Model-based analysis of event-driven distributed real-time embedded systems

As embedded systems become increasingly networked, and interact with the physical world, Distributed Real-time Embedded (DRE) systems emerge. DRE systems range from small-scale Multi-processor Systems-on-Chip (MPSoCs) operating in resource constrained environments such as cell phone platforms, medical devices and sensor networks all the way to large-scale software-intensive systems of systems used in avionics, ship computing environments, and in supervisory control and data acquisition systems managing regional power grids. This dissertation focuses on the model-based analysis of event-driven DRE systems. Event-driven DRE systems are based on a reactive communication paradigm, where the execution of tasks is triggered asynchronously, invoked by external events, interrupts, or by other tasks. Events can also express time, providing a common semantic domain for the compositional analysis of time- and event-driven DRE systems. Key technical contributions of this dissertation are (1) the specification of a formal semantic domain for DRE systems, (2) a model checking method for the real-time verification of non-preemptive DRE systems by timed automata, (3) a performance estimation method for DRE systems by discrete event simulations, (4) a conservative approximation method for the verification of preemptive event-driven asynchronous DRE systems by timed automata, (5) a method for the functional verification and performance estimation of 1VIPSoCs built on an industry standard MPSoC interconnect protocol, and (6) a cross-abstraction real-time analysis method for MPSoC designs utilizing bus matrix interconnects. The novelty of our approach lies in combining formal methods and symbolic simulations for the system-level evaluation of DRE designs early in the design flow, and utilizing multiple abstractions to trade off analysis accuracy in scalability. We implemented the proposed analysis methods in the open-source Distributed Real-time Embedded Analysis Method (DREAM) framework for the model-based real-time verification and performance estimation of DRE systems. DREAM focuses on the practical application of formal analysis methods to automate the verification, development, configuration, and integration of event-driven DRE systems. DREAM is available for download at http://dre.sourceforge.net. We applied the proposed design flow to the domain of software-intensive mission-critical avionics DRE applications, and the domain of multimedia MPSoCs.

[1]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[2]  Sherif Abdelwahed,et al.  Verifying distributed real-time properties of embedded systems via graph transformations and model checking , 2006, Real-Time Systems.

[3]  Steve Vestal Formal verification of the MetaH executive using linear hybrid automata , 2000, Proceedings Sixth IEEE Real-Time Technology and Applications Symposium. RTAS 2000.

[4]  Wang Yi,et al.  Timed Automata: Semantics, Algorithms and Tools , 2003, Lectures on Concurrency and Petri Nets.

[5]  Martin Gogolla Unified Modeling Language , 2009, Encyclopedia of Database Systems.

[6]  Donald Bren,et al.  Combining Transaction-level Simulations and Model Checking for MPSoC Verification and Performance Evaluation , 2009 .

[7]  Sudeep Pasricha Transaction level modeling of SoC with SystemC 2.0 , 2004 .

[8]  Dániel Varró,et al.  Designing the automatic transformation of visual languages , 2002, Sci. Comput. Program..

[9]  Douglas C. Schmidt,et al.  Pattern-Oriented Software Architecture, Patterns for Concurrent and Networked Objects , 2013 .

[10]  Bernhard Rumpe,et al.  Meaningful modeling: what's the semantics of "semantics"? , 2004, Computer.

[11]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[12]  Rachel Cardell-Oliver,et al.  Analysis of Scheduling Behaviour using Generic Timed Automata , 2001, Electron. Notes Theor. Comput. Sci..

[13]  Amit Goel,et al.  Formal verification of an IBM CoreConnect processor local bus arbiter core , 2000, DAC.

[14]  Marcel Verhoef,et al.  System architecture evaluation using modular performance analysis: a case study , 2006, International Journal on Software Tools for Technology Transfer.

[15]  Jan Karel Lenstra,et al.  Scheduling subject to resource constraints: classification and complexity , 1983, Discret. Appl. Math..

[16]  Miguel Felder,et al.  Verification of real-time designs: combining scheduling theory with automatic formal verification , 1999, ESEC/FSE-7.

[17]  Christos G. Cassandras,et al.  Discrete event systems : modeling and performance analysis , 1993 .

[18]  Hasan Amjad Verification of AMBA Using a Combination of Model Checking and Theorem Proving , 2006, Electron. Notes Theor. Comput. Sci..

[19]  Joseph Sifakis,et al.  The IF Toolset , 2004, SFM.

[20]  Oded Maler,et al.  Preemptive Job-Shop Scheduling Using Stopwatch Automata , 2002, TACAS.

[21]  Rolf Ernst,et al.  System level performance analysis - the SymTA/S approach , 2005 .

[22]  Kenneth L. McMillan,et al.  The SMV System , 1993 .

[23]  Edward A. Lee The problem with threads , 2006, Computer.

[24]  Gaurav Bhatia,et al.  Model-Based Development of Embedded Systems: The SysWeaver Approach , 2006, 12th IEEE Real-Time and Embedded Technology and Applications Symposium (RTAS'06).

[25]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[26]  William Henderson,et al.  Using Timed Automata for Response Time Analysis of Distributed Real-Time Systems , 1999 .

[27]  David Q. Mayne,et al.  Constrained model predictive control: Stability and optimality , 2000, Autom..

[28]  Mark Klein,et al.  A practitioner's handbook for real-time analysis - guide to rate monotonic analysis for real-time systems , 1993, The Kluwer international series in engineering and computer science.

[29]  Hartmut Ehrig,et al.  Handbook of graph grammars and computing by graph transformation: vol. 3: concurrency, parallelism, and distribution , 1999 .

[30]  Nikil D. Dutt,et al.  BMSYN: Bus Matrix Communication Architecture Synthesis for MPSoC , 2007, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[31]  David S. Taubman,et al.  High performance scalable image compression with EBCOT. , 2000, IEEE transactions on image processing : a publication of the IEEE Signal Processing Society.

[32]  Arcot Sowmya,et al.  Synchronous protocol automata: a framework for modelling and verification of SoC communication architectures , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.

[33]  Kang G. Shin,et al.  Task construction for model-based design of embedded control software , 2006, IEEE Transactions on Software Engineering.

[34]  Nikil Dutt,et al.  On-Chip Communication Architectures: System on Chip Interconnect , 2008 .

[35]  Nikil D. Dutt,et al.  Fast exploration of bus-based communication architectures at the CCATB abstraction , 2008, TECS.

[36]  Joseph Sifakis,et al.  Decidable Integration Graphs , 1999, Inf. Comput..

[37]  Gabor Karsai,et al.  Composing Domain-Specific Design Environments , 2001, Computer.

[38]  Rainer Kolisch,et al.  Experimental evaluation of state-of-the-art heuristics for the resource-constrained project scheduling problem , 2000, Eur. J. Oper. Res..

[39]  Tulika Mitra,et al.  Using formal techniques to debug the AMBA system-on-chip bus protocol , 2003, 2003 Design, Automation and Test in Europe Conference and Exhibition.

[40]  Chung Laung Liu,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[41]  Douglas C. Schmidt,et al.  A high-performance end system architecture for real-time CORBA , 1997, IEEE Commun. Mag..

[42]  S. Lafortune Supervisory Control Of Discrete Event Systems , 2011 .

[43]  Douglas C. Schmidt,et al.  The Design and Performance of a Scalable ORB Architecture for CORBA Asynchronous Messaging , 2000, Middleware.

[44]  Sherif Abdelwahed,et al.  Model-based analysis of distributed real-time embedded system composition , 2005, EMSOFT.

[45]  Rajeev Alur,et al.  Model-Checking in Dense Real-time , 1993, Inf. Comput..

[46]  Luciano Lavagno,et al.  Metropolis: An Integrated Electronic System Design Environment , 2003, Computer.

[47]  Wang Yi,et al.  Multi-processor Schedulability Analysis of Preemptive Real-Time Tasks with Variable Execution Times , 2007, FORMATS.

[48]  Randal E. Bryant,et al.  Symbolic Boolean manipulation with ordered binary-decision diagrams , 1992, CSUR.

[49]  Douglas C. Schmidt,et al.  Design and Performance of Asynchronous Method Handling for CORBA , 2002, CoopIS/DOA/ODBASE.

[50]  Sherif Abdelwahed,et al.  Performance estimation of distributed real-time embedded systems by discrete event simulations , 2007, EMSOFT '07.

[51]  Douglas C. Schmidt,et al.  The design and performance of a real-time CORBA event service , 1997, OOPSLA '97.

[52]  Wendy Roll Towards model-based and CCM-based applications for real-time systems , 2003, Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, 2003..

[53]  Wang Yi,et al.  A Tool Architecture for the Next Generation of Uppaal , 2002, 10th Anniversary Colloquium of UNU/IIST.

[54]  Thomas A. Henzinger,et al.  Giotto: a time-triggered language for embedded programming , 2001, Proc. IEEE.

[55]  Sujit Dey,et al.  System-level performance analysis for designing on-chipcommunication architectures , 2001, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[56]  Edward A. Lee,et al.  A Programming Model for Time-Synchronized Distributed Real-Time Systems , 2007, 13th IEEE Real Time and Embedded Technology and Applications Symposium (RTAS'07).

[57]  Stephen A. Edwards,et al.  The synchronous languages 12 years later , 2003, Proc. IEEE.

[58]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[59]  Gerard J. Holzmann,et al.  The SPIN Model Checker - primer and reference manual , 2003 .

[60]  Brian Ellis,et al.  VEST: an aspect-based composition tool for real-time systems , 2003, The 9th IEEE Real-Time and Embedded Technology and Applications Symposium, 2003. Proceedings..

[61]  Nikil D. Dutt,et al.  Formal performance evaluation of AMBA-based system-on-chip designs , 2006, EMSOFT '06.

[62]  Peter Sommerlad,et al.  Pattern-Oriented Software Architecture: A System of Patterns: John Wiley & Sons , 1987 .

[63]  Douglas C. Schmidt,et al.  Integrated Adaptive QoS Management in Middleware: An Empirical Case Study , 2005 .

[64]  Wayne H. Wolf,et al.  Performance Estimation for Real-Time Distributed Embedded Systems , 1998, IEEE Trans. Parallel Distributed Syst..

[65]  Sherif Abdelwahed,et al.  Automatic verification of component-based real-time CORBA applications , 2004, 25th IEEE International Real-Time Systems Symposium.

[66]  E.M. Clarke,et al.  Verifying IP-core based system-on-chip designs , 1999, Twelfth Annual IEEE International ASIC/SOC Conference (Cat. No.99TH8454).

[67]  Wolfgang Rosenstiel,et al.  SystemC: methodologies and applications , 2003 .

[68]  Douglas C. Schmidt,et al.  Model Driven Middleware: A New Paradigm for Developing and Provisioning Distributed Real-time and Embedded Applications ? , 2003 .

[69]  Wang Yi,et al.  Timed automata as task models for event-driven systems , 1999, Proceedings Sixth International Conference on Real-Time Computing Systems and Applications. RTCSA'99 (Cat. No.PR00306).

[70]  Giorgio C. Buttazzo,et al.  Rate Monotonic vs. EDF: Judgment Day , 2003, Real-Time Systems.

[71]  Rolf Ernst,et al.  A Formal Approach to MpSoC Performance Verification , 2003, Computer.

[72]  David Sharp,et al.  Freeing product line architectures from execution dependencies , 2000, SPLC.

[73]  Edward A. Lee,et al.  Overview of the Ptolemy project , 2001 .

[74]  Pravin Varaiya,et al.  Suspension Automata: A Decidable Class of Hybrid Automata , 1994, CAV.

[75]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[76]  Gabor Karsai,et al.  Model-Integrated Computing , 1997, Computer.

[77]  John A. Clark,et al.  Holistic schedulability analysis for distributed hard real-time systems , 1994, Microprocess. Microprogramming.

[78]  Edmund M. Clarke,et al.  Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic , 1981, Logic of Programs.

[79]  Kang G. Shin,et al.  An end-to-end tool chain for multi-view modeling and analysis of avionics mission computing software , 2003, RTSS 2003. 24th IEEE Real-Time Systems Symposium, 2003.

[80]  Sherif Abdelwahed,et al.  Cross-Abstraction Functional Verification and Performance Analysis of Chip Multiprocessor Designs , 2009, IEEE Transactions on Industrial Informatics.

[81]  Kim G. Larsen,et al.  The Impressive Power of Stopwatches , 2000, CONCUR.

[82]  Sherif Abdelwahed,et al.  A Conservative Approximation Method for the Verification of Preemptive Scheduling Using Timed Automata , 2009, 2009 15th IEEE Real-Time and Embedded Technology and Applications Symposium.

[83]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[84]  John Hatcliff,et al.  CALM and Cadena: metamodeling for component-based product-line development , 2006, Computer.

[85]  César Sánchez,et al.  Reusable models for timing and liveness analysis of middleware for distributed real-time and embedded systems , 2006, EMSOFT '06.

[86]  Hermann Kopetz,et al.  The time-triggered architecture , 2003 .

[87]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[88]  Thomas F. Melham,et al.  An AMBA-ARM7 Formal Verification Platform , 2003, ICFEM.

[89]  Aniruddha S. Gokhale,et al.  Developing applications using model-driven design environments , 2006, Computer.

[90]  Nikil D. Dutt,et al.  Domain-Specific Modeling of Power Aware Distributed Real-Time Embedded Systems , 2006, SAMOS.