Formalization and Correctness of the PALS Architectural Pattern for Distributed Real-Time Systems

Many Distributed Real-Time Systems (DRTS), such as integrated modular avionics systems and distributed control systems in motor vehicles, are made up of a collection of components that communicate asynchronously and that must change their state and respond to environment inputs within hard real-time bounds. Such systems are often safety-critical and need to be certified; but their certification is currently very hard due to their distributed nature. The Physically Asynchronous Logically Synchronous (PALS) architectural pattern can greatly reduce the design and verification complexities of achieving virtual synchrony in a DRTS. This work presents a formal specification of PALS as a formal model transformation that maps a synchronous design, together with performance bounds of the underlying infrastructure, to a formal DRTS specification that is semantically equivalent to the synchronous design. This semantic equivalence is proved, showing that the formal verification of temporal logic properties of the DRTS can be reduced to their verification on the much simpler synchronous design. An avionics system case study illustrates the usefulness of PALS for formal verification purposes.

[1]  Robert Mores,et al.  FlexRay - The Communication System for Advanced Automotive Control Systems , 2001 .

[2]  Baruch Awerbuch,et al.  Complexity of network synchronization , 1985, JACM.

[3]  Lui Sha,et al.  Implementing logical synchrony in integrated modular avionics , 2009, 2009 IEEE/AIAA 28th Digital Avionics Systems Conference.

[4]  Panagiotis Manolios Mechanical verification of reactive systems , 2001 .

[5]  Xiaokang Qiu,et al.  A Formal Architecture Pattern for Real-Time Distributed Systems , 2009, 2009 30th IEEE Real-Time Systems Symposium.

[6]  Peter Csaba Ölveczky,et al.  Abstraction and Completeness for Real-Time Maude , 2006, WRLA.

[7]  Narciso Martí-Oliet,et al.  All About Maude - A High-Performance Logical Framework, How to Specify, Program and Verify Systems in Rewriting Logic , 2007, All About Maude.

[8]  Gerard Tel,et al.  Synchronizing ABD networks , 1994, TNET.

[9]  John M. Rushby,et al.  An Overview of Formal Verification for the Time-Triggered Architecture , 2002, FTRTFT.

[10]  Shmuel Zaks,et al.  Synchronizing Aysnchronous Bounded Delay Networks , 1987, WDAG.

[11]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[12]  Anees Shaikh,et al.  RTCAST: lightweight multicast for real-time process groups , 1996, Proceedings Real-Time Technology and Applications.

[13]  Shmuel Zaks,et al.  Synchronizing asynchronous bounded delay networks , 1990, IEEE Trans. Commun..

[14]  Stephan Merz,et al.  Model Checking , 2000 .

[15]  John M. Rushby,et al.  Bus Architectures for Safety-Critical Embedded Systems , 2001, EMSOFT.

[16]  MeseguerJosé Conditional rewriting logic as a unified model of concurrency , 1992 .

[17]  José Meseguer,et al.  Using the PALS Architecture to Verify a Distributed Topology Control Protocol for Wireless Multi-Hop Networks in the Presence of Node Failures , 2010, RTRTS.

[18]  Alberto L. Sangiovanni-Vincentelli,et al.  Implementing Synchronous Models on Loosely Time Triggered Architectures , 2008, IEEE Transactions on Computers.

[19]  Lee Pike,et al.  Modeling Time-Triggered Protocols and Verifying Their Real-Time Schedules , 2007, Formal Methods in Computer Aided Design (FMCAD'07).

[20]  Peter Csaba Abstraction and Completeness for Real-Time Maude , 2006 .

[21]  Alain Girault,et al.  Automatic Production of Globally Asynchronous Locally Synchronous Systems , 2002, EMSOFT.

[22]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[23]  Günter Grünsteidl,et al.  TTP - A Protocol for Fault-Tolerant Real-Time Systems , 1994, Computer.

[24]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[25]  Edmund M. Clarke,et al.  Characterizing Finite Kripke Structures in Propositional Temporal Logic , 1988, Theor. Comput. Sci..

[26]  John M. Rushby,et al.  Systematic Formal Verification for Fault-Tolerant Time-Triggered Algorithms , 1999, IEEE Trans. Software Eng..

[27]  Valmir Carneiro Barbosa,et al.  An introduction to distributed algorithms , 1996 .

[28]  José Meseguer,et al.  Algebraic simulations , 2010, J. Log. Algebraic Methods Program..

[29]  Benoît Caillaud,et al.  Correct-by-construction asynchronous implementation of modular synchronous specifications , 2005, Fifth International Conference on Application of Concurrency to System Design (ACSD'05).

[30]  Hubert Garavel,et al.  Verification of GALS Systems by Combining Synchronous Languages and Process Calculi , 2009, SPIN.

[31]  Wei Zhao,et al.  Fault-tolerant real-time communication in FDDI-based networks , 1995, Proceedings 16th IEEE Real-Time Systems Symposium.

[32]  Peter Csaba Ölveczky,et al.  PALS: Physically Asynchronous Logically Synchronous Systems , 2009 .

[33]  Lee Pike A note on inconsistent axioms in Rushby's "systematic formal verification for fault-tolerant time-triggered algorithms" , 2006, IEEE Transactions on Software Engineering.

[34]  Peter Csaba Ölveczky,et al.  Semantics and pragmatics of Real-Time Maude , 2007, High. Order Symb. Comput..