Special characteristics of PXROS-HR

The first chapter has already mentioned special characteristics distinguishing PXROS-HR from other real-time operating systems. This chapter describes these features in detail.

Hardware-based memory protection:

PXROS-HR uses the memory protection mechanism of the hardware to seal off the memory areas of different tasks from each other. This means, each task has a certain amount of memory allocated. If it tries to reach out of this area, this access violation is detected by the MPU, a trap is triggered handing control over to the operating system.

Permission concepts for tasks:

PXROS-HR arranges to grant or deny certain rights to the tasks. These include, for example, access rights to operating system or hardware resources (see Safety characteristics).

Object-based system architecture:

All elements managed by the operating system are perceived as objects, such as message objects or task objects.

No interrupt locks:

Whereas it is common practice with other operating systems to lock interrupts during scheduling, PXROS-HR does without interrupt locks. This means, interrupts can be reacted to without any latencies and thus significantly increases the predictability of the system.

message-based data interchange:

Data is exchanged between tasks via message objects. In conjunction with the concept of mailboxes, these messages provide an implicit synchronization mechanism and allow restricting data access to the current message user. This method has the advantage of making conventional (explicit) synchronization mechanisms, such as semaphores, redundant.

Encapsulation:

The concept of encapsulation arises from the object-based approach in connection with hardware-assisted memory protection: A task is perceived as a self-contained capsule, which is sealed off from the exterior world. Interaction with the exterior world can only be facilitated via a well-defined, narrow interface (message objects). Accidental interference, e.g. by misrouted access operations by pointers is prevented by the hardware. An overall system consists of several such capsules. Loose connections within the system increase the manageability of complex systems considerably, while absence of reaction is ensured.

Reloading tasks:

Based on the concept of encapsulation PXROS-HR makes it possible to load and unload new tasks during system runtime in a dynamic way.

Debugging the running system:

PXROS-HR makes it possible to stop individual tasks within a running system and to debug these tasks while the overall system continues to run.

Under PXROS-HR tasks can be perceived as running each on an individual controller.

Difference between system tasks and application tasks:

Due to the permission concept it is possible to distinguish between system tasks and application tasks. System tasks usually have comprehensive privileges and provide services to application tasks that require a higher privilege level. Thus they form a system platform offering additional functionality to applications. Application tasks are potentially error-prone (e.g. supplied modules) and thus typically have lower privileges. These tasks usually implement application-specific functionalities rather than system functionalities. Application tasks can also be reloaded.

The basic system also consists of individual capsules on task level with different rights (see PXROS-HR System).

Micro-kernel:

PXROS-HR is implemented as a micro-kernel, i.e. only the basic functionalities of the operating system are implemented in the kernel. Additional functionalities, such as the TCP/IP stack or the file system, are realized in the form of separate modules running as application tasks.