Synthesis of distributed systems from synchronous dataflow programs

Synchronous dataflow languages are a popular tool for systems specification in domains such as real-time control and hardware design. The potential benefits are promising: Discrete-time semantics and deterministic concurrency reduce the state-space of parallel designs, and the engineer's intuition of uniformly progressing physical time is clearly reflected. However, for deriving implementations, use of synchronous programs is currently limited to hardware synthesis, generation of non-distributed software, or deployment on time-triggered architectures. For distributed software systems based on event-triggered bus systems and on-line schedulers, it is still an open problem how conformance with an abstract synchronous design is to be defined. This thesis examines both the problem of synthesis, and the problem of behavioral preservation, for distributed implementations of synchronous programs. A simple synchronous language is presented: this class of languages is shown to meet some essential application requirements, such as boundedness of computational resources, or compositionality. For programs with appropriate delays at subsystem boundaries, two complementary implementation schemes suited for the OSEK operating system and event-triggered communication media, respectively, are presented. Both implementation schemes are characterized by the fact that individual steps of the synchronous program's semantics are spread out in time, or linearized. For such linearized implementations, we provide a general formal framework, where the synchronous program and its linearized implementation are captured both on the level of language (words) and on the level of transition structures (automata). As an example application of the theory, it is shown how certain behavioral properties expressed in the temporal logic LTL can be preserved from the synchronous program to its implementation. A simple method is provided for checking whether a given property is preservable.

[1]  Stavros Tripakis,et al.  Translating discrete-time simulink to lustre , 2003, TECS.

[2]  Paul Caspi Clocks in Dataflow Languages , 1992, Theor. Comput. Sci..

[3]  Nancy A. Lynch,et al.  A new fault-tolerant algorithm for clock synchronization , 1984, PODC '84.

[4]  Jan Romberg,et al.  Loose synchronization of event-triggered networks for distribution of synchronous programs , 2004, EMSOFT '04.

[5]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[6]  Gilles Kahn,et al.  The Semantics of a Simple Language for Parallel Programming , 1974, IFIP Congress.

[7]  Amir Pnueli,et al.  Now you may compose temporal logic specifications , 1984, STOC '84.

[8]  Christopher Strachey,et al.  Toward a mathematical semantics for computer languages , 1971 .

[9]  Nicolas Halbwachs,et al.  Projet SYNCHRONE : les formats communs des langages synchrones , 1993 .

[10]  Glynn Winskel,et al.  The formal semantics of programming languages - an introduction , 1993, Foundation of computing series.

[11]  Marina Chen,et al.  Crystal: theory and pragmatics of generating efficient parallel code , 1991 .

[12]  Lou J. Somers,et al.  Experiences and Lessons Learned Using UML-RT to Develop Embedded Printer Software , 2002, PROFES.

[13]  Paul Hudak,et al.  Directions in Functional Programming for Real(-Time) Applications , 2001, EMSOFT.

[14]  Jack B. Dennis,et al.  A preliminary architecture for a basic data-flow processor , 1974, ISCA '75.

[15]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[16]  Nicolas Halbwachs,et al.  Generating Efficient Code From Data-Flow Programs , 1991, PLILP.

[17]  Wojciech Zielonka,et al.  The Book of Traces , 1995 .

[18]  Manfred Broy,et al.  Specification and development of interactive systems: focus on streams, interfaces, and refinement , 2001 .

[19]  Stephen G. MacDonell Comparative review of functional complexity assessment methods for effort estimation , 1994, Softw. Eng. J..

[20]  J. Schiemann,et al.  ERCOS: An Operating System for Automotive Applications , 1996 .

[21]  Manfred Broy (Inter-)Action Refinement: The Easy Way , 1992, NATO ASI PDC.

[22]  William W. Wadge,et al.  Lucid, a nonprocedural language with iteration , 1977, CACM.

[23]  Paul Le Guernic,et al.  Implementation of the data-flow synchronous language SIGNAL , 1995, PLDI '95.

[24]  James W. Layland,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[25]  Steve Vestal Formal verification of the MetaH executive using linear hybrid automata , 2000, Proceedings Sixth IEEE Real-Time Technology and Applications Symposium. RTAS 2000.

[26]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.

[27]  Edward A. Lee Absolutely Positively on Time: What Would It Take? , 2005, Computer.

[28]  Joseph Sifakis,et al.  Property preserving abstractions for the verification of concurrent systems , 1995, Formal Methods Syst. Des..

[29]  Stavros Tripakis,et al.  From simulink to SCADE/lustre to TTA: a layered approach for distributed embedded applications , 2003, LCTES '03.

[30]  Mary Shaw,et al.  Software architecture - perspectives on an emerging discipline , 1996 .

[31]  Richard N. Taylor,et al.  A Classification and Comparison Framework for Software Architecture Description Languages , 2000, IEEE Trans. Software Eng..

[32]  Albert Benveniste,et al.  A Protocol for Loosely Time-Triggered Architectures , 2002, EMSOFT.

[33]  Moshe Y. Vardi Branching vs. Linear Time: Final Showdown , 2001, TACAS.

[34]  L. Sha,et al.  The priority ceiling protocol: A method for minimizing the blocking of high priority Ada tasks , 1988, IRTAW '88.

[35]  Manas Saksena,et al.  Schedulability analysis for automated implementations of real-time object-oriented models , 1998, Proceedings 19th IEEE Real-Time Systems Symposium (Cat. No.98CB36279).

[36]  Thomas Stauner,et al.  Systematic development of hybrid systems , 2001, Ausgezeichnete Informatikdissertationen.

[37]  Manfred Broy,et al.  A Theory for Nondeterminism, Parallelism, Communication, and Concurrency , 1986, Theor. Comput. Sci..

[38]  Marc Pouzet,et al.  Synchronous Kahn networks , 1996, ICFP '96.

[39]  Kang G. Shin,et al.  Improving Wait-Free Algorithms for Interprocess Communication in Embedded Real-Time Systems , 2002, USENIX Annual Technical Conference, General Track.

[40]  Alan Burns,et al.  Timing Analysis of Real-Time Communication Under Electromagnetic Interference , 2005, Real-Time Systems.

[41]  Alexander L. Wolf,et al.  Acm Sigsoft Software Engineering Notes Vol 17 No 4 Foundations for the Study of Software Architecture , 2022 .

[42]  Ulf T. Wiger Four-fold Increase in Productivity and Quality , 2001 .

[43]  Manfred Broy,et al.  AutoMoDe - Notations, Methods, and Tools for Model-Based Development of Automotive Software , 2005 .

[44]  Insup Lee,et al.  Compositional Refinement for Hierarchical Hybrid Systems , 2001, HSCC.

[45]  T. Kanade Model-Based Testing of Reactive Systems , 2005 .

[46]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[47]  Thomas Martyn Parks,et al.  Bounded scheduling of process networks , 1996 .

[48]  Martin Leucker,et al.  Logics for Mazurkiewicz traces , 2002 .

[49]  Nicolas Halbwachs,et al.  Minimal State Graph Generation , 1992, Science of Computer Programming.

[50]  Norman Scaife,et al.  Integrating model-based design and preemptive scheduling in mixed time- and event-triggered systems , 2004, Proceedings. 16th Euromicro Conference on Real-Time Systems, 2004. ECRTS 2004..

[51]  Nancy A. Lynch,et al.  Hierarchical correctness proofs for distributed algorithms , 1987, PODC '87.

[52]  Stavros Tripakis,et al.  Semantics-preserving and memory-efficient implementation of inter-task communication on static-priority or EDF schedulers , 2005, EMSOFT.

[53]  Hermann Kopetz,et al.  Real-time systems , 2018, CSC '73.

[54]  Benoît Caillaud,et al.  Correct-by-construction asynchronous implementation of modular synchronous specifications , 2005, Fifth International Conference on Application of Concurrency to System Design (ACSD'05).

[55]  Thomas A. Henzinger,et al.  What Good Are Digital Clocks? , 1992, ICALP.

[56]  Frederick P. Brooks,et al.  No Silver Bullet: Essence and Accidents of Software Engineering , 1987 .

[57]  Stephen H. Edwards,et al.  Comparison of Dataflow Architecture and Real-Time Workshop Embedded Coder in Power Electronics System Control Software Design , 2003 .

[58]  Ted G. Lewis,et al.  Visual Object-Oriented Programming: Concepts and Environments , 1995 .

[59]  Hermann Kopetz,et al.  Sparse time versus dense time in distributed real-time systems , 1992, [1992] Proceedings of the 12th International Conference on Distributed Computing Systems.

[60]  José Rufino,et al.  Fault-tolerant broadcasts in CAN , 1998, Digest of Papers. Twenty-Eighth Annual International Symposium on Fault-Tolerant Computing (Cat. No.98CB36224).

[61]  Nicolas Halbwachs,et al.  Data-Flow Synchronous Languages , 1993, REX School/Symposium.

[62]  Benoît Caillaud,et al.  Distributing Automata for Asynchronous Networks of Processors , 1997 .

[63]  P. Braun,et al.  Softwareentwicklung für Steuergerätenetzwerke : Eine Methodik für die frühe Phase , 2000 .

[64]  Dayton Clark HIC: an operating system for hierarchies of servo loops , 1989, Proceedings, 1989 International Conference on Robotics and Automation.

[65]  Kenneth R. Traub,et al.  Multithreading: a revisionist view of dataflow architectures , 1991, ISCA '91.

[66]  Lui Sha,et al.  Priority Inheritance Protocols: An Approach to Real-Time Synchronization , 1990, IEEE Trans. Computers.

[67]  G. Plotkin,et al.  Proof, language, and interaction: essays in honour of Robin Milner , 2000 .

[68]  William B. Ackerman,et al.  Scenarios: A Model of Non-Determinate Computation , 1981, ICFPC.

[69]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[70]  Alan Burns,et al.  Guaranteeing message latencies on controller area network (can) , 1994 .

[71]  Paul Caspi,et al.  Automatic Distribution of Reactive Systems for Asynchronous Networks of Processors , 1999, IEEE Trans. Software Eng..

[72]  Alley Stoughton,et al.  Fully abstract models of programming languages , 1986, Research Notes in Theoretical Computer Science.

[73]  Marian Petre,et al.  When Visual Programs are Harder to Read than Textual Programs , 1992 .

[74]  Ioannis Parissis,et al.  Specification-based testing of synchronous software , 1996, SIGSOFT '96.

[75]  Orna Grumberg,et al.  Abstract interpretation of reactive systems , 1997, TOPL.

[76]  James R. Russell,et al.  Full abstraction for nondeterministic dataflow networks , 1989, 30th Annual Symposium on Foundations of Computer Science.

[77]  Bernhard Schätz,et al.  Modeling Embedded Software : State of the Art and Beyond , 2003 .

[78]  Bran Selic,et al.  The Pragmatics of Model-Driven Development , 2003, IEEE Softw..

[79]  Stephen A. Edwards,et al.  The Synchronous Languages Twelve Years Later , 1997 .

[80]  Edward A. Lee Model-Driven Development - From Object-Oriented Design to Actor-Oriented Design , 2003 .

[81]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[82]  Bernhard Schätz,et al.  Consistent Graphical Specification of Distributed Systems , 1997, FME.

[83]  Nicolas Halbwachs,et al.  Automatic testing of reactive systems , 1998, Proceedings 19th IEEE Real-Time Systems Symposium (Cat. No.98CB36279).

[84]  Thomas A. Henzinger,et al.  Giotto: a time-triggered language for embedded programming , 2001, Proc. IEEE.