In this blog, I will cover some tools to improve reliability and accuracy of data reception when using sender/receiver ports. AUTOSAR sender/receiver ports provide several configurations for improving reliability and accuracy. Two of which I will expand on are invalidation policy and queued communication. Invalidation policies are used for flagging data as unreliable and queued communication provides a means of storing and ordering received data to prevent data loss.
Sender/receiver ports have two attributes: a data element and an invalidation policy. The data element (VariableDataPrototype) contains the data being provided and the invalidation policy manages data reliability (figure 1). There are several reasons data can be flagged as unreliable. The most common reasons are that an update to the data element hasn’t been received within a timeout threshold, the data element value is outside a valid expected range, or the system entered an error state in which the data is unreliable. There are three options when invalidating these ports: keep, replace, and don’t invalidate.
The don’t invalidate policy will never change the status or data. The replace policy will replace your data element with an invalid value set up by the architect and set the status to an invalid status. This is typically used when communicating with a component that is not checking the status, or a default value is required. The keep policy will keep the last known good value in the data element, but change the status to an invalid status. This is typically used when the receiving component is actively checking the status or when a component still requires the last known good value.
By utilizing these invalidation policies you are able to prevent using outdated, out of range, or inaccurate data. The use of the invalidation status provides us with more reliable communication between components. For example, if a controller loses communication with other controllers and the invalidation policy is set to keep, the status will change to an invalid status alerting the component of the communication loss and keep the previous value sent.
While invalidation policies help us determine whether or not to trust the data, queues offer a means of ensuring all data is received. Sender/receiver ports have the ability to communicate through a queue at the RTE Layer. When two components are running at two different time steps there is the potential to lose data. To make sure all data is received and in order, the ports can be set up to use a queue. For example, Component A could be running every 40ms and send data to Component B which runs every 80ms. This would cause two time steps of output from Component A, but Component B will only read the latest one. Queueing the communication will prevent the loss of any data up to the size configured. When Component B runs it can empty the queue in order and process the data without any loss. A similar situation occurs when data is too large to fit into one message and is spanned across multiple messages. For example, sending 3 messages in 10ms intervals while the receiving component runs on an 80ms cycle will lose data without a queue. When using a queue, the receiver can read all three messages and process them in order at its scheduled time.
AUTOSAR allows for multiple senders to one receiver. Having a standard connection between the components could cause a race condition. Imagine we have Sender 1 and Sender 2. They both send to the receiving component running every 80ms (figure 2). If Sender 1 sends its message at time 67ms and Sender 2 doesn’t send until 73ms, the receiver will only read the message from Sender 2, because it was the most recent. When you set up a queued interface between the two senders and the receiver, you are able to keep your data in order and process all of your data when your receiving component is ready (figure 3).
In closing, we have covered how to configure sender/receiver ports in AUTOSAR to improve data reception reliability and accuracy. Just to recap – the two ways expanded on were the invalidation policy and queued communication. The invalidation policy allows us to flag certain data as unreliable and queued communication provides us a means to prevent the loss of data by storing and ordering the data received by one or multiple senders.
More from my site