-
[show abstract]
[hide abstract]
ABSTRACT: Rate Monotonic Analysis (RMA) is a standard technique for the analysis of task schedulability which has also successfully been applied to the schedulability analysis of CAN messages. The prediction of worst-case end-to-end response times in a distributed CAN application requires the integrated analysis of both tasks and messages - the socalled "Holistic" approach. The work discussed in this paper contributes to the practical application of an holistic approach to analysis by: a) providing a framework for describing distributed periodic systems as graphs of precedence constrained tasks and messages, b) developing a tool to automate the analysis and support systems design and, c) validating the approach by empirical means. We describe the analysis tool, X rma, and show how it supports the design and evaluation of distributed hard real-time systems. The analysis of an example distributed control system composed of multiple control/feedback loops is presented to illustrate how the tool is used to verify that critical end-toend response times can be met by an implementation. To verify the analysis, timing measurements have been conducted on distributed control systems which use the VxWorks real-time kernel for task scheduling and CAN for inter-processor communication. The empirical results confirm that the analytical approach allows reliable bounds to be predicted for distributed responses in systems of practical complexity. However, it is shown that predicting tight bounds requires the elimination of pessimistic properties of distributed scheduling models.
11/2003;
-
[show abstract]
[hide abstract]
ABSTRACT: A well-established approach to the verification of end-to-end response times for distributed, hard realtime systems is an integrated scheduling analysis of both task processing and message communication. Hitherto, published analyses have been confined to the computation of worst-case bounds only and best-case response times have been ignored, assumed to be zero or treated approximately. However, there are compelling reasons for computing both upper and lower bounds on response times, not only to allow the verification of best-case performance but also to improve the accuracy of the overall analysis. This paper describes a precise best-case execution time analysis which reduces jitter and extends distributed scheduling analysis to yield more accurate upper and lower bounds on system response times. The analysis is combined with existing results for worst-case responses in a single scheduling algorithm to compute both upper and lower bounds on end-to-end response in distributed systems.
11/2003;
-
[show abstract]
[hide abstract]
ABSTRACT: Reachability analysis and model checking of timed automata are now well-established techniques in the analysis of real-time control systems. The major limiting factor in their use, from a technical point of view, remains the state explosion problem. Symbolic representation of the state space often allows for the analysis of much larger systems than the point-wise representation which is common in enumerative analysis. In particular, the use of rooted, ordered binary decision diagrams (ROBDDs) has been successful, mainly in the analysis of hardware systems where the need for a compact representation of boolean functions is prevalent. However in software systems, it is often desirable to represent data types which are more complicated than booleans. The use of sharing trees [16], which eliminates the requirement to nd a boolean encoding of all data types, may oer a more attractive alternative to ROBDDs in these circumstances. This paper considers the use of sharing trees in the context of automata derived from a timed algebra of asynchronous broadcasting systems. It suggests that an encoding of timing constraints may be more easily incorporated into a sharing tree representation of the state space than into one based on ROBDDs.
11/2003;
-
Real-Time Systems. 01/2001; 20:5-25.
-
[show abstract]
[hide abstract]
ABSTRACT: This paper tackles the problem of using formal methods for practical real-time system development and verification, and is based on a real example. Many formal methods for real-time systems have been proposed, but this technique (AORTA) is one of the few to address the issue of how formal designs are to be implemented. Earlier papers on AORTA have been based on providing the formal semantics of the language, and on particular aspects of implementation or verification. This paper concentrates on setting AORTA within the development life cycle, and demonstrating that the approach can be adopted for non-trivial examples.
08/1998;
-
[show abstract]
[hide abstract]
ABSTRACT: Existing formal methods for real-time largely deal with abstract models of real-time systems, and seldom address implementation issues; they are mainly used for modelling and specification. In this paper we propose an alternative approach, in which a new timed process algebra, AORTA, is used as a design language, which can be verifiably implemented. As well as introducing and formally defining the language, methods for implementation and verification are discussed.
08/1998;
-
[show abstract]
[hide abstract]
ABSTRACT: In order to demonstrably satisfy hard real-time deadlines, a system must be predictable, and in particular the kernel must be predictable. In this paper we present and analyse a predictable kernel related to AORTA, a formal design language for hard real-time systems. The features of the kernel allow AORTA designs to be verifiably and semi-automatically implemented, and enable verified guarantees to be given about the realtime behaviour of the system.
08/1998;
-
[show abstract]
[hide abstract]
ABSTRACT: Many attempts have been made to define timed process algebras as a route to formal reasoning about real-time systems. In this paper we argue that existing timed process algebras unsuccessfully try to address all of the aspects which their untimed counterparts do --- specification, design and modelling --- where they would be more useful if they were restricted to one of these roles. Drawing on this, an Application Oriented Real-Time Algebra (AORTA) is introduced, which has special features making it suitable for the design of real-time systems which may need to be formally verified. Keywords: real-time, formal methods, process algebra 1 Introduction Process algebras such as CCS [1], CSP [2] and LOTOS [3] have proved themselves to be useful tools in the formal specification and verification of concurrent communicating systems. One of the reasons for their success is their broad spectrum of uses, from specification of system behaviour to high-level system modelling to parallel...
08/1998;
-
[show abstract]
[hide abstract]
ABSTRACT: AORTA is an implementable timed process algebra which has been proposed as a design language for hard real-time systems. In this paper we show how AORTA can be used to design and model timed protocols, illustrated by the alternating bit protocol. We also describe tools which have been developed for simulation, verification and automatic implementation of AORTA systems, and outline a relationship between the formal models which are verified and the code which is generated.
04/1998;
-
[show abstract]
[hide abstract]
ABSTRACT: AORTA has been proposed as an implementable real-time algebra for concurrent systems where event times, rather than values of data, are critical. In this paper we discuss an extension to AORTA to include a formal data model, allowing integration with a variety of model-based data specification languages. An example is given using VDM with AORTA to define a timecritical system with important data attributes, and supporting software tools for AORTA and a simple imperative language are described. 1 Introduction Although many timed formalisms exist, AORTA [6] (Application-Oriented RealTime Algebra) is one of the few to consider how designs/specifications of concurrent systems can be implemented in a way that time behaviour can be guaranteed. Supporting tools exist which allow AORTA designs to be simulated, formally verified, and code to be generated [8]. One of the ideas behind the development of AORTA has been that formal methods are good for more than just proof: an unambiguously...
11/1997;
-
Protocol Specification, Testing and Verification XV, Proceedings of the Fifteenth IFIP WG6.1 International Symposium on Protocol Specification, Testing and Verification, Warsaw, Poland, June 1995; 01/1995
-
Formal Techniques in Real-Time and Fault-Tolerant Systems, Third International Symposium Organized Jointly with the Working Group Provably Correct Systems - ProCoS, Lübeck, Germany, September 19-23, Proceedings; 01/1994
-
[show abstract]
[hide abstract]
ABSTRACT: Rate Monotonic Analysis (RMA) is a standard technique for the analysis of task schedulability which has also suc-cessfully been applied to the schedulability analysis of CAN messages. The prediction of worst-case end-to-end re-sponse times in a distributed CAN application requires the integrated analysis of both tasks and messages -the so-called "Holistic" approach. The work discussed in this paper contributes to the practical application of an holis-tic approach to analysis by: a) providing a framework for describing distributed periodic systems as graphs of prece-dence constrained tasks and messages, b) developing a tool to automate the analysis and support systems design and, c) validating the approach by empirical means. We describe the analysis tool, Xrma, and show how it supports the de-sign and evaluation of distributed hard real-time systems. The analysis of an example distributed control system com-posed of multiple control/feedback loops is presented to il-lustrate how the tool is used to verify that critical end-to-end response times can be met by an implementation. To verify the analysis, timing measurements have been con-ducted on distributed control systems which use the Vx-Works real-time kernel for task scheduling and CAN for inter-processor communication. The empirical results con-firm that the analytical approach allows reliable bounds to be predicted for distributed responses in systems of practi-cal complexity. However, it is shown that predicting tight bounds requires the elimination of pessimistic properties of distributed scheduling models.
-
[show abstract]
[hide abstract]
ABSTRACT: AORTA has been proposed as an implementable real-time language for concurrent systems where event times, rather than values of data, are critical. In this paper we describe how to use AORTA with a formal data model, allowing integration with a variety of model-based data specification languages. Example definitions are given of time-critical systems with important data attributes. A development technique and supporting software tools for AORTA are also described.
Science of Computer Programming.
