ASF-Nabd/ASF_01_sys_sw_arch

Fork 0

Files

mahmamdouh edd3e96591 init

2026-01-19 16:19:41 +01:00

9.2 KiB

Raw Blame History

Annex C: Timing and Resource Budgets

Document: SRS Annex C
Version: 1.0
Date: 2025-01-19

Purpose

This annex defines timing budgets, resource allocation limits, and performance constraints for the Sensor Hub software.

1. Timing Budgets

1.1 Sensor Acquisition Timing

Operation	Maximum Duration	Justification
Single sensor sample (I2C)	10ms	I2C transaction time
Single sensor sample (SPI)	5ms	SPI transaction time
Single sensor sample (UART)	20ms	UART transaction time
Single sensor sample (Analog/ADC)	1ms	ADC conversion time
Filtering (10 samples)	5ms	Local filtering computation
Timestamp generation	1ms	System time access
Complete acquisition cycle (per sensor)	100ms	Total per sensor (worst case)
Complete acquisition cycle (all sensors)	500ms	5 sensors × 100ms (with overlap)

1.2 State Transition Timing

Transition	Maximum Duration	Justification
`[*]` → `INIT`	100ms	Power-on initialization
`INIT` → `RUNNING`	5s	Hardware init, secure boot, MC load
`INIT` → `BOOT_FAILURE`	2s	Secure boot verification
`RUNNING` → `WARNING`	50ms	Fault detection and state change
`RUNNING` → `FAULT`	50ms	Critical fault detection
`RUNNING` → `OTA_PREP`	100ms	OTA request processing
`OTA_PREP` → `TEARDOWN`	2s	Readiness validation
`TEARDOWN` → `OTA_UPDATE`	500ms	Data flush and resource release
`TEARDOWN` → `INIT`	500ms	Data flush and reset
`OTA_UPDATE` → `RUNNING`	10 minutes	Firmware transfer and flashing
`RUNNING` → `SERVICE`	100ms	Debug session establishment
`SERVICE` → `RUNNING`	50ms	Debug session closure
`RUNNING` → `SD_DEGRADED`	200ms	SD failure detection

1.3 Communication Timing

Operation	Maximum Duration	Justification
Main Hub request processing	100ms	Data retrieval and response
Main Hub message transmission	50ms	Network transmission (local)
Main Hub message reception	50ms	Network reception (local)
Communication link failure detection	30s	Heartbeat timeout
OTA firmware chunk reception	1s	Network transfer per chunk
Peer Sensor Hub ping	100ms	Connectivity check

1.4 Persistence Timing

Operation	Maximum Duration	Justification
Sensor data write (SD card)	50ms	File write operation
Diagnostic event write (SD card)	20ms	Log append operation
Machine constants write (NVM)	10ms	NVS write operation
Data flush (all pending)	200ms	Complete flush operation
SD card failure detection	500ms	File system check

1.5 OTA Timing

Operation	Maximum Duration	Justification
OTA readiness validation	2s	System state and resource check
Firmware chunk reception	1s	Network transfer per chunk
Firmware integrity validation	5s	Cryptographic verification
Firmware flashing	2 minutes	Flash write operation
Complete OTA operation	10 minutes	End-to-end OTA process

1.6 Diagnostic Timing

Operation	Maximum Duration	Justification
Diagnostic event generation	1ms	Event creation and classification
Diagnostic event persistence	20ms	Log write operation
Diagnostic query processing	50ms	Log read and filtering
Fault escalation	50ms	Severity check and state transition

2. Resource Budgets

2.1 Memory (RAM) Budget

Component	Allocation	Peak Usage	Monitoring Required
System (RTOS, ESP-IDF)	80KB	100KB	Yes
Sensor Manager	20KB	25KB	Yes
Event System	10KB	15KB	Yes
Data Pool	15KB	20KB	Yes
Communication Stack	30KB	40KB	Yes
Diagnostics	10KB	15KB	Yes
Persistence	15KB	20KB	Yes
OTA Manager	20KB	30KB	Yes
Security	10KB	15KB	Yes
System Management	10KB	15KB	Yes
HMI	5KB	8KB	Yes
Total Allocated	225KB	283KB
Available (ESP32-S3)	512KB	512KB
Utilization	44%	55%
Safety Margin	56%	45%

Note: Peak usage includes worst-case stack usage and temporary buffers. Actual runtime usage SHALL be monitored and maintained below 60% (307KB).

2.2 Flash (Program Memory) Budget

Component	Allocation	Notes
Bootloader	32KB	ESP-IDF bootloader
Application Code	1.5MB	Main application firmware
OTA Partition 0	1.5MB	Primary firmware partition
OTA Partition 1	1.5MB	Secondary firmware partition (for updates)
NVS (Non-Volatile Storage)	20KB	Configuration and MC storage
SPIFFS/LittleFS	500KB	File system (if used)
Total Used	5.052MB
Available (8MB Flash)	8MB
Utilization	63%
Safety Margin	37%

2.3 CPU Utilization Budget

Task	Priority	CPU Usage (Normal)	CPU Usage (Peak)	Notes
Sensor Acquisition	High	15%	25%	Time-critical
Communication	Medium	10%	20%	Network I/O
Diagnostics	Low	5%	10%	Background
Persistence	Medium	5%	15%	Storage I/O
System Management	High	5%	10%	State management
HMI	Low	2%	5%	Display updates
Idle	-	58%	15%	System idle
Total	-	100%	100%

Requirement: CPU utilization SHALL NOT exceed 80% during normal operation (SWR-PERF-005).

2.4 Storage (SD Card) Budget

Data Type	Daily Write Volume	Retention Policy	Notes
Sensor Data	50MB	7 days (rolling)	5 sensors × 1 sample/min × 24h
Diagnostic Log	5MB	30 days (circular)	Bounded log with overwrite
Machine Constants	1KB	Permanent	Updated only on configuration change
OTA Firmware	2MB	Temporary	Deleted after successful update
Total Daily Writes	57MB
SD Card Capacity	32GB (typical)
Wear Level	Low		With wear-leveling

Requirement: SD card writes SHALL be wear-aware to prevent premature failure (SWR-DATA-013).

2.5 Network Bandwidth Budget

Operation	Bandwidth	Frequency	Daily Volume
Sensor Data Transmission	1KB/packet	1 packet/min	1.44MB/day
Diagnostic Reporting	500B/packet	On-demand	Variable
Status Updates	200B/packet	1 packet/5min	57.6KB/day
OTA Firmware Transfer	2MB	On-demand	Variable
Total (Normal Operation)	-	-	~1.5MB/day

Note: OTA transfers are infrequent and excluded from daily normal operation budget.

3. Performance Constraints

3.1 Real-Time Constraints

Constraint	Requirement	Verification Method
Sensor acquisition determinism	≤ 100ms per sensor	Timing measurement
State transition determinism	≤ 50ms (except INIT, TEARDOWN)	Timing measurement
Communication response time	≤ 100ms	End-to-end timing
Data persistence latency	≤ 200ms	Write operation timing

3.2 Resource Constraints

Resource	Limit	Monitoring	Action on Exceed
RAM Usage	60% (307KB)	Runtime monitoring	Enter WARNING state, reduce buffers
CPU Usage	80%	Runtime monitoring	Reduce task priorities, throttle operations
SD Card Space	10% free	File system check	Trigger data retention policy
Flash Usage	70% (5.6MB)	Build-time check	Optimize code size

3.3 Quality Constraints

Constraint	Requirement	Verification Method
Power loss recovery	< 1 second	Power interruption test
SD card failure handling	Graceful degradation	SD card removal test
OTA failure recovery	Rollback capability	OTA failure injection test
Secure boot failure	BOOT_FAILURE state	Secure boot verification test

4. Worst-Case Execution Time (WCET) Analysis

4.1 Critical Paths

Sensor Acquisition Path:

Sensor Read (10ms) × 10 samples = 100ms
+ Filtering (5ms) = 105ms
+ Timestamp (1ms) = 106ms
WCET = 110ms (with 4ms margin)

State Transition Path:

State validation (5ms)
+ Component notification (10ms)
+ State update (1ms)
WCET = 20ms (with 30ms margin for 50ms requirement)

Data Persistence Path:

Data serialization (10ms)
+ File write (50ms)
+ Verification (10ms)
WCET = 80ms (with 120ms margin for 200ms requirement)

5. Traceability

SWR-PERF-001: Sensor acquisition cycle timing
SWR-PERF-002: State transition timing
SWR-PERF-003: Data persistence timing
SWR-PERF-004: OTA operation duration
SWR-PERF-005: CPU utilization limit
SWR-PERF-006: RAM usage limit
SWR-PERF-007: Main Hub response time
SWR-PERF-008: Communication link failure detection

9.2 KiB Raw Blame History Unescape Escape