Automata-theoretic modeling of fixed-priority non-preemptive scheduling for formal timing verification

The design process of safety-critical systems requires formal analysis methods to ensure their correct functionality without over-sized safety margins and extensive testing. For architectures with state-based events or scheduling, such as load-dependent frequency scaling, model checking has emerged as a promising tool. It formally verifies timing behavior of realtime systems with minimal over-approximation of the worst case delays. In this context, Event Count Automata (ECAs) have become a valuable modeling approach because they are specifically designed to handle typical arrival patterns and integrate well with analytic techniques. In this work, we propose an extension of the ECA framework's semantics and use it in a Fixed-Priority Non-preemptive Scheduling (FPNS) model that correctly abstracts the intra-slot behavior in the slotted-time model of the ECA. This is challenging because straightforward implementations cannot capture the full behavior of event-triggered scheduling with such a time model that the ECA shares with most model checking based methods. In a case study, we obtain bounds via model checking a basic model and then our proposed model. We compare these bounds with a SystemC simulation. This shows that the bounds from the basic model are too optimistic - and exceeded in practice - because it does not capture the full behavior, while the bounds from the proposed extended model are both safe and reasonably tight.

[1]  Alan Burns,et al.  Controller Area Network (CAN) schedulability analysis: Refuted, revisited and revised , 2007, Real-Time Systems.

[2]  Michael D. Ernst,et al.  Computer Aided Verification , 2016, Lecture Notes in Computer Science.

[3]  Wang Yi,et al.  Compositional and Symbolic Model-Checking of Real-Time Systems , 1996 .

[4]  Samarjit Chakraborty,et al.  Event count automata: a state-based model for stream processing systems , 2005, 26th IEEE International Real-Time Systems Symposium (RTSS'05).

[5]  Zdenek Hanzalek,et al.  Timed Automata Approach to CAN Verification , 2004 .

[6]  Martin Lukasiewycz,et al.  Formal verification of distributed controllers using Time-Stamped Event Count Automata , 2013, 2013 18th Asia and South Pacific Design Automation Conference (ASP-DAC).

[7]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[8]  Ashish Tiwari,et al.  Sal 2 , 2004, CAV.

[9]  Wang Yi,et al.  Schedulability analysis of fixed-priority systems using timed automata , 2006, Theor. Comput. Sci..

[10]  Lothar Thiele,et al.  Performance Analysis of Multimedia Applications using Correlated Streams , 2007, 2007 Design, Automation & Test in Europe Conference & Exhibition.

[11]  Rajeev Alur,et al.  Automata Based Interfaces for Control and Scheduling , 2007, HSCC.

[12]  Ge Yu,et al.  Static Scheduling and Software Synthesis for Dataflow Graphs with Symbolic Model-Checking , 2007, RTSS 2007.

[13]  Lothar Thiele,et al.  Real-time calculus for scheduling hard real-time systems , 2000, 2000 IEEE International Symposium on Circuits and Systems. Emerging Technologies for the 21st Century. Proceedings (IEEE Cat No.00CH36353).

[14]  Lothar Thiele,et al.  Composing Functional and State-Based Performance Models for Analyzing Heterogeneous Real-Time Systems , 2007, 28th IEEE International Real-Time Systems Symposium (RTSS 2007).

[15]  Devesh B. Chokshi,et al.  Modeling Fixed Priority Non-Preemptive Scheduling with Real-Time Calculus , 2008, 2008 14th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications.

[16]  Samarjit Chakraborty,et al.  Lightweight Modeling of Complex State Dependencies in Stream Processing Systems , 2009, 2009 15th IEEE Real-Time and Embedded Technology and Applications Symposium.