Motivation Introduction Concurrency and Multi-Threading Distribution over Asynchronous Network Concluding Remarks Partial vs. Total Order a.k.a Polychrony vs. Synchrony Models of Time for Safety Critical Systems Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Arlington, VA. MBSE Colloq. at the University of Maryland This work is partially supported by funds from AFRL and OSD Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 1/ 46
Motivation Introduction Concurrency and Multi-Threading Distribution over Asynchronous Network Concluding Remarks A Good Read Ivan Sutherland, ”The Tyranny of the Clock – Promoting a clock-free paradigm that fits everything learned about programming since Turing”, Communications of ACM, October 2012. Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 2/ 46
Motivation Introduction Concurrency and Multi-Threading Distribution over Asynchronous Network Concluding Remarks Motivating this Talk Describe a partial ordered model of logical time – Polychrony Show some essential distinctions between synchronous programming (totally ordered logical time) and Polychrony Show a calculus of logical time as a calculus for deterministic implementation, provable refinement, and more A Polychronous methodology for distributed deterministic implementation of model-driven Cyber Physical System design L-3 and VT will produce a Robust Industrial Strength Implementation of the Model Driven Synthesis Tool Based on this. Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 3/ 46
Motivation Introduction Concurrency and Multi-Threading Distribution over Asynchronous Network Concluding Remarks Outline of the talk 1 Motivation 2 Introduction 3 Concurrency and Multi-Threading 4 Distribution over Asynchronous Network 5 Concluding Remarks Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 4/ 46
Motivation Introduction Concurrency and Multi-Threading Cyber Physical System Distribution over Asynchronous Network Concluding Remarks Outline of the talk 1 Motivation 2 Introduction 3 Concurrency and Multi-Threading 4 Distribution over Asynchronous Network 5 Concluding Remarks Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 4/ 46
Motivation Introduction Concurrency and Multi-Threading Cyber Physical System Distribution over Asynchronous Network Concluding Remarks Motivation Cyber Sampling/sensing Compute based on control laws Actuating Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 5/ 46
Motivation Introduction Concurrency and Multi-Threading Cyber Physical System Distribution over Asynchronous Network Concluding Remarks Motivation Cyber Sampling/sensing Compute based on control laws Actuating Physical Dynamic Continuous Multiple Modes (piecewise continuous) Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 5/ 46
Motivation Introduction Concurrency and Multi-Threading Cyber Physical System Distribution over Asynchronous Network Concluding Remarks What we will not talk About Modeling the Physical Dynamics as Dynamical System Adaptive Zero-crossing Issues Real-Time Scheduling of Reactions Higher Level Data Types and Extended Type System Constructive Semantics for Polychrony Combining Synchrony and Polychrony into one Framework – Onyx Visual Polychrony – EmCodeSyn Environment Extending class of synthesizable Polychronous Programs beyond weak endochrony Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 6/ 46
Motivation Introduction A Simple PI Controller Example Concurrency and Multi-Threading Timing Issues Distribution over Asynchronous Network More Timing Issues Concluding Remarks Outline of the talk 1 Motivation 2 Introduction 3 Concurrency and Multi-Threading 4 Distribution over Asynchronous Network 5 Concluding Remarks Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 6/ 46
Motivation Introduction A Simple PI Controller Example Concurrency and Multi-Threading Timing Issues Distribution over Asynchronous Network More Timing Issues Concluding Remarks PI Controller Figure: Schematic of a car on sloping road mdv dt + cv = F − mg θ dv dt + 0 . 02 v = u − 10 θ � t u = k ( v r − v )+ k i ( v r − v ( τ )) d τ 0 Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 7/ 46
Motivation Introduction A Simple PI Controller Example Concurrency and Multi-Threading Timing Issues Distribution over Asynchronous Network More Timing Issues Concluding Remarks PI Controller Figure: Schematic of a car on Figure: Block diagram of a car sloping road with cruise control mdv s 2 + (0 . 02 + k ) s + k i = 0 dt + cv = F − mg θ k = 2 ζω 0 − 0 . 02 dv dt + 0 . 02 v = u − 10 θ k i = ω 2 0 � t ζ is damping parameter u = k ( v r − v )+ k i ( v r − v ( τ )) d τ ω 0 is undamped natural frequency 0 Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 7/ 46
Motivation Introduction A Simple PI Controller Example Concurrency and Multi-Threading Timing Issues Distribution over Asynchronous Network More Timing Issues Concluding Remarks A PI Controller for Cruise Control L : S = 0; Timer = T ; while ( Timer != 0) { Sample v ; PI S = S + ( v r − v ) ∗ k i ; CONTROLLER V u Timer = Timer − τ (k, k i ) wait for τ } Sample v ; u = k ∗ ( v r − v ) + S ; GOTO L ; V r � t u = k ( v r − v ) + 0 k i ( v r − v ( τ )) d τ Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 8/ 46
Motivation Introduction A Simple PI Controller Example Concurrency and Multi-Threading Timing Issues Distribution over Asynchronous Network More Timing Issues Concluding Remarks Signals as Flows v=sampled velocity, e=instantaneous error, u=computed throttle input Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 9/ 46
Motivation Introduction A Simple PI Controller Example Concurrency and Multi-Threading Timing Issues Distribution over Asynchronous Network More Timing Issues Concluding Remarks How to Compute the Thrust u p r o c e s s CruiseControl (? r e a l v ; ! r e a l u ) { parameter v r , n , k , k i } ( | e := v r − v | last_count := count $ i n i t 0 | count :=( last_count + 1) when ( last_count < n ) d e f a u l t 0; | sum := k i ∗ e when ( count = 0) d e f a u l t (( sum $ i n i t 0) + k i ∗ e ) | u := ( k ∗ e + ( sum $ i n i t 0) ) when ( count = 0) | ) where r e a l sum , e ; i n t e g e r count , last_count ; Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 10/ 46
Motivation Introduction A Simple PI Controller Example Concurrency and Multi-Threading Timing Issues Distribution over Asynchronous Network More Timing Issues Concluding Remarks Timing Issues Sampling of a new velocity v drives the computation Computation of e , count , sum are synchronized to sampling of v Computation of u is only a sub-sampling of the flow of v only when count = 0 This is almost synchronous programming Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 11/ 46
Motivation Introduction A Simple PI Controller Example Concurrency and Multi-Threading Timing Issues Distribution over Asynchronous Network More Timing Issues Concluding Remarks Differences with Synchronous Programming Usually in imperative synchronous program A tick indicates a new cycle of computation Sampling of all signals are done at the tick Values are computed as necessary Those not computed are absent (Esterel), or contain default values (Quartz) Whatever happens at the instigation of a tick until the next tick is a ’reaction’ The duration is abstracted to a point (logical instant) Logical instants are totally ordered Sandeep K. Shukla FERMAT Lab Hume Center for National Security and Technology Virginia Tech Arlington Research Center Models of Time for Safety Critical Systems 12/ 46
Recommend
More recommend
