EECE 396-1 Hybrid and Embedded Systems: Computation

1
EECE 396-1Hybrid and Embedded Systems
Computation

• T. John Koo, Ph.D.
• Institute for Software Integrated Systems
• Department of Electrical Engineering and Computer
  Science
• Vanderbilt University
• 300 Featheringill Hall
• April 1, 2004
• john.koo_at_vanderbilt.edu
• http//www.vuse.vanderbilt.edu/kootj

2
Application Time Automata
3
Outline

• Motivation
• Hybrid Systems
• Verification of Timed Automata
• A Design Example
• Future Works

4
Distributed Sensing and Sensor Networks

• Creation of a fundamental unifying framework for
  real-time distributed/decentralized information
  processing with applications to sensor networks

System Architecture for Networked Sensor

• ATMEL 4 Mhz CPU
• RFM 916 MHz radio
• 64KB EEPROM
• Sensor Bus
• 7 Analog sensors
• 2 I2C buses
• 1 SPI bus
• Runs Tiny OS
• 2 weeks on AA batteries
• 1 duty w/ solar power

5
Distributed Sensing and Sensor Networks

• Networked sensors dropped from an aerial vehicle

Ad hoc networking

6
Distributed Sensing and Sensor Networks

• Recovering Flow from Distributed Networks
• In a dense sensor scenario, environmental data
  can be interpolated
• Over a few time steps, optical flow algorithms
  are applied to determine flow
• Accuracy of results is highly dependent on the
  smoothness of the flow

Sense temperature at nodes
7
System Architecture for Networked Sensors

• Constrained two-level scheduling model threads
  events
• Components Frame (storage), Threads
  (concurrency), Commands, and Handlers (events)
• Constrained Storage Model
• Very lean multithreading
• Layering components issue commands to
  lower-level components

8
TinyOS

• TinyOS - component-based operating system
• Modularity by assembling only the software
  components to synthesize application from
  hardware components
• Components as reentrant cooperating finite state
  machines

9
TinyOS

• A complete TinyOS application
• Application Graph of components
• Scheduler
• Component
• Interface
• synchronous commands and asynchronous events
• Internal Storage
• Fixed-size frame containing the state of
  component
• Internal Implementation
• Light-weight threads tasks
• Command and event handlers

• Scheduling
• Events have higher priority
• Events preempt tasks
• Almost instantaneous event execution
• Tasks have lower priority
• Tasks do not preempt events or other tasks
• Scheduled by FIFO scheduler
• Handled rapidly without blocking or polling

10
Example Communication

Event fountain handling
Put processor sleep
Task handling
1 byte 18 bits 1 packet 30 bytes
11
Design Considerations

• Characteristic of sensor networks
• Dynamical behaviors depend on the environment
• Deploy once and leave without future maintenance
• Energy consumption varies between applications
• We suggest to use formal methods to
• verify system performance to guarantee correct
  operation in every circumstances
• predict lifetime of a given application scenario

Functional Behaviors Temporal Behaviors ? Timed
Automata
System States Discrete States Continuous
States(Time Energy) State Transitions
Discrete Transitions(Events) Continuous
Transitions
12
What Are Hybrid Systems?

• Dynamical systems with interacting continuous and
  discrete dynamics

13
Why Hybrid Systems?

• Modeling abstraction of
• Continuous systems with phased operation (e.g.
  walking robots, mechanical systems with
  collisions, circuits with diodes)
• Continuous systems controlled by discrete inputs
  (e.g. switches, valves, digital computers)
• Coordinating processes (multi-agent systems)
• Important in applications
• Hardware verification/CAD, real time software
• Manufacturing, communication networks, multimedia
• Large scale, multi-agent systems
• Automated Highway Systems (AHS)
• Air Traffic Management Systems (ATM)
• Uninhabited Aerial Vehicles (UAV)
• Power Networks

14
Research Issues

• Modeling Simulation
• Control classify discrete phenomena, existence
  and uniqueness of execution, Zeno Branicky,
  Brockett, van der Schaft, Astrom
• Computer Science composition and abstraction
  operations Alur-Henzinger, Lynch, Sifakis,
  Varaiya
• Analysis Verification
• Control stability, Lyapunov techniques
  Branicky, Michel, LMI techniques
  Johansson-Rantzer
• Computer Science Algorithmic Alur-Henzinger,
  Sifakis, Pappas-Lafferrier-Sastry or deductive
  methods Lynch, Manna, Pnuelli, Abstraction
  Pappas-Tabuada, Koo-Sastry
• Controller Synthesis
• Control optimal control Branicky-Mitter,
  Bensoussan-Menaldi, hierarchical control
  Caines, Pappas-Sastry, supervisory control
  Lemmon-Antsaklis, safety specifications
  Lygeros-Sastry, Tomlin-Lygeros-Sastry, control
  mode switching Koo-Pappas-Sastry
• Computer Science algorithmic synthesis Maler
  et.al., Wong-Toi, synthesis based on HJB
  Mitchell-Tomlin

15
Verification

• Deductive Methods
• Theorem-Proving techniques Lynch, Manna,
  Pnuelli
• Model Checking
• State-space exploration Alur-Henzinger, Sifakis,
  Pappas-Lafferrier-Sastry

Reachability Problem
Forward Reachable Set
16
Computational Tools

• Verification based on Modal Checking

Finite Automata
Timed Automata
Linear Automata
Linear Hybrid Systems
Nonlinear Hybrid Systems
d/dt CheckMate
Timed COSPAN KRONOS Timed HSIS VERITI UPPAAL
HyTech
COSPAN SMV VIS
Requiem
17
Computational Tools

• Simulation
• Ptolemy II ptolemy.eecs.berkeley.edu
• Modelica www.modelica.org
• SHIFT www.path.berkeley.edu/shift
• Dymola www.dynasim.se
• OmSim www.control.lth.se/cace/omsim.html
• ABACUSS yoric.mit.edu/abacuss/abacuss.html
• Stateflow www.mathworks.com/products/stateflow
• CHARON http//www.cis.upenn.edu/mobies/charon/
• Masaccio
• http//www-cad.eecs.berkeley.edu/tah/Publications
  /masaccio.html

18
Computational Tools

• Simulation

Masaccio CHARON
Ptolemy II
Dymola Modelica
StateFlow/Simulink
System Complexity
ABACUSS
SHIFT
OmSim
Models of Computation
19
Hybrid Modeling of Sensor Networks

• HyTech
• Verifies functional and temporal properties of
  linear hybrid automata
• Based on Model Checking and providing debugging
  traces
• Hybrid Automaton with flows which are linear in
  time
• SHIFT
• Models and simulates dynamic networks of hybrid
  automata
• Components created, interconnected, destroyed as
  the system evolves
• Components interact through their inputs, outputs
  and exported events

20
Hybrid Modeling of Sensor Networks

• HyTech

Example start of an execution of the timed
automaton
21
Hybrid Modeling of Sensor Networks

• HyTech

Reachability Problem Starting from somewhere in
an initial set, would the set of states
eventually reach somewhere in the target set?
22
Hybrid Modeling of Sensor Networks

• HyTech

Equivalent Classes
12x2 30x2 18x2
Every point in an equivalent class has the same
reachability property.
23
Hybrid Modeling of Sensor Networks

• HyTech

Equivalent Classes
12x2 30x2 18x2
Idea The reachability problem for timed
automaton (Transition System) can be answered on
a FSM (Quotient Transition System) which is
defined on the quotient space of the
bisimulation.
24
Bisimulation-based Abstraction

• Transition System
• To study the reachability properties of time
  automata, each timed automaton is converted into
  a transition system.
• Consider the equivalence relation, we have the
  following definitions
• Definition 1 (Bisimulation)

25
Bisimulation-based Abstraction

• Transition System

26
Bisimulation-based Abstraction

• Consider the transition system and the
  equivalence relation, we have the following
  result
• Therefore, one can define the reachability
  preserving quotient system of the transition
  system

27
Bisimulation-based Abstraction

• Transition System and its Quotient System

28
Overall View of TinyOS Automata
29
Packet Generation and Application Automata
Application
Packet_generation
idle
rtgt cbit_time / rt0, ptpt1, sync rfm_clock
rt0,pt0
at0
atgtcbetween/ at0, sync transmit_pack
rtltcbit_time ptltcidle drt1
ptgtcgeneration/ rt0, bit0, pt0, sync
rfm_clock
atltcbetween dat1
ptgtcidle/ rt0, bit1, pt0, sync rfm_clock
rtltcbit_time ptltcgeneration drt1
sync receive_pack/ at0, sync trans_packet
rtgtcbit_time/ rt0, ptpt1, sync rfm_clock
generate
cbit_time
cidle
cgeneration
30
From TinyOS to Hytech
Radio Byte
rfm_rx_ev
rfm_rx_comp
RFM Bit
rfm_clock
Packet Gen.
RFM
Energy spent by the transceiver RFM
receive
transmit
sync rfm_tx_comp/
sync rfm_rx_comp/
drfmt0
drfmt0
sync rfm_clock/ rfmt0, energyenergycrec
sync rfm_rx_comp/
sync rfm_clock/ rfmt0, energyenergyctrans
sync rfm_tx_comp/
rfmtltcrec_handler drfmt1
drfmt0
rfmtltctrans_handler drfmt1
drfmt0
rfmtgtcrec_handler/ sync rfm_rx_ev
rec_energy
rec_wait
trans_wait
trans_energy
rfmtgtcrec_handler/ sync rfm_tx_ev
31
From TinyOS to HyTech
Task Handler
idle
dht0 dct0 denergycinactive
Energy spent by processing events
sync rfm_rx_comp sync rfm_tx_comp /
exec
htlt0/
sync rfm_clock/
dht0 dct0 denergycactive
op
htgt0 dht-1 dct0 denergycactive
Energy spent by posting tasks
sync rfm_clock/
sync encode/ htcencode, ct0
sync decode/ htcdecode, ct0
sync rfm_rx_comp sync rfm_tx_comp /
sync decode/ hthtcdecode, ct0
ctltctask_post dht0 dct1
denergycactive
dht0 dct0 denergycactive
sync encode/ hthtcencode, ct0
Energy spent by processing tasks
op-wait
ctgtctask_post/ sync post_task_done
op-exec
32
Verification of TinyOS with HyTech

transmitting
packet level
idle
idle
receiving
byte level
receiving
33
Verification of TinyOS with HyTech

• Analysis commands for verification
• init_reg ..
• final_reg locrpackettransmit
  locrbytereceive
• reached reach forward from init_reg endreach
• if empty(reached final_reg)
• then prints working fine
• else print trace to final_reg using reached
• endif

34
Power Analysis of TinyOS with HyTech

• Power analysis through variable energy by using
  trace generation feature of HyTech by setting
• final_reg tgt300000
• Power Consumption vs. of Children

power
35
Power Analysis of TinyOS with HyTech

• As the number of children increases,
• time to wait before transmitting increases due to
  backoff
• number of packets to be forwarded increases

BS
36
Hybrid Modeling of a Sensor Network

• Uniform Distribution
• 100 node
• 100m x 100m
• 4 Macro Clusters
• Children determined according to position
  distribution

37
Hybrid Modeling of a Sensor Network

• 4 Types of Node Automata.
• Create an instance
• for each node.
• Destroy the instance when the node dies.
• Distribute the load to its group.
• Notify upper group when there is a death.

38
Hybrid Modeling of a Sensor Network

• SHIFT - Describes dynamic networks of hybrid
  automata
• Components created, interconnected, destroyed as
  the system evolves
• Components interact through their inputs, outputs
  and exported events

39
Model of a node
x Consumed energy f Power consumption S
Group of nodes
40
Validation Results

• Need powerful nodes in group 1.
• Group 1 suffers from high load and backoff time.
• Group 4 dies at the same time.

41
Conclusion

• Sensor nodes are aimed to be left without
  maintenance.
• Verification is needed for reliability.
• Power is a detrimental concern in sensor world.
• Power analysis is needed for the life time of
  the node.
• Network power analysis is needed for the life
  time of the network.
• Modeling and Analysis are based on Hybrid
  Automata
• Verification and Power analysis with HyTech .
• Network power analysis with SHIFT.

42
End