Towards Time-triggered Component-based System Models

International audienceIn this paper, we propose a methodology for producing correct-by-construction Time-Triggered (TT) physical model by starting from a high-level model of the application software in Behaviour, Interaction, Priority (BIP). BIP is a component-based framework with formal semantics that rely on multi-party interactions for synchronizing components. Commonly in TT implementations, processes interact with each other through a communication medium. Our methodology transforms, depending on a user-defined task mapping, high-level BIP models where communication between components is strongly synchronized, into TT physical model that integrates a communication medium. Thus, only inter-task communications and components participating in such interactions are concerned by the transformation process. The transformation consists of: (1) breaking atomicity of actions in components by replacing strong synchronizations with asynchronous send/receive interactions, (2) inserting communication media that coordinate execution of inter-task interactions according to a user-defined task mapping, (3) extending the model with an algorithm for handling conflicts between different communication media and (4) instantiating task components and adding local priority rules for handling conflicts between inter-task and intra-task interactions. We also prove the correctness of our transformation, which preserves safety properties. I. INTRODUCTION A Time-Triggered (TT) system initiates all system activities-task activation, message transmission, and message detection-at predetermined points in time. Ideally, in a time-triggered operating system there is only one interrupt signal: the ticks generated by the local periodic clock. These statically defined activation instants enforce regularity and make TT systems more predictable than Event-Triggered (ET) systems. This approach is well-suited for hard real-time systems. In [1] and [2], Kopetz presents an approach for real-time system design based on the TT paradigm which comprises three essential elements: The global notion of time: It must be established by a periodic clock synchronization in order to enable a TT communication and computation, The temporal control structure of each task: In a sequence of computational or communication processes (called tasks), the start of a task is triggered by the progression of the global time, independently from the involved data of the task. The worst-case execution time and thus the worst-case termination instant are also assumed to be known a priori. These statically predefined start and worst-case termination instants, define the temporal control structure of the task

Correct Transformation of High-Level Models into Time-Triggered Implementations

A number of component-based frameworks have been proposed to tackle the complexity of the design of concurrent software and systems and, in particular, to allow modelling and simulation of critical embedded applications. Such design frameworks usually provide a capability for automatic generation of C++ or Java code, which has to be compiled for the selected target platform. Thus, guaranteeing hard real-time constraints is, at best, difficult. On the other hand, a variety of Real-Time Operating System (RTOS), in particular, those based on the Time-Triggered (TT) paradigm, guarantee the temporal and behavioural determinism of the executed software. However, such TT-based RTOS do not provide high-level design frameworks enabling the scalable design of complex safety-critical real-time systems. In this report, we combine advantages of the two approaches, by deriving correct-by-construction TT implementations from high-level componentised models. We present an automatic semantics-preserving transformation from RT-BIP (Real-Time Behaviour-Interaction-Priority) to PharOS—a safety-oriented RTOS, implementing the TT paradigm. The transformation has been implemented; we prove its correctness and illustrate it with a realistic case-study

Relating BIP and Reo

Coordination languages simplify design and development of concurrent systems. Particularly, exogenous coordination languages, like BIP and Reo, enable system designers to express the interactions among components in a system explicitly. In this paper we establish a formal relation between BI(P) (i.e., BIP without the priority layer) and Reo, by defining transformations between their semantic models. We show that these transformations preserve all properties expressible in a common semantics. This formal relation comprises the basis for a solid comparison and consolidation of the fundamental coordination concepts behind these two languages. Moreover, this basis offers translations that enable users of either language to benefit from the toolchains of the other.Comment: In Proceedings ICE 2015, arXiv:1508.0459

A Note on the Expressiveness of BIP

We extend our previous algebraic formalisation of the notion of component-based framework in order to formally define two forms, strong and weak, of the notion of full expressiveness. Our earlier result shows that the BIP (Behaviour-Interaction-Priority) framework does not possess the strong full expressiveness. In this paper, we show that BIP has the weak form of this notion and provide results detailing weak and strong full expressiveness for classical BIP and several modifications, obtained by relaxing the constraints imposed on priority models.Comment: In Proceedings EXPRESS/SOS 2016, arXiv:1608.0269

Symbolic Implementation of Connectors in BIP

BIP is a component framework for constructing systems by superposing three layers of modeling: Behavior, Interaction, and Priority. Behavior is represented by labeled transition systems communicating through ports. Interactions are sets of ports. A synchronization between components is possible through the interactions specified by a set of connectors. When several interactions are possible, priorities allow to restrict the non-determinism by choosing an interaction, which is maximal according to some given strict partial order. The BIP component framework has been implemented in a language and a tool-set. The execution of a BIP program is driven by a dedicated engine, which has access to the set of connectors and priority model of the program. A key performance issue is the computation of the set of possible interactions of the BIP program from a given state. Currently, the choice of the interaction to be executed involves a costly exploration of enumerative representations for connectors. This leads to a considerable overhead in execution times. In this paper, we propose a symbolic implementation of the execution model of BIP, which drastically reduces this overhead. The symbolic implementation is based on computing boolean representation for components, connectors, and priorities with an existing BDD package

Structural health monitoring for wind turbine foundations

The construction of onshore wind turbines has rapidly been increasing as the UK attempts to meet its renewable energy targets. As the UK’s future energy depends more on wind farms, safety and security are critical to the success of this renewable energy source. Structural integrity of the tower and its components is a critical element of this security of supply. With the stochastic nature of the load regime a bespoke low cost structural health monitoring system is required to monitor integrity of the concrete foundation supporting the tower. This paper presents an assessment of ‘embedded can’ style foundation failure modes in large onshore wind turbines and proposes a novel condition based monitoring solution to aid in early warning of failure. The most common failure modes are discussed and a low-cost remote monitoring system is presented