10,875 research outputs found
The Future of Formal Methods and GALS Design
AbstractThe System-on-Chip era has arrived, and it arrived quickly. Modular composition of components through a shared interconnect is now becoming the standard, rather than the exotic. Asynchronous interconnect fabrics and globally asynchronous locally synchronous (GALS) design has been shown to be potentially advantageous. However, the arduous road to developing asynchronous on-chip communication and interfaces to clocked cores is still nascent. This road of converting to asynchronous networks, and potentially the core intellectual property block as well, will be rocky. Asynchronous circuit design has been employed since the 1950's. However, it is doubtful that its present form will be what we will see 10 years hence. This treatise is intended to provoke debate as it projects what technologies will look like in the future, and discusses, among other aspects, the role of formal verification, education, the CAD industry, and the ever present tradeoff between greed and fear
An Alloy Verification Model for Consensus-Based Auction Protocols
Max Consensus-based Auction (MCA) protocols are an elegant approach to
establish conflict-free distributed allocations in a wide range of network
utility maximization problems. A set of agents independently bid on a set of
items, and exchange their bids with their first hop-neighbors for a distributed
(max-consensus) winner determination. The use of MCA protocols was proposed,
, to solve the task allocation problem for a fleet of unmanned aerial
vehicles, in smart grids, or in distributed virtual network management
applications. Misconfigured or malicious agents participating in a MCA, or an
incorrect instantiation of policies can lead to oscillations of the protocol,
causing, , Service Level Agreement (SLA) violations.
In this paper, we propose a formal, machine-readable, Max-Consensus Auction
model, encoded in the Alloy lightweight modeling language. The model consists
of a network of agents applying the MCA mechanisms, instantiated with
potentially different policies, and a set of predicates to analyze its
convergence properties. We were able to verify that MCA is not resilient
against rebidding attacks, and that the protocol fails (to achieve a
conflict-free resource allocation) for some specific combinations of policies.
Our model can be used to verify, with a "push-button" analysis, the convergence
of the MCA mechanism to a conflict-free allocation of a wide range of policy
instantiations
Fast and Compact Distributed Verification and Self-Stabilization of a DFS Tree
We present algorithms for distributed verification and silent-stabilization
of a DFS(Depth First Search) spanning tree of a connected network. Computing
and maintaining such a DFS tree is an important task, e.g., for constructing
efficient routing schemes. Our algorithm improves upon previous work in various
ways. Comparable previous work has space and time complexities of bits per node and respectively, where is the highest
degree of a node, is the number of nodes and is the diameter of the
network. In contrast, our algorithm has a space complexity of bits
per node, which is optimal for silent-stabilizing spanning trees and runs in
time. In addition, our solution is modular since it utilizes the
distributed verification algorithm as an independent subtask of the overall
solution. It is possible to use the verification algorithm as a stand alone
task or as a subtask in another algorithm. To demonstrate the simplicity of
constructing efficient DFS algorithms using the modular approach, We also
present a (non-sielnt) self-stabilizing DFS token circulation algorithm for
general networks based on our silent-stabilizing DFS tree. The complexities of
this token circulation algorithm are comparable to the known ones
A new look at the conditions for the synthesis of speed-independent circuits
This paper presents a set of sufficient conditions for the gate-level synthesis of speed-independent circuits when constrained to a given class of gate library. Existing synthesis methodologies are restricted to architectures that use simple AND-gates, and do not exploit the advantages offered by the existence of complex gates. The use of complex gates increases the speed and reduces the area of the circuits. These improvements are achieved because of (1) the elimination of the distributivity, signal persistency and unique minimal state requirements imposed by other techniques; (2) the reduction in the number of internal signals necessary to guarantee the synthesis; and finally (3) the utilization of optimization techniques to reduce the fan-in of the involved gates and the number of required memory elements.Peer ReviewedPostprint (published version
Specification and Verification of Distributed Embedded Systems: A Traffic Intersection Product Family
Distributed embedded systems (DESs) are no longer the exception; they are the
rule in many application areas such as avionics, the automotive industry,
traffic systems, sensor networks, and medical devices. Formal DES specification
and verification is challenging due to state space explosion and the need to
support real-time features. This paper reports on an extensive industry-based
case study involving a DES product family for a pedestrian and car 4-way
traffic intersection in which autonomous devices communicate by asynchronous
message passing without a centralized controller. All the safety requirements
and a liveness requirement informally specified in the requirements document
have been formally verified using Real-Time Maude and its model checking
features.Comment: In Proceedings RTRTS 2010, arXiv:1009.398
Using the PALS Architecture to Verify a Distributed Topology Control Protocol for Wireless Multi-Hop Networks in the Presence of Node Failures
The PALS architecture reduces distributed, real-time asynchronous system
design to the design of a synchronous system under reasonable requirements.
Assuming logical synchrony leads to fewer system behaviors and provides a
conceptually simpler paradigm for engineering purposes. One of the current
limitations of the framework is that from a set of independent "synchronous
machines", one must compose the entire synchronous system by hand, which is
tedious and error-prone. We use Maude's meta-level to automatically generate a
synchronous composition from user-provided component machines and a description
of how the machines communicate with each other. We then use the new
capabilities to verify the correctness of a distributed topology control
protocol for wireless networks in the presence of nodes that may fail.Comment: In Proceedings RTRTS 2010, arXiv:1009.398
Formal Model Engineering for Embedded Systems Using Real-Time Maude
This paper motivates why Real-Time Maude should be well suited to provide a
formal semantics and formal analysis capabilities to modeling languages for
embedded systems. One can then use the code generation facilities of the tools
for the modeling languages to automatically synthesize Real-Time Maude
verification models from design models, enabling a formal model engineering
process that combines the convenience of modeling using an informal but
intuitive modeling language with formal verification. We give a brief overview
six fairly different modeling formalisms for which Real-Time Maude has provided
the formal semantics and (possibly) formal analysis. These models include
behavioral subsets of the avionics modeling standard AADL, Ptolemy II
discrete-event models, two EMF-based timed model transformation systems, and a
modeling language for handset software.Comment: In Proceedings AMMSE 2011, arXiv:1106.596
- …