CN103327113A - Design method of fault tolerance communication layer - Google Patents
Design method of fault tolerance communication layer Download PDFInfo
- Publication number
- CN103327113A CN103327113A CN2013102755209A CN201310275520A CN103327113A CN 103327113 A CN103327113 A CN 103327113A CN 2013102755209 A CN2013102755209 A CN 2013102755209A CN 201310275520 A CN201310275520 A CN 201310275520A CN 103327113 A CN103327113 A CN 103327113A
- Authority
- CN
- China
- Prior art keywords
- fault
- tolerant
- data
- sublayer
- layer
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a design method of a fault tolerance communication layer. A communication fault tolerance layer is added between communication controller hardware and application software. The communication fault tolerance layer comprises an application sub layer, a packet filtering sub layer, a fault tolerance sub layer, and an interactive sub layer. Three redundant channels transmit data to a bus communication controller through a bus I/O driver. The data obtained by the bus communication controller is transmitted to the communication fault tolerance layer for processing, and the communication fault tolerance layer transmits upward the processed information to an application program. According to the structure of a strong safe criticality real-time system, the fault tolerance communication layer is added to a communication model, and the accuracy of the safe real-time system is raised.
Description
Technical field
The present invention relates to a kind of communication fault-toleranr technique, particularly a kind of method for designing of fault-tolerant communications layer.
Background technology
The digitlization of physical equipment has formed the trend that is difficult to stop, after bus occurred especially at the scene, networked physical system was followed the high speed development of digitizer and bussing technique thereof and produced.
All there is design defect such as fault-tolerant ability deficiency, asynchronism(-nization) step, pirority inversion in the control system that hard real time is used at secure context.For addressing these problems, academia and industrial quarters are made joint efforts, and have proposed the concept of safety-critical Hard Real Time Systems.Develop rapidly along with Chinese national economy is informationalized, the real-time computer technology is applied in many safety-critical real-time systems (safety critical real time systems, SCRTS) such as Aero-Space, national defence, communications and transportation, the nuclear power energy and health care increasingly extensively.This just requires accuracy and the reliability of system communication, and there is more intense fault-tolerant ability in system.
China scientific research personnel has begun the research of distributed system aspect, but main energy concentrates on the aspects such as the analysis of dcs and modeling, control strategy and controller design, network scheduling, rarely has the scientific research personnel to study for the safety-critical Hard Real Time Systems.
At present, China scientific research personnel studies and uses fault-toleranr technique, but mainly concentrates in the specific environment, such as the fault-tolerant and input tolerant for Chinese in the video communication and the safety of operating system etc.Main fault-toleranr technique is mainly hardware fault-tolerant and software fault-tolerant at present, and hardware fault-tolerant mainly is to utilize redundant hardware cross detection operating result to carry out, and main method is structural redundancy.The method of software fault-tolerant is mainly adaptive N version program design (Adaptive N-Version Programming, abbreviation ANVP), N program of file copy design (N-Copy Programming, abbreviation NCP), Byzantine failure tolerance (the Byzantine fault tolerance with Abstract Specification Encapsulation that encapsulates with abstract specification, abbreviation BASE), duplicate instructions error detector (Error Detection by Duplicated Instructions is called for short EDDI) etc.These technology mainly are used in application layer, compiler and system level.
Present stage, comparatively extensive for the research of the fault-tolerant communications of network-on-chip, mainly be to adopt the algorithm of avoiding mistake or fault, can not guarantee correctness and the stability of real-time security system.
International Organization for Standardization is that unified agreement has been formulated in network service, i.e. OSI-RM ISO/OSI Reference Model.Functional requirement according to communication is divided into seven layers to communication process, has stipulated the function finished and corresponding agreement for every layer.
Summary of the invention
The present invention be directed to network fault tolerance communication can not guarantee real-time system accuracy problem, a kind of method for designing of fault-tolerant communications layer has been proposed, according to the structure of safety-critical Hard Real Time Systems, in traffic model, add the fault-tolerant communications layer, improve the accuracy of real-time security system.
Technical scheme of the present invention is: a kind of method for designing of fault-tolerant communications layer specifically comprises the steps:
1) between communication controler hardware and application software, increases the fault-tolerant layer of communication, the fault-tolerant layer of communicating by letter comprises uses sublayer, packet filtering sublayer, fault-tolerant sublayer, mutual sublayer, three redundant channels are delivered to the bus communication controller by bus I/O driver with data, the data that the bus communication controller obtains are delivered to the fault-tolerant layer of communication carry out fault-tolerant processing after, the fault-tolerant layer of communicate by letter will process afterwards that information upwards is delivered to application program;
2) the fault-tolerant layer of communication definition data structure: data structure comprises required data, the transmission priority of data, the mode bit of marking equipment validity, the data processing mode of device identification ID, practical communication;
3) message that receives is sealed off in mutual sublayer, obtains active data, hands to fault-tolerant sublayer;
4) acquiescence fault-tolerant mode in fault-tolerant sublayer is the fault silent mode, and fault-tolerant sublayer provides function interface, the user can write self-defining fault-tolerant processing pattern by function interface, corresponding data processing mode is called according to the data format sign that receives in fault-tolerant sublayer, carries out analysis and the fault-tolerant processing of data;
5) mode bit of the marking equipment validity that arranged according to fault-tolerant sublayer of packet filtering sublayer filters data, then again filters according to device identification ID;
6) use the sublayer and divide according to the function that device identification ID carries out, and then communicate with corresponding application program.
Fault-tolerant sublayer fault-tolerant processing step in the described step 4): the data based fault-tolerant processing pattern that at first will receive is carried out the selection of pattern and is processed accordingly, then judge the correctness of acquired results, if correctly then call the transmission data, otherwise will send the backup handover operation of instruction; If this operates successfully, and then accept data forwarding to, carry out circular treatment according to above-mentioned flow process, otherwise report an error and finish whole process.
If the mode bit 1 of marking equipment validity in the described step 5), then descriptive information is correct, otherwise zero setting, being abandoned filters out; Device identification ID is the ID of the equipment that needs, then pass through, otherwise message is filtered and throws away.
Beneficial effect of the present invention is: the method for designing of fault-tolerant communications layer of the present invention, between communication controler hardware and application software, set up the fault-tolerant layer of communication, and guarantee correctness and the stability of real-time system.
Description of drawings
Fig. 1 is fault-tolerant communications layer basic framework figure of the present invention;
Fig. 2 is the present device data structure diagram;
Fig. 3 is fault-tolerant processing flow chart of the present invention;
Fig. 4 is the self-defined fault tolerant mechanism tupe of the present invention look-up table schematic diagram.
Embodiment
The basic framework figure of fault-tolerant communications layer adopts the method for designing of horizontal and vertical structure to finish as shown in Figure 1, finishes division and the realization of corresponding function.Indicate among the communication of each module such as Fig. 1, the fault-tolerant layer of wherein communicating by letter is between communication controler hardware and the application software.The fault-tolerant communications layer is divided into four sublayers, uses the sublayer major function for application programming interfaces are provided; Packet filtering sublayer function is for providing packet filtering mechanism; Fault-tolerant sublayer (fault-tolerant subsystem) major function comprising the judgment mechanism that the message instance management is provided, is supported the state information of message for providing fault tolerance required service, comprises acquiescence fault tolerant mechanism and User Defined fault tolerant mechanism etc.; Mutual sublayer (communication subsystem) major function is for providing the transmission service of message example on network, comprising the connectivity problem (such as the byte order difference on the different main frames) that solves different message case representations, the encapsulation of message example/dismounting service is provided, supports the state information of message example.
Definition data structure guarantees its versatility and practicality as required.Fig. 2 is device data structure, the required data DATA and the device identification ID that comprise practical communication, wherein mode bit STATUS_B is the validity of marking equipment, and priority P RIORITY_LEVDL represents the transmission priority of data, and data processing mode DATA_MODULE is data fusion mechanism.Concrete structure is:
TYPEDEF STRUCT {
INT ID;
INT DATA;
INT PRIORITY_LEVDL;
BIT STATUS_B;
STRING DATA_MODULE;\
… …
}
By bus I/O driver data are delivered to the bus communication controller by three redundant channels such as Fig. 1 equipment, then by the controller host interface, will be delivered to from the related data that three redundant channels obtain the go forward side by side processing of line correlation of fault-tolerant communications layer.Continue upwards to transmit through the information after the fault-tolerant processing, at last by arriving application program after the packet filtering.Application program is contrary to the above toward the process that equipment transmits.
Communication subsystem is sealed off the message that receives, and obtains active data, hands to fault-tolerant subsystem.
Fault-tolerant subsystem calls relevant data processing service according to the format denotation of data, carries out the analysis of data and enabling of concrete fault tolerant service.At first to refresh accepting buffering area, what assurance obtained is up-to-date data, then call GET_DATA() obtaining information, obtain to carry out PRO_DATA (ID1, ID2 after the data, ID3) concrete processing, flow process as shown in Figure 3, the data based DATA_MODULE that at first will receive carries out the selection of pattern and processes accordingly, then judges the correctness of acquired results, transmit data if correctly then call SED_DATA, otherwise will send the backup handover operation of instruction.If this operates successfully, and then accept data forwarding to, carry out circular treatment according to above-mentioned flow process, otherwise report an error and finish whole process.ID1 wherein, ID2, ID3 is the sign of the information obtained from three redundant channels.
RECE_DATA( )
{
REFLASH( ) ;
GET_DATA;
PRO_DATA(INSTANCE1.DATA, INSTANCE2.DATA, INSTANCE3.DATA);
SED_DATA;
… …
}
The situation of the design's fault-tolerant sublayer acquiescence is the fault silent mode, when being device fails, equipment quits work or loses its validity, allow that simultaneously the user carries out self-defined error mechanism and error code, for realizing that its function has provided function interface, self-defining processing method is written to Installed System Memory, and the user can carry out according to actual needs self-defined and call, and only needs during use the DATA_MOUDLE of equipment is simply arranged.System carries out calling from inquiry according to DATA_MOUDLE, thereby carries out fault-tolerant processing.User-defined fault-tolerant mode is exactly that the function that DATA_MOUDLE is pointed rewrites.Only need during use to select corresponding handling procedure according to the DATA_MOUDLE look-up table, thereby obtain final result.Concrete structure as shown in Figure 4.
Carry out model selection according to the DATA_MOUDLE in the device structure, thereby carry out fault-tolerant processing, function address required in the fault tolerant service is stored in the device map.
Packet filtering mechanism mainly refers to formulate corresponding message rule, reaches to filter out garbage, thus the purpose of the throughput of raising system.The packet filtering rule mainly is the secondary filter that carry out the information state position after processing by the ID of identification equipment and data, improves the correctness of system.By behind the fault-tolerant sublayer BIT STATUS_B being arranged for the first time.If 1, then descriptive information is correct, otherwise zero setting, the expression data lose practical significance, are abandoned when filtering.Be the filtration of carrying out according to ID for the second time, if the ID of the equipment that needs then passes through, otherwise message thrown away, because this message is not the message that system needs, continues to transmit the resource that only can waste system, reduces the performance of system.
Using the sublayer interface is to divide to finish according to the function that data ID is carried out, and the concrete function of high four bit representations of the ID of device structure body also can be defined as high eight-bit here.Finish voluntarily function definition and the realization of corresponding function according to function.
Claims (3)
1. the method for designing of a fault-tolerant communications layer is characterized in that, specifically comprises the steps:
1) between communication controler hardware and application software, increases the fault-tolerant layer of communication, the fault-tolerant layer of communicating by letter comprises uses sublayer, packet filtering sublayer, fault-tolerant sublayer, mutual sublayer, three redundant channels are delivered to the bus communication controller by bus I/O driver with data, the data that the bus communication controller obtains are delivered to the fault-tolerant layer of communication carry out fault-tolerant processing after, the fault-tolerant layer of communicate by letter will process afterwards that information upwards is delivered to application program;
2) the fault-tolerant layer of communication definition data structure: data structure comprises required data, the transmission priority of data, the mode bit of marking equipment validity, the data processing mode of device identification ID, practical communication;
3) message that receives is sealed off in mutual sublayer, obtains active data, hands to fault-tolerant sublayer;
4) fault-tolerant sublayer acquiescence fault-tolerant processing pattern is the fault silent mode, and fault-tolerant sublayer provides function interface, the user can write self-defining fault-tolerant processing pattern by function interface, corresponding data processing mode is called according to the data format sign that receives in fault-tolerant sublayer, carries out analysis and the fault-tolerant processing of data;
5) mode bit of the marking equipment validity that arranged according to fault-tolerant sublayer of packet filtering sublayer filters data, then again filters according to device identification ID;
6) use the sublayer and divide according to the function that device identification ID carries out, and then communicate with corresponding application program.
2. the method for designing of described fault-tolerant communications layer according to claim 1, it is characterized in that, fault-tolerant sublayer fault-tolerant processing step in the described step 4): the data based fault-tolerant processing pattern that at first will receive is carried out the selection of pattern and is processed accordingly, then judge the correctness of acquired results, if correctly then call the transmission data, otherwise will send the backup handover operation of instruction; If this operates successfully, and then accept data forwarding to, carry out circular treatment according to above-mentioned flow process, otherwise report an error and finish whole process.
3. the method for designing of described fault-tolerant communications layer according to claim 1 is characterized in that, if the mode bit 1 of marking equipment validity in the described step 5), then descriptive information is correct, otherwise zero setting, being abandoned filters out; Device identification ID is the ID of the equipment that needs, then pass through, otherwise message is filtered and throws away.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013102755209A CN103327113A (en) | 2013-07-03 | 2013-07-03 | Design method of fault tolerance communication layer |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013102755209A CN103327113A (en) | 2013-07-03 | 2013-07-03 | Design method of fault tolerance communication layer |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103327113A true CN103327113A (en) | 2013-09-25 |
Family
ID=49195634
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013102755209A Pending CN103327113A (en) | 2013-07-03 | 2013-07-03 | Design method of fault tolerance communication layer |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103327113A (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102801597A (en) * | 2012-08-30 | 2012-11-28 | 北京交通大学 | Ethernet-based train communication network implementation method |
-
2013
- 2013-07-03 CN CN2013102755209A patent/CN103327113A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102801597A (en) * | 2012-08-30 | 2012-11-28 | 北京交通大学 | Ethernet-based train communication network implementation method |
Non-Patent Citations (1)
| Title |
|---|
| 0SEK/VDX: "《Fault-Tolerant Communication》", 《0SEK/VDX,VERSION 1.0》, 24 July 2004 (2004-07-24) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110361979B (en) | Safety computer platform in railway signal field | |
| CN104345717B (en) | Intelligent remote data acquisition system based on Internet of Things | |
| CN205068381U (en) | A secure computer platform for track traffic | |
| CN201740999U (en) | Input and/or output security module for automation equipment | |
| CN201909961U (en) | Redundancy control system | |
| CN103064382B (en) | Optical proximity correction (OPC) embedded-type remote data collecting system and method based on ARM framework | |
| CN101262486B (en) | Modbus bus analysis system based on built-in platform | |
| WO2013131457A1 (en) | Dual-system assembly type industrial robot controller | |
| CN105045164A (en) | Degradable triple-redundant synchronous voting computer control system and method | |
| CN110376876A (en) | A kind of safety computer platform that double systems are synchronous | |
| CN112383457B (en) | Safety slave station system based on CANopen protocol | |
| CN101963798A (en) | Embedded-type rail transit station equipment information collector and method thereof | |
| CN205068032U (en) | Computer control system is decided by vote to synchronization that can demote | |
| CN101931519B (en) | Triple-modular redundancy implementation method based on synchronous communication exchange | |
| CN105334729A (en) | Method for redundancy switch of two independent PLC systems in railway locomotive depot signal control | |
| CN102820994A (en) | Data exchange device and data exchange method for network isolation environment | |
| CN103929424A (en) | Hardware and software combined two-out-three safety data processing and arbitration method and device thereof | |
| CN105005232A (en) | Degradable triple redundancy synchronous voting computer control system and method | |
| CN114237990A (en) | FPGA chip-based two-multiplication redundancy switching method and device | |
| CN107070911A (en) | The method and traffic comprehensive monitoring system of a kind of information transfer | |
| CN102098196A (en) | Data transmission method of blade server | |
| CN104170307B (en) | Failover methods, devices and systems | |
| CN103399807B (en) | Dynamic scene spontaneous recovering method used for triplication redundancy computers | |
| CN104079460A (en) | Inter-board communication component based on POWERLINK technology | |
| CN103327113A (en) | Design method of fault tolerance communication layer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20130925 |