Supporting Development of Energy-Optimised Java Real-Time Systems using TetaSARTS by Luckow, Kasper Søe et al.
 
  
 
Aalborg Universitet
Supporting Development of Energy-Optimised Java Real-Time Systems using
TetaSARTS
Luckow, Kasper Søe; Bøgholm, Thomas; Thomsen, Bent
Publication date:
2013
Document Version
Early version, also known as pre-print
Link to publication from Aalborg University
Citation for published version (APA):
Luckow, K. S., Bøgholm, T., & Thomsen, B. (2013). Supporting Development of Energy-Optimised Java Real-
Time Systems using TetaSARTS. Poster presented at 19th IEEE Real-Time and Embedded Technology and
Applications Symposium, Philadelphia, Pennsylvania, United States.
General rights
Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners
and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights.
            ? Users may download and print one copy of any publication from the public portal for the purpose of private study or research.
            ? You may not further distribute the material or use it for any profit-making activity or commercial gain
            ? You may freely distribute the URL identifying the publication in the public portal ?
Take down policy
If you believe that this document breaches copyright please contact us at vbn@aub.aau.dk providing details, and we will remove access to
the work immediately and investigate your claim.
Downloaded from vbn.aau.dk on: December 26, 2020
Supporting Development of Energy-Optimised
Real-Time Java Systems using TetaSARTS
Kasper Søe Luckow, Thomas Bøgholm, and Bent Thomsen
Department of Computer Science, Aalborg University, Denmark
{luckow,boegholm,bt}@cs.aau.dk
Motivation
It is well-known, that the traditional Java run-time
is unsuited for use in embedded real-time systems,
which is attributed issues such as the lack of high-
resolution real-time clocks and timers, insufficient
thread semantics, and, most notably, memory
management, which is traditionally handled by a
garbage collector whose execution is highly unpre-
dictable. However, with emerging standards such
as the Real-Time Specification for Java (RTSJ)
and the Safety Critical Java (SCJ) profile, these
issues have been accounted for, thereby achieving
a significant step towards use in embedded real-
time systems development.
Having a suitable programming model as intro-
duced by e.g. SCJ and RTSJ is not the only com-
ponent in making Java a viable technological al-
ternative and competitor to C in the embedded
real-time systems domain. Equally important is
the complementation of tools and analyses that
support the development, and for verification pur-
poses. For real-time systems, the latter comprises
functional correctness, but also temporal correct-
ness, which is the focus of this work.
Contributions
Done
ExecutingTask
DeadlineOverrun
run[pID]!
ReadyToBeScheduled
run[pID]?
CheckForOffset
GO?
releasedTime <= offset
releasedTime <= deadline
releasedTime <= periodreleasedTime == period
releasedTime <= deadline
schedulable[pID] = true,
releasedTime = 0,
insert_task_in_scheduler(pID),
wcrt = 0
schedulable[pID] = false,
task_done_scheduler(),
wcrt = 0
offset != 0
releasedTime > deadline
offset == 0
releasedTime == offset
GO?
Fig. 1: Timed Automaton monitor-
ing the state of the associated task.
UtilisationMonitor
util' == !idling && 
idle' == idling
Fig. 2: Utilisa-
tion monitor.
We put forward the TetaSARTS tool whose capa-
bilities include:
Schedulability Analysis The analysis is approached
as a reachability, model checking problem by de-
termining whether the Timed Automata model
satisfies the specification A not deadlock. A
deadlock can only be reached, if there exists a
simulation reaching the DeadlineOverrun loca-
tion for any of the real-time tasks (see Fig. 1).
Clock Frequency Adjustment The analysis facili-
tates adjustment of the clock frequency. Using
a technique such as the bisection method, the
appropriate clock frequency can be determined
while still ensuring schedulability. Thus, poten-
tial energy reductions can be identified.
Worst-Case Response Time Analysis The Timed
Automata model facilitates Worst-Case Response
Time (WCRT) analysis to be conducted taking
into account blocking time. Using the sup-query
extension of the Uppaal specification language,
the maximum observed value of a clock variable
can be found. Hence, e.g. for periodic tasks,
WCRT analysis can be conducted using the spec-
ification sup{periodicThread .ExecutingTask} :
periodicThread .wcrt (see Fig. 1).
Processor Utilisation/Idle Time Analysis Adding
the Timed Automaton shown in Fig. 2 allows
monitoring the utilisation and idle time of the
processor using the specification sup : util , idle.
TetaSARTS
SCJ 
Program
SCJ 
Program
Java RT 
System
Javac, ECJ, 
GCJ, ...
SCJ ProgramSCJ ProgramJava Bytecode
TetaSARTS
TIR
TIR Builder
TIR Analyser and 
Decorator
UPPAAL NTA 
Generator
UPPAAL NTA 
Analyser and 
Optimiser
Program NTA
NTA Synthesiser
Analysis Specifier
JVM NTA 
Generator
JVM NTA
Hardware NTA
JVM 
Executable
UPPAAL 
Verification Engine
NTA System
Fig. 3: TetaSARTS.
Program NTA Layer
JVM NTA Layer
Hardware NTA Layer
Scheduler TA
Periodic Task 
Controller TA
Sporadic Task 
Controller TA
Sporadic Task 
NTA
Periodic Task
NTA
...
...
Periodic Task 
Controller TA
Periodic Task
NTA
Explicit Execution Environment Model
Inline Execution Environment Model
Fig. 4: Resulting NTA.
TetaSARTS is a fully automated tool for conduct-
ing timing analyses of SCJ Java Bytecode pro-
grams taking into account the execution environ-
ment (see Fig. 3 for an overview). It accommo-
dates hardware implementations of the JVM, and
traditional execution environments with a software
implementation of the JVM including the hosting
hardware. It supports both periodic and sporadic
real-time tasks, and from these, it generates Timed
Automata simulating their control flow. The struc-
ture of the model and the communication between
the Timed Automata using synchronisation actions
is shown in Fig. 4. The analyses are performed us-
ing the Uppaal model checker.
Timed Automata
Timed Automata are generated from Java Byte-
code by identifying the event handlers of the real-
time tasks such as the one in Listing 1.
public class MethaneCtrl extends PeriodicEventHandler {
public void handleAsyncEvent() {
if ( this .methaneSensor.isCritMethaneLvlReached())
this .waterpumpActuator.run();
else
this .waterpumpActuator.stop();
}
}
Listing 1: SCJ event handler periodically firing
handleAsyncEvent().
From Java Bytecode, the control flow graph is re-
constructed, producing the intermediate represen-
tation, TIR, on which various analyses and opti-
misations are applied. TIR is then translated to
Timed Automata (see Fig. 5).
ifeq277getfield276
iload_1278 aload_0279
jvm_execute!
jvm_execute!
jvm_execute!
jvm_execute!
iload_1306 aload_0307
running[tID] == true
running[tID] == true
jvm_instruction = JVM_GETFIELD
jvm_instruction = JVM_IFEQ
running[tID] == true
running[tID] == true
running[tID] == true
jvm_execute!
jvm_instruction = JVM_ILOAD_1
jvm_instruction = JVM_IFEQ jvm_instruction = JVM_ILOAD_1
Fig. 5: Excerpt of the generated Timed Automaton.
Here, locations represent Java Bytecodes and the
firing of the outgoing edges initiates simulation of
that Java Bytecode by consulting the respective
Timed Automaton in the JVM NTA Layer (see
Fig. 6).
assembly_instruction = ASSEMBLY_ADD assembly_instruction = ASSEMBLY_ADC
ASSEMBLY_add_ID0_13
assembly_instruction = ASSEMBLY_LPM
ASSEMBLY_adc_ID0_14ASSEMBLY_st_ID0_12 ASSEMBLY_lpm_ID0_15
assembly_execute! assembly_execute!assembly_execute!
Fig. 6: Excerpt of simulating a Java Bytecode.
In turn, the Java Bytecode is simulated using
the underlying Hardware NTA Layer (see Fig. 7).
x == 1
x <= 1
execute!
x = 0
fetch?
move(THIS, NEXT)
x == wait
x <= wait
execute?
set_wait(),
x = 0
clear(THIS)
Fig. 7: Pipeline fetch and execute stage, respectively.
Results
We base the results on analysing two representa-
tive examples of real-time systems written in Java:
the Real-Time Sorting Machine (RTSM) and the
Minepump control system. The systems have been
evaluated on the Java Optimized Processor (JOP),
and an execution environment consisting of the
Hardware near Virtual Machine (HVM) on an AVR
ATmega2560 microcontroller. The results have
been obtained on a system with an Intel Core i7-
2620M @ 2.70GHz and 8 GB of memory. The
results are shown in Table 1, 2, and 3.
Execution Env. Clock Freq. Schedulable
HVM + AVR 10 MHz X
HVM + AVR 5 MHz ×
JOP 2 MHz X
JOP 1 MHz ×
Table 1: Schedulability of the Minepump when varying
the clock frequency.
System Clock Freq. Idle Utilisation
RTSM 100 MHz 4.0 ms 48.5 µs (1.2%)
RTSM 60 MHz 4.0 ms 80.8 µs (2.0%)
Minep. 100 MHz 2.0 ms 25.9 µs (1.3%)
Minep. 10 MHz 11.8 ms 259.0 µs (2.1%)
Table 2: Processor idle and processor utilisation times
when the system is schedulable on the JOP.
RT Task WCRT Veri. Time
Periodic Task 1 62.3µs 60s
Periodic Task 2 18.4µs 10s
Sporadic Task 1 4.5µs 10s
Sporadic Task 2 4.5µs 25s
Table 3: WCRT of the real-time tasks of the RTSM.
Future Work
Support other Analyses The Timed Automata
model can be used for analysing other interesting
properties e.g. worst case blocking time.
Statistical Model Checking[2] Can be used for
analysing systems for which probabilistic guaran-
tees of temporal correctness are sufficient. The
technique can be used to avoid exhaustive explo-
ration of the state-space of the model.
Schedulability Abstractions[1] Decorate Java in-
terfaces with abstract, behavioural descriptions
and generate Timed Automata accordingly.
Case Studies We want to further evaluate the ap-
plicability of TetaSARTS by using more complex
real-time systems, and possibly other variations
of the execution environment.
Download TetaSARTS
http://people.cs.aau.dk/~luckow/tetasarts/
References
[1] T. Bøgholm, B. Thomsen, K. Larsen, and A. Mycroft. Schedu-
lability analysis abstractions for safety critical java. 2012.
[2] A. David, K. G. Larsen, A. Legay, M. Mikučionis, D. B. Poulsen,
J. Van Vliet, and Z. Wang. Statistical model checking for net-
works of priced timed automata. 2011.
