A thread synchronization model for the PREEMPT_RT Linux kernel

This article proposes an automata-based model for describing and validating sequences of kernel events in Linux PREEMPT_RT and how they influence the timeline of threads’ execution, comprising preemption control, interrupt handling and control, scheduling and locking. This article also presents an extension of the Linux tracing framework that enables the tracing of kernel events to verify the consistency of the kernel execution compared to the event sequences that are legal according to the formal model. This enables cross-checking of a kernel behavior against the formalized one, and in case of inconsistency, it pinpoints possible areas of improvement of the kernel, useful for regression testing. Indeed, we describe in details three problems in the kernel revealed by using the proposed technique, along with a short summary on how we reported and proposed fixes to the Linux kernel community. As an example of the usage of the model, the analysis of the events involved in the activation of the highest priority thread is presented, describing the delays occurred in this operation in the same granularity used by kernel developers. This illustrates how it is possible to take advantage of the model for analyzing the preemption model of Linux

Doctor of Philosophy

dissertationThe increasing demand for smaller, more efficient circuits has created a need for both digital and analog designs to scale down. Digital technologies have been successful in meeting this challenge, but analog circuits have lagged behind due to smaller transistor sizes having a disproportionate negative affect. Since many applications require small, low-power analog circuits, the trend has been to take advantage of digital's ability to scale by replacing as much of the analog circuitry as possible with digital counterparts. The results are known as \emph{digitally-intensive analog/mixed-signal} (AMS) circuits. Though such circuits have helped the scaling problem, they have further complicated verification. This dissertation improves on techniques for AMS property specifications, as well as, develops sound, efficient extensions to formal AMS verification methods. With the \emph{language for analog/mixed-signal properties} (LAMP), one has a simple intuitive language for specifying AMS properties. LAMP provides a more procedural method for describing properties that is more straightforward than temporal logic-like languages. However, LAMP is still a nascent language and is limited in the types of properties it is capable of describing. This dissertation extends LAMP by adding statements to ignore transient periods and be able to reset the property check when the environment conditions change. After specifying a property, one needs to verify that the circuit satisfies the property. An efficient method for formally verifying AMS circuits is to use the restricted polyhedral class of \emph{zones}. Zones have simple operations for exploring the reachable state space, but they are only applicable to circuit models that utilize constant rates. To extend zones to more general models, this dissertation provides the theory and implementation needed to soundly handle models with ranges of rates. As a second improvement to the state representation, this dissertation describes how octagons can be adapted to model checking AMS circuit models. Though zones have efficient algorithms, it comes at a cost of over-approximating the reachable state space. Octagons have similarly efficient algorithms while adding additional flexibility to reduce the necessary over-approximations. Finally, the full methodology described in this dissertation is demonstrated on two examples. The first example is a switched capacitor integrator that has been studied in the context of transforming the original formal model to use only single rate assignments. Th property of not saturating is written in LAMP, the circuit is learned, and the property is checked against a faulty and correct circuit. In addition, it is shown that the zone extension, and its implementation with octagons, recovers all previous conclusions with the switched capacitor integrator without the need to translate the model. In particular, the method applies generally to all the models produced and does not require the soundness check needed by the translational approach to accept positive verification results. As a second example, the full tool flow is demonstrated on a digital C-element that is driven by a pair of RC networks, creating an AMS circuit. The RC networks are chosen so that the inputs to the C-element are ordered. LAMP is used to codify this behavior and it is verified that the input signals change in the correct order for the provided SPICE simulation traces

Application and Control Aware Communication Strategies for Transportation and Energy Cyber-Physical Systems

Cyber--Physical Systems (CPSs) are a generation of engineered systems in which computing, communication, and control components are tightly integrated. Some important application domains of CPS are transportation, energy, and medical systems. The dynamics of CPSs are complex, involving the stochastic nature of communication systems, discrete dynamics of computing systems, and continuous dynamics of control systems. The existence of communication between and among controllers of physical processes is one of the basic characteristics of CPSs. Under this situation, some fundamental questions are: 1) How does the network behavior (communication delay, packet loss, etc.) affect the stability of the system? 2) Under what conditions is a complex system stabilizable?;In cases where communication is a component of a control system, scalability of the system becomes a concern. Therefore, one of the first issues to consider is how information about a physical process should be communicated. For example, the timing for sampling and communication is one issue. The traditional approach is to sample the physical process periodically or at predetermined times. An alternative is to sample it when specific events occur. Event-based sampling requires continuous monitoring of the system to decide a sample needs to be communicated. The main contributions of this dissertation in energy cyber-physical system domain are designing and modeling of event-based (on-demand) communication mechanisms. We show that in the problem of tracking a dynamical system over a network, if message generation and communication have correlation with estimation error, the same performance as the periodic sampling and communication method can be reached using a significantly lower rate of data.;For more complex CPSs such as vehicle safety systems, additional considerations for the communication component are needed. Communication strategies that enable robust situational awareness are critical for the design of CPSs, in particular for transportation systems. In this dissertation, we utilize the recently introduced concept of model-based communication and propose a new communication strategy to address this need. Our approach to model behavior of remote vehicles mathematically is to describe the small-scale structure of the remote vehicle movement (e.g. braking, accelerating) by a set of dynamic models and represent the large-scale structure (e.g. free following, turning) by coupling these dynamic models together into a Markov chain. Assuming model-based communication approach, a novel stochastic model predictive method is proposed to achieve cruise control goals and investigate the effect of new methodology.;To evaluate the accuracy and robustness of a situational awareness methodology, it is essential to study the mutual effect of the components of a situational awareness subsystem, and their impact on the accuracy of situational awareness. The main components are estimation and networking processes. One possible approach in this task is to produce models that provide a clear view into the dynamics of these two components. These models should integrate continuous physical dynamics, expressed with ordinary differential equations, with the discrete behaviors of communication, expressed with finite automata or Markov chain. In this dissertation, a hybrid automata model is proposed to combine and model both networking and estimation components in a single framework and investigate their interactions.;In summary, contributions of this dissertation lie in designing and evaluating methods that utilize knowledge of the physical element of CPSs to optimize the behavior of communication subsystems. Employment of such methods yields significant overall system performance improvement without incurring additional communication deployment costs

Hybrid modeling and control of mechatronic systems using a piecewise affine dynamics approach

This thesis investigates the topic of modeling and control of PWA systems based on two experimental cases of an electrical and hydraulic nature with varying complexity that were also built, instrumented and evaluated. A full-order model has been created for both systems, including all dominant system dynamics and non-linearities. The unknown parameters and characteristics have been identi ed via an extensive parameter identi cation. In the following, the non-linear characteristics are linearized at several points, resulting in PWA models for each respective setup. Regarding the closed loop control of the generated models and corresponding experimental setups, a linear control structure comprised of integral error, feed-forward and state-feedback control has been used. Additionally, the hydraulic setup has been controlled in an autonomous hybrid position/force control mode, resulting in a switched system with each mode's dynamics being de ned by the previously derived PWA-based model in combination with the control structure and respective mode-dependent controller gains. The autonomous switch between control modes has been de ned by a switching event capable of consistently switching between modes in a deterministic manner despite the noise-a icted measurements. Several methods were used to obtain suitable controller gains, including optimization routines and pole placement. Validation of the system's fast and accurate response was obtained through simulations and experimental evaluation. The controlled system's local stability was proven for regions in state-space associated with operational points by using pole-zero analysis. The stability of the hybrid control approach was proven by using multiple Lyapunov functions for the investigated test scenarios.publishedVersio

Transient Information Flow in a Network of Excitatory and Inhibitory Model Neurons: Role of Noise and Signal Autocorrelation

We investigate the performance of sparsely-connected networks of integrate-and-fire neurons for ultra-short term information processing. We exploit the fact that the population activity of networks with balanced excitation and inhibition can switch from an oscillatory firing regime to a state of asynchronous irregular firing or quiescence depending on the rate of external background spikes. We find that in terms of information buffering the network performs best for a moderate, non-zero, amount of noise. Analogous to the phenomenon of stochastic resonance the performance decreases for higher and lower noise levels. The optimal amount of noise corresponds to the transition zone between a quiescent state and a regime of stochastic dynamics. This provides a potential explanation on the role of non-oscillatory population activity in a simplified model of cortical micro-circuits.Comment: 27 pages, 7 figures, to appear in J. Physiology (Paris) Vol. 9