by Dip Goswami, Twan Basten and Samarjit Chakraborty
Correctness, implementation efficiency and good quality of control (QoC) are essential for embedded controllers in cyber-physical systems. Awareness of the implementation platform plays a key role in achieving these goals. Recent results from Eindhoven University of Technology (TU/e) and Technische Universität München (TUM) report substantial improvements in the design of embedded controllers.
Applications in domains such as automotive, avionics, professional printing, electron microscopy, semiconductor litho-graphy, and medical imaging closely interact with physical processes. This interaction between hardware/software (cyber) components and physical processes in this class of cyber-physical systems (CPS) is regulated using feedback controllers. In an embedded implementation (see Figure 1), a feedback controller is realized by one or more tasks (e.g., tasks for sensor reading, control input computation and actuation) that are mapped onto one or more interconnected processors. Embedded platforms and control applications are typically constrained in terms of computation and communication resources, size, power, required latency and throughput, etc. Traditionally, the controller design and its implementation are done in isolation either with idealized assumptions such as instantaneous computation and communication, equidistant sampling, guaranteed message delivery, etc. or with worst-case assumptions on the controlled physical processes, the plant. In today’s constrained embedded realizations for CPS, this may lead to inefficient design solutions, suboptimal QoC, and even violations of functional correctness when the idealized assumptions are not met. To address these problems, recent research at TU/e and TUM advocates the joint design of controllers and their implementation platforms. One key idea is to allocate platform resources to embedded controllers based on the state of the plant.
Figure 1: Control over hybrid communication bus
State-based Resource Allocation
Timing of the feedback signals in a control loop plays a crucial role in QoC. Through time-triggered communication (e.g., TDMA) with perfectly synchronized processors and communication bus (see Figure 1), it is possible to allocate dedicated communication slots. This leads to a predictable communication delay which can potentially be translated into superior QoC. Therefore, time-triggered communication is in high demand in safety-critical application domains. Pure time-triggered communication is, however, typically bandwidth consuming and hence expensive in terms of resource usage, while the availability of time-triggered bandwidth is limited. On the other hand, event-triggered communication (e.g., CAN) induces a priority-driven sharing of bandwidth and, therefore, is bandwidth efficient. It results in variable and occasionally large communication delays. Delay variability in feedback loops degrades QoC and may even lead to violations of functional correctness.
A hybrid communication protocol offers both time-triggered and event-triggered communication. The wide variety of functional and timing requirements in modern distributed systems (e.g., automotive E/E architectures) with mixed-criticality applications makes hybrid protocols (e.g., FlexRay in automotive systems) an attractive communication medium. By appropriately exploiting the advantages of both time-triggered and event-triggered paradigms, it is possible to achieve higher QoC within given constraints on time-triggered bandwidth.
The idea of state-based resource allocation is to map the feedback signals in a control loop dynamically to time-triggered and event-triggered implementations depending on the state of the plant being controlled . Multiple control loops may share common time-triggered bandwidth where each loop has its own event-triggered bandwidth; only one loop can use the time-triggered bandwidth at any given point in time. The question then is which loop should have access to the time-triggered bandwidth. Upon the occurrence of a disturbance (i.e., an unpredicted change in one or more physical parameters), the system undergoes a state change, referred to as a transient. During this transient state, a control loop needs better quality of feedback (i.e., shorter delay, less jitter) for faster disturbance rejection. Hence, a loop which is in a transient state requests access to the time-triggered bandwidth. On the other hand, when the system is in steady state, it uses event-triggered bandwidth. A number of experiments conducted at TUM indicate significant improvement in QoC for a given time-triggered bandwidth . The gains depend on the setup, in particular the used sharing policy and the criticality levels of the control loops.
The need for correct and efficient embedded controllers with good QoC for cyber-physical systems necessitates further developments. Control theory needs to be extended to take into account the platform constraints of the embedded electronics . Platform design needs the development of QoC-aware resource-allocation strategies . But, most importantly, we need a general theoretical and conceptual framework for multi-objective and multi-domain design with techniques from both control theory and real-time embedded systems.
 Masrur et al.: “Timing analysis of cyber-physical applications for hybrid communication protocols” DATE 2012, IEEE
 Heemels et al.: “An introduction to event-triggered and self-triggered control” CDC 2012, IEEE.
 Aminifar et al.: “Control-quality driven design of cyber-physical systems with robustness guarantees” DATE 2013, IEEE.
TU/e, the Netherlands
Tel: +31 40 247 5782
Tel: +49 89 289 23551