Richer Interface Automata with Optimistic and Pessimistic Compatibility

Modal transition systems are a popular semantic underpinning of interface theories, such as Nyman et al.’s IOMTS and Bauer et al.’s MIO, which facilitate component-based reasoning of concurrent systems. Our interface theory MIA repaired a compositional flaw of IOMTS-refinement and introduced a conjunction operator. In this paper, we first modify MIA to properly deal with internal computations including internal must-transitions, which were largely ignored already in IOMTS. We then study a MIA variant that adopts MIO’s pessimistic – rather than IOMTS’ optimistic – view on component compatibility and define, for the first time in a pessimistic, non-deterministic setting, conjunction and disjunction on interfaces. For the pessimistic MIA variant we also provide a mechanism for extending alphabets when refining interfaces, which is a desired feature in practice. We illustrate our advancements via a small example

A Generalised Theory of Interface Automata, Component Compatibility and Error

Interface theories allow systems designers to reason about the composability and compatibility of concurrent system components. Such theories often extend both de Alfaro and Henzinger’s Interface Automata and Larsen’s Modal Transition Systems, which leads, however, to several issues that are undesirable in practice: an unintuitive treatment of specified unwanted behaviour, a binary compatibility concept that does not scale to multi-component assemblies, and compatibility guarantees that are insufficient for software product lines. In this paper we show that communication mismatches are central to all these problems and, thus, the ability to represent such errors semantically is an important feature of an interface theory. Accordingly, we present the error-aware interface theory EMIA, where the above shortcomings are remedied by introducing explicit fatal error states. In addition, we prove via a Galois insertion that EMIA is a conservative generalisation of the established MIA (Modal Interface Automata) theory

Graphical representation of covariant-contravariant modal formulae

Covariant-contravariant simulation is a combination of standard (covariant) simulation, its contravariant counterpart and bisimulation. We have previously studied its logical characterization by means of the covariant-contravariant modal logic. Moreover, we have investigated the relationships between this model and that of modal transition systems, where two kinds of transitions (the so-called may and must transitions) were combined in order to obtain a simple framework to express a notion of refinement over state-transition models. In a classic paper, Boudol and Larsen established a precise connection between the graphical approach, by means of modal transition systems, and the logical approach, based on Hennessy-Milner logic without negation, to system specification. They obtained a (graphical) representation theorem proving that a formula can be represented by a term if, and only if, it is consistent and prime. We show in this paper that the formulae from the covariant-contravariant modal logic that admit a "graphical" representation by means of processes, modulo the covariant-contravariant simulation preorder, are also the consistent and prime ones. In order to obtain the desired graphical representation result, we first restrict ourselves to the case of covariant-contravariant systems without bivariant actions. Bivariant actions can be incorporated later by means of an encoding that splits each bivariant action into its covariant and its contravariant parts.Comment: In Proceedings EXPRESS 2011, arXiv:1108.407

Optimized Buffering of Time-Triggered Automotive Software

The development of an automotive system involves the integration of many real-time software functionalities, and it is of utmost importance to guarantee strict timing requirements. However, the recent trend towards multi-core architectures poses significant challenges for the timely transfer of signals between processor cores so as to not violate data consistency. We have studied and adapted an existing buffering mechanism to work specifically for statically scheduled time-triggered systems, called static buffering protocol. We developed further buffering optimisation algorithms and heuristics, to reduce the memory consumption, processor utilisation, and end-to-end response times of time-triggered AUTOSAR designs on multi-core platforms. Our contributions are important because they enable deterministic time-triggered implementations to become competitive alternatives to their inherently non-deterministic event-triggered counterparts. We have prototyped a selection of optimisations in an industrial tool and evaluated them on realistic industrial automotive benchmarks

Bisimulation on speed: lower time bounds

More than a decade ago, Moller and Tofts published their seminal work on relating processes that are annotated with lower time bounds, with respect to speed. Their paper has left open many questions concerning the semantic theory for their suggested bisimulation-based faster-than preorder, the MT-preorder, which have not been addressed since. The encountered difficulties concern a general compositionality result, a complete axiom system for finite processes, and a convincing intuitive justification of the MT-preorder. This paper solves these difficulties by developing and employing novel tools for reasoning in discrete-time process algebra, in particular a general commutation lemma relating the sequencing of action and clock transitions. Most importantly, it is proved that the MT-preorder is fully-abstract with respect to a natural amortized preorder that uses a simple bookkeeping mechanism for deciding whether one process is faster than another. Together these results reveal the intuitive roots of the MT-preorder as a faster-than relation, while testifying to its semantic elegance. This lifts some of the barriers that have so far hampered progress in semantic theories for comparing the speed of processes