[Oberon] Oberon as (embedded) rtos.

Frans-Pieter Vonck fp at vonck.nl
Mon Nov 12 13:42:23 CET 2018 

> They use the rtos Vxworks for flight systems and that has a message
> que between tasks
Nasa uses vxworks (closed source)
ESA uses RTEMS (open source)
https://www.rtems.org/

RTMES in combination with ADA
https://devel.rtems.org/wiki/TBR/UserManual/RTEMSAda
http://beru.univ-brest.fr/~singhoff/ENS/USTH/TP/tp.html#Ref1.1

Greets,
F.P.


Frans-Pieter Vonck schreef op 2018-11-12 12:27:
> Also interesting, the JPL Rule for inter process communication.
> 
> from: https://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf
> ---------------------------------------------------------------------------
> Rule 6 (inter-process communication)
> 
> An IPC mechanism should be used for all task communication. Callbacks
> should be avoided. No task should directly execute code or access data
> that belongs to a different task. All IPC messages shall be received at 
> a
> single point in a task.
> 
> 
> Communication and data exchanges between different tasks (modules) in
> the system are
> best performed through a disciplined use of IPC (inter-process 
> communication)
> messaging. IPC messages should then contain only data, preferably no
> data pointers, and
> never any function pointers. Each task or module should maintain its
> own data structures,
> and not allow direct access to local data by other tasks. This style
> of software architecture
> is based on principles of software modularity, data hiding, and the
> separation of concerns
> that can avoid the need for the often more error-prone use of
> semaphores, interrupt
> masking and data locking to achieve task synchronization
> ----------------------------------------------------
> 
> 
> Found in System Oberon, message handlers!
> Now the question is how this message model is implemented in C++ by 
> JPL.
> They use the rtos Vxworks for flight systems and that has a message
> que between tasks
> See code below (From:
> https://www.uio.no/studier/emner/matnat/fys/FYS4220/h11/undervisningsmateriale/laboppgaver-rt/VxWorks-6.2_Application_Programmers_Guide.pdf)
> 
> /* In this example, task t1 creates the message queue and sends a 
> message
> * to task t2. Task t2 receives the message from the queue and simply
> * displays the message.
> */
> /* includes */
> #include <vxWorks.h>
> #include <msgQLib.h>
> /* defines */
> #define MAX_MSGS (10)
> #define MAX_MSG_LEN (100)
> MSG_Q_ID myMsgQId;
> 
> task2 (void)
> {
>   char msgBuf[MAX_MSG_LEN];
>   /* get message from queue; if necessary wait until msg is available 
> */
>   if (msgQReceive(myMsgQId, msgBuf, MAX_MSG_LEN, WAIT_FOREVER) == 
> ERROR)
>   return (ERROR);
>   /* display message */
>   printf ("Message from task 1:\n%s\n", msgBuf);
> }
> 
> #define MESSAGE "Greetings from Task 1"
> task1 (void)
> {
>    /* create message queue */
>    if ((myMsgQId = msgQCreate (MAX_MSGS, MAX_MSG_LEN, MSG_Q_PRIORITY))
>       == NULL)
>       return (ERROR);
>    /* send a normal priority message, blocking if queue is full */
>    if (msgQSend (myMsgQId, MESSAGE, sizeof (MESSAGE), WAIT_FOREVER,
>    MSG_PRI_NORMAL) == ERROR)
>    return (ERROR);
> }
> 
> 
> 
> Paul and Chris,
> Oberon in Space?
> http://flightsoftware.jhuapl.edu/
> 
> Greets,
> F.P.
> 
> 
> 
> Chris Burrows schreef op 2018-11-12 08:12:
>>> -----Original Message-----
>>> From: Oberon [mailto:oberon-bounces at lists.inf.ethz.ch] On Behalf Of
>>> Paul Reed
>>> Sent: Monday, 12 November 2018 12:26 AM
>>> To: ETH Oberon and related systems
>>> Subject: Re: [Oberon] Oberon as (embedded) rtos.
>>> 
>>> > https://en.wikipedia.org/wiki/Rate-monotonic_scheduling#cite_note-
>>> 12
>>> > ..."What really happened on Mars Rover Pathfinder"
>>> > http://www.rvs.uni-
>>> bielefeld.de/lectures/TechInf/TI2/download/19.49-1.
>>> > 1.ht
>>> > ml
>>> > ...Some lessons learned...
>>> > https://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf
>>> 
>>> Thanks, nice reading!  It reminded me that Chris Burrows has already
>>> pointed out how much you need to do of MISRA-C when writing in C,
>>> which with Oberon you get out-of-the-box.
>>> 
>> 
>> Thanks for remembering, Paul!
>> 
>> For those who were not fortunate enough to be able to attend Oberon 
>> Day 2011
>> this is a summary of my attempts to get some measure of the 
>> comparative
>> reliability of C and Oberon-07 when used for embedded software 
>> development.
>> 
>> From Wikipedia: "MISRA C is a set of software development guidelines 
>> for the
>> C programming language developed by MISRA (Motor Industry Software
>> Reliability Association). Its aims are to facilitate code safety, 
>> security,
>> portability and reliability in the context of embedded systems"
>> 
>> I took the 142 rules of the MISRA-C:2004 "Guidelines for the use of 
>> the C
>> language in critical systems" and applied them to Oberon-07. I 
>> discovered
>> that more than 70% of the rules are NOT required when programming in
>> Oberon-07. They are either already enforced by the language or are not
>> applicable.
>> 
>> Examples of MISRA rules that are not applicable to Oberon-07:
>> 
>>   Rule 14.4: The goto statement shall not be used. (Oberon-07 does not 
>> have
>> GOTO)
>> 
>>   Rule 14.5: The continue statement shall not be used. (Oberon-07 does 
>> not
>> have CONTINUE)
>> 
>> Examples of MISRA rules that are enforced by the design of Oberon-07:
>> 
>>   Rule 14.7: A function shall have a single point of exit at the end 
>> of the
>> function.
>> 
>>   Rule 16.6: The number of arguments passed to a function shall match 
>> the
>> number of parameters.
>> 
>> The remaining 30% of MISRA rules would need to be followed if using
>> Oberon-07 for critical systems. They include:
>> 
>>   Rule 2.4 (advisory): Sections of code should not be "commented out".
>> 
>>   Rule 20.4: Dynamic heap memory allocation shall not be used.
>> 
>> More information about MISRA and their guidelines can be found on 
>> their
>> website:
>> 
>>   www.misra.org.uk
>> 
>> Regards,
>> Chris Burrows
>> CFB Software
>> http://www.astrobe.com
>> 
>> 
>> --
>> Oberon at lists.inf.ethz.ch mailing list for ETH Oberon and related 
>> systems
>> https://lists.inf.ethz.ch/mailman/listinfo/oberon
> --
> Oberon at lists.inf.ethz.ch mailing list for ETH Oberon and related 
> systems
> https://lists.inf.ethz.ch/mailman/listinfo/oberon

More information about the Oberon mailing list