Your browser does not support JavaScript! Skip to main content
Free 30-day trial Customer portal Careers DO-178C Handbook
 
Rapita Systems
 

Industry leading verification tools & services

Rapita Verification Suite (RVS)

  RapiTest - Unit/system testing   RapiCover - Structural coverage analysis   RapiTime - Timing analysis (inc. WCET)   RapiTask - Scheduling visualization   RapiCoverZero - Zero footprint coverage analysis   RapiTimeZero - Zero footprint timing analysis   RapiTaskZero - Zero footprint scheduling analysis

Multicore Verification

  MACH178  Multicore Timing Solution  RapiDaemons

Engineering Services

  V & V Services  Qualification  Training  Tool Integration  Support

Industries

  Aerospace (DO-178C)   Automotive (ISO 26262)   Space

Other

  RTBx   Mx-Suite   Software licensing   Product life cycle policy  RVS development roadmap

Latest from Rapita HQ

Latest news

RVS 3.18 Launched
Solid Sands partners with Rapita Systems
Danlaw Acquires Maspatechnologies - Expanding Rapita Systems to Spain
Rapita co-authored paper wins ERTS22 Best paper award
View News

Latest from the Rapita blog

Measuring response times and more with RapiTime
Why mitigating interference alone isn’t enough to verify timing performance for multicore DO-178C projects
There are how many sources of interference in a multicore system?
Supporting modern development methodologies for verification of safety-critical software
View Blog

Latest discovery pages

do178c DO-178C Guidance: Introduction to RTCA DO-178 certification
matlab_simulink MATLAB® Simulink® MCDC coverage and WCET analysis
code_coverage_ada Code coverage for Ada, C and C++
amc-20-193 AMC 20-193
View Discovery pages

Upcoming events

NAVAIR FACE & SOSA TIM and Expo
2023-09-12
DASC 2023
2023-10-01
HISC 2023
2023-10-17
Aerospace Tech Week Americas 2023
2023-11-14
View Events

Technical resources for industry professionals

Latest White papers

DO178C Handbook
Efficient Verification Through the DO-178C Life Cycle
A Commercial Solution for Safety-Critical Multicore Timing Analysis
Compliance with the Future Airborne Capability Environment (FACE) standard
View White papers

Latest Videos

Challenges of certifying multicore avionics in line with A(M)C 20-193 objectives - ATW Europe 2023
Streamlined software verification with RVS 3.18
Sequence analysis with RapiTime
Visualize call dependencies with RVS thumbnail
Visualize call dependencies with RVS
View Videos

Latest Case studies

Supporting ISO 26262 ASIL D software verification for EasyMile
RapiCover’s advanced features accelerate the certification of military UAV Engine Control
Front cover of whitepaper collins
Delivering world-class tool support to Collins Aerospace
View Case studies

Other Downloads

 Webinars

 Brochures

 Product briefs

 Technical notes

 Research projects

Discover Rapita

Who we are

The company menu

  • About us
  • Customers
  • Distributors
  • Locations
  • Partners
  • Research projects
  • Contact us

US office

+1 248-957-9801
info@rapitasystems.com
Rapita Systems, Inc.
41131 Vincenti Ct.
Novi
MI 48375
USA

UK office

+44 (0)1904 413945
info@rapitasystems.com
Rapita Systems Ltd.
Atlas House
Osbaldwick Link Road
York, YO10 3JB
UK

Spain office

+34 93 351 02 05
info@rapitasystems.com
Rapita Systems S.L.
Parc UPC, Edificio K2M
c/ Jordi Girona, 1-3
Barcelona 08034
Spain

Working at Rapita

Careers

Careers menu

  • Current opportunities & application process
  • Working at Rapita
Back to Top

What happened first? Handling timer wraparound

Breadcrumb

  1. Home
  2. Blog
  3. What happened first? Handling timer wraparound
2016-01-08

Suppose you had to determine which of two timestamps occurred first. Clearly the “obvious“ approach is to use a simple numerical comparison, for example:

if (ts1 < ts2) {
    ts1_first = TRUE;
} else {
    ts1_first = FALSE;
}

In an embedded system, timestamps are often provided by counters linked to (for example) a system clock. In a typical configuration, these counters increment with every clock tick until they reach their maximum value then wraparound to zero. In many cases the range of the counters is very limited, for example a 16-bit counter is not uncommon. If this timer were linked to a 20MHz clock, a wraparound would occur approximately every 3.3ms.

In practice, this means that code which handles time comparisons must address the wraparound of timers.

When timer wraparound is a possibility, the “obvious” approach we've used above will not work – in fact it produces an intermittent fail (problems only arise when ts1 is read before the wrap and ts2 is read afterwards).

Finding a solution exposes some important constraints we need to impose on our application:

  • This test relies upon the assumption that the maximum difference in time between ts1 and ts2 is less than half of the range of the counter (less than 32768 ticks in the case of a 16 bit counter).
  • The variables used to record ts1 and ts2 are the same size as the counter (16-bits in the case our our example), and are unsigned.

The test is simply implemented as:

if ((ts2 – ts1) < COUNTER_RANGE/2) { ...

So in a straightforward case, we might have:

ts1 = 0x11 and ts2 = 0x37

This gives 0x37-0x11 = 0x26, which is less than half the counter range (0x8000). If the values were switched, 0x11-0x37, when evaluated with unsigned arithmetic gives 0xffd9. So what happens when the counter wraps? The unsigned integer arithmetic handles this very nicely. For example, if we have ts1 = 0xfff3 and ts2 = 0x0004, the difference between the two values comes out at 0x11.

A slight problem occurs if the counter width is different to the integer size, for example a 12-bit counter. This is simply handled by masking unused bits out after the subtraction:

if ((ts2 – ts1) & 0x0fff) < COUNTER_RANGE/2 { ...

The consequences of handling counter wraparound incorrectly are often intermittent and difficult to detect. Once the need for handling counter wraparound has been identified, it is a relatively simple thing to handle correctly, provided that you can be sure that you only ever compare timestamps that are within half the range of the counter.

DO-178C webinars

DO178C webinars

White papers

DO178C Handbook Efficient Verification Through the DO-178C Life Cycle
A Commercial Solution for Safety-Critical Multicore Timing Analysis
Compliance with the Future Airborne Capability Environment (FACE) standard
5 key factors to consider when selecting an embedded testing tool

Related blog posts

Measuring response times and more with RapiTime

.
2023-03-10

Out of the box RVS integration for DDC-I's Deos RTOS

.
2020-02-23

WCET analysis of object code with zero instrumentation

.
2017-02-27

Conditional code without branches

.
2015-12-10

Pagination

  • Current page 1
  • Page 2
  • Page 3
  • Page 4
  • Page 5
  • Page 6
  • Page 7
  • Page 8
  • Page 9
  • Next page Next ›
  • Last page Last »
  • Solutions
    • Rapita Verification Suite
    • RapiTest
    • RapiCover
    • RapiTime
    • RapiTask
    • MACH178

    • Verification and Validation Services
    • Qualification
    • Training
    • Integration
  • Latest
  • Latest menu

    • News
    • Blog
    • Events
    • Videos
  • Downloads
  • Downloads menu

    • Brochures
    • Webinars
    • White Papers
    • Case Studies
    • Product briefs
    • Technical notes
    • Software licensing
  • Company
  • Company menu

    • About Rapita
    • Careers
    • Customers
    • Distributors
    • Industries
    • Locations
    • Partners
    • Research projects
    • Contact
  • Discover
    • AMC 20-193
    • What is CAST-32A?
    • Multicore Timing Analysis
    • MC/DC Coverage
    • Code coverage for Ada, C & C++
    • Embedded Software Testing Tools
    • Aerospace Software Testing
    • Automotive Software Testing
    • Certifying eVTOL
    • DO-178C
    • WCET Tools
    • Worst Case Execution Time
    • Timing analysis (WCET) & Code coverage for MATLAB® Simulink®

All materials © Rapita Systems Ltd. 2023 - All rights reserved | Privacy information | Trademark notice Subscribe to our newsletter