The earlier the better: a theory of timed actor interfaces

Programming embedded and cyber-physical systems requires attention not only to functional behavior and correctness, but also to non-functional aspects and specifically timing and performance. A structured, compositional, model-based approach based on stepwise refinement and abstraction techniques can support the development process, increase its quality and reduce development time through automation of synthesis, analysis or verification. Toward this, we introduce a theory of timed actors whose notion of refinement is based on the principle of worst-case design that permeates the world of performance-critical systems. This is in contrast with the classical behavioral and functional refinements based on restricting sets of behaviors. Our refinement allows time-deterministic abstractions to be made of time-non-deterministic systems, improving efficiency and reducing complexity of formal analysis. We show how our theory relates to, and can be used to reconcile existing time and performance models and their established theories

Scheduling Optimisations for SPIN to Minimise Buffer Requirements in Synchronous Data Flow

Synchronous Data flow (SDF) graphs have a simple and elegant semantics (essentially linear algebra) which makes SDF graphs eminently suitable as a vehicle for studying scheduling optimisations. We extend related work on using SPIN to experiment with scheduling optimisations aimed at minimising buffer requirements.We show that for a benchmark of commonly used case studies the performance of our SPIN based scheduler is comparable to that of state of the art research tools. The key to success is using the semantics of SDF to prove when using (even unsound and/or incomplete) optimisations are justified. The main benefit of our approach lies in gaining deep insight in the optimisations at relatively low cost

Scheduling Optimisations for SPIN to Minimise Buffer Requirements in Synchronous Data Flow:(with appendix)

Synchronous Data flow (SDF) graphs have a simple and elegant semantics (essentially linear algebra) which makes SDF graphs eminently suitable as a vehicle for studying scheduling optimisations. We extend related work on using SPIN to experiment with scheduling optimisations aimed at minimising buffer requirements. We show that for a benchmark of commonly used case studies the performance of our SPIN based scheduler is comparable to that of state of the art research tools. The key to success is using the semantics of SDF to prove when using (even unsound and/or incomplete) optimisations are justified. The main benefit of our approach lies in gaining deep insight in the optimisations at relatively low cost

Worst-case throughput analysis for parametric rate and parametric actor execution time scenario-aware dataflow graphs

Scenario-aware dataflow (SADF) is a prominent tool for modeling and analysis of dynamic embedded dataflow applications. In SADF the application is represented as a finite collection of synchronous dataflow (SDF) graphs, each of which represents one possible application behaviour or scenario. A finite state machine (FSM) specifies the possible orders of scenario occurrences. The SADF model renders the tightest possible performance guarantees, but is limited by its finiteness. This means that from a practical point of view, it can only handle dynamic dataflow applications that are characterized by a reasonably sized set of possible behaviours or scenarios. In this paper we remove this limitation for a class of SADF graphs by means of SADF model parametrization in terms of graph port rates and actor execution times. First, we formally define the semantics of the model relevant for throughput analysis based on (max,+) linear system theory and (max,+) automata. Second, by generalizing some of the existing results, we give the algorithms for worst-case throughput analysis of parametric rate and parametric actor execution time acyclic SADF graphs with a fully connected, possibly infinite state transition system. Third, we demonstrate our approach on a few realistic applications from digital signal processing (DSP) domain mapped onto an embedded multi-processor architecture

Compositional specification of functionality and timing of manufacturing systems

In this paper, a formal modeling approach is introduced for compositional specification of both functionality and timing of manufacturing systems. Functionality aspects can be considered orthogonally to the timing. The functional aspects are specified using two abstraction levels; high-level activities and lower level actions. Design of a functionally correct controller is possible by looking only at the activity level, abstracting from the different execution orders of actions. Furthermore, the specific timing of actions is not needed. As a result, controller designcan be performed on a much smaller state space compared to an explicit model where timing and actions are present. The performance of the controller can be analyzed and optimizedby taking into account the timing characteristics. Since formal semantics are given in terms of a (max, +) state space, various existing performance analysis techniques can be used. Weillustrate the approach, including performance analysis, on an example manufacturing system

Object-oriented specification and design of real-time hardware software systems

Only abstrac

On the Construction of Monitors for Temporal Logic Properties

Temporal logic is a valuable tool for specifying correctness properties of reactive programs. With the advent of temporal logic model checkers, it has become an important aid for the verification of concurrent and reactive systems. In model checking the temporal logic properties are verified against models expressed in the tool's modelling language. In addition, model-checking techniques are useful to test actual implementations or to verify models of the system that are too detailed to be analysed by a model checker, by means of, for instance, simulation. A tableau construction is an algorithm that translates a temporal logic formula into a finite-state automaton that accepts precisely all the models of the formula. It is a key ingredient to checking satisfiability of a formula as well as to the automatatheoretic approach to model checking. An improvement to the e#ciency of tableau constructions has been the development of on-the-fly versions. In this paper, we present a particular tableau construction for the incremental analysis of execution traces during test, simulation or model-checking. The automaton forms the basis of a monitor that detects both good and bad prefix of a particular kind, namely those that are informative for the property under investigation. We elaborate on the construction of the monitor and demonstrate its correctness.

Real-time concepts for Software/Hardware Engineering

The SHE method is a method for the specification and design of distributed communicating hardware / software systems. Part of this method is the formal specification language POOSL. POOSL is an object oriented language for the specification of parallel communicating processes. In its current version, POOSL is unable to describe timing behavior. Since many of the systems that need to be designed are real-time systems, POOSL needs to be extended with timing primitives. Such an extension is studied in this report. Existing real-time algebras and real-time programming and specification languages are studied. Important aspects of real-time specification are discussed and concepts are chosen as a basis for the extension of POOSL. The language POOSL is extended with time. The meaning of existing POOSL primitives in relation to time is investigated and a new primitive is added that can specify quantified timing behavior: d. Further, the communication between processes is extended with timing to model the occupation of a channel during communication. After this, all necessary changes to the POOSL language are listed completely. The formal semantics of POOSL allows the use of tools such as verification and behavior preserving transformations. These tools are based on equivalence relations between POOSL specifications. These relations are redefined for the new language. Furthermore, the relationship between timed and untimed specifications is investigated. It is possible to define an abstraction function that computes from a timed POOSL specification, its untimed equivalent. Finally, the expressive power of the new language is studied. A number of typical aspects of realtime are investigated, such as modeling computation time, modeling communication time, timeouts, etce..

Synchronous dataflow scenarios

The Synchronous Dataflow (SDF) model of computation by Lee and Messerschmitt has become popular for modeling concurrent applications on a multiprocessor platform. It is used to obtain a guaranteed, predictable performance. The model, on the other hand, is quite restrictive in its expressivity, making it less applicable to many modern, more dynamic applications. A common technique to deal with dynamic behavior is to consider different scenarios in separation. This analysis is, however, currently limited mainly to sequential applications. In this article, we present a new analysis approach that allows analysis of synchronous dataflow models across different scenarios of operation. The dataflow graphs corresponding to the different scenarios can be completely different. Execution times, consumption and production rates and the structure of the SDF may change. Our technique allows to derive or prove worst-case performance guarantees of the resulting model and as such extends the model-driven approach to designing predictable systems to significantly more dynamic applications and platforms. The approach is illustrated with three MP3 and MPEG-4 related case studies