PRISE: An Integrated Platform for Research and Teaching of Critical Embedded Systems

In this paper, we present PRISE, an integrated workbench for Research and Teaching of critical embedded systems at ISAE, the French Institute for Space and Aeronautics Engineering. PRISE is built around state-of-the-art technologies for the engineering of space and avionics systems used in Space and Avionics domain. It aims at demonstrating key aspects of critical, real-time, embedded systems used in the transport industry, but also validating new scientific contributions for the engineering of software functions. PRISE combines embedded and simulation platforms, and modeling tools. This platform is available for both research and teaching. Being built around widely used commercial and open source software; PRISE aims at being a reference platform for our teaching and research activities at ISAE

PRISE : une plate-forme de simulation distribuée pour l’ingénierie des systèmes embarqués

Dans cet article, nous présentons PRISE, une Plate- forme pour la Recherche en Ingénierie des Systèmes Embarqués, développée à l’ISAE, l’Institut Supérieur de l’Aéronautique et de l’Espace. PRISE est bâtie sur des technologies modernes axées sur l’ingénierie des systèmes aéronautiques et spatiaux. Ses objectifs sont, d’une part, de modéliser et de valider les aspects importants des systèmes critiques embarqués temps réel, d’autre part de valider de nouvelles approches scientifiques. Pour atteindre ces objectifs, PRISE combine un ensemble d’outils, de méthodes en ingénierie système (modélisation, validation, génération de code) et une plate-forme d’exécution basée sur la simulation distribuée et sur un ensemble de systèmes embarqués réels

Génération efficace de grands espaces d'états

Garantir la fiabilité des systèmes informatiques exige des moyens de vérification rigoureux. Le model checking est une technique de vérification dont l intérêt majeur est l automatisation, et donc la facilité d utilisation pour les ingénieurs. La récente attribution du prix Turing aux créateurs de cette technique atteste de sa viabilité.Le model checking explore exhaustivement les modèles analysés. Cela amène un problème majeur : l explosion combinatoire liée aux espaces d'états des grands systèmes. Depuis plus de vingt ans, de nombreuses solutions ont été proposées pour repousser cette limite de taille afin d être capable de traiter des espace d états toujours plus grands dont les tailles peuvent atteindre très rapidement les 10^400 éléments.Les travaux présentés ici proposent deux types de solutions pour traiter plus efficacement de plus grands espaces d états. La première s'appuie sur les ressources de calcul parallèle des machines multi-processeurs,omniprésentes aujourd hui, et des grappes de calcul. La deuxième propose de traiter plus efficacement les diagrammes de décision en automatisant la technique dite de saturation, dont l efficacité empiriquement montrée est très difficile à atteindre manuellement.PARIS-BIUSJ-Mathématiques rech (751052111) / SudocSudocFranceF

Building Efficient Model Checkers using Hierarchical Set Decision Diagrams and Automatic Saturation

International audienceShared decision diagram representations of a state-space provide efficient solutions for model-checking of large systems. However, decision diagram manipulation is tricky, as the con- struction procedure is liable to produce intractable intermediate structures (a.k.a peak effect). The definition of the so-called saturation method has empirically been shown to mostly avoid this peak effect, and allows verification of much larger systems. However, applying this algorithm currently requires deep knowledge of the decision diagram data structures.Hierarchical Set Decision Diagrams (SDD) are decision diagrams in which arcs of the structure are labeled with sets, themselves stored as SDD. This data structure offers an elegant and very efficient way of encoding structured specifications using decision diagram technology. It also offers, through the concept of inductive homomorphisms, flexibility to a user defining a symbolic transition relation. We show in this paper how, with very limited user input, the SDD library is able to optimize evaluation of a transition relation to produce a saturation effect at runtime.We build as an example an SDD model-checker for a compositional formalism: Instantiable Petri Nets (IPN). IPN define a type as an abstract contract. Labeled P/T nets are used as an elementary type. A composite type is defined to hierarchically contain instances (of elementary or composite type). To compose behaviors, IPN use classic label synchronization semantics from process calculi.With a particular recursive folding SDD are able to offer solutions for symmetric systems in log- arithmic complexity with respect to other DD. Even in less regular cases, the use of hierarchy in the specification is shown to be well supported by SDD. Experimentations and performances are reported on some well known examples

Specification of Decision Diagram Operations

International audienceDecision Diagrams (DDs) are a well populated family of data structures, used for efficient representation and manipulation of huge data sets. Typically a given application requires choosing one particular category of DDs, like Binary Decision Diagrams (BDDs) or Data Decision Diagrams (DDDs), and sticking with it. Each category provides a language to specify its operations. For instance, the operation language of BDDs provides if-then-else, apply, etc. We focus on two main kinds of operation languages: BDD-like and DDD-like. They overlap: some operations can be expressed in both kinds of languages, while others are only available in one kind. We propose in this article a critical comparison of BDD-like and DDD-like languages. From the identified problems, we also propose a unified language for DD operations. It covers both BDD-like and DDD-like languages, and even some operations that cannot be expressed in either