OpenComRTOS

Overview

OpenComRTOS is a network-centric RTOS (Real-time operating system) that was developed using Formal Methods. It has features like the capability to support heterogeneous multi-processor systems in a transparent way, independently of the processor type (16bit, 24bit, 32bit, 64bit) and the communication medium (shared memory, buses, point-to-point links or virtual links on top of existing communication mechanisms). Typical code size on a 32bit target processor is about 5 KiBytes. OpenComRTOS is based on the meta-modelling paradigm of Interacting Entities. In OpenComRTOS the unit of execution is a "Task" (a function with its local workspace or stack). Task entities synchronise and communicate using intermediate "Hubs" entities that are decoupled from the interacting Tasks. Hubs are formally modelled as "Guarded Actions". The current implementation provides the functionality of traditional RTOS services like Events, Semaphores, Ports, FIFOs, Resources, Packet Pools and Memory Pools. The user can also create his own Hub types. OpenComRTOS uses a uniform architecture with a Kernel Task, driver Tasks and application Tasks, each having a Task input Port. The same interface is used for the Interrupt Service Routines. The underlying architecture relies on the use of prioritised Packet switching with communication and routing being part of the underlying system services. One of the results is that the source code of the Tasks is independent of the mapping of Tasks and Hubs to the processing nodes in the target system.

History

The initial purpose for developing OpenComRTOS was to provide a software runtime environment supporting a coherent and unified systems engineering methodology based on Interacting Entities. This was originally developed by Open License Society since 2005, and since 2008 further developed and commercialised by Altreonic. A previously developed RTOS called Virtuoso served as a guideline. Virtuoso was a distributed RTOS, developed by Eonic Systems until the technology was sold to Wind River Systems in 2001. Its overall functionality of transparent parallel processing (called the Virtual Single Processor runtime model) was a major driving force to redevelop it in a better way. OpenComRTOS is conceptually a fourth generation of Virtuoso although it was a clean room development. The Virtuoso RTOS had its origin in the pioneering INMOS Transputer, a partial hardware implementation of C.A.R. Hoare's Communicating Sequential Processes (CSP) process algebra. Most challenging applications:

1. Oil exploration system with 12000 processors featuring microcontrollers, fixed point and floating point DSPs and a Linux host in a single network.
2. Sonar system with 1600 floating point DSPs.
3. Rosetta and Giotto ESA space missions.
4. Converting a 400000 lines application running on a POSIX style RTOS to OpenComRTOS.

Formal Development Approach

For the development of OpenComRTOS a systematic but iterative engineering process was followed. Requirements and specifications being defined, models were developed in Leslie Lamport's Temporal logic of actions (TLA+) and then model checked with the corresponding TLC model checker. Based on these models, the code was written and then a third person created new models in TLA+ to verify that the implementation was still isomorphic. The timer and associated time-out functionality for services were model checked using the Uppaal Model Checker. In 2011 Springer published the book on the OpenComRTOS project.

OpenComRTOS Designer: Development Environment and Tools

OpenComRTOS comes with a number of tools. Visual Designer is a visual modelling environment whereby the user specifies node topology and application topology in a graphical way. From these diagrams an application specific runtime model is generated. Application specific code is provided in ANSI-C for each task. Runtime execution as well as inter-processor interactions are visualised using the Event Tracer. A System Inspector allows to read out and modify the datastructures. Additional modules are hostserver modules (these allow any task access to the host node services) and a Safe Virtual Machine for C. The latter requires about 3 KiBytes (10 KiBytes for program and data) and allows to dynamically download binary compiled c code at runtime.

Portability

OpenComRTOS was developed for embedded systems and is written in portable ANSI-C, except the context switch and ISR interfaces. OpenComRTOS has been ported to the following targets: Freescale PowerPC, Texas Instruments C66xx DSP, Melexis MLX16, ARM Cortex M3/4, Xilinx MicroBlaze, LEON3, NXP CoolFlux DSP and to MS-Windows and Linux. The latter versions allow transparent integration of host nodes and serve as well cross development and simulation systems. As the RTOS kernel is identical for single or multi-processor nodes, supporting a multi-processor system requires only to write a small task level driver that can send and receives Packets.

OpenComRTOS is made available in binary, source code and Open Technology licenses. The latter provides formal models, design documents, source code and test suites.