Building Unreliable Systems out of Reliable Components: The Real Time Story Edward A. Lee Professor, Chair of EE, and Associate Chair of EECS CHESS: Center.

Slides:



Advertisements
Similar presentations
Topic 2: Balance between formal and informal methods, engineering and artistry, evolution and rebuild Edward A. Lee Professor UC Berkeley Center for Hybrid.
Advertisements

The Operational Semantics of Hybrid Systems Edward A. Lee Professor, Chair of EE, and Associate Chair of EECS, UC Berkeley With contributions from: Adam.
DATAFLOW PROCESS NETWORKS Edward A. Lee Thomas M. Parks.
Discrete Event Models: Getting the Semantics Right Edward A. Lee Robert S. Pepper Distinguished Professor Chair of EECS UC Berkeley With thanks to Xioajun.
ACM SIGPLAN 2001 Workshop on Languages, Compilers, and Tools for Embedded Systems (LCTES'2001) Jun 22-23, 2001, Snowbird, Utah, USA Embedded Software from.
PTIDES: Programming Temporally Integrated Distributed Embedded Systems Yang Zhao, EECS, UC Berkeley Edward A. Lee, EECS, UC Berkeley Jie Liu, Microsoft.
Process-Based Software Components for Networked Embedded Systems Edward A. Lee, PI UC Berkeley Core Technical Team (Mobies, SEC, and GSRC): Christopher.
7th Biennial Ptolemy Miniconference Berkeley, CA February 13, 2007 Causality Interfaces for Actor Networks Ye Zhou and Edward A. Lee University of California,
SRC ETAB Summer Study Colorado Springs, June 25-26, 2001 Model-Based Approaches to Embedded Software Design Edward A. Lee UC Berkeley & GSRC.
Chess Review May 8, 2003 Berkeley, CA Classes and Inheritance in Actor- Oriented Models Stephen Neuendorffer Edward Lee UC Berkeley.
Advanced Tool Architectures Supporting Interface-Based Design
NSF Foundations of Hybrid and Embedded Software Systems UC Berkeley: Chess Vanderbilt University: ISIS University of Memphis: MSI A New System Science.
Mobies Phase 1 UC Berkeley 1 Agenda 8:00-8:30 Continental breakfast 8:30-9:00 Overview of Mobies Phase 1 effort (Edward A. Lee) 9:00-9:40 Introduction.
Type System, March 12, Data Types and Behavioral Types Yuhong Xiong Edward A. Lee Department of Electrical Engineering and Computer Sciences University.
7th Biennial Ptolemy Miniconference Berkeley, CA February 13, 2007 Leveraging Synchronous Language Principles for Hybrid System Models Haiyang Zheng and.
Department of Electrical Engineering and Computer Sciences University of California at Berkeley Behavioral Types for Actor-Oriented Design Edward A. Lee.
Behavioral Types as Interface Definitions for Concurrent Components Center for Hybrid and Embedded Software Systems Edward A. Lee Professor UC Berkeley.
6th Biennial Ptolemy Miniconference Berkeley, CA May 12, 2005 Future Directions Edward A. Lee.
Understandable and Scalable Concurrency Christopher Brooks Programmer/Analyst, University of California, Berkeley Edward A. Lee Robert S. Pepper Distinguished.
February 11, 2010 Center for Hybrid and Embedded Software Systems Ptolemy II - Heterogeneous Concurrent Modeling and Design.
Chess Review October 4, 2006 Alexandria, VA Edited and presented by Advanced Tool Architectures Edward A. Lee UC Berkeley.
Is Truly Real-Time Computing Becoming Unachievable? Edward A. Lee Robert S. Pepper Distinguished Professor and Chair of EECS, UC Berkeley Keynote Talk.
Chess Review November 21, 2005 Berkeley, CA Edited and presented by Advanced Tool Architectures Edward A. Lee UC Berkeley.
Heterogeneous Modeling and Design in Ptolemy II Johan Eker UC Berkeley with material courtesy of Edward Lee and the Ptolemy group ECE Seminar Series, Carnegie.
6th Biennial Ptolemy Miniconference Berkeley, CA May 12, 2005 Ptolemy Project Status and Overview Edward A. Lee Ptolemy Project Director, UC Berkeley.
Mobies Phase 1 UC Berkeley 1 Process-Based Software Components Mobies Phase 1, UC Berkeley Edward A. Lee and Tom Henzinger PI Meeting, Boca Raton January.
6th Biennial Ptolemy Miniconference Berkeley, CA May 12, 2005 Operational Semantics of Hybrid Systems Haiyang Zheng and Edward A. Lee With contributions.
Review of “Embedded Software” by E.A. Lee Katherine Barrow Vladimir Jakobac.
Chess Review May 11, 2005 Berkeley, CA Operational Semantics of Hybrid Systems Haiyang Zheng and Edward A. Lee With contributions from the Ptolemy group.
Actor-Oriented Design: A focus on domain-specific languages for embedded systems Edward A. Lee Professor, UC Berkeley Director, Center for Hybrid and Embedded.
The Case for Precision Timed (PRET) Machines Edward A. Lee Professor, Chair of EECS UC Berkeley With thanks to Stephen Edwards, Columbia University. National.
Building Unreliable Systems out of Reliable Components: The Real Time Story Edward A. Lee Professor, Chair of EE, and Associate Chair of EECS CHESS: Center.
An Extensible Type System for Component-Based Design
Defining Domains Edward A. Lee Professor, UC Berkeley Ptolemy Ptutorial, Feb. 12, 2007.
Mixing Models of Computation Jie Liu Palo Alto Research Center (PARC) 3333 Coyote Hill Rd., Palo Alto, CA joint work with Prof. Edward.
Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.
Models of Computation for Embedded System Design Alvise Bonivento.
Discrete Event Models: Getting the Semantics Right Edward A. Lee Robert S. Pepper Distinguished Professor Chair of EECS UC Berkeley With special thanks.
Chess Review November 21, 2005 Berkeley, CA Edited and presented by Causality Interfaces and Compositional Causality Analysis Rachel Zhou UC Berkeley.
7th Biennial Ptolemy Miniconference Berkeley, CA February 13, 2007 Cyber-Physical Systems: A Vision of the Future Edward A. Lee Robert S. Pepper Distinguished.
Understandable Concurrency Edward A. Lee Professor, Chair of EE, and Associate Chair of EECS Director, CHESS: Center for Hybrid and Embedded Software Systems.
NSF Foundations of Hybrid and Embedded Software Systems UC Berkeley: Chess Vanderbilt University: ISIS University of Memphis: MSI A New System Science.
Ptolemy Miniconference May 9, 2003 Berkeley, CA Ptolemy Project Plans for the Future Edward A. Lee Professor Ptolemy Project Director.
SEC PI Meeting Annapolis, May 8-9, 2001 Component-Based Design of Embedded Control Systems Edward A. Lee & Jie Liu UC Berkeley with thanks to the entire.
Department of Electrical Engineering and Computer Sciences University of California at Berkeley System-Level Types for Component-Based Design Edward A.
Department of Electrical Engineering and Computer Sciences University of California at Berkeley Concurrent Component Patterns, Models of Computation, and.
Chess Review May 11, 2005 Berkeley, CA Discrete-Event Systems: Generalizing Metric Spaces and Fixed-Point Semantics Adam Cataldo Edward Lee Xiaojun Liu.
MoBIES Working group meeting, September 2001, Dearborn Ptolemy II The automotive challenge problems version 4.1 Johan Eker Edward Lee with thanks.
7th Biennial Ptolemy Miniconference Berkeley, CA February 13, 2007 PTIDES: A Programming Model for Time- Synchronized Distributed Real-time Systems Yang.
State of the Art Lecture IEEE Instrumentation and Measurement Technology Conference Budapest, Hungary, May 21-23, 2001 Computing for Embedded Systems Edward.
Embedded Software: Leveraging Concurrent Models of Computation Edward A. Lee Professor, UC Berkeley Center for Hybrid and Embedded Software Systems (CHESS)
Embedded Software Challenges for the Next 10 Years Chess: Center for Hybrid and Embedded Software Systems Infineon Embedded Software Days Munich, Sept.
Panel: What Comes After C++ in System-Level Specification Edward Lee UC Berkeley Forum on Design Languages Workshop on System Specification & Design Languages.
MOBIES Project Progress Report Engine Throttle Controller Design Using Multiple Models of Computation Edward Lee Haiyang Zheng with thanks to Ptolemy Group.
Model-Driven Development From Object-Oriented Design to Actor-Oriented Design Chess: Center for Hybrid and Embedded Software Systems Edward A. Lee Professor.
System-Level Types for Component-Based Design Paper by: Edward A. Lee and Yuhong Xiong Presentation by: Dan Patterson.
Department of Electrical Engineering and Computer Sciences University of California at Berkeley The Ptolemy II Framework for Visual Languages Xiaojun Liu.
Embedded Software: Building the Foundations Edward A. Lee Professor, Chair of EE, and Associate Chair of EECS CHESS: Center for Hybrid and Embedded Software.
Composing Models of Computation in Kepler/Ptolemy II
Design Languages in 2010 Chess: Center for Hybrid and Embedded Software Systems Edward A. Lee Professor UC Berkeley Panel Position Statement Forum on Design.
Actor Networks Edward A. Lee Robert S. Pepper Distinguished Professor Chair of EECS UC Berkeley Invited Talk Workshop Foundations and Applications of Component-based.
Ptolemy Project Vision Edward A. Lee Robert S. Pepper Distinguished Professor Eighth Biennial Ptolemy Miniconference April 16, 2009 Berkeley, CA, USA.
Ptolemy II - Heterogeneous Concurrent Modeling and Design in Java
Ptolemy II - Heterogeneous Concurrent Modeling and Design in Java
Retargetable Model-Based Code Generation in Ptolemy II
Ptolemy II - Heterogeneous Concurrent Modeling and Design in Java
Embedded Systems: A Focus on Time
Ptolemy II - Heterogeneous Concurrent Modeling and Design in Java
Concurrent Models of Computation
Concurrent Models of Computation
Presentation transcript:

Building Unreliable Systems out of Reliable Components: The Real Time Story Edward A. Lee Professor, Chair of EE, and Associate Chair of EECS CHESS: Center for Hybrid and Embedded Software Systems UC Berkeley Monterey Workshop Series 2005 Theme: Workshop on Networked Systems: realization of reliable systems on top of unreliable networked platforms September 23-25, 2005 Laguna Beach, CA

Lee, Berkeley 2 Electronics Technology Delivers Timeliness … and the overlaying abstractions discard it.

Lee, Berkeley 3 Computation in the 20 th Century f : {0,1}   {0,1} 

Lee, Berkeley 4 Computation in the 20 th Century initial state final state sequence f : State  State Time is irrelevant All actions are ordered Nontermination is a defect Concurrency is an illusion Alan Turing

Lee, Berkeley 5 Exploiting the 20 th Century Abstraction Programming languages Debuggers Virtual memory Caches Dynamic dispatch Speculative execution Power management (voltage scaling) Memory management (garbage collection) Just-in-time (JIT) compilation Multitasking (threads and processes) Networking (TCP) Theory (complexity)

Lee, Berkeley 6 What about timeliness? Moore’s law has saved us!

Lee, Berkeley 7 In Core Software Abstractions: Real-Time is Not Time is not in the semantics of programs. Have to step outside the semantics to specify timing. Timing is a consequence of implementation not a property of design. Measured on the bench For a particular realization Resulting systems are brittle. Small changes have big consequences Ports to new platforms require redesign

Lee, Berkeley 8 The Myth of WCET Worst-Case Execution Time True WCET can be thousands of times bigger than actual execution time. In many implementations, true WCET is not a useful number. Dubious WCET is what is actually used. Correctness of even safety-critical systems depends on WCET being correct.

Lee, Berkeley 9 What is Done in Practice Real-time systems are boxes, not software services. Critical real-time systems use idiosyncratic, non-mainstream processors (like DSPs). Designs are bench tested, then encased.

Lee, Berkeley 10 APOT The question: What would have to change to achieve absolutely, positively on time (APOT)? The answer: nearly everything.

Lee, Berkeley 11 What to do? Put time into programming languages Promising start: Simulink, Giotto, Discrete-event models Rethink the OS/programming language split Promising start: TinyOS/nesC Rethink the hardware/software split Promising start: FPGAs with programmable cores Memory hierarchy with predictability Promising start: Scratchpad memories vs. caches Memory management with predictability Promising start: Bounded pause time garbage collection Predictable, controllable deep pipelines Promising start: Pipeline interleaving + stream-oriented languages Predictable, controllable, understandable concurrency Promising start: Synchronous languages, SCADE Networks with timing Promising start: Time triggered architectures, time synchronization Computational dynamical systems theory Promising start: Hybrid systems

Lee, Berkeley 12 Recall: Computation in the 20 th Century f : {0,1}   {0,1} 

Lee, Berkeley 13 Computation in the 21 st Century f : [T  {0,1}  ] P  [T  {0,1}  ] P

Lee, Berkeley 14 We Need Component and Composition Models with Time and Concurrency Actor oriented: actor name data (state) ports Input data parameters Output data What flows through an object is streams of data class name data methods call return What flows through an object is sequential control Object-oriented: Stuff happens to objects Actors make things happen

Lee, Berkeley 15 The First (?) Actor-Oriented Platform The On-Line Graphical Specification of Computer Procedures W. R. Sutherland, Ph.D. Thesis, MIT, 1966 MIT Lincoln Labs TX-2 Computer Bert Sutherland with a light pen Partially constructed actor-oriented model with a class definition (top) and instance (below). Bert Sutherland used the first acknowledged object- oriented framework (Sketchpad, created by his brother, Ivan Sutherland) to create the first actor-oriented programming framework.

Lee, Berkeley 16 Your Speaker in 1966

Lee, Berkeley 17 Modern Examples of Actor-Oriented Platforms Simulink (The MathWorks) LabVIEW (National Instruments) Modelica (Linkoping) OPNET (Opnet Technologies) Giotto and xGiotto (UC Berkeley) Polis & Metropolis (UC Berkeley) Gabriel, Ptolemy, and Ptolemy II (UC Berkeley) OCP, open control platform (Boeing) GME, actor-oriented meta-modeling (Vanderbilt) SPW, signal processing worksystem (Cadence) System studio (Synopsys) ROOM, real-time object-oriented modeling (Rational) Easy5 (Boeing) Port-based objects (U of Maryland) I/O automata (MIT) VHDL, Verilog, SystemC (Various) …

Lee, Berkeley 18 Ptolemy II: Our Laboratory for Actor-Oriented Models of Computation Director from an extensible library defines component interaction semantics or “model of computation.” Extensile, behaviorally- polymorphic component library. Visual editor supporting an abstract syntax Type system for transported data Concurrency management supporting dynamic model structure.

Lee, Berkeley 19 Models of Computation Implemented in Ptolemy II CI – Push/pull component interaction Click – Push/pull with method invocation CSP – concurrent threads with rendezvous CT – continuous-time modeling DE – discrete-event systems DDE – distributed discrete events DDF – Dynamic dataflow DPN – distributed process networks DT – discrete time (cycle driven) FSM – finite state machines Giotto – synchronous periodic GR – 2-D and 3-D graphics PN – process networks SDF – synchronous dataflow SR – synchronous/reactive TM – timed multitasking Most of these are actor oriented.

Lee, Berkeley 20 A Start on a 21 st Century Theory of Computation: The Tagged Signal Model [Lee & Sangiovanni-Vincentelli, 1998] A set of values V and a set of tags T An event is e  T  V A signal s is a set of events. I.e. s  T  V A functional signal is a (partial) function s: T  V The set of all signals S = 2 T  V Related models: Interaction Categories [Abramsky, 1995] Interaction Semantics [Talcott, 1996] Abstract Behavioral Types [Arbab, 2005]

Lee, Berkeley 21 Actors, Ports, and Behaviors An actor has a set of ports P A behavior is a function  : P A  S An actor is a set of behaviors A  [P A  S ] = S P A P A = { p 1, p 2, p 3, p 4 }

Lee, Berkeley 22 Actor Composition Composition is simple intersection (of sets of functions) P 1 = { p 1, p 2 } P 2 = { p 3, p 4 } P = P 1  P 2

Lee, Berkeley 23 Connectors Connectors are trivial actors. P 1 = { p 1, p 2 }P 2 = { p 3, p 4 } P c = { p 2, p 3 } c A

Lee, Berkeley 24 Tagged Signal Model Gives a Fixed-Point Semantics to Arbitrary Composition

Lee, Berkeley 25 Tagged Signal Model can be used on a Wide Variety of Concurrent and Timed Models of Computation CSP – concurrent threads with rendezvous CT – continuous-time modeling DE – discrete-event systems DDF – Dynamic dataflow DT – discrete time Giotto – synchronous periodic PN – process networks SDF – synchronous dataflow SR – synchronous/reactive

Lee, Berkeley 26 Application of this Theory of Computation: Discrete-Event Systems CI – Push/pull component interaction Click – Push/pull with method invocation CSP – concurrent threads with rendezvous CT – continuous-time modeling DE – discrete-event systems DDE – distributed discrete events DDF – Dynamic dataflow DPN – distributed process networks DT – discrete time (cycle driven) FSM – finite state machines Giotto – synchronous periodic GR – 2-D and 3-D graphics PN – process networks SDF – synchronous dataflow SR – synchronous/reactive TM – timed multitasking

Lee, Berkeley 27 Discrete Events (DE): A Timed Concurrent Model of Computation DE Director implements timed semantics using an event queue Event source Time line Reactive actors Signal

Lee, Berkeley 28 Semantics Clears Up Subtleties: Simultaneous Events By default, an actor produces events with the same time as the input event. But in this example, we expect (and need) for the BooleanSwitch to “see” the output of the Bernoulli in the same “firing” where it sees the event from the PoissonClock. Events with identical time stamps are also ordered, and reactions to such events follow data precedence order.

Lee, Berkeley 29 Semantics Clears Up Subtleties: Feedback Data precedence analysis has to take into account the non-strictness of this actor (that an output can be produced despite the lack of an input).

Lee, Berkeley 30 Semantics Clears Up Subtleties: Zeno Systems DE systems may have an infinite number of events in a finite amount of time. Carefully constructed semantics gives these systems meaning.

Lee, Berkeley 31 Example of Current Research Challenges Use distributed discrete-event systems as a timed model of computation for embedded software in unreliable, sporadically connected networks, such as wireless sensor networks. The most interesting possibilities are based on distributed consensus algorithms (as in Croquet, Reed, Lamport). Research challenges include: Defining the semantics Combining the semantics heterogeneously with others. E.g.: Signal processing for channel modeling TinyOS for node functionality Creating efficient runtime environments Building the design environment

Lee, Berkeley 32 Application of this Theory of Computation: Hybrid Systems CI – Push/pull component interaction Click – Push/pull with method invocation CSP – concurrent threads with rendezvous CT – continuous-time modeling DE – discrete-event systems DDE – distributed discrete events DDF – Dynamic dataflow DPN – distributed process networks DT – discrete time (cycle driven) FSM – finite state machines Giotto – synchronous periodic GR – 2-D and 3-D graphics PN – process networks SDF – synchronous dataflow SR – synchronous/reactive TM – timed multitasking

Lee, Berkeley 33 Standard Model for Continuous-Time Signals The usual formulation of the signals of interest is a function from the time line T (a connected subset of the reals) to the reals: Such signals are continuous at t  T if (e.g.):

Lee, Berkeley 34 Piecewise Continuous Signals In hybrid systems of interest, signals have discontinuities. Piecewise continuous signals are continuous at all t  T \ D where D  T is a discrete set. 1 1 A set D with an order relation is a discrete set if there exists an order embedding to the integers.

Lee, Berkeley 35 Operational Semantics of Hybrid Systems A computer execution of a hybrid system is constrained to provide values on a discrete set: Given this constraint, choosing T  as the domain of these functions is an unfortunate choice. It makes it impossible to unambiguously represent discontinuities.

Lee, Berkeley 36 Definition: Continuously Evolving Signal Change the domain of the function: Where T is a connected subset of the reals and is the set of natural numbers. At each time t  T, the signal x has a sequence of values. Where the signal is continuous, all the values are the same. Where is discontinuous, it has multiple values.

Lee, Berkeley 37 Simple Example: Hysteresis This model shows the use of a two-state FSM to model hysteresis. Semantically, the output of the ModalModel block is discontinuous. If transitions take zero time, this is modeled as a signal that has two values at the same time, and in a particular order.

Lee, Berkeley 38 Signals Must Have Multiple Values at the Time of a Discontinuity Discontinuities need to be semantically distinguishable from rapid continuous changes.

Lee, Berkeley 39 Initial and Final Value Signals A signal has no chattering Zeno condition if there is an integer m > 0 such that A non-chattering signal has a corresponding final value signal, where It also has an initial value signal where

Lee, Berkeley 40 Piecewise Continuous Signals A piecewise continuous signal is a non- chattering signal where The initial signal x i is continuous on the left, The final signal x f is continuous on the right, and The signal x has only one value at all t  T \ D where D  T is a discrete set.

Lee, Berkeley 41 Our Current Projects Abstract semantics (Cataldo, Liu, Matsikoudis, Zheng) Behavioral polymorphism Actor semantics (prefire, fire, postfire) Compositional directors Time semantics Causality interfaces Distributed computing (Feng, Zhao) Robust distributed consensus Data coherence (distributed caches) Time synchronization Real-time software (Bandyopadhyay, Cheong, Zhou) Time-based models vs. dataflow models Deterministic, understandable multitasking Memory hierarchy with scratchpad memory Code generation Hybrid systems (Cataldo, Zheng) Operational semantics Stochastic hybrid systems Aspect-oriented multi-view modeling Code generation

Lee, Berkeley 42 Conclusion The time is right to create the 21-st century theory of (embedded) computing.