Chapter 14Distributed systems14.114.214.314.414.5Distributed system definitionOverview of issuesLanguage supportDistributed programmingsystems and environmentsReliability14.614.7Distributed algorithmsDeadline scheduling in adistributed environmentSummaryFurther readingExercisesOver the last thirty years, the cost of microprocessors and communicationstechnology has continually decreased in real terms. This has made distributedcomputer systems a viable alternative to uniprocessor and centralized systemsin many embedded application areas. The potential advantages of distributioninclude: improved performance through the exploitation of parallelism,increased availability and reliability through the exploitation of redundancy,dispersion of computing power to the locations in which it is used,the facility for incremental growth through the addition or enhancement ofprocessors and communications links.This chapter discusses some of the problems that are introduced when real-timesystems are implemented on more than one processor.14.1 Distributed system definitionFor the purposes of this chapter, a distributed computer system is defined to be asystem of multiple autonomous processing elements cooperating in a common purposeor to achieve a common goal. This definition is wide enough to satisfy most intuitivenotions, without descending to details of physical dispersion, means of communication,and so on. The definition excludes pipeline and array processors, whose elements arenot autonomous; it also excludes those computer networks (for example, the Internet)523

524DISTRIBUTED SYSTEMSMachine toolsManipulatorConveyor ntManipulatorMachine toolsLocal area rFigure 14.1ProcessorelementConveyor beltA manufacturing distributed embedded system.where nodes work to no common purpose1. The majority of applications one mightsensibly embed on multiprocessor architectures – for example command and control,banking (and other transaction-oriented commercial applications), and data acquisition– fall within the definition. A distributed manufacturing-based system is shown in Figure14.1.Even modern aircraft designs (both civil and military) have embedded distributedsystems. For example, Integrated Modular Avionics (AEEC, 1991) allows more thanone processing modules to be interconnected via an ARINC 629 bus, as illustrated inFigure 14.2.It is useful to classify distributed systems as either tightly coupled, meaningthat the processing elements, or nodes, have access to a common memory, and loosely1 However, as communication technology continues to improve, more and more internet-working will fitthis definition of a distributed system.

OVERVIEW OF ISSUES525ARINC629 databusProcessingresourceSensor/actuatorFigure 14.2A civil avionics distributed embedded system.coupled, meaning that they do not. The significance of this classification is that synchronization and communication in a tightly coupled system can be effected throughtechniques based on the use of shared variables, whereas in a loosely coupled systemsome form of message passing is ultimately required. It is possible for a loosely coupledsystem to contain nodes which are themselves tightly coupled systems.This chapter will use the term ‘distributed system’ to refer to loosely coupledarchitectures. Also, in general, full connectivity will be assumed between processors –issues associated with the routing of messages and so on will not be considered. For afull discussion on these topics, see Tanenbaum (1998). Furthermore, it will be assumedthat each processor will have access to its own clock and that these clocks are looselysynchronized (that is, there is a bound by which they can differ).A separate classification can be based on the variety of processors in the system. A homogeneous system is one in which all processors are of the same type;a heterogeneous system contains processors of different types. Heterogeneous systems pose problems of differing representations of program and data; these problems,while significant, are not considered here. This chapter assumes that all processors arehomogeneous.14.2 Overview of issuesSo far in this book, the phrase concurrent programming has been used to discuss communication, synchronization and reliability without getting too involved with how processes are implemented. However, some of the issues which arise when distributedapplications are considered raise fundamental questions that go beyond mere implementation details. The purpose of this chapter is to consider these issues and their

526DISTRIBUTED SYSTEMSimplications for real-time applications. They are: Language support – The process of writing a distributed program is made mucheasier if the language and its programming environment support the partitioning,configuration, allocation and reconfiguration of the distributed application, alongwith location-independent access to remote resources.Reliability – The availability of multiple processors enables the application tobecome tolerant of processor failure – the application should be able to exploitthis redundancy. Although the availability of multiple processors enables the application to become tolerant of processor failure, it also introduces the possibilityof more faults occurring in the system which would not occur in a centralizedsingle-processor system. These faults are associated with partial system failureand the application program must either be shielded from them, or be able totolerate them.Distributed control algorithms – The presence of true parallelism in an application, physically distributed processors, and the possibility that processors andcommunication links may fail, means that many new algorithms are required forresource control. For example, it may be necessary to access files and data whichare stored on other machines; furthermore, machine or network failure must notcompromise the availability or consistency of those files or data. Also, as there isoften no common time reference in a distributed system, each node having its ownlocal notion of time, it is very difficult to obtain a consistent view of the overallsystem. This can cause problems when trying to provide mutual exclusion overdistributed data.Deadline scheduling – In Chapter 13, the problems of scheduling processes tomeet deadlines in a single processor system were discussed. When the processesare distributed, the optimal single processor algorithms are no longer optimal.New algorithms are needed.These issues are now discussed in turn. However, in one chapter it is difficult to dojustice to all the new activities in these areas.14.3 Language supportThe production of a distributed software system to execute on a distributed hardwaresystem involves several steps which are not required when programs are produced for asingle processor: Partitioning is the process of dividing the system into parts (units of distribution)suitable for placement onto the processing elements of the target system.Configuration takes place when the partitioned parts of the program are associated with particular processing elements in the target system.

LANGUAGE SUPPORT 527Allocation covers the actual process of turning the configured system into a collection of executable modules and downloading these to the processing elementsof the target system.Transparent execution is the execution of the distributed software so that remoteresources can be accessed in a manner which is independent of their location.Reconfiguration is the dynamic change to the location of a software componentor resource.Most languages which have been designed explicitly to address distributed programming will provide linguistic support for at least the partitioning stage of system development. For example, processes, objects, partitions, agents and guardians have all beenproposed as units of distribution. All these constructs provide well-defined interfaceswhich allow them to encapsulate local resources and provide remote access. Some approaches will allow configuration information to be included in the program source,whereas others will provide a separate configuration language.Allocation and reconfiguration, typically, require support from the programmingsupport environment and operating system.It is, perhaps, in the area of transparent execution where most efforts have beenmade to achieve a level of standardization across the various approaches. The goal isto make communication between distributed processes as easy and reliable as possible.Unfortunately, in reality, communication often takes places between heterogeneous processors across an unreliable network, and in practice complex communication protocolsare required (see Section 14.5). What is needed is to provide mechanisms whereby: Processes do not have to deal with the underlying form of messages. For example,they do not need to translate data into bit strings suitable for transmission or tobreak up the message into packets.All messages received by user processes can be assumed to be intact and in goodcondition. For example, if messages are broken into packets, the run-time systemwill only deliver them when all packets have arrived at the receiving node andcan be properly reassembled. Furthermore, if the bits in a message have beenscrambled, the message either is not delivered or is reconstructed before delivery;clearly some redundant information is required for error checking and correction.Messages received by a process are the kind that the process expects. The processdoes not need to perform run-time checks.Processes are not restricted to communication only in terms of a predefined builtin set of types. Instead, processes can communicate in terms of values of interestto the application. Ideally, if the application is defined using abstract data types,then values of these types can be communicated in messages.It is possible to identify three main de facto standards by which distributed programscan communicate with each other: by using an application programmers interface (API), such as sockets, to networktransport protocols

528DISTRIBUTED SYSTEMSServerClient146NetworkClientstub2Figure 14.3 53ServerstubskeletonThe relationship between client and server in an using the remote procedure call (RPC) paradigmby using the distributed object paradigm.The issue of network protocols will be discussed in Section 14.5 and a Java interface for sockets will be briefly considered in Section 14.4.3. The remainder of thissubsection will consider RPC and distributed objects including the Common ObjectRequest Broker Architecture (CORBA).14.3.1Remote procedure callThe overriding goal behind the remote procedure call paradigm is to make distributedcommunication as simply as possible. Typically, RPCs are used for communication between programs written in the same language, for example, Ada or Java. A procedure(server) is identified as being one that can be called remotely. From the server specification, it is possible to generate automatically two further procedures: a client stuband a server stub. The client stub is used in place of the server at the site on whichthe remote procedure call originates. The server stub is used on the same site as theserver procedure. The purpose of these two procedures is to provide the link betweenthe client and the server in a transparent way (and thereby meet all the requirementslaid out in the previous section). Figure 14.3 illustrates the sequence of events in a RPCbetween a client and a server via the two stub procedures. The stubs are sometimescalled middleware as they sit between the application and the operating system.The role of the client stub is to: identify the address of the server (stub) procedure;

LANGUAGE SUPPORT 529convert the parameters of the remote call into a block of bytes suitable for transmission across the network – this activity is often call parameter marshalling;send the request to execute the procedure to the server (stub);wait for the reply from the server (stub) and unmarshal the parameters or anyexceptions propagated;return control to the client procedure along with the returned parameters, or raisean exception in the client procedure.The goal of the server stub is to: receive requests from client (stub) procedures;unmarshal the parameters;call the server;catch any exceptions that are raised by the server;marshal the return parameters (or exceptions) suitable for transmission across thenetwork;send the reply to the client (stub).Where the client and server procedures are written in different languages or areon different machine architectures, the parameter marshalling and unmarshalling mechanisms will convert the data into a machine- and language-independent format (seeSection 14.4.4).14.3.2The Distributed Object ModelThe term distributed objects (or remote objects) has been used over the last few yearin a variety of contexts. In its most general sense, the distributed object model allows: the dynamic creation of an object (in any language) on a remote machine;the identification of an object to be determined and held on any machine;the transparent invocation of a remote method in an object as if it were a localmethod and irrespective of the language in which the object is written;the transparent run-time dispatching of a method call across the network.Not all systems which support distributed objects provide mechanisms to support allthis functionality. As will be shown in the following subsections:Ada supports the static allocation of objects, allows the identification of remote Adaobjects, facilitates the transparent execution of remote methods, and supports distributed run-time dispatching of method calls;

530DISTRIBUTED SYSTEMSJava allows the code of a Java object to be sent across the network and instances to becreated remotely, the remote naming of a Java object, the t