The compositional specification of timed systems-a tutorial

The analysis of reactive systems requires models representing the system, its interaction with the environment, and taking into account features of the underlying execution structure. It is important that such models are timed if analysis concerns performance, action scheduling or in general, dynamic aspects of the behavior. In practice, timed models of systems are obtained by adding timing constraints to untimed descriptions. For instance, given the functional description of a circuit, the corresponding timed model can be obtained by adding timing constraints about propagation delays of the components; to build a timed model of a real-time software, quantitative timing information concerning execution times of the statements and significant changes of the environment must be added. The construction of timed models of reactive systems raises some important questions concerning their composition and in particular, the way some well-understood constructs for untimed systems can be extended to timed systems. We present an overview of existing executable timed formalisms with a global notion of time, by putting emphasis on problems of compositional description. The results on compositionality have been developed in collaboration with Bornot at Verima

Schedulability analysis of timed CSP models using the PAT model checker

Timed CSP can be used to model and analyse real-time and concurrent behaviour of embedded control systems. Practical CSP implementations combine the CSP model of a real-time control system with prioritized scheduling to achieve efficient and orderly use of limited resources. Schedulability analysis of a timed CSP model of a system with respect to a scheduling scheme and a particular execution platform is important to ensure that the system design satisfies its timing requirements. In this paper, we propose a framework to analyse schedulability of CSP-based designs for non-preemptive fixed-priority multiprocessor scheduling. The framework is based on the PAT model checker and the analysis is done with dense-time model checking on timed CSP models. We also provide a schedulability analysis workflow to construct and analyse, using the proposed framework, a timed CSP model with scheduling from an initial untimed CSP model without scheduling. We demonstrate our schedulability analysis workflow on a case study of control software design for a mobile robot. The proposed approach provides non-pessimistic schedulability results

TPAP An algebra of preemptive processes for verifying real-time systems with shared resources

AbstractThis paper describes a timed process algebra called TPAP. The aim of this algebra is to allow the modelisation of real time embedded processes sharing common resources, and which are sensitive to communication delays and scheduling strategies. Timed broadcasting and process preemption by interruption events are the two main fundamental notions of the algebra. They allow description of schedulers and asynchronous communication mediums, thus which can be taken into account when verifying the real time behaviour of the global system. We first present the process algebra and discuss its properties. A case study from the avionics area is then developed using TPAP, and formally verified by translation into the UPPAAL model checker

GCSR: A Graphical Language With Algebraic Semantics for the Specification of Real-Time Systems

Graphical Communicating Shared Resources, GCSR, is a formal language for specifying real-time systems including their functional and resource requirements. A GCSR specification consists of a set of nodes that are connected with directed, labeled edges, which describe possible execution flows. Nodes represent instantaneous selection among execution flows, or time and resource consuming system activities. In addition, a node can represent a system subcomponent, which allows modular, hierarchical, thus scalable system specifications. Edges are labeled with instantaneous communication actions or time to describe the duration of activities in the source node. GCSR supports the explicit representation of resources and priorities to resolve resource contention. The semantics of GCSR is the Algebra of Communicating Shared Resources, a timed process algebra with operational semantics that makes GCSR specifications executable. Furthermore, the process algebra provides behavioral equivalence relations between GCSR specifications. These equivalence relations can be used to replace a GCSR specification with an equivalent specification inside another, and to minimize a GCSR specification in terms of the number of nodes and edges. The paper defines the GCSR language, describes GCSR specification reductions that preserve the specification behaviors, and illustrates GCSR with example design specifications

An algebraic framework for urgency

A sub-class of timed automata known as timed automata with deadlines was presented. Parallel composition and other operators were defined according to 'orthogonality' principal, for timed process algebras and hybrid automata. The compositional description methods that are based on 'flexible' composition rules that relax urgency constraints to preserve time reactivity was also studied

A process algebra of communicating shared resources with dense time and priorities

The correctness of real-time distributed systems depends not only on the function they compute but also on their timing characteristics. Furthermore, those characteristics are strongly influenced by the delays due to synchronization and resource availability. Process algebras have been used successfully to define and prove correctness of distributed systems. More recently, there has been a lot of activity to extend their application to real-time systems. The problem with most current approaches is that they ignore resource constraints and assume either a total parallelism (unlimited resources) or total interleaving (single resource). Algebra of Communicating Shared Resources (ACSR) is a process algebra designed for the formal specification and manipulation of distributed systems with resource and real-time constraints. A dense time domain provides a more natural way of specifying systems compared to the usual discrete time. Priorities provide a measure of urgency for each action and can be used to ensure that deadlines are met. In ACSR, processes are specified using resource bound, timed actions and instantaneous synchronization events. Processes can be combined using traditional operators such as nondeterministic choice and parallel execution. Specialized operators allow the specification of real-time behavior and constraints. The semantics of ACSR is defined as a labeled transition system. Equivalence between processes is based on the notion of strong bisimulation. A sound and complete set of algebraic laws can be used to transform almost any ACSR process into a normal form. In practice, several specifications may satisfy the same requirements with various degree of desirability. Some may use more resources; some may be faster. In fact, there are many ways to rank processes. We describe a method for defining order relations between execution traces and further expanding the relation to general processes. Monotonicity is an important property of operators as it ensures that ordering is preserved by contexts. We study the conditions that must be satisfied by the trace ordering to ensure monotonicity at the process level, both in the prioritized and unprioritized cases. While most operations are monotonic for a large variety of trace relations, few retain this property in a prioritized setting

A Process Algebra of Communicating Shared Resources with Dense Time and Priorities

The correctness of real-time distributed systems depends not only on the function they compute but also on their timing characteristics. Furthermore, those characteristics are strongly influenced by the delays due to synchronization and resource availability. Process algebras have been used successfully to define and prove correctness of distributed systems. More recently, there has been a lot of activity to extend their application to real-time systems. The problem with most current approaches is that they ignore resource constraints and assume either maximum parallelism (i.e., unlimited resources) or pure interleaving (i.e., single resource). Algebra of Communicating Shared Resources (ACSR) is a process algebra designed for the formal specification and manipulation of distributed systems with resources and real-time constraints. A dense time domain provides a more natural way of specifying systems compared to the usual discrete time. Priorities provide a measure of urgency for each a..