The perenial "Nuclear Power Plant" example

Posted Oct 12, 2004 21:51 UTC (Tue) by simlo (guest, #10866)
In reply to: The perenial "Nuclear Power Plant" example by sbergman27
Parent article: Approaches to realtime Linux

It could be that they have to switch out the generator from the electrical grid within a few ms. Typically, if the grid outside the plant is short-circuited. You can make a simple hardware solution but then you can't switch the power plant back on again. With a software solution you can switch in resistor banks and burn off the energy for a few ms until the grid is ok again.

That said: Having such systems running somekind of real-time Linux would be insane. Linux caries out too much code which can contain bugs. I would make it from scratch with either no OS at all or only the bare bones (i.e. basicly just a scheduler). Then I would make a simple protocol between this safety critical subsystem and systems running Linux to supervise it.

A realtime Linux is mostly usefull for cheap systems, where you both Linux's server/client capabilities and have a none-safety critical subsystem you need to service as well and you don't wont the extra cost of an extra CPU.

The question is how hard these real time requirements are. Very often it wont be that "hard" in the sense that the application can somewhat survive a missed deadline once in a while but it might be anoying to the user - like Xmms. For many, many applications it is like that: The models say that you have to do things of such and such rate; but in practise you can skip sample points once in a while with no critical problem.

The perenial "Nuclear Power Plant" example

Posted Oct 15, 2004 16:34 UTC (Fri) by iabervon (subscriber, #722) [Link]

Linux doesn't have all that much code if you disable everything. Of course, I'd personally design a nuclear reactor with a microcontroller to handle all the really fast hard realtime stuff, set up a watchdog to make sure the operator's computer is responding within a couple of minutes, and run Linux on the operator's computer. Linux does have far more code than a microcontroller program, no matter what you do. For that matter, with microcontrollers, you could probably set up a set of redundant ones with voting schemes just to make sure that failures don't cause problems. It's not like you're going to blow your power plant budget on microcontrollers.

The perenial "Nuclear Power Plant" example

Posted Oct 21, 2004 14:23 UTC (Thu) by alext (guest, #7589) [Link]

In national power grid systems my experience is of hardware processing that feeds an event to the software which is event driven with no scheduler involved, it just sits and spins waiting to take action. That then triggers nice, very rapid hardware breakers because of the arcing problem switching that kind of voltage (K and M sizes).