Thursday, November 24, 2011

System Synchronization: Comparing SAE AS6802 and IEEE1588 Capabilities

Network capabilities impact system architecture and embedded application design. Global time and clock alignment in distributed systems is essential for design of embedded systems, distributed (also M2M) communication and controls. Minimimum jitter and latency variability simplify design of control applications, help to reduce the complexity and size of software code, and simplify system integration and maintenance. 
For system designer, the synchronization simplifies sensor fusion, distributed processing and redundancy management. It narrows the number of possible outcomes and helps to predict system behavior under different loads or faults. The system synchronization supports design of deterministic systems and reduces the complexity of critical embedded systems. 
This is true as long as synchronization capabilities are a part of the solution, and not contributing to design and integration challenges. The mechanism for synchronization can be more or less reliable or perform differently under different scenarios. As synchronization is tightly related to system operation, its properties can influence distributed functions integrated in one system.

Comparing IEEE1588 and SAE AS6802 
IEEE1588 distributes external clock source (world clock) timestamps in Ethernet networks, while SAE AS6802 aligns local clocks in the system to some precision (┬Ás). They are created by different communities of engineers with different target applications in mind.

For critical embedded applications, it is essential to take into account synchronization topics which are not considered in non-critical applications. Clocking sources can dissappear(and come back) transiently, provide wrong time, time sources can be interpreded differently by different time users, also rogue units can behave as clock sources or obstruct synchronization. Even with redundant external time sources, there is no absolute guarantee that the system will have robust performance. Real-time controls for critical infrastructure require the availability of continuous timebase, even in a system with faulty or rogue components. And even if the system synchronization fails completely (e.g. EMI (e.g. thunder) or complete power down), its startup and recovery timing must be defined. SAE AS6802 relies solely on internal (local, CPU) clock sources and ensures that different types of faults are tolerated to provide continuous system time with zero fail-over, as it is not based on grandmaster or best master concept from IEEE1588. In a system using IEEE1588, the BMC (Best Master Clock) algorithm is used to automatically determine the current ‘best’ clock, which becomes the new grandmaster. The challenge with this algorithm is that it behaves well in benign cases, but it can lead to discontinued or false synchronization for a period of time, which can lead to total system failure in more complex scenarios. In critical infrastructure applications, benign failure cases are not a real challenge. Real pain comes from more complex failure scenarios, and they can create severe cost or catastrophic consequences.

As IEEE1588 and SAE AS6802 offer quite different synchronization methods, both approaches can work in one Ethernet network at the same time. 

More information on synchronization and mechanisms applied in SAE AS6802 can be found here.