Architecture-Driven Semantic Analysis of Embedded Systems (Eds) Dagstuhl Seminar 12272

Architectural modeling of complex embedded systems is gaining prominence in recent years, both in academia and in industry. An architectural model represents components in a distributed system as boxes with well-defined interfaces, connections between ports on component interfaces, and specifies component properties that can be used in analytical reasoning about the model. Models are hierarchically organized, so that each box can contain another system inside, with its own set of boxes and connections between them. The goal of Dagstuhl Seminar 12272 “Architecture-Driven Semantic Analysis of Embedded Systems” is to bring together researchers who are interested in defining precise semantics of an architecture description language and using it for building tools that generate analytical models from architectural ones, as well as generate code and configuration scripts for the system. This report documents the program and the outcomes of the presentations and working groups held during the seminar

Resource Modeling for Embedded Systems Design

The paper describes a formal framework for designing and reasoning about resource-constrained embedded systems. The framework is based on a series of process algebraic formalisms which have been previously developed to describe and analyze various aspects of real-time concurrent systems. We present a uniform framework for formal treatment of resources and illustrate modeling of common resource classes

Counterfactual Causality from First Principles?

In this position paper we discuss three main shortcomings of existing approaches to counterfactual causality from the computer science perspective, and sketch lines of work to try and overcome these issues: (1) causality definitions should be driven by a set of precisely specified requirements rather than specific examples; (2) causality frameworks should support system dynamics; (3) causality analysis should have a well-understood behavior in presence of abstraction.Comment: In Proceedings CREST 2017, arXiv:1710.0277

Process-Algebraic Analysis of Timing and Schedulability Properties

In this chapter, we present an overview of how timing information can be embedded in process-algebraic frameworks. We concentrate on the case of discrete-time modeling. We begin by discussing design approaches that have been adopted in different formalisms to model time and time passage, and how the resulting mechanisms interact with one another and with standard untimed process-algebraic operators. We proceed to give an overview of ACSR, a timed process algebra developed for modeling and reasoning about timed, resource-constrained systems. In doing this, ACSR adopts the notion of a resource as a first-class entity, and it replaces maximal progress, employed by other timed process algebras, by the notion of resource-constrained progress. ACSR associates resource-usage with time passage, and implements appropriate semantic rules to ensure that progress in the system is enforced as far as possible while simultaneous usage of a resource by distinct processes is excluded. In addition, ACSR employs the notion of priorities to arbitrate access to resources by competing processes. Finally, we illustrate the use of ACSR for the schedulability analysis of a realistic real-time system problem

Analysis of AADL Models Using Real-Time Calculus With Applications to Wireless Architectures

Architecture Analysis and Design Language (AADL) captures both platform and software architectures of embedded systems in a component oriented fashion. Properties embedded in an AADL model enable several high-level analysis techniques. In this work, we explore how to perform analysis of end-to-end timing characteristics of an AADL model using Real-Time Calculus (RTC). We identify properties of AADL models that are necessary to enable such analysis and develop an algorithm to transform an AADL model into an RTC model

Platform-Independent Autonomy Modeling

We describe an approach for high-level modeling behaviors of autonomous vehicles and an infrastructure for executing these behaviors on a particular vehicle platform. The language directly represents behavioral primitives and constraints on their composition. The control infrastructure maps these behavioral primitives on the native vehicle interface in a model-driven fashion. As a result, the user is presented with an abstract motion planning interface that hides the intricate details of the vehicle implementation

Specification-Based Testing with Linear Temporal Logic

This paper considers the specification-based testing in which the requirement is given in the linear temporal logic (LTL). The required LTL property must hold on all the executions of the system, which are often infinite in size and/or in length. The central piece of our framework is a property-coverage metric. Based on requirement mutation, the metric measures how well a property has been tested by a test suite. We define a coverage criterion based on the metric that selects a finite set of tests from all the possible executions of the system. We also discuss the technique of generating a test suite for specification testing by using the counterexample mechanism of a model checker. By exploiting the special structure of a generated test, we are able to reduce a test with infinite length to an equivalent one of finite length. Our framework provides a model-checking-assisted approach that generates a test suite that is finite in size and in length for testing linear temporal properties on an implementation

Checking Correctness At Runtime using Real-Time Java

Correctness of a real-time system depends on its computation as well as its timeliness. In recent years, research has been focusing on verifying the correctness of a real-time system during runtime by monitoring its runtime execution and checking it against its formal specifications. Such verification method is called Runtime Verification. While a few existing runtime verification tools verify both computational correctness and timeliness correctness, those that provide timeliness correctness fail to detect timeliness violations as soon as violations occur. In this paper, we investigate the verification of timeliness correctness by providing quantitative property specifications, address the problem why those tools fail to detect as soon as violations occur, provide an efficient solution, and present how to implement it in Real-Time Java

Process Algebraic Modeling and Analysis of Power-Aware Real-Time Systems

The paper describes a unified formal framework for designing and reasoning about power-constrained, real-time systems. The framework is based on process algebra, a formalism which has been developed to describe and analyze communicating, concurrent systems. The proposed extension allows the modeling of probabilistic resource failures, priorities of resource usages, and power consumption by resources within the same formalism. Thus, it is possible to evaluate alternative power-consumption behaviors and tradeoffs under different real-time schedulers, resource limitations, resource failure probabilities, etc. This paper describes the modeling and analysis techniques, and illustrates them with examples, including a dynamic voltage-scaling algorithm