Predictable Design for Real-time Embedded Control A Case Study

Predictable Design for Real-time Embedded Control

A Case Study

Jinfeng Huang & Jeroen VoetenEindhoven University of Technology

PROGRPROGREESSSS

2

Contents

•A running example: railroad crossingA running example: railroad crossing•Problems in current design practiceProblems in current design practice•Compositional design approachCompositional design approach•DemoDemo

3

Railroad Crossing

•Trains run independently at different velocities

•Velocities are constant•Avoid collisions •As efficient as possible

StationStation

Station

B

AA D

D

A

Critical zone

Crossingarea

Station

B CB

C

4

Current Practice

Train A Crossing Train B

D

T T+D+

StartMotor

CrossingArea

CriticalZoneSensor A

Delay (D)

CheckCrossing

StopMotor

5

Timing Property

•(Timed) execution trace of “Train A”:

1+2 ?

SensorA signaled T Delay D

T+DCheck Crossing

T+D+1Stop motor T+D+1+2

Between D and D+ seconds after Train A has passed Sensor A, “Train A” checks the Crossing and stops the train if the Crossing is occupied

6

Timing Property - Add other Components •e.g. to control other trains or crossings.•(Timed) execution trace of “Train A” (disturbed by other components):

1+2+3+1+2 BOOM !!!

SensorA signaled T

Delay D T+1+D

Check Crossing T+1+D +2+1

Stop motor T+1+D +2+1+3+2

Other components running T+1

T+1+D+2

T+1+D +2+1+3

7

Problems in current practice

•Behaviors of components are not compositional•Debug and analysis codes “pollute” the timing

behavior of the system•Lack reusability, maintainability, portability etc. •Lack facilities to guarantee property preservation: Lack facilities to guarantee property preservation:

Implementation exhibits unexpected behaviors not Implementation exhibits unexpected behaviors not present in the modelpresent in the model

8

Compositional Approach (Modeling)

•POOSL: Based on a two-phase execution frame: Based on a two-phase execution frame: actions are instantaneous and time progress is actions are instantaneous and time progress is represented in a virtual way (instead of based represented in a virtual way (instead of based directly on a physical clock) directly on a physical clock) •Compositional semanticsCompositional semantics•ExecutableExecutable•Expressive (concurrency, time, Expressive (concurrency, time, communication…)

9

Compositional Approach (Modeling)

Train A Train BCrossingAbstract ModelRefinement

Verification

Train AActor

Train AI mage

Train BI mage

Train BActor

Train BCrossingTrain A

Extended Model

SafetyMonitoring

Simulation

Refinement

Estimation of

Synthesis

Synthesis Model

Train AImage

Train BImageCrossing

LEGO DACTA Interface

10

Compositional Approach (Synthesis)

•Automatic code generation (RT-Rotalumis,C++)

•Real-time property-preserving mapping guaranteed by the -hypothesis•The execution tree: ordering of actions is kept from

model to implementation•Synchronization between virtual time and physical

time: if an action happens at virtual time t in model it happens in physical time interval (t-/2,t+/2) in implementation

11

Demo: The Railroad Crossing

StationStation

Station

B

AA D

D

A

Critical zone

Crossingarea

Station

B CB

C

- 100 - 20 20 100 cm

- 100

20

100

•Velocity TrainA: 40 cm/s•Velocity TrainB: 90 cm/s

Extended Model

Synthesis ModelRealization

Rapid analysis

Abstract Model

Models and video are not included in the presentation. For those who are interested, please mailto: [email protected]

12

Future Work and Open Issues

•Mapping efficiency•Prediction / platform requirements•Multi-processor platforms •Streaming data•Continuous-time environmental models•Tools