile State Control, etc.)

• Divided into two sub-layers: Mission-Task and

Mission-Algorithm

• Tasks gate algorithms at proper/coordinated periodic rate
• Portable Because it runs on the Virtual Machine

provided by the Mission-Interface Layer below (and some Blk IV Kernel calls for time)

UNCLASSIFIED

• 6. Timing Control
• Provides Timing Control for the Mission-Level

Tasks

UNCLASSIFIED

Layer Naming Conventions

• Mission-Task Layer : “MT” Suffix
• Mission-Algorithm Layer : “MA” Suffix
• Mission-Interface Layer : “MI” Suffix
• Subsystem mnemonic (e.g. ThrstVctrCntrl)
• ThrstVctrCntrlMA
• ThrstVctrCntrlIntfDefs

UNCLASSIFIED

Layer Interface Conventions: Hardware-Interface

• Each interface package exports these procedures:
• Initialize - Called by CommStartup or the “MI” Level
• Functional Procedures to conduct Hardware Operations (i.e.

“FireSquib,” “TurnValveOn,” etc.)

• Since There is no Ada “withing” or Procedure calls up the

Hierarchy, in-coming data is put into queues, then semaphores are “set” to signal the upper layer(s) that message data has arrived

UNCLASSIFIED

Layer Interface Conventions: Mission Interface

• Each interface package exports these procedures:
• Startup - Called by CommStartup Task
• Send<MessageName> One for each message able to be sent
• n the Interface. Parameterless, message

data retrieved from StoreMgr

• Each Interface Subsystem has “InterfaceDefs” Package

for defining Internal interface.

• Each Interface Subsystem has “MessageDefs” Package

for defining External Interface

• Rep clause used to match IRS definition bit-for-bit

UNCLASSIFIED

Startup Mission Interface Hardware Interface

GAINSMI Startup SendInitializationA SendBITRequest

Example: Build-1 Test Sequencer

RunBuild1SequencerTask

Build-1 Test Sequncer

KWMI Startup SendBITRequest SendCryoInitiated TSRMMI SendPositionCmd Startup S2IOMgrMI SendSepWarning SendDownlink Startup SquibIO FireSquib Initialize GasValveIO TurnValveOn Initialize SolenoidIO TurnSolenoidOn TurnSolenoidOff Initialize CommunicationsStartupTask

CommStartup

Started Booleans Started Booleans

Started Boolean Squib Number Solenoid Number Tlm Msg Tlm Msg

StoreMgr

Put Get

Valve Number Started Boolean Solenoid Number Started Boolean Telemetry Put Startup

UNCLASSIFIED

Example: Stage-2 MLI Bus Interface Subsystem

S2IntfcDefs S2MLI Initialize Send RxMsg S2IOMgrMI Startup SendBITMsg SendDownlink S2CCTask Handle SendIMRsp StoreMgr Put TlmMgrMI Put CommStartup S3State ControlMA Rx Msgs BIT Receive_data_words data_words Receive_data_words Get S2Queue Get Put Send Msgs

Mission Algorithms Startup Mission Interface Hardware Interface

Tlm Msgs IM acknowledge data_ words Message Arrived Signal

UNCLASSIFIED

Layer Interface Conventions: Mission-Algorithm Layer

• Each package Exports at least two procedures:
• “Initialize”
• “Update”
• Package Bodies
• In Update Procedure
• First thing - Storemgr.get(<Package_Name>_Input_Record);
• Last Thing - Storemgr.put(<Package_Name>_Output_Record);
• InterfaceDefs Packages
• Should contain definitions for
• <Package_Name>_Input_Record (input from StoreMgr)
• <Package_Name>_Output_Record (output to StoreMgr)
• Types for Instantiating Telemetry Generic (should comply with the

data definitions in Telemetry IRS)

UNCLASSIFIED

Mission-Algorithm/Mission Task Level Example: “Missile Control” Subsystem

QUICCPkg MissileControlMA MissileControlTask AutopilotMA Initialize Update ThrstVctrCntrlMA Initialize Update ACSGasMgmtMA Initialize Update

Mission Tasks Mission Algorithms

TSRMMI SendPositionCmdMsg

Mission Interface

SEMMSLCTRLTASK

QUICCPkg GasValveIO TurnOn

UNCLASSIFIED

Mission-Algorithm Level Example: S3 State Control Subsystem

TlmMgrMI Put QUICCPkg S2CCIOMgrMI SendSepWarn QUICCPkg S3MsnSeqMA S3MsnSeqTask QUICCPkg SolenoidIO TurnOff TurnOn

NOTE: Not all procedures and functions are shown.

Get Put

Mission Tasks Mission Algorithm Mission Interface Hardware Interface

QUICCPkg SquibIO FireSquib QUICCPkg KWMI All Send procedures KWState ControlMA Initialize Update S3StateControlMA Initialize Update TimeToGo QUICCPkg Discretes ExtLogicIsOn

SEMTASKX

StoreMgr

UNCLASSIFIED

Build Approach Using a Layered Architecture

• 1. First build the Interface Layers, Implementing IRS

Requirements

• Test the Interface Implementation
• 2. Build the Skeleton for the Rest of the System (Upper

Layers)

• Verify Task Priorities, etc
• 3. Add the Implementation/Mission Algorithm Details

Incrementally in a series of Builds

• CSCI Qualification Testing

UNCLASSIFIED

Build Sequence Leading to Full Flight Capability

• 1.0 Interfaces
• 1.1 Pre-Launch
• 1.2 Software Architecture Skeleton
• 1.3 Pre-Separation
• 1.4 Missile-Control
• 1.5 Missile-Guidance
• 1.6 KW Preparation and Release

Implement Functions/Algorithms in to Fit Test Schedules

• Order Needed for Flight in this case

UNCLASSIFIED

Build 1.0 - Interfaces

Timing Control Mission Task Startup Mission Interface Hardware Interface

TSRM QUICC KW QUICC GAINS QUICC S2MLI TlmIO Text_IO

Gas ValveIO

Solenoid IO

Mission Algorithm

TVAC GAINS Telemetry Stage 2 EED Board Valves Squibs Solenoids Test Terminal

Hardware

KW Direct Serial MLI Bus Serial Serial Serial Direct Direct Direct Discretes

Discretes

RS-232

Build-1 Sequencer

Comm Startup IM BIT TSRMMI KWMI S2CCIO MgrMI Test Mode

Squib IO

GAINSMI TlmMgrMI

UNCLASSIFIED

Build 1.1 - Pre-Launch

TSRM QUICC KW QUICC GAINS QUICC S2MLI TlmIO Text_IO

Gas ValveIO

Solenoid IO TVAC GAINS Telemetry Stage 2 EED Board Valves Squibs Solenoids Test Terminal KW Direct Serial MLI Bus Serial Serial Serial Direct Direct Direct Discretes

Discretes

RS-232

Build-1 Sequencer

Comm Startup IM BIT TSRMMI KWMI S2CCIO MgrMI Test Mode

Squib IO

GAINSMI TlmMgrMI

Timing Control Mission Task Startup Mission Interface Hardware Interface Mission Algorithm Hardware

UNCLASSIFIED

Build 1.2 - Complete Architecture Skeleton

TSRM QUICC KW QUICC GAINS QUICC S2MLI TlmIO Text_IO

Gas ValveIO

Solenoid IO TVAC GAINS Telemetry Stage 2 EED Board Valves Squibs Solenoids Test Terminal KW Direct Serial MLI Bus Serial Serial Serial Direct Direct Direct Discretes

Discretes

RS-232

Comm Startup IM BIT TSRMMI KWMI S2CCIO MgrMI Test Mode

Squib IO

GAINSMI TlmMgrMI

Missile StateMA Scale TsrmMA GuidanceMA Target StateMA ACSGas MgmtMA ThrstVctr CntrlMA AutopilotMA KWState ContrlMA S3State ControlMA

GPS 100 Hz GPS 10 Hz Missile ControlMT S3Msn SeqMT Missile StateMT Scale TSRMMT Guidance MT Target StateMT Timing Control Mission Task Startup Mission Interface Hardware Interface Mission Algorithm Hardware

UNCLASSIFIED

S3State ControlMA KWState ContrlMA

Build 1.3 - Through Pre-Separation

TSRM QUICC KW QUICC GAINS QUICC S2MLI TlmIO Text_IO

Gas ValveIO

Solenoid IO TVAC GAINS Telemetry Stage 2 EED Board Valves Squibs Solenoids Test Terminal KW Direct Serial MLI Bus Serial Serial Serial Direct Direct Direct Discretes

Discretes

RS-232

Comm Startup IM BIT TSRMMI KWMI S2CCIO MgrMI Test Mode

Squib IO

GAINSMI TlmMgrMI

Missile StateMA Scale TsrmMA GuidanceMA Target StateMA ACSGas MgmtMA ThrstVctr CntrlMA AutopilotMA

GPS 100 Hz GPS 10 Hz Missile ControlMT S3Msn SeqMT Missile StateMT Scale TSRMMT Guidance MT Target StateMT Timing Control Mission Task Startup Mission Interface Hardware Interface Mission Algorithm Hardware

UNCLASSIFIED

S3State ControlMA KWState ContrlMA

Build 1.4 - Missile Control

TSRM QUICC KW QUICC GAINS QUICC S2MLI TlmIO Text_IO

Gas ValveIO

Solenoid IO TVAC GAINS Telemetry Stage 2 EED Board Valves Squibs Solenoids Test Terminal KW Direct Serial MLI Bus Serial Serial Serial Direct Direct Direct Discretes

Discretes

RS-232

Comm Startup IM BIT TSRMMI KWMI S2CCIO MgrMI Test Mode

Squib IO

GAINSMI TlmMgrMI

Missile StateMA Scale TsrmMA GuidanceMA Target StateMA ACSGas MgmtMA ThrstVctr CntrlMA AutopilotMA

GPS 100 Hz GPS 10 Hz Missile ControlMT S3Msn SeqMT Missile StateMT Scale TSRMMT Guidance MT Target StateMT Timing Control Mission Task Startup Mission Interface Hardware Interface Mission Algorithm Hardware

UNCLASSIFIED

S3State ControlMA KWState ContrlMA

Build 1.5 - Missile Guidance

TSRM QUICC KW QUICC GAINS QUICC S2MLI TlmIO Text_IO

Gas ValveIO

Solenoid IO TVAC GAINS Telemetry Stage 2 EED Board Valves Squibs Solenoids Test Terminal KW Direct Serial MLI Bus Serial Serial Serial Direct Direct Direct Discretes

Discretes

RS-232

Comm Startup IM BIT TSRMMI KWMI S2CCIO MgrMI Test Mode

Squib IO

GAINSMI TlmMgrMI

Missile StateMA Scale TsrmMA GuidanceMA Target StateMA ACSGas MgmtMA ThrstVctr CntrlMA AutopilotMA

GPS 100 Hz GPS 10 Hz Missile ControlMT S3Msn SeqMT Missile StateMT Scale TSRMMT Guidance MT Target StateMT Timing Control Mission Task Startup Mission Interface Hardware Interface Mission Algorithm Hardware

UNCLASSIFIED

KWState ContrlMA S3State ControlMA

Build 1.6 (Build 2)- KW Preparation and Release

TSRM QUICC KW QUICC GAINS QUICC S2MLI TlmIO Text_IO

Gas ValveIO

Solenoid IO TVAC GAINS Telemetry Stage 2 EED Board Valves Squibs Solenoids Test Terminal KW Direct Serial MLI Bus Serial Serial Serial Direct Direct Direct Discretes

Discretes

RS-232

Comm Startup IM BIT TSRMMI KWMI S2CCIO MgrMI Test Mode

Squib IO

GAINSMI TlmMgrMI

Missile StateMA Scale TsrmMA GuidanceMA Target StateMA ACSGas MgmtMA ThrstVctr CntrlMA AutopilotMA

GPS 100 Hz GPS 10 Hz Missile ControlMT S3Msn SeqMT Missile StateMT Scale TSRMMT Guidance MT Target StateMT Timing Control Mission Task Startup Mission Interface Hardware Interface Mission Algorithm Hardware

UNCLASSIFIED

SM Block IV Kernel

• Very Small, Fast Task Switch,
• No Ada Tasks, Block IV-Kernel Tasks
• Task scheduling method: fixed priority, preemptive
• Tasks can be preempted by a higher priority task, or an

interrupt

• Good for fast throughput, hard deadlines
• Tasks signal each other via semaphore calls provided by

Blk IV Kernel

• Kernel.Waitfor(Semaphore_Name);
• Kernel.Signal(Semaphore_Name);

UNCLASSIFIED

Task Purpose, Priorities, & Timing

Task Priority Timing Task Priority Timing

Squib Manager 1 Event-Driven Spaces Squib Firings TSRM Motor Scaling 13 10 Hz References Motor Table, generates some Burnout- Reference Guidance Values 100 Hz Task 2 100 Hz, Drives other /100Hz Ttasks Target State 14 10 Hz Maintains Current Data on the Target GAINS I/F 3 Event -Driven,

• n Arrival of GAINS Msg

KW I/F 15 Event -Driven

• n Arrival of KW Msg

Missile State 4 100 Hz Maintains Missile State Data BIT 16 100 Hz, Collects Stage 3 BIT, forward BIT Requests and BIT Reports Missile Control 5 100 Hz Drives 100 Hz Autopilot Components Telemetry 17 50 Hz, Sends Tlm Buffer, Collect Some Telmetry Data TSRM I/F 6 Event -Driven

• n Arrival of TSRM Msg

Guidance 18 10 Hz, Generates the Guidance Acceleratin Vector S3 Mission Sequencer 7 100 Hz Maintains Mission Timeline Testmode 19 Event-Driven,

• n arrival on Testmode Command String

IM Message Processing 8 Event Driven

• n Arrival of IM or IM responses

Menu Task 20 Event Driven,

• n Arrival of Operator Cmnds or Scripts

Build1Sequencer 9 100 Hz Drives Interface Tests Stage 2 I/F 10 Event -Driven

• n Arrival of S2 Msg Msg

Idle Task 21 Always runs when other tasks blocked CommStartup 11 100 Hz Drives Startup Protocols for Interfaces 10Hz Task 12 10 Hz Drives other 10 Hz Tasks

UNCLASSIFIED

Reuse - Algorithms

• Algorithm Reuse by SM3:
• Terrier-Leap Mission Algorithms Reused in Mission Algorithm

Layer

• Autopilot, Guidance, Missile State, Target State, Scale

TSRM, etc.

UNCLASSIFIED

Reuse - Architecture Typing: “Archi-typing”

• Suggest that this Architecture Represents an Archi-

type for Embedded Missile System (EBMS) Software:

• The Architecture Can be Adopted for Reuse in other EBMS

applications

• A Domain Analysis Could Lead to:
• Better Identification of EBMS sub-domains
• A detailed Identification of commonalties and differences

between applications within an EBMS Domain

• These commonalties/differences could be used to

“genericise” the architecture for easier instantiation within a domain