Formal Synthesis and Control of Soft Embedded Real-Time Systems

1
Formal Synthesis and Control of Soft Embedded
Real-Time Systems

• Pao-Ann Hsiung
• National Chung Cheng University
• Dept. of Computer Science and Information
  Engineering
• Chiayi 621, Taiwan, R.O.C.

21st IFIP International Conference on Formal
Techniques for Networked and Distributed Systems
(FORTE01), August 28 31, 2001.
2
Outline

• Introduction
• Previous Work
• Formal Synthesis and Control
• Application Example
• Conclusion

3
Introduction (1)
May Miss a Few Deadlines
Flexible Deadline Intervals
Small Memory Footprint
High Reliability and Stability

• Soft Embedded Real-Time Systems (SERTS)

4
Introduction (2)

• SERTS Design Issues
• Bounded Memory Execution
• Soft Real-Time Constraints

• Proposed Solutions
• Quasi-Static Data Scheduling (QSDS)
• Firing-Interval Bound Synthesis (FIBS)

5
Previous Work (1)

• Formal Software Synthesis
• Safe Petri-Nets (PN) ? QSS Lin DATE98,
  DAC98
• Free-Choice PN ? Net Decomposition QSS Sgroi
  DAC99
• Codesign FSM ? POLIS Balarin ICCD99
• Timed Free-Choice PN ? QSS RTS Hsiung
  CODES01

6
Previous Work (2)

• Formal Software Verification
• Linear Hybrid Automata ? CoverificationHsiung
  CODES99, IEE00
• Timed Automata ? Schedule-Verify-Map Hsiung
  COMPSAC00, JSA00
• Formal OO Model ? Model Checking Hsiung
  RTAS01, APSEC01

7
Previous Work (3)

• Formal Controller Synthesis
• Discrete Event Model Ramadge, Wonham
  SIAM-JCO87, IEEE-Proc89
• Dense-Timed Model Asarin Hybrid95, Maler
  STACS95, Wong-Toi CDC97
• Multimedia Scheduler Altisen RTSS99

8
Formal Synthesis Control (1)

• System Model Time Free-Choice Petri Net (TFCPN)
• A TFCPN is a 5-tuple (P,T,F,M0,?) such that
• P is a set of places,
• T is a set of transitions, P ?T ? ?, P ?T ?,
• F (P ?T ) ? (T ?P ) ? N, a set of weighted arcs
  such that every arc from a place is either a
  unique outgoing arc or a unique incoming arc to a
  transition (FREE-CHOICE),
• M0P ? N, the initial marking,
• ? (t ) (?, ?), t ?T, ? EFT, ? LFT.

9
Formal Synthesis Control (2)
10
Formal Synthesis Control (3)

• Soft Real-Time Behavior Model
• Timed Reachability Specification (TRS)
• A TRS for a TFCPN A (P,T,F,M0,?)
• ? ??c p ??c p ?1 ? ?2
• ??,?,?,?,?, p ? NP , ?1, ?2 TRS formulae
• Reachability Properties safeness, deadlines,
  boundedness, deadlock, starvation

11
Formal Synthesis Control (4)

• Target Problem
• Soft Embedded Real-Time System Synthesis
• Given a system modeled by a set of TFCPN S Ai
  i 1,2,,n and a TRS ?, S is to be
  synthesized by scheduling and by modifying firing
  interval bounds such that S is made to satisfy ?.

12
Formal Synthesis Control (5)
SERTS_Synthesize(S, ?, ?) // Quasi-Static
Data Scheduling (QSDS) for each Ai in S Bi
CF_Generate(Ai) // Bi set of CF
components for each CF component Aij in Bi
QSSij Quasi_Static_Schedule(Aij, ?) if
QSSij NULL return QSS_Error else QSSi
QSSi ? QSSij // Firing Interval Bound
Synthesis (FIBS) if Controller_Synthesize(S,
QSS1, , QSSn, ?) NULL return FIBS_Error else
return Synthesized
13
Formal Synthesis Control (6)
Conflict-Free Components
TFCPN
Quasi-Static Data Scheduled CF-Components
Valid Schedule
Quasi-Static Data Scheduling (QSDS)
14
Formal Synthesis Control (7)

• Firing Interval Bound Synthesis
• 2 issues in SERTS Control
• Synchronization Wait (after task completion)
• Real-Time Specification (before deadlines)
• Solutions
• Postpone Release Time ? ? ? ?w, ?wgt 0
• Advance Finish Time ? ? ? ? ?n, ?ngt0

15
Formal Synthesis Control (8)

• Controller_Synthesize(S, QSS1, , QSSn, ?)
• for i 1, , n
• for each schedule vij ? QSSi
• for each tk in vij , tk ? in_trans(p),
  token?(p)gt0, p ? Pi
• ? (?i0,,k?i , ?i0,,k ?i) //
  ?t0,t1,,tk? prefix of vij
• New_IBSi IBS_Synthesize(vij , tk , ?, ?i)
• if Mi ??c and New_IBSi gt Min_IBSi
  Min_IBSi New_IBSi
• if Mi ??c Old_IBSi Old_IBSi ? New_IBSi
  
• if Mi ??c and Min_IBSi ? NULL
  IBS_assign(Min_IBSi)
• else if Mi ??c and Old_IBSi ? NULL
  IBS_assign(Old_IBSi)
• else return NULL
• return ?

16
Formal Synthesis Control (9)

• Controller Synthesis
• Synthesizes transition firing interval bounds
  (FIB) such that S satisfies ?.
• Outputs minimally restricted FIB, which gives
  maximal sub-behavior of S satisfying ?.

17
Application Example (1)

• S (F1, F2)
• ? ???7lt002gt ? ???30?0000001?

18
Application Example (2)
Conflict-Free Components of F1
19
Application Example (3)

• Quasi-Static Data Scheduling for F1
• v11 (t11t12t11t12t14), 11 ? ? (v11) ? 22
• v12 (t11t13t15t15), 13 ? ? (v12) ? 26
• Valid schedules for F1
• ?1 (t11t12t11t12t14), (t11t13t15t15)
• ?2 (t11t13t15t15), (t11t12 (t11t13t15t15)k
  t11t12t14), k ? N

20
Application Example (4)
Conflict-Free Components of F2
21
Application Example (5)

• Quasi-Static Data Scheduling for F2
• v21 (t21t22(t24)2(t26)4t28t29t26), 31 ? ?
  (v21) ? 68
• v22 (t21t23t25(t27)2t28t29t26), 15 ? ?
  (v22) ? 36
• Valid schedule for F2
• ?3 v21 , v22

22
Application Example (6)

• Controller Synthesis
• Firing Interval Bound Synthesis for F1
• To satisfy ???7lt002gt, need only consider prefix
  ltt11t13gt of schedule v12 ltt11t13t15t15gt in ?1
  (result of prefix 2 tokens in p3)
• 2 3 ? ? (t11) ? (t13) ? 3 5
• 5 ? ? (t11) ? (t13) ? 8
• Temporal Constraint (? 7) ? modify ?(t13) into
  (3, 4) from the original (3, 5)

23
Application Example (7)

• Firing Interval Bound Synthesis for F2
• To satisfy ???30?0000001?, need consider both
  schedules v21 and v22 in ?3 (result of prefix 1
  token in p7).
• Prefix of v21 25 ? ? (t21t22(t24)2(t26)4t28)
  ? 56
• Temporal Constraint (? 30) ? modify ?(t28) into
  (5, 5) from the original (0, 5)
• Prefix of v22 11 ? ? (t21t23t25(t27)2t28) ?
  28
• Satisfaction of constraint (? 30) not possible.

24
Conclusion

• Formal automatic synthesis method for memory and
  soft real-time constraints
• Memory Timed quasi-static data scheduling
• Soft Real-Time Constraints Firing-interval bound
  synthesis
• Future Work Generalize TFCPN model