3,086 research outputs found
Formal Design of Asynchronous Fault Detection and Identification Components using Temporal Epistemic Logic
Autonomous critical systems, such as satellites and space rovers, must be
able to detect the occurrence of faults in order to ensure correct operation.
This task is carried out by Fault Detection and Identification (FDI)
components, that are embedded in those systems and are in charge of detecting
faults in an automated and timely manner by reading data from sensors and
triggering predefined alarms. The design of effective FDI components is an
extremely hard problem, also due to the lack of a complete theoretical
foundation, and of precise specification and validation techniques. In this
paper, we present the first formal approach to the design of FDI components for
discrete event systems, both in a synchronous and asynchronous setting. We
propose a logical language for the specification of FDI requirements that
accounts for a wide class of practical cases, and includes novel aspects such
as maximality and trace-diagnosability. The language is equipped with a clear
semantics based on temporal epistemic logic, and is proved to enjoy suitable
properties. We discuss how to validate the requirements and how to verify that
a given FDI component satisfies them. We propose an algorithm for the synthesis
of correct-by-construction FDI components, and report on the applicability of
the design approach on an industrial case-study coming from aerospace.Comment: 33 pages, 20 figure
Automated Synthesis of Distributed Self-Stabilizing Protocols
In this paper, we introduce an SMT-based method that automatically
synthesizes a distributed self-stabilizing protocol from a given high-level
specification and network topology. Unlike existing approaches, where synthesis
algorithms require the explicit description of the set of legitimate states,
our technique only needs the temporal behavior of the protocol. We extend our
approach to synthesize ideal-stabilizing protocols, where every state is
legitimate. We also extend our technique to synthesize monotonic-stabilizing
protocols, where during recovery, each process can execute an most once one
action. Our proposed methods are fully implemented and we report successful
synthesis of well-known protocols such as Dijkstra's token ring, a
self-stabilizing version of Raymond's mutual exclusion algorithm,
ideal-stabilizing leader election and local mutual exclusion, as well as
monotonic-stabilizing maximal independent set and distributed Grundy coloring
On the Limits and Practice of Automatically Designing Self-Stabilization
A protocol is said to be self-stabilizing when the distributed system executing it is guaranteed to recover from any fault that does not cause permanent damage. Designing such protocols is hard since they must recover from all possible states, therefore we investigate how feasible it is to synthesize them automatically. We show that synthesizing stabilization on a fixed topology is NP-complete in the number of system states. When a solution is found, we further show that verifying its correctness on a general topology (with any number of processes) is undecidable, even for very simple unidirectional rings. Despite these negative results, we develop an algorithm to synthesize a self-stabilizing protocol given its desired topology, legitimate states, and behavior. By analogy to shadow puppetry, where a puppeteer may design a complex puppet to cast a desired shadow, a protocol may need to be designed in a complex way that does not even resemble its specification. Our shadow/puppet synthesis algorithm addresses this concern and, using a complete backtracking search, has automatically designed 4 new self-stabilizing protocols with minimal process space requirements: 2-state maximal matching on bidirectional rings, 5-state token passing on unidirectional rings, 3-state token passing on bidirectional chains, and 4-state orientation on daisy chains
Modeling and Analysis of Mixed Synchronous/Asynchronous Systems
Practical safety-critical distributed systems must integrate safety critical and non-critical data in a common platform. Safety critical systems almost always consist of isochronous components that have synchronous or asynchronous interface with other components. Many of these systems also support a mix of synchronous and asynchronous interfaces. This report presents a study on the modeling and analysis of asynchronous, synchronous, and mixed synchronous/asynchronous systems. We build on the SAE Architecture Analysis and Design Language (AADL) to capture architectures for analysis. We present preliminary work targeted to capture mixed low- and high-criticality data, as well as real-time properties in a common Model of Computation (MoC). An abstract, but representative, test specimen system was created as the system to be modeled
Verification and Synthesis of Symmetric Uni-Rings for Leads-To Properties
This paper investigates the verification and synthesis of parameterized
protocols that satisfy leadsto properties on symmetric
unidirectional rings (a.k.a. uni-rings) of deterministic and constant-space
processes under no fairness and interleaving semantics, where and are
global state predicates. First, we show that verifying for
parameterized protocols on symmetric uni-rings is undecidable, even for
deterministic and constant-space processes, and conjunctive state predicates.
Then, we show that surprisingly synthesizing symmetric uni-ring protocols that
satisfy is actually decidable. We identify necessary and
sufficient conditions for the decidability of synthesis based on which we
devise a sound and complete polynomial-time algorithm that takes the predicates
and , and automatically generates a parameterized protocol that
satisfies for unbounded (but finite) ring sizes. Moreover, we
present some decidability results for cases where leadsto is required from
multiple distinct predicates to different predicates. To demonstrate
the practicality of our synthesis method, we synthesize some parameterized
protocols, including agreement and parity protocols
Learning from the Success of MPI
The Message Passing Interface (MPI) has been extremely successful as a
portable way to program high-performance parallel computers. This success has
occurred in spite of the view of many that message passing is difficult and
that other approaches, including automatic parallelization and directive-based
parallelism, are easier to use. This paper argues that MPI has succeeded
because it addresses all of the important issues in providing a parallel
programming model.Comment: 12 pages, 1 figur
From software architecture to analysis models and back: Model-driven refactoring aimed at availability improvement
Abstract Context With the ever-increasing evolution of software systems, their architecture is subject to frequent changes due to multiple reasons, such as new requirements. Appropriate architectural changes driven by non-functional requirements are particularly challenging to identify because they concern quantitative analyses that are usually carried out with specific languages and tools. A considerable number of approaches have been proposed in the last decades to derive non-functional analysis models from architectural ones. However, there is an evident lack of automation in the backward path that brings the analysis results back to the software architecture. Objective In this paper, we propose a model-driven approach to support designers in improving the availability of their software systems through refactoring actions. Method The proposed framework makes use of bidirectional model transformations to map UML models onto Generalized Stochastic Petri Nets (GSPN) analysis models and vice versa. In particular, after availability analysis, our approach enables the application of model refactoring, possibly based on well-known fault tolerance patterns, aimed at improving the availability of the architectural model. Results We validated the effectiveness of our approach on an Environmental Control System. Our results show that the approach can generate: (i) an analyzable availability model from a software architecture description, and (ii) valid software architecture models back from availability models. Finally, our results highlight that the application of fault tolerance patterns significantly improves the availability in each considered scenario. Conclusion The approach integrates bidirectional model transformation and fault tolerance techniques to support the availability-driven refactoring of architectural models. The results of our experiment showed the effectiveness of the approach in improving the software availability of the system
- …