481 research outputs found
A Generic Model of Contracts for Embedded Systems
We present the mathematical foundations of the contract-based model developed
in the framework of the SPEEDS project. SPEEDS aims at developing methods and
tools to support "speculative design", a design methodology in which
distributed designers develop different aspects of the overall system, in a
concurrent but controlled way. Our generic mathematical model of contract
supports this style of development. This is achieved by focusing on behaviors,
by supporting the notion of "rich component" where diverse (functional and
non-functional) aspects of the system can be considered and combined, by
representing rich components via their set of associated contracts, and by
formalizing the whole process of component composition
A model to analyse the causality in synchronous real time systems
Disponible dans les fichiers attachés à ce documen
Some Algebraic Aspects of Assume-Guarantee Reasoning
We present the algebra of assume-guarantee (AG) contracts. We define
contracts, provide new as well as known operations, and show how these
operations are related. Contracts are functorial: any Boolean algebra has an
associated contract algebra. We study monoid and semiring structures in
contract algebra -- and the mappings between such structures. We discuss the
actions of a Boolean algebra on its contract algebra
Synchronous programming with events and relations: the SIGNAL language and its semantics
AbstractIn this paper, systems which interact permanently with their environment are considered. Such systems are encountered, for instance, in real-time control or signal processing systems, C3-systems, man-machine interfaces, to mention just a few. The design and implementation of such systems require a concurrent programming language which can be used to verify and synthesize the synchronization mechanisms, and to perform transformations of the concurrent source code to match a particular target architecture. Synchronous languages are convenient tools for such a purpose: they rely on the assumption that: (1) internal actions of synchronous systems are instantaneous, and (2) communication with the environment is performed via instantaneous flashes involving some external stimuli. In this paper, we present a synchronous programming language: SIGNAL. A SIGNAL program specifies dynamical relations between (internal and external) signal flows. The SIGNAL compiler checks deadlock and determinism of the program, and produces an intermediate level code equivalent to a nested family of concurrent automata. The compilation algorithm is supported by: (1) a behavioural semantics of SIGNAL programs in terms of conditional rewriting rules, (2) the coding of this semantics into the skew product of a dynamical system over the field of integers modulo 3 and directed graphs, (3) an algebraic algorithm to transform the above coding into an equivalent executable one, which provides by the way an execution semantics of the language. We briefly discuss the implementation aspects, and explain the capabilities and limitations of the current version of the SIGNAL compiler
A Unifying View of Loosely Time-Triggered Architectures
Cyber-Physical Systems require distributed architectures to support safety critical real-time control. Hermann Kopetz' Time-Triggered Architecture (TTA) has been proposed as both an architecture and a comprehensive paradigm for systems architecture, for such systems. TTA offers the programmer a logical discrete time compliant with synchronous programming, together with timing bounds. A clock synchronization protocol is required, unless the local clocks used themselves provide the recquired accuracy. To relax the strict requirements on synchronization imposed by TTA, Loosely Time-Triggered Architectures (LTTA) have been proposed. In LTTA, computation and communication units are all triggered by autonomous, unsynchronized, clocks. Communication media act as shared memories between writers and readers and communication is non blocking. This is at the price of communication artifacts (such as duplication or loss of data), which must be compensated for by using some "LTTA protocol". In this paper we pursue our previous work by providing a unified presentation of the two variants of LTTA (token- and time-based), with simplified analyses. We compare these two variants regarding performance and robustness and we provide ways to combine them. This report was prepared for a lecture in GeÌrard Berry's seminar series at the ColleÌge de France, March 5, 2014; it is a corrected version of a paper, which appeared at Emsoft'2010. It is dedicated to our close friend Paul Caspi who died in April 2012.Les infrastructures de calcul distribueÌes pour le controÌle des systeÌmes embarqueÌs critiques requieÌrent des proprieÌteÌs particulieÌres destineÌes aÌ preÌserver les caracteÌristiques attendues du controÌleur. Les architectures TTA (Time-Triggered Architectures) ont eÌteÌ proposeÌes par Hermann Kopetz, aÌ la fois comme une architecture de calcul et comme une meÌthodologie de conception des systeÌmes. TTA offre au programmeur un temps logique conforme aÌ celui de la programmation synchrone, avec en outre un controÌle strict du temps. Il requiert un protocole de synchronisation entre les horloges du systeÌme reÌparti. Pour affaiblir ces hypotheÌses, les architectures LTTA (Loosely Time-Triggered Architectures) ont eÌteÌ proposeÌes reÌcemment. Dans LTTA, les calculs et les communications sont rythmeÌes par des horloges locales, non synchroniseÌes. Les supports de communication se comportent comme des meÌmoires partageÌes. La communication est donc non-bloquante. Ce type de communiccation creÌe eÌvidemment des artefacts aÌ combattre par un protocole dit "LTTA". Dans cet article nous preÌsentons une approche unifieÌe des deux techniques connues pour ce type de protocole, reposant sur l'usage, soit de jetons, soit du temps. On compare ces deux variantes et on eÌtudie leur performance. Le preÌsent rapport est une version corrigeÌe d'un article paru aÌ Emsoft'2010. Il est deÌdieÌ aÌ notre treÌs cher ami Paul Caspi, deÌceÌdeÌ en Avril 2012
Monotony in Service Orchestrations
Web Service orchestrations are compositions of different Web Services to form
a new service. The services called during the orchestration guarantee a given
performance to the orchestrater, usually in the form of contracts. These
contracts can be used by the orchestrater to deduce the contract it can offer
to its own clients, by performing contract composition. An implicit assumption
in contract based QoS management is: "the better the component services
perform, the better the orchestration's performance will be". Thus, contract
based QoS management for Web services orchestrations implicitly assumes
monotony. In some orchestrations, however, monotony can be violated, i.e., the
performance of the orchestration improves when the performance of a component
service degrades. This is highly undesirable since it can render the process of
contract composition inconsistent. In this paper we define monotony for
orchestrations modelled by Colored Occurrence Nets (CO-nets) and we
characterize the classes of monotonic orchestrations. We show that few
orchestrations are indeed monotonic, mostly since latency can be traded for
quality of data. We also propose a sound refinement of monotony, called
conditional monotony, which forbids this kind of cheating and show that
conditional monotony is widely satisfied by orchestrations. This finding leads
to reconsidering the way SLAs should be formulated
Semantics of multi-mode DAE systems
Deliverable D.4.1.1 of the ITEA2 Modrio collaborative projectHybrid systems modelers exhibit a number of difficulties related to the mix of continuous and discrete dynamics and sensitivity to the discretization scheme. Modular modeling, where subsystems models can be simply assembled with no rework, calls for using Differential Algebraic Equations (DAE). In turn, DAE are strictly more difficult than ODE. They require sophisticated pre-processing using various notions of index before they can be submitted to a solver. In this report we study some fundamental issues raised by the modeling and simulation of hybrid systems involving DAEs. The objective of this work is to serve for the evolution and the design of future releases of the Modelica language for such systems. We focus on the following questions: * What is the proper notion of index for a hybrid DAE system? * What are the primitive statements needed for a DAE hybrid systems modeler? The differentiation index for DAE explicitly relies on everything being differentiable. Therefore, generalizations to hybrid systems must be done with caution. We propose relying on non-standard analysis for this. Non-standard analysis formalizes differential equations as discrete step transition systems with infinitesimal time basis. We can thus bring hybrid DAE systems to their nonstandard form, where the notion of difference index can be firmly used. From this study, general hints for future releases of Modelica can be drawn
Branching cells as local states for event structures and nets: probabilistic applications
International audienceWe study the concept of choice for true concurrency models such as prime event structures and safe Petri nets. We propose a dynamic variation of the notion of cluster previously introduced for nets. This new object is deïŹned for event structures, it is called a branching cell. Our aim is to bring an interpretation of branching cells as a right notion of âlocal stateâ, for concurrent systems. We illustrate the above claim through applications to probabilistic concurrent models. We propose a construction for probabilities over so-called locally ïŹnite event structures that makes concurrent processes probabilistically independentâsimply attach a dice to each branching cell; dices attached to concurrent branching cells are thrown independently. Furthermore, we provide a true concurrency generalization of Markov chains, called Markov nets. Unlike in existing variants of stochastic Petri nets, our approach randomizes Mazurkiewicz traces, not ïŹring sequences. We show in this context the Law of Large Numbers (LLN), which conïŹrms that branching cells deserve the status of local state
Multiscale statistical signal processing
Résumé disponible dans les fichiers attachés à ce documen
Concurrency, sigma-algebras and probabilistic fairness
International audienceWe give an interpretation through sigma-algebras of phenomena encountered in concurrency theory when dealing with "infinite confusion"--the extreme opposite of confusion-free event structures. The set of runs of a safe Petri net is equipped with its Borel sigma-algebra F. The fine structure of F describes the complexity of choices along runs, and we show that a transfinite induction of finite degree is needed to explore all choices of runs in general. The degree is minimal (zero) when confusion is bounded, corresponding to the classes of confusion free and locally finite event structures. We relate this construction to probabilistic fairness by showing how to randomize the net equipped with its Borel sigma-algebra by using only the first step of our decomposition, and making it thus more effective. Hence the serious difficulty brought by the above transfiniteness in the application of Kolmogorov extension theorem is bypassed thanks to probabilistic fairnes
- âŠ