Scheduling Multi Clock Real Time Systems: From Requirements to Implementation

NewPort BeachInternational audienceThis paper presents an approach for modeling simulating and analyzing multi clocks real time systems during the different steps of a design. These steps range from the first requirements to a model allocated on a specific execution platform. The \uml \marte profile and the \ccsl language are used together to specify the causal and temporal characteristics of the software as well as the hardware parts of the system. The \tsq environment allows a simulation of such specification and the detection of potential errors and deadlocks. When the specification refinement is finished, to prove the specification correctness, the \ccsl specification is used to generate a synchronous model and some observers in Esterel. We illustrate the approach through a spark ignition control system

Time in SCCharts

Synchronous languages, such as the recently proposed SCCharts language, have been designed for the rigorous specification of real-time systems. Their sound semantics, which builds on an abstraction from physical execution time, make these languages appealing, in particular for safety-critical systems. However, they traditionally lack built-in support for physical time. This makes it rather cumbersome to express things like time-outs or periodic executions within the language. We here propose several mechanisms to reconcile the synchronous paradigm with physical time. Specifically, we propose extensions to the SCCharts language to express clocks and execution periods within the model. We draw on several sources, in particular timed automata, the Clock Constraint Specification Language, and the recently proposed concept of dynamic ticks. We illustrate how these extensions can be mapped to the SCChart language core, with minimal requirements on the run-time system, and we argue that the same concepts could be applied to other synchronous languages such as Esterel, Lustre or SCADE

Multiform Logical Time & Space for Mobile Cyber-Physical System with Automated Driving Assistance System

International audienceWe study the use of Multiform Logical Time, as embodied in Esterel/SyncCharts and Clock Constraint Specification Language (CCSL), for the specification of assume-guarantee constraints providing safe driving rules related to time and space, in the context of Automated Driving Assistance Systems (ADAS). The main novelty lies in the use of logical clocks to represent the epochs of specific area encounters (when particular area trajectories just start overlapping for instance), thereby combining time and space constraints by CCSL to build safe driving rules specification. We propose the safe specification pattern at high-level that provide the required expressiveness for safe driving rules specification. In the pattern, multiform logical time provides the power of parameterization to express safe driving rules, before instantiation in further simulation contexts. We present an efficient way to irregularly update the constraints in the specification due to the context changes, where elements (other cars, road sections, traffic signs) may dynamically enter and exit the scene. In this way, we add constraints for the new elements and remove the constraints related to the disappearing elements rather than rebuild everything. The multi-lane highway scenario is used to illustrate how to irregularly and efficiently update the constraints in the specification while receiving a fresh scene

Modèle de contraintes temporelles pour systèmes polychrones

International audienceLa modélisation des systèmes répartis et des systèmes électroniques modernes nécessite des référentiels temporels multiples. Nous désignons ces systèmes sous le nom de “systèmes polychrones”. Le profil UML pour les systèmes temps réel et embarqués (MARTE) permet leur modélisation ainsi que la spécification de contraintes temporelles avec CCSL (Clock Constraint Specification Language). Dans MARTE, CCSL est non normatif et sa sémantique est informelle. Nous proposons ici une sémantique formelle en termes d'évolutions d'un “Time System” pour un noyau de CCSL. Un “Time System” est un modèle dynamique qui associe un ensemble de configurations à un modèle structurel constitué d'un ensemble d'horloges discrètes et de relations sur ces horloges. Les Time Systems sont comparés à d'autres modèles de causalités asynchrones, synchrones et polychrones. CCSL et sa mise en oeuvre sont illustrés sur un exemple de contrôleur d'ABS

Verification of Synchronization-Related Properties for UML-MARTE RTES Models with a Set of Time Constraints Dedicated Formal Semantic

Critical Real-Time Embedded Systems (RTES) have strong requirement with respect to system's reliability. In Model-Driven Engineering (MDE), verification at early phases of the system lifecycle is an important issue, especially for time constraints in UML-MARTE RTES model. In order to assess that the time requirements are met by the behavior models, the key challenging problem is to transform these time constraints from the UML-MARTE model to computable formal semantics that provide time properties verification. Moreover, to allow the application of this formal semantic to real industrial use cases, the performance of verification should scale well. In this paper, we present a set of time constraint dedicated semantics under the framework for UML-MARTE RTES model's time requirement assessment. We focus on how to specify a set of synchronization-related constraints between system's tasks relying on a formal semantics and to accomplish verification by an efficient observer-based model checking method using Time Petri Nets. We analyse the method's computational complexity and demonstrate the method's scalability by illustrating some performance results

Multiform Logical Time & Space for Specification of Automated Driving Assistance Systems: Work-in-Progress

International audienceDue to the mobility of autonomous vehicles and changing context through time, the constraints in safe driving rules specification need to be irregularly updated for monitoring the trajectory plan. This is not assumed in the Spatial-Temporal Logic. This paper proposes a novel approach to build the specification of assume-guarantee constraints providing safe driving rules related to time and space, in the context of Automated Driving Assistance Systems (ADAS). The novelty lies in that the specification adopts Multiform Logical Time to express the time constraints and provides spatial events generated by interactions on area trajectory for expressing space constraints. We propose the safe specification patterns at a high-level that provide the required expressiveness for safe driving rules. In these patterns, logical time provides the power of parameterization to express rules, before instantiation in low-level simulation contexts. The specification finally could be used to generate monitors that are executed on lower-level simulation engines with physical and topological features

A clock-based dynamic logic for the verification of CCSL specifications in synchronous systems

International audienceThe Clock Constraint Specification Language (CCSL) is a clock-based specification language for real-time embedded systems. With logical clocks defined as first-class citizens, CCSL provides a natural way for describing clock constraints in synchronous systems — a classical model of concurrency for real-time embedded systems. In this paper, we propose a clock-based dynamic logic called CCSL Dynamic Logic (CDL) for the verification of CCSL specifications in synchronous systems. It extends the first-order dynamic logic with a synchronous execution mechanism in its program model and with CCSL primitives as terms in its logical formulae. We build a sound and relatively complete proof system for CDL to support the verification. Compared with previous approaches for verifying CCSL specifications, which are based on model checking and SMT checking techniques, our approach, which is based on theorem-proving, offers a unified verification framework in which both bounded and unbounded CCSL specifications can be verified. Technically, with the proof system of CDL, a complex CDL formula can be semi-automatically transformed into a set of quantifier-free, arithmetical first-order logic (QF-AFOL) formulae which can be checked by an SMT solver in an efficient way. As a case study, we analyze a simple synchronous system throughout the paper to illustrate how CDL works. We analyze and prove the soundness and completeness of the proof system for CDL. Currently, CDL is partially mechanized in Coq

Verification of clock constraints: CCSL Observers in Esterel

The Clock Constraint Specification Language (CCSL) has been informally introduced in the specifications of the UML Profile for Modeling and Analysis of Real-Time and Embedded systems (MARTE). In a previous report entitled ``Syntax and Semantics of the Clock Constraint Specification Language'', we equipped a kernel of CCSL with an operational semantics. In the present report we pursue this clarification effort by giving a mathematical characterization to each CCSL constructs. We also propose a systematic approach to the formal verification of CCSL constraints with dedicated Observers. A comprehensive library of Esterel modules, which supports this approach, is provided

ECL: the Event Constraint Language, an Extension of OCL with Events

The Clock Constraint Specification Language (\ccsl) has been informally introduced in the specifications of the \uml Profile for Modeling and Analysis of Real-Time and Embedded systems (MARTE). In a previous report entitled ''Syntax and Semantics of the Clock Constraint Specification Language'', we equipped a kernel of \ccsl with an operational semantics. In the present report we pursue this clarification effort by giving a mathematical characterization to each \ccsl constructs.On utilise souvent un metamodèle pour spécifier les concepts et les relations d'un langage de modélisation dédié à un domaine particulier. Lorsque cela est nécessaire, on peut ajouter des règles de bonne formation structurelles en OCL (Object Constraint Language). OCL permet également de donner des pré et des post conditions sur l'execution de méthodes. Cependant, OCL et les techniques de métamodélisation existantes ne sont pas suffisantes pour exprimer le parallélisme, les causalités et les comportements temporels d'un modèle. Dans ce rapport nous présentons une approches basée sur les modèles pour exprimer le parallélisme, les causalités et les comportements temporels d'une manière formelle et explicite, directement au sein d'un modèle. Afin de s'intégrer facilement dans un flôt de conception et de bénéficier de l'outillage existant, l'approche est une extension du langage OCL. Notre approche permet alors la spécification d'invariants comportementaux. Des examples simples permettent d'illustrer l'approche