A TIME-TRIGGERED CONTROLLER AREA NETWORK PLATFORM WITH ESSENTIALLY DISTRIBUTED CLOCK SYNCHRONIZATION

Recently, the development of control systems for safety-critical industrial applications has gained special attention in the international committees. Some standards such as the IEC-61508 introduce guidelines for risk assessment considering failure rates less than 10–6 per year. For a distributed system to meet that requirement, one alternative is to employ fault-tolerance techniques such as active redundancy and message cross-checking. Considering that for cost and locality reasons the processing units of these distributed systems are usually interconnected through a shared bus, the underlying communication platform becomes the most important building block. It must provide low-level support for deterministic data transmission as well as a global time base to coordinate the actions of replicated units. Within this context, this paper presents a time-triggered extension of the CAN protocol as a communication architecture for safety-critical applications. Unlike other related work that rely on a centralized reference of time, our communication platform is enhanced with a low cost, essentially distributed clock synchronization algorithm.