èŠ‚ç‚¹æ–‡çŒ®

ARINC 659é€šä¿¡æ€»çº¿çš„è®¾è®¡ä¸Žå®žçŽ°

Design and Implement Based ARINC 659 Bus

åˆ†é¡µä¸‹è½½
åˆ†ç« ä¸‹è½½
æ•´æœ¬ä¸‹è½½
åœ¨çº¿é˜…è¯»
ä¸æ”¯æŒè¿…é›·ç‰ä¸‹è½½å·¥å…·ï¼Œè¯·å–æ¶ˆåŠ é€Ÿå·¥å…·åŽä¸‹è½½ã€‚

ã€ä½œè€…ã€‘ åˆ˜æµ·æ—ï¼›

ã€ä½œè€…åŸºæœ¬ä¿¡æ¯ã€‘ åŒ—äº¬äº¤é€šå¤§å¦ ï¼Œ äº¤é€šä¿¡æ¯å·¥ç¨‹åŠæŽ§åˆ¶ï¼Œ 2010ï¼Œ ç¡•å£«

ã€æ‘˜è¦ã€‘ å®‰å…¨è®¡ç®—æœºå¹³å°ä½œä¸ºå®‰å…¨è‹›æ±‚ç³»ç»Ÿçš„é‡è¦éƒ¨åˆ†,CBTCç³»ç»Ÿä¸åŒºåŸŸæŽ§åˆ¶å™¨ZCå’Œæ•°æ®å˜å‚¨å•å…ƒDSUçš„åº”ç”¨è½¯ä»¶éƒ½åŠ è½½åœ¨å®‰å…¨è®¡ç®—æœºå¹³å°ä¸Šã€‚ZCåŒºåŸŸå†…çš„æ‰€æœ‰åˆ—è½¦çš„è½¦è½½æŽ§åˆ¶å™¨å°†åˆ—è½¦çš„ä½ç½®å’Œé€Ÿåº¦ä¿¡æ¯å‘å¾€å®‰å…¨è®¡ç®—æœºå¹³å°ä¸Šçš„ZCåº”ç”¨ç¨‹åºã€‚å¸¸è§„é€šä¿¡æ‰€ä½¿ç”¨çš„ç¡¬ä»¶å’Œè½¯ä»¶çœ‹ä½œé»‘è‰²é€šé“,ä¿¡æ¯åœ¨é»‘è‰²é€šé“ä¸ä¼ è¾“æ—¶å¯èƒ½å¯¼è‡´é”™è¯¯æˆ–è€…æ•…éšœçš„ä¸»è¦åŽŸå› æœ‰éšæœºé”™è¯¯ã€ç¡¬ä»¶æ•…éšœå’Œå› è½¯ç¡¬ä»¶é—®é¢˜è€Œå¯¼è‡´çš„ç³»ç»Ÿå¤±æ•ˆ,è¿™äº›éƒ½ä¼šå¯¼è‡´é€šä¿¡çš„å®‰å…¨é£Žé™©,è€Œä¸”ä¸€ä¸ªé”™è¯¯æˆ–è€…æ•…éšœå¾€å¾€å¯¼è‡´å¤šä¸ªå®‰å…¨é£Žé™©ã€‚å®‰å…¨è®¡ç®—æœºä¸Šæ‰¿è½½çš„å„ç§é‡è¦ä¿¡æ¯,è¦æ±‚ç³»ç»Ÿä¸ä½†è¦æ‹¥æœ‰é«˜æ•ˆã€å‡†ç¡®çš„è¿è¡Œèƒ½åŠ›,è¿˜éœ€å¾ˆé«˜çš„é€šä¿¡å®‰å…¨æ€§å’Œå¯é æ€§ã€‚ä¸ºäº†ç¡®ä¿å®‰å…¨è®¡ç®—æœºå¹³å°æ•°æ®å®‰å…¨,é€šä¿¡æ€»çº¿æ˜¯å…³é”®å› ç´ ã€‚åªæœ‰åœ¨é€šä¿¡æ€»çº¿å¯é çš„åŸºç¡€ä¸Š,ç ”ç©¶æŠ€æœ¯å®žçŽ°çš„ç»†èŠ‚æ‰æœ‰æ„ä¹‰ã€‚è®ºæ–‡ä»¥èˆªç©ºæ€»çº¿ARINC 659èˆªç©ºèƒŒæ¿é€šä¿¡æ€»çº¿åè®®æ ‡å‡†ä¸ºä¾æ®,åˆ†æžäº†å®‰å…¨è‹›æ±‚ç³»ç»Ÿçš„æ•…éšœå®‰å…¨é€šä¿¡éœ€æ±‚ã€‚é€šè¿‡å¯¹æ¯”å„ç§é€šä¿¡æ€»çº¿çš„ä¼˜ç¼ºç‚¹,é€‰å–äº†ARINC659èˆªç©ºèƒŒæ¿é€šä¿¡æ€»çº¿åè®®æ ‡å‡†ä½œä¸ºæœ¬æ–‡è®¾è®¡çš„åŸºç¡€ã€‚åœ¨åˆ†æžé€šä¿¡æ€»çº¿ç»“æž„çš„åŸºç¡€ä¸Š,è®¾è®¡å¹¶å®žçŽ°äº†åŸºäºŽARINC 659çš„é€šä¿¡æ€»çº¿åè®®æ–¹æ¡ˆã€‚è®ºæ–‡è®¾è®¡çš„é€šä¿¡æ€»çº¿æ˜¯ä»¥é«˜å¯é æ€§ã€æ—¶é—´ç¡®å®šæ€§ä¸ºé‡ç‚¹ã€‚è®ºæ–‡è¯¦ç»†ä»‹ç»äº†ä¿è¯é«˜å®¹é”™æ€§ã€å’Œæ—¶é—´ç¡®å®šæ€§è°ƒåº¦ç–ç•¥çš„å…·ä½“åŠŸèƒ½å®žçŽ°æ–¹æ³•ã€‚ä»¥å®¹é”™ç»“æž„å’ŒåŒæ€»çº¿äº¤å‰æ£€æµ‹æ–¹å¼æ¥ä¿è¯é€šä¿¡æ€»çº¿çš„é«˜å¯é æ€§ï¼›ä»¥TDPA(è¡¨é©±åŠ¨æ¯”ä¾‹è®¿é—®æœºåˆ¶)æ¥ä¿è¯äº†é€šä¿¡çš„æ—¶é—´ç¡®å®šæ€§ã€‚é€šä¿¡IPæ ¸åŸºäºŽå¯ç¼–ç¨‹é€»è¾‘è®¾è®¡ä¸Žå®žçŽ°ã€‚ä½¿ç”¨å¯ç¼–ç¨‹é€»è¾‘ä¸ä»…å¯ä»¥ç¼©å‡ç”µè·¯çš„ä½“ç§¯,æé«˜ç”µè·¯çš„ç¨³å®šæ€§,è€Œä¸”å…ˆè¿›çš„å¼€å‘å·¥å…·ä½¿æ•´ä¸ªç³»ç»Ÿçš„è®¾è®¡è°ƒè¯•å‘¨æœŸå¤§å¤§ç¼©çŸã€‚åœ¨å®žçŽ°è¿‡ç¨‹ä¸,å°†é€šä¿¡IPæ ¸åˆ’åˆ†ä¸ºä¸åŒçš„åŠŸèƒ½åæ¨¡å—,å¯¹æ¯ä¸ªåæ¨¡å—è¿›è¡Œè®¾è®¡ä¸Žå®žçŽ°,å¹¶ä¸”å¯¹ä»¿çœŸç»“æžœè¿›è¡Œåˆ†æž,ä¿è¯å…¶è®¾è®¡åŸºæœ¬æ£ç¡®ã€‚ä»¿çœŸéªŒè¯åªèƒ½ä¿è¯é€šä¿¡IPæ ¸çš„ä»¿çœŸç»“æžœæ£ç¡®,ä¸ºäº†é¿å…å˜åœ¨æ½œåœ¨çš„è®¾è®¡é”™è¯¯,è®ºæ–‡åˆ©ç”¨åŸºäºŽæ–è¨€çš„æ–¹æ³•(Property Specification Language, PSL)å¯¹é€šä¿¡IPæ ¸è¿›è¡Œå½¢å¼åŒ–éªŒè¯,å¯¹å…¶å†…éƒ¨è®¾è®¡çš„æ£ç¡®æ€§å’Œå®Œæ•´æ€§è¿›è¡Œæ£€éªŒã€‚å¦‚æžœæ–è¨€å¤±è´¥,å‘çŽ°è®¾è®¡é”™è¯¯æ—¶,å¯¹æ£€éªŒå‡ºçš„è®¾è®¡é”™è¯¯è¿›è¡Œåˆ†æžã€ä¿®æ”¹ã€‚å†è¿›è¡Œæ–°çš„éªŒè¯,ç›´åˆ°å½¢å¼åŒ–éªŒè¯è¯æ˜Žå…¶è®¾è®¡æ²¡æœ‰æ½œåœ¨çš„è®¾è®¡ç¼ºé™·ä¸ºæ¢ã€‚è®ºæ–‡ç»“æžœè¡¨æ˜Ž,å¯¹äºŽåŸºäºŽå¯ç¼–ç¨‹é€»è¾‘è®¾è®¡çš„é€šä¿¡æ€»çº¿,åˆ©ç”¨æ–è¨€å¯¹è®¾è®¡è¿›è¡Œå½¢å¼åŒ–éªŒè¯,å¯ä»¥æ£€éªŒå‡ºä»¿çœŸæ— æ³•æ£€éªŒå‡ºçš„é”™è¯¯,ä¿è¯å…¶è®¾è®¡çš„å®Œæ•´æ€§å’Œæ£ç¡®æ€§,ä»Žè€Œå¾—åˆ°ä¸€ä¸ªæ— è®¾è®¡ç¼ºé™·ã€å¯é çš„é€šä¿¡æ€»çº¿ã€‚æ›´å¤š è¿˜åŽŸ

ã€Abstractã€‘ As an important part of safety critical system, safe computing platforms have been loaded some application software, such as Zone Controller (ZC) and Data Service Unit (DSU). Vehicle on-board controllers of all trains within the bounds of ZC send train position and speed to ZC application program on safe computing platforms.Hardware and software for conventional communications are considered as black channel. When information transmitted in black channel caused errors or failures, the main reasons are random errors, hardware failures and system failures caused by hardware problems, which can lead to communication security risk, and an error or failure often leads to more security risks. Variety of important information on safe computer not only requires the system to have efficient and accurate operational capabilities, but also needs high communication security and reliability. Communications bus is a key factor to ensure data security on safe computing platforms. Only base on reliable communication bus, it is meaningful to research the implementation of technical details.Based on communication bus protocol standards of aviation backplane in ARINC Specification 659, the paper analyzes the needs of fail-safe communications of safety critical system. By comparing the advantages and disadvantages of various communication buses, ARINC Specification 659 is selected as the basis for this article. Protocol programs based on ARINC 659 are designed and realized in the basis of analyzing communication bus architecture.Communication bus is focus on high reliability time deterministic. The way to implementation of specific functions of scheduling strategy to ensure high fault tolerance and time deterministic is given in detailed in this paper. Fault-tolerant structure and dual bus cross-monitoring is to ensure high reliability of the communication bus, TDPA(Table Driven Proportional Access) is to ensure time deterministic of communication.Communication IP core is designed and realized based on programmable logic, which not only reduces the volume of circuit and improves the stability of the circuit, but also greatly reduces the design and debugging cycles of the whole system by this advanced development tools. In the implementation process, communication IP core is divided into different functional sub-module, by design and implementation of each sub-module and analysis of simulation results to ensure the basic correctness of design.The simulation can only ensure the result correct. The formal verification of the platform is based on assert by PSL (Property Specification Language). In order to avoid the potential design errors, use PSL to validate communication IP core, make formal verification of the validity and integrality of the compare core design. When the assert fail, the error can be detected. Analyze the error and modify the design, then simulate it again. After simulation, make formal verification again, until there is no potential design error.The paper shows that, for the design of communication bus based on programmable logic, it can test out the mistakes that the simulation can not discover by the use of assertions for formal verification in design and ensure the completeness and correctness of design, finally, a no design flaws and reliable communication bus is obtained.æ›´å¤š è¿˜åŽŸ

ã€å…³é”®è¯ã€‘ ARINC 659ï¼› å®¹é”™ï¼› TDPAï¼› FPGAï¼› å½¢å¼åŒ–éªŒè¯ï¼› PSLï¼›
ã€Key wordsã€‘ ARINC 659ï¼› Fault-tolerantï¼› TDPAï¼› FPGAï¼› Formal Verificationï¼› PSLï¼›

ã€ç½‘ç»œå‡ºç‰ˆæŠ•ç¨¿äººã€‘ åŒ—äº¬äº¤é€šå¤§å¦

ã€åˆ†ç±»å·ã€‘TP336
ã€è¢«å¼•é¢‘æ¬¡ã€‘5
ã€ä¸‹è½½é¢‘æ¬¡ã€‘326
æ”»è¯»æœŸæˆæžœ

çŸ¥ç½‘èŠ‚ä¸‹è½½

èŠ‚ç‚¹æ–‡çŒ®ä¸ï¼š

æœ¬æ–‡é“¾æŽ¥çš„æ–‡çŒ®ç½‘ç»œå›¾ç¤º:

æœ¬æ–‡çš„å¼•æ–‡ç½‘ç»œ

èŠ‚ç‚¹æ–‡çŒ®