Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002.

Slides:

Advertisements

Similar presentations

Model Checking for an Executable Subset of UML Fei Xie 1, Vladimir Levin 2, and James C. Browne 1 1 Dept. of Computer Sciences, UT at Austin 2 Bell Laboratories,

Advertisements

Distributed Snapshots: Determining Global States of Distributed Systems Joshua Eberhardt Research Paper: Kanianthra Mani Chandy and Leslie Lamport.

The cardiac pacemaker – SystemJ versus Safety Critical Java Heejong Park, Avinash Malik, Muhammad Nadeem, and Zoran Salcic. University of Auckland, NZ.

Synchronous & Asynchronous Models in Computing By: James Pauer.

Syntax-driven partitioning for model-checking of Esterel programs Eric Vecchié - INRIA Aoste.

Weakly endochronous systems Dumitru Potop-Butucaru IRISA, France Joint work with A. Benveniste and B. Caillaud.

1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture 05.

Syntax-driven partitioning for model-checking of Esterel programs Eric Vecchié - INRIA Tick.

An Associative Broadcast Based Coordination Model for Distributed Processes James C. Browne Kevin Kane Hongxia Tian Department of Computer Sciences The.

Heterogeneous Reactive System Modeling and Correct-by-Construction Deployment nov Luca Carloni UC Berkeley Alberto Sangiovanni-Vincentelli UC Berkeley.

Event Driven Real-Time Programming CHESS Review University of California, Berkeley, USA May 10, 2004 Arkadeb Ghosal Joint work with Marco A. Sanvido, Christoph.

2/11/2010 BEARS 2010 On PTIDES Programming Model John Eidson Jeff C. Jensen Edward A. Lee Slobodan Matic Jia Zou PtidyOS.

Ordering and Consistent Cuts Presented By Biswanath Panda.

Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.

NSF Foundations of Hybrid and Embedded Software Systems UC Berkeley: Chess Vanderbilt University: ISIS University of Memphis: MSI A New System Science.

GrapevineCS-4513, D-Term Introduction to the Grapevine Distributed System CS-4513 Distributed Computing Systems.

 Idit Keidar, Principles of Reliable Distributed Systems, Technion EE, Spring Principles of Reliable Distributed Systems Lecture 7: Failure Detectors.

VERTAF: An Application Framework for Design and Verification of Embedded Real-Time Software Pao-Ann Hsiung, Shang-Wei Lin, Chih-Hao Tseng, Trong-Yen Lee,

Asynchronous Consensus (Some Slides borrowed from ppt on Web.(by Ken Birman) )

Copyright © 2001 Stephen A. Edwards All rights reserved Research Areas Stephen A. Edwards.

Using different Models of Computation for distributed control: the Robot Diffusion Problem Sarah Bergbreiter Mentors: Bruno Sinopoli, Alessandro Pinto.

Review of “Embedded Software” by E.A. Lee Katherine Barrow Vladimir Jakobac.

A Formal Model of Computation for Sensory-Based Robotics

Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.

Models of Computation for Embedded System Design Alvise Bonivento.

Performance Comparison of Existing Leader Election Algorithms for Dynamic Networks Mobile Ad Hoc (Dynamic) Networks: Collection of potentially mobile computing.

NSF Foundations of Hybrid and Embedded Software Systems UC Berkeley: Chess Vanderbilt University: ISIS University of Memphis: MSI A New System Science.

SEC PI Meeting Annapolis, May 8-9, 2001 Component-Based Design of Embedded Control Systems Edward A. Lee & Jie Liu UC Berkeley with thanks to the entire.

7th Biennial Ptolemy Miniconference Berkeley, CA February 13, 2007 PTIDES: A Programming Model for Time- Synchronized Distributed Real-time Systems Yang.

Mahapatra-A&M-Sprong'021 Co-design Finite State Machines Many slides of this lecture are borrowed from Margarida Jacome.

Advanced Behavioral Modeling

Comparing Models of Computation for Real-time, Distributed Control Systems Shawn Schaffert Bruno Sinopoli.

1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.

System-Level Types for Component-Based Design Paper by: Edward A. Lee and Yuhong Xiong Presentation by: Dan Patterson.

Composition Model and its code. bound:=bound+1.

Department of Electrical Engineering and Computer Sciences University of California at Berkeley The Ptolemy II Framework for Visual Languages Xiaojun Liu.

1 Correct and efficient implementations of synchronous models on asynchronous execution platforms Stavros Tripakis UC Berkeley and Verimag EC^2 Workshop,

Presenter : Cheng-Ta Wu Vijay D’silva, S. Ramesh Indian Institute of Technology Bombay Arcot Sowmya University of New South Wales, Sydney.

Course Outline DayContents Day 1 Introduction Motivation, definitions, properties of embedded systems, outline of the current course How to specify embedded.

Computer System Architectures Computer System Software

Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.

Reliable Design of Safety Critical Systems Dr. Abhik Roychoudhury School of Computing

- 1 - Embedded Systems - SDL Some general properties of languages 1. Synchronous vs. asynchronous languages Description of several processes in many languages.

An introduction to Esterel and its compilation

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Ch. 2. Specification and Modeling 2.1 Requirements Describe requirements and approaches for specifying and modeling embedded systems. Specification for.

Software Engineering Prof. Ing. Ivo Vondrak, CSc. Dept. of Computer Science Technical University of Ostrava

Natallia Kokash (Accepted for PACO’2011) ACG, 31/05/ Input-output conformance testing for channel-based connectors 1.

EEE440 Computer Architecture

Correct-by-construction asynchronous implementation of modular synchronous specifications Jacky Potop Benoît Caillaud Albert Benveniste IRISA, France.

Fault-Tolerant Parallel and Distributed Computing for Software Engineering Undergraduates Ali Ebnenasir and Jean Mayo {aebnenas, Department.

Actors: a model of concurrent computation in Distributed Systems Amin Saremi Hamid Mohamadi.

1. 2 Objects to Distributed Components (1) Typed Group Java or Active Object ComponentIdentity Cpt = newActiveComponent (params); A a = Cpt ….getFcInterface.

INRIA Aoste group : General Introduction to other talks R. de Simone.

ProActive components and legacy code Matthieu MOREL.

Axel Jantsch 1 Networks on Chip A Paradigm Change ? Axel Jantsch Laboratory of Electronics and Computer Systems, Royal Institute of Technology, Stockholm.

Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.

Modelling Reactive Systems 4 Professor Muffy Calder Dept. of Computing Science University of Glasgow

Course: COMS-E6125 Professor: Gail E. Kaiser Student: Shanghao Li (sl2967)

Sequences & Series. Sequence: A function whose domain is a set of consecutive integers. The domain gives the relative position of each term of the sequence:

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Winter 2007SEG2101 Chapter 121 Chapter 12 Verification and Validation.

Self-Tuned Distributed Multiprocessor System Xiaoyan Bi CSC Operating Systems Dr. Mirela Damian.

Hardware/Software Co-Design of Complex Embedded System NIKOLAOS S. VOROS, LUIS SANCHES, ALEJANDRO ALONSO, ALEXIOS N. BIRBAS, MICHAEL BIRBAS, AHMED JERRAYA.

CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.

Towards Next Generation Panel at SAINT 2002

Analysis models and design models

Presentation transcript:

Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002

The problem Ensure a smooth migration throughout the different phases of embedded systems design As analysis reveals, the diversity of communication/concurrency paradigms, throughout the design process, is a serious difficulty

System From Components System on Chip Control engineering Matlab/Simulink… Domain specific Functional aspects Model engineering UML System architecture Performance, timeliness Fault-tolerance Non-functional aspects Deployment architecture Middleware Bus, protocols Tasks : Operator : Device start( ) stop( ) Class diagramSequence diagram StatechartsImplementation diagram

System From Components Model engineering UML System architecture Performance, timeliness Fault-tolerance Non-functional aspects Control engineering Matlab/Simulink… Domain specific Functional aspects System on Chip Deployment architecture Middleware Bus, protocols Tasks Multiform Model of communication Model engineering Componentsloose timeliness Non-functional aspectstimed Functional models Equations + statessynchronous Code generation Globally Asynchronous Locally Synchronous TasksSchedulingTime-triggered

Zooming on Synchrony & Asynchrony

Synchrony loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end

Synchrony loop % unique non terminating while loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end

Synchrony loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| % perfectly synchronous parallel composition [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end

Synchrony loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end

Synchrony loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end ?X ?Y2153 !Z*368

Synchrony loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end

Synchrony loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end ?X ?Z*368 !V

Synchrony loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| % synchronizes the two blocks by unification [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end

Synchrony loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| % synchronizes the two blocks by unification [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end ?X ?Y2153 !Z*368 ?X ?Z*368 !V

V : set of typed variables; v can take value “ absent” State : valuation of V ; Transition : pair of states I : initial condition (set of states) R : transition relation relating successive states Run : sequence of R-consistent transitions Formalizing synchrony S = (V,I,R) S ||| S’ = (V U V’,I&I’,R&R’) synch

Formalizing synchrony S = (V,I,R) S ||| S’ = (V U V’,I&I’,R&R’) Alike systems of dynamical equations in maths, but with multiple time-indices Perfectly synchronous parallel composition amounts to combining two systems of equations No recursion, no dynamical creation, only a single non terminating while loop; body with nested “when” Much simpler than Milner’s CCS or Hoare’s CSP

From Synchrony to… X Y V

Asynchrony X Y V

X Y V

X Y V

X Y V Assumes non synchronized, point to point, reliable channels

Formalizing Asynchrony A = (V,  ) V : set of typed variables; “ absent” meaningless Flow : sequence of values, for a given variable Run : tuple of flows  : set of runs A || A’ = (V U V’,  &  ’) asynch

Formalizing Asynchrony A = (V,  ) A || A’ = (V U V’,  &  ’) AA’ Point to point, non synchronized, channels

Synchrony/Asynchrony X Y V X Y V ? OK

Some synchronous systems are robust against Asynchronous environment (a property on infinite runs) synchronous asynchronous

For these synchronous systems, desynchronization is injective X Y V X Y V OK

They can be characterized: endochrony (a property on finite objects) synchronous asynchronous

Endochrony: example, counterexample loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end ?X ?Y2153 !Z*368

Endochrony: example, counterexample loop [ when X>0 then [get Y ; emit Z=Y+pre(Y)] ] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end ?X ?Z*368 !V

Formalizing endochrony For W,W’ subsets of V : W  W’ iff knowing the value of variables belonging to W determines the status present/absent for all variables of W’ Empty = W0  W1  W2  …  Wmax S is endochronous iff Wmax = V holds S = (V,I,R)

Endochrony is model-checkable, and can be synthesized Synchronous exochronous wrapper

A wrapper to enforce endochrony loop [ when C=1 then present(X,Z) else when C=2 then present(X)] ||| [ present X then [ present Z then emit U=X+Z else emit V=2X ] ] end

Some pairs of systems are robust against Asynchronous communications (a property on infinite runs) synchronous asynchronous

They can be characterized: isochrony (a property on finite objects) synchronous asynchronous

Formalizing isochrony S = (V,I,R), S ||| S’ = (V U V’,I&I’,R&R’) R & R’ unify pairs of transitions which agree on the values of their common variables (including status present/absent) R & w R’ unify pairs of transitions which agree on the values of their common present variables Isochrony : R & R’ coincides with R & w R’

Synchronous Pairs can be given a wrapper which makes them isochronous ( alike protocol generation) Synchronous wrapper enforce isochrony

GALS architectures as endo/isochronous networks isoendo

Isochrony is compositional iso endo

This theory is useful for: Generating code, from a synchronous functional architecture, to a GALS architecture Handling hybrid synchro/asynchro models at design exploration phase, by performing virtual prototyping

Further issues The assumed model of asynchronous communication requires blocking communication: not always acceptable Bus infrastructures for distributed control systems are typically non- blocking and time-triggered

Bus for distributed control: loosely synchronized clocks A small protocol can emulate our previous model of asynchrony In use, e.g., at Airbus

CONCLUSION

Most of the work presented is due to: The community on Synchronous Languages ESTEREL (G. Berry,…) LUSTRE (P. Caspi, N. Halbwachs,…) SIGNAL (P. Le Guernic, A. Benveniste,…) The Berkeley community PTOLEMY (Ed Lee,…) The METROPOLIS project at Cadence (Sangiovanni-Vincentelli,…) Supported by vendors (Esterel-Technologies, TNI-Valiosys, and others)

Distributed computing can be non-high performance Distributed by the physics; made from components Correctness is a major issue Study models of computation & communication This is relevant and modern research !!