November 18, 2004 Conservative Approximations for Heterogeneous Design Roberto Passerone Alessandro Pinto Jerry R. Burch Alberto Sangiovanni Vincentelli.

Slides:



Advertisements
Similar presentations
Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.
Advertisements

One-to-one and Inverse Functions
Use trace algebra to formalize the YAPI model EE290N Spring2002 Alessandro Pinto Mentors: Roberto Passerone Jerry Burch.
Logical Reliability of Interacting Real-Time Tasks Krishnendu Chatterjee, UC Berkeley Arkadeb Ghosal, UC Berkeley Thomas A. Henzinger, EPFL Daniel Iercan,
Mixed Signal Design Space Exploration through Analog Platforms F. De Bernardinis , P. Nuzzo , A. Sangiovanni Vincentelli   UC Berkeley  University.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
The Engineering Design of Systems: Models and Methods
Overview This project applies the tagged-signal model to explain the semantics of piecewise continuous signals. Then it illustrates an operational way.
I MPLEMENTING S YNCHRONOUS M ODELS ON L OOSELY T IME T RIGGERED A RCHITECTURES Discussed by Alberto Puggelli.
Systems Engineering for Automating V&V of Dependable Systems John S. Baras Institute for Systems Research University of Maryland College Park
Simple Neural Nets For Pattern Classification
1 Basic abstract interpretation theory. 2 The general idea §a semantics l any definition style, from a denotational definition to a detailed interpreter.
Methodologies for Wireless Sensor Networks Design Alvise Bonivento Alessandro Pinto Prof. Sangiovanni-Vincentelli U.C. Berkeley.
A denotational framework for comparing models of computation Daniele Gasperini.
Abstractions. Outline Informal intuition Why do we need abstraction? What is an abstraction and what is not an abstraction A framework for abstractions.
Communication Notation Part V Chapter 15, 16, 18 and 19.
1 8. Safe Query Languages Safe program – its semantics can be at least partially computed on any valid database input. Safety is tied to program verification,
Computational Complexity, Physical Mapping III + Perl CIS 667 March 4, 2004.
Abstract Interpretation Part I Mooly Sagiv Textbook: Chapter 4.
A Denotational Semantics For Dataflow with Firing Edward A. Lee Jike Chong Wei Zheng Paper Discussion for.
1 Systematic Domain Design Some Remarks. 2 Best (Conservative) interpretation abstract representation Set of states concretization Abstract semantics.
CS 290C: Formal Models for Web Software Lecture 6: Model Driven Development for Web Software with WebML Instructor: Tevfik Bultan.
1 Program Analysis Systematic Domain Design Mooly Sagiv Tel Aviv University Textbook: Principles.
SNAL Sensor Networks Application Language Alvise Bonivento Mentor: Prof. Sangiovanni-Vincentelli 290N project, Fall 04.
Model-based Analysis of Distributed Real-time Embedded System Composition Gabor Madl Sherif Abdelwahed
1 Platform-Based Design A paper by Alberto Sangiovanni-Vincentelli EE 249, 11/5/2002 Presenter: Mel Tsai.
Bootstrapping Privacy Compliance in Big Data System Shayak Sen, Saikat Guha et al Carnegie Mellon University Microsoft Research Presenter: Cheng Li.
Sequential Redundancy Removal w/o State Space Exploration A. Mehrotra, S. Qadeer, V. Singhal, R. Brayton, A. Aziz, A. Sangiovanni-Vincentelli, “Sequential.
Models of Computation Reading Assignment: L. Lavagno, A.S. Vincentelli and E. Sentovich, “Models of computation for Embedded System Design”
Chess Review November 18, 2004 Berkeley, CA Semantics of Hybrid Systems Roberto Passerone Cadence Berkeley Laboratories with contributions from E. Lee,
Abstract Verification is traditionally done by determining the truth of a temporal formula (the specification) with respect to a timed transition system.
Formal Specification Thomas Alspaugh ICS Nov 7.
1 Tentative Schedule u Today: Theory of abstract interpretation u May 5 Procedures u May 15, Orna Grumberg u May 12 Yom Hatzamaut u May.
UML Class Diagrams: Basic Concepts. Objects –The purpose of class modeling is to describe objects. –An object is a concept, abstraction or thing that.
©2003/04 Alessandro Bogliolo Background Information theory Probability theory Algorithms.
Ontology Alignment/Matching Prafulla Palwe. Agenda ► Introduction  Being serious about the semantic web  Living with heterogeneity  Heterogeneity problem.
Compositional IS Development Framework Application Domain Application Domain Pre-existing components, legacy systems Extended for CD (ontologies) OAD Methods.
Speaking Bluntly about SharpHDL: Some Old Stuff and Some Other Proposed Future Extensions Gordon J. Pace & Christine Vella Synchron’05 Malta, November.
Introduction to Formal Methods Based on Jeannette M. Wing. A Specifier's Introduction to Formal Methods. IEEE Computer, 23(9):8-24, September,
CS4231 Parallel and Distributed Algorithms AY 2006/2007 Semester 2 Lecture 3 (26/01/2006) Instructor: Haifeng YU.
Knowledge Technologies March 2001 DataChannel, Inc Preserving Process Hyperlink-Based Workflow Representation W. Eliot Kimber, DataChannel, Inc.
CS3773 Software Engineering Lecture 04 UML Class Diagram.
Introduction to Problem Solving. Steps in Programming A Very Simplified Picture –Problem Definition & Analysis – High Level Strategy for a solution –Arriving.
Warm-upWarm-up Determine and the domain of each Section 4.2 One-to-One and Inverse Functions.
Hazırlayan DISCRETE COMPUTATIONAL STRUCTURES Propositional Logic PROF. DR. YUSUF OYSAL.
Relationships Relationships between objects and between classes.
Inverse functions Calculus Inverse functions Switch x and y coordinates Switch domains and ranges Undo each other. Not all functions have an inverse,
Formal Verification. Background Information Formal verification methods based on theorem proving techniques and model­checking –To prove the absence of.
Duminda WijesekeraSWSE 623: Introduction1 Introduction to Formal and Semi- formal Methods Based on A Specifier's Introduction to Formal Methods (J. Wing)
FUNCTIONS COSC-1321 Discrete Structures 1. Function. Definition Let X and Y be sets. A function f from X to Y is a relation from X to Y with the property.
Inverse functions: if f is one-to-one function with domain X and range Y and g is function with domain Y and range X then g is the inverse function of.
1 Iterative Program Analysis Abstract Interpretation Mooly Sagiv Tel Aviv University Textbook:
Abstraction and Abstract Interpretation. Abstraction (a simplified view) Abstraction is an effective tool in verification Given a transition system, we.
Copyright © Cengage Learning. All rights reserved. 1 Functions and Their Graphs.
Session 1: Technology Development August 15 NSF Workshop.
Business System Development
EE 249 Embedded Systems Design
SysML 2.0 Formalism: Requirement Benefits, Use Cases, and Potential Language Architectures Formalism WG December 6, 2016.
SysML v2 Formalism: Requirements & Benefits
NSI Topology Thoughts on how topology fits into the NSI architecture
Functions and Their Graphs
Oracle Solaris Zones Study Purpose Only
Lesson 1.6 Inverse Functions
Model-Driven Analysis Frameworks for Embedded Systems
Logical architecture refinement
Partly Verifiable Signals (c.n.)
One-to-one and Inverse Functions
One-to-one and Inverse Functions
One-to-one and Inverse Functions
Algebraic Trace Theory
Presentation transcript:

November 18, 2004 Conservative Approximations for Heterogeneous Design Roberto Passerone Alessandro Pinto Jerry R. Burch Alberto Sangiovanni Vincentelli Transport Layer Network Layer MAC Layer Link Layer Discrete Event Physical Layer Application Pre-Post Process Networks x Low pass Manager Tables and Parameters User CSP Continuous Time m + c s Systems are heterogeneous Separation convenient, but interactions difficult to define Build relations between the models in the form of abstractions and refinements Conservative approximations is one such class of relations H concrete abstract H concrete abstract Q Q’ uu ll concrete abstract H concrete abstract uu ll concrete abstract uu ll Q Q’  inv Refinement preserving abstraction –A function H between two models preserves refinement if and only if p 1  p 2 implies H(p 1 )  H(p 2 ) –In other words, H is monotonic –Analogy for real numbers r and s if r  s then  r    s  Monotonic functions are important, but not very useful in isolation –Proving refinement at the concrete level is harder than at the abstract level –Implication going in the wrong direction! Refinement preserving abstraction –A function H between two models inversely preserves refinement if and only if H(p 1 )  H(p 2 ) implies p 1  p 2 –In other words, H is “inverse” monotonic –Analogy (not) for real numbers r and s if  r    s  then not r  s Inverse monotonic functions are not useful –Say H(p 1 ) = H(p 2 ). Then p 1 = p 2 –In other words, H is injective (not giving up information) –Hence H is not an abstraction at all! One function does not fit all Conservative approximation –A pair of functions  = (  l,  u ) is a conservative approximation if and only if  u (p 1 )   l (p 2 ) implies p 1  p 2 –Analogy: if  r    s  then r  s –Abstract implies detailed Conservative approximations are useful –Implication going in the right direction –  l and  u are both abstractions (they need not be injective) The inverse of an abstraction does not necessarily exist –H( p ) does not determine p uniquely –Similarly,  u ( p ) and  l ( p ) do not determine p uniquely Inverse defined when upper and lower bound coincide –If  u (p) =  l (p), then p can be represented exactly at the abstract level –p is uniquely determined in this case –For induced approximations, inverse defined when  u ( p’ ) =  l ( p’ )  inv identifies agents that can be used indifferently in either domain –If Q’ is an abstraction of Q, then  inv is an injection from Q’ to Q –Agents are “domain polymorphic” Other agents are only approximated by the other semantic domain –  u and  l are different “views” –  inv   u is a closure operator –  inv   l is an interior operator Architecture Platform Semantic Platform Platform Instance All Platform behaviors (non deterministic) Function Function Space Architecture Platform Library Elements Closure under constrained composition (term algebra) Platform Instance Function Semantic Platform Function Space Mapped Instance Admissible Refinements Platform-based Design Motivations Abstractions A specification q requires that action “b” always be preceded by action “a” –q contains behaviors such as x = { (a, 1.1), (b, 2.3), (a, 3.4), (b, 3.8) } Take the abstraction  ( q ) of q –x’ = { (a, 1), (b, 2), (a, 3), (b, 3) } Assume  ( p )   ( q ) –Yet, it is possible that p has a behavior y = { (a, 1.1), (b, 2.3), (b, 3.8), (a, 3.9) } –Hence not p  q Upper and lower bounds –If b is a behavior of  u (p), then p has at least one concretization of b (same as Galois connection) –If b is a behavior of  l (p), then p has all the concretization of b Refinements and Embeddings Does  u ( p )   l ( q ) hold? –No, x’ = { (a, 1), (b, 2), (a, 3), (b, 3) } is not in  l ( q )! –The conservative approximation correctly points out that it is unable to solve the problem (incomplete, but sound) But  l ( q ) is not empty! –It has all the behaviors for which a and b are separated by at least one time unit –Verification possible if the implementation is “slow enough” There is a relation between our sampling frequency and the ability to verify in the abstract –Subtle interaction between implementation and verification strategy –Conservative approximations separate those concerns Refinement Verification Conservative Approximations useful in relating hybrid models –Can be used in translations to/from the Hybrid System Interchange Format –Full information not always needed (nor desirable!) See our other poster!! Interchange Format

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.