A Real-Time Primary-Backup Replication Service
IEEE Transactions on Parallel and Distributed Systems
Live Upgrades of CORBA Applications Using Object Replication
ICSM '01 Proceedings of the IEEE International Conference on Software Maintenance (ICSM'01)
Retrofitting networked applications to add autonomic reconfiguration
DEAS '05 Proceedings of the 2005 workshop on Design and evolution of autonomic application software
A design pattern for using non-developmental items in real-time Java
JTRES '07 Proceedings of the 5th international workshop on Java technologies for real-time and embedded systems
Issues in applying a model driven approach to reconfigurations of satellite software
Proceedings of the 1st International Workshop on Hot Topics in Software Upgrades
Hi-index | 0.00 |
Fielded real-time systems including many defense systems, manufacturing plants and commercial aircraft avionics typically have long lifetimes ranging from a few years to even a few decades. Available technologies, system needs and customer goals change over this lifetime, and changes to a deployed system become very desirable. We argue that such evolution must and can be supported with new system abstractions, and that real-time systems designed with these abstractions can be evolved and incrementally tested. We present two possible run-time abstractions which can act as basic building blocks to construct "evolvable real-time systems". These building blocks can be used to evolve deployed systems in general and real-time systems in particular. First, the replaceable unit abstraction alloys an existing software module to be replaced online by another module with similar or enhanced functionality. Such replacement is transparent to the rest of the system. Secondly, the "cell" abstraction represents a protected module which cannot be harmed by other modules. Based on this notion is an "extensible cell", which allows a deployed module to be extended functionally without the fear of hurting its (fully certified) functionality even when the extensions can fail in unexpected ways. These two abstractions have been implemented in a real-time POSIX testbed used in the Simplex architecture and our findings are reported. Both abstractions are built on the Real-Time Publisher/Subscriber communication model with modifications necessitated by safe evolutionary requirements. We conclude that guaranteed enforcement of the semantics of these two building blocks can only be provided using operating system enforced resource reservation and communication rights.