The requirement for flexible operation is becoming increasingly important in many embedded systems domains. The purpose varies according to the specific systems, for example, to support evolving requirements, simplify maintenance and repair, improve efficiency in using system resources and adapt to varying environmental conditions. Examples of systems where this level of flexibility is important range from production cells that must be reconfigured promptly, to planes that must reconfigure upon a hazard, cars that operate under variable weather and traffic conditions and which have systems that operate occasionally, mobile robots that move within environments of varying complexity, autonomous devices that must maximize battery lifetime and radar systems that must cope with highly variable number of detected objects, web servers that receive variable requests and must deliver a minimum quality of service.
However, many of the systems referred before exhibit critical timeliness and safety requirements, or are subject to quality of service contracts that conflict with flexibility. In fact, once flexible operation is allowed and the system load can change on-line, then common design techniques used to enforce timeliness and safety at design time with a known load will no longer be adequate. Therefore, on-line mechanisms are sought to perform admission control, provide dynamic fault-tolerance and manage dynamically the quality of service. Moreover, given the fact that a large part of the referred systems is distributed, the network plays nowadays a fundamental role to support such mechanisms. Adequate protocols must be used that manage the communication requirements on-line and adapt to varying load conditions while still providing a timely and safe behavior.
In this talk we will address the conflicts at the network level between operational flexibility on one side and timeliness and safety on the other. We will then visit two related lines of work namely (Re)CANcentrate and the Flexible Time-Triggered paradigm. The former proposes a star topology for CAN networks that boosts error confinement and fault-tolerance while the latter provides a synchronous framework for traffic control, currently over CAN and Ethernet, that is amenable to on-line reconfiguration and adaptation with guaranteed timeliness and allows combining different types of traffic with mutual isolation. The talk will end with a few examples of practical applications.