symbolic simulation of dataflow synchronous programs with
play

Symbolic Simulation of Dataflow Synchronous Programs with Timers - PowerPoint PPT Presentation

Jul 02, 2023 •705 likes •1.23k views

Symbolic Simulation of Dataflow Synchronous Programs with Timers Guillaume Baudart 1 Timothy Bourke 2 , 3 Marc Pouzet 4 , 3 , 2 1. IBM Research 2. Inria Paris 3. DI, cole normale suprieure 4. Univ. Pierre et Marie Curie FDL 2017, Verona,

  1. Symbolic Simulation of Dataflow Synchronous Programs with Timers Guillaume Baudart 1 Timothy Bourke 2 , 3 Marc Pouzet 4 , 3 , 2 1. IBM Research 2. Inria Paris 3. DI, École normale supérieure 4. Univ. Pierre et Marie Curie FDL 2017, Verona, Italy—18–20 September 2017 1 / 26

  2. The synchronous language Lustre [ ] Caspi, Pilaud, Halbwachs, and Plaice (1987): “Lustre: A Declarative Language for Program- ming Synchronous Systems” • Ideal for programming an important class of embedded controllers. – Academic foundation of Scade Suite tool for critical industrial systems. • Based on a discrete-time abstraction. R 1 R 2 R 3 R 4 R 5 every trigger: read inputs; compute; model: R 1 , R 2 , R 3 , R 4 , R 5 , . . . write outputs 2 / 26

  3. The synchronous language Lustre [ ] Caspi, Pilaud, Halbwachs, and Plaice (1987): “Lustre: A Declarative Language for Program- ming Synchronous Systems” • Ideal for programming an important class of embedded controllers. – Academic foundation of Scade Suite tool for critical industrial systems. • Based on a discrete-time abstraction. R 1 R 2 R 3 R 4 R 5 every trigger: read inputs; compute; model: R 1 , R 2 , R 3 , R 4 , R 5 , . . . write outputs But, ‘physical’ timing constraints are often required. 2 / 26

  4. The synchronous language Lustre [ ] Caspi, Pilaud, Halbwachs, and Plaice (1987): “Lustre: A Declarative Language for Program- ming Synchronous Systems” • Ideal for programming an important class of embedded controllers. – Academic foundation of Scade Suite tool for critical industrial systems. • Based on a discrete-time abstraction. R 1 R 2 R 3 R 4 R 5 every trigger: read inputs; compute; model: R 1 , R 2 , R 3 , R 4 , R 5 , . . . write outputs But, ‘physical’ timing constraints are often required. Timed (Safety) Automata [ ] [ Checking for Real-Time Systems” ] Henzinger, Nicollin, Sifakis, and Alur and Dill (1994): Yovine (1994): “Symbolic Model “A Theory of Timed Automata” • Model the passage of time and timing non-determinism – (tolerances in requirements / uncertainties in implementations). • Verification and Symbolic Simulation in Uppaal [ (2006): A tutorial on Uppaal 4.0 ] Behrmann, David, and Larsen 2 / 26

  5. Dataflow synchronous language basics x average let average(x, y) = (x + y) / 2 y 3 / 26

  6. Dataflow synchronous language basics x average let average(x, y) = (x + y) / 2 y 0 1 2 5 4 5 6 x ⋯ 4 3 4 2 0 2 2 y ⋯ 2 2 3 3 2 3 4 x + y / 2 ⋯ 3 / 26

  7. Dataflow synchronous language basics x average let average(x, y) = (x + y) / 2 y 0 1 2 5 4 5 6 x ⋯ 4 3 4 2 0 2 2 y ⋯ 2 2 3 3 2 3 4 x + y / 2 ⋯ let h = 10.0 let node euler(x0, x') = x where x0 x euler rec nx = x +. (h *. x') x’ and x = x0 fby nx 3 / 26

  8. Dataflow synchronous language basics x average let average(x, y) = (x + y) / 2 y 0 1 2 5 4 5 6 x ⋯ 4 3 4 2 0 2 2 y ⋯ 2 2 3 3 2 3 4 x + y / 2 ⋯ let h = 10.0 let node euler(x0, x') = x where x0 x euler rec nx = x +. (h *. x') x’ and x = x0 fby nx 0 1 2 3 4 5 6 x0 ⋯ 2 1 2 0 2 3 1 x' ⋯ 20 30 50 50 70 100 110 ⋯ nx 0 20 30 50 50 70 100 ⋯ x • Node: set of causal equations (variables at left). • Semantic model: synchronized streams of values. • A node defines a function between input and output streams. 3 / 26

  9. Zélus: synchronous language + ODEs [ Synchronous Language with ODEs” ] Bourke and Pouzet (2013): “Zélus: A 3 6 9 0 let node nat(v) = y where t rec y = v fby (y + 1) x − 1 . 5 let hybrid sawtooth(x', x0) = o where rec init o = 0 and der x = x' init x0 reset z → x0 and z = up(x) o 3 and present z → do o = nat(1) done 2 1 0 let hybrid main = sawtooth(0.5, -1.5) t • Combine discrete-time and continuous-time behaviours – A type system ensures that compositions are well-defined. – Align discrete behaviours on ‘zero-crossing’ events. • Source-to-source compilation for simulation with a numeric solver. • Research focus on hybrid programming languages – E.g., Simulink/Stateflow, Modelica, Ptolemy. . . • Manual and compiler: http://zelus.di.ens.fr 4 / 26

  10. Example: quasi-periodic nodes [ Approach to Distributed Control Systems ] Caspi (2000): The Quasi-Synchronous c 1 c 2 P 1 P 2 Two network nodes activated on clock inputs c 1 and c 2 • Each node is periodically triggered by a local clock. • The difference between ticks i and i + 1 is bounded: T min ≤ t i + 1 − t i ≤ T max Vaandrager and Groot (2006): • Easy to model a clock as a Timed Automaton: [ Protocol with Uppaal and PVS” ] “Analysis of a Biphase Mark t <= t_max c! T0 t >= t_min t := 0 • What about combining with discrete controller code? 5 / 26

  11. Clock in Zélus? t <= t_max let hybrid clock(t_min, t_max) = c where c! rec der t = 1.0 init 0.0 reset c() → 0.0 T0 t >= t_min t := 0 and present up(t - t_min) → do emit c done Programming Timed Automaton in Zélus • Very restricted ODEs ( ˙ x = 1): no need for a numeric solver. • Cannot express ‘timing non-determinism’. • Very appealing to ‘embed’ discrete programs in continuous time. • The discrete/continuous type system rejects meaningless compositions. 6 / 26

  12. let hybrid clock(t_min, t_max) = c where t <= t_max c! rec timer t init 0.0 reset c() → 0.0 T0 t >= t_min and emit c when {t ≥ t_min} t := 0 and always {t ≤ t_max} 7 / 26

  13. let hybrid clock(t_min, t_max) = c where t <= t_max c! rec timer t init 0.0 reset c() → 0.0 T0 t >= t_min and emit c when {t ≥ t_min} t := 0 and always {t ≤ t_max} let hybrid scheduler(t_min, t_max) = c1, c2 where rec c1 = clock(t_min, t_max) and c2 = clock(t_min, t_max) c 1 c 2 P 1 P 2 let hybrid quasinodes(t_min, t_max) = o1, o2 where rec c1, c2 = scheduler(t_min, t_max) and o1 = present c → node1(channel(o2)) init oi and o2 = present c → node2(channel(o1)) init oi 7 / 26

  14. Zsy: syntax • A program is a list of declarations. d let hybrid f ( p ) = e ∶∶ = ∣ let node f ( p ) = e • A node is defined by an expression. ∣ let f ( p ) = e • Expressions refer to sets of equations. ∣ d d New features x ∣ v ∣ op ( e ) e ∶∶ = ∣ • Timers (time elapsing) ( e , e ) ∣ f ( e ) • Invariants (must) ∣ e fby e • Guards (may) ∣ e where rec E E x = e ∶∶ = ∣ x ∣ ( p , p ) E and E p ∶∶ = ∣ x = present h init e ∣ h e → e | ⋯ | e → e ∶∶ = x = present h else e ∆ ∼ e ∣ c && c ∣ c ∶∶ = timer x init e reset h x ∣ x − x ∣ ∆ always { c } ∶∶ = < ∣ ≤ ∣ ≥ ∣ > ∣ ∼ ∶∶ = emit x when { c } 8 / 26

  15. Concrete Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min t 1 30 45 time 0 15 30 45 60 75 90 9 / 26

  16. Concrete Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 45 30 t 1 30 45 9 / 26

  17. Concrete Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min 33 t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 t 2 45 45 c2 30 30 t 1 t 1 30 45 30 45 9 / 26

  18. Concrete Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min 33 t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 t 2 t 2 45 45 45 c2 wait 30 30 30 t 1 t 1 t 1 30 45 30 45 30 45 9 / 26

  19. Concrete Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min 33 43 t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 t 2 t 2 t 2 45 45 45 45 c2 wait c1 30 30 30 30 t 1 t 1 t 1 t 1 30 45 30 45 30 45 30 45 9 / 26

  20. Concrete Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min 33 43 t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 t 2 t 2 t 2 t 2 45 45 45 45 45 c2 wait c1 wait 30 30 30 30 30 t 1 t 1 t 1 t 1 t 1 30 45 30 45 30 45 30 45 30 45 9 / 26

  21. Concrete Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min 33 43 78 t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 t 2 t 2 t 2 t 2 t 2 45 45 45 45 45 45 c2 wait c1 wait c2 30 30 30 30 30 30 t 1 t 1 t 1 t 1 t 1 t 1 30 45 30 45 30 45 30 45 30 45 30 45 9 / 26

  22. Symbolic Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min t 1 30 45 time 0 15 30 45 60 75 90 10 / 26

  23. Symbolic Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 45 30 t 1 30 45 10 / 26

  24. Symbolic Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 t 2 45 45 wait 30 30 t 1 t 1 30 45 30 45 10 / 26

  25. Symbolic Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 t 2 t 2 45 45 45 wait c2 30 30 30 t 1 t 1 t 1 30 45 30 45 30 45 10 / 26

  26. Symbolic Simulation Trace T min = 30 T max = 45 t 1 t 2 x T max T max t 2 45 30 T min T min t 1 30 45 time 0 15 30 45 60 75 90 wait t 2 t 2 t 2 t 2 45 45 45 45 wait c2 c1 30 30 30 30 t 1 t 1 t 1 t 1 30 45 30 45 30 45 30 45 10 / 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Symbolic Verification in Synchronous Constraint Programming (Work in progress) Synchronous

Symbolic Verification in Synchronous Constraint Programming (Work in progress) Synchronous

Symbolic Verification in Synchronous Constraint Programming (Work in progress) Synchronous workshop 2003 Christophe Mauras Christophe.Mauras@univ-nantes.fr Irin/Universit e de Nantes Overview From Symbolic Simulation to Constraint

388 views • 19 slides
SMT-based model checking techniques for formal software verification of synchronous dataflow

SMT-based model checking techniques for formal software verification of synchronous dataflow

An insight into SMT-based model checking techniques for formal software verification of synchronous dataflow programs Jonathan Laurent Ecole Normale Sup erieure, National Institute of Aerospace, NASA Langley Research Center August 11 th ,

1.01k views • 67 slides
Clocks as Types in Synchronous Dataflow Languages Marc Pouzet LRI &amp; INRIA Univ. Paris-Sud

Clocks as Types in Synchronous Dataflow Languages Marc Pouzet LRI &amp; INRIA Univ. Paris-Sud

Clocks as Types in Synchronous Dataflow Languages Marc Pouzet LRI &amp; INRIA Univ. Paris-Sud 11 Orsay IFIP WG 2.8 9/06/2009 (joint work with Albert Cohen, Louis Mandel, Florence Plateau) Synchronous Dataflow Languages Model/program

424 views • 38 slides
Oversampling in a Dataflow Synchronous Language (Heptagon) erard 1 L eonard G 1 PARKAS team

Oversampling in a Dataflow Synchronous Language (Heptagon) erard 1 L eonard G 1 PARKAS team

Oversampling in a Dataflow Synchronous Language (Heptagon) 2011-12-13 Oversampling in a Dataflow Synchronous Language (Heptagon) erard 1 L eonard G 1 PARKAS team ENS Synchron11 Oversampling in a Dataflow Synchronous Language

559 views • 19 slides
MECHANIZED SEMANTICS AND VERIFIED COMPILATION FOR A DATAFLOW SYNCHRONOUS LANGUAGE WITH RESET

MECHANIZED SEMANTICS AND VERIFIED COMPILATION FOR A DATAFLOW SYNCHRONOUS LANGUAGE WITH RESET

MECHANIZED SEMANTICS AND VERIFIED COMPILATION FOR A DATAFLOW SYNCHRONOUS LANGUAGE WITH RESET Timothy Bourke 1,2 Llio Brun 1,2 Marc Pouzet 3,2,1 POPL20 January 24, 2020 1 Inria Paris 2 cole normale suprieure PSL University

1.12k views • 93 slides
Formal Verification Methods 2: Symbolic Simulation John Harrison Intel Corporation

Formal Verification Methods 2: Symbolic Simulation John Harrison Intel Corporation

Formal Verification Methods 2: Symbolic Simulation Formal Verification Methods 2: Symbolic Simulation John Harrison Intel Corporation Simulation Symbolic and ternary simulation BDDs Quaternary lattice Symbolic trajectory

334 views • 14 slides
Symbolic Computation of Latency for Dataflow Graphs Adnan Bouakaz Pascal Fradet Alain Girault

Symbolic Computation of Latency for Dataflow Graphs Adnan Bouakaz Pascal Fradet Alain Girault

Symbolic Computation of Latency for Dataflow Graphs Adnan Bouakaz Pascal Fradet Alain Girault SYNCHRON International Workshop, Bamberg December 7th, 2016 Introduction Outline Introduction 1 Application model Scheduling policy Symbolic

793 views • 37 slides
Back to Basics: Homogeneous Representations of Multi-Rate Synchronous Dataflow Graphs Robert de

Back to Basics: Homogeneous Representations of Multi-Rate Synchronous Dataflow Graphs Robert de

Back to Basics: Homogeneous Representations of Multi-Rate Synchronous Dataflow Graphs Robert de Groote, Philip H olzenspies, Jan Kuper, and Hajo Broersma Computer Architectures for Embedded Systems Group Dept. of Electrical Engineering,

897 views • 63 slides
Symbolic Execution Saswat Anand 22/09/2009 Limitation of Dataflow Analysis if(p &lt; 10) i =10

Symbolic Execution Saswat Anand 22/09/2009 Limitation of Dataflow Analysis if(p &lt; 10) i =10

Symbolic Execution Saswat Anand 22/09/2009 Limitation of Dataflow Analysis if(p &lt; 10) i =10 x = 1 Is the DU pair involving variables I real? if(p &gt; 10) No, because the path is infeasible. x=x+1 j = i+1 1 Outline Background

462 views • 12 slides
Formal Verification Methods 2: Symbolic Simulation John Harrison Intel Corporation

Formal Verification Methods 2: Symbolic Simulation John Harrison Intel Corporation

Formal Verification Methods 2: Symbolic Simulation John Harrison Intel Corporation Marktoberdorf 2003 Thu 31st July 2003 (11:25 12:10) 0 Summary Simulation Symbolic and ternary simulation BDDs Quaternary lattice

507 views • 16 slides
Performance Evaluation of Throughput Constrained Dataflow Programs Executed On Shared-Memory

Performance Evaluation of Throughput Constrained Dataflow Programs Executed On Shared-Memory

Context DF &amp; Problematic Detection of SDF Bottleneck Actors Profiling of DF Programs Perspectives Performance Evaluation of Throughput Constrained Dataflow Programs Executed On Shared-Memory Multi-Core Architectures Manuel SELVA

1.61k views • 88 slides
Dynamic Scheduling of Synchronous Programs in Lucid Synchrone Adrien Guatto Joint work with L.

Dynamic Scheduling of Synchronous Programs in Lucid Synchrone Adrien Guatto Joint work with L.

Dynamic Scheduling of Synchronous Programs in Lucid Synchrone Adrien Guatto Joint work with L. Mandel and M. Pouzet PARKAS team, LIENS &amp; INRIA SYNCHRON 2011 Adrien Guatto Dynamic Scheduling of Synchronous Programs in Lucid Synchrone 1

966 views • 25 slides
Satisfying Dataflow Programs Constraints on Multicore Architectures Citi lab PhD day 2014 Manuel

Satisfying Dataflow Programs Constraints on Multicore Architectures Citi lab PhD day 2014 Manuel

Satisfying Dataflow Programs Constraints on Multicore Architectures Citi lab PhD day 2014 Manuel Selva Supervisor: Lionel Morel Director: Stphane Frnot Bull: Frdric Soinne 27th March 2014 1 / 14 More and more parallelism Nehalem

629 views • 27 slides
Synchronous Grammars Synchronous grammars are a way of simultaneously generating pairs of

Synchronous Grammars Synchronous grammars are a way of simultaneously generating pairs of

Synchronous Grammars Synchronous grammars are a way of simultaneously generating pairs of recursively related strings Synchronous grammar w w Synchronous grammars were originally invented for programming language compilation

813 views • 65 slides
Contract-based Specification and Verification of Dataflow Programs Jonatan Wiik Pontus Bostrm

Contract-based Specification and Verification of Dataflow Programs Jonatan Wiik Pontus Bostrm

Contract-based Specification and Verification of Dataflow Programs Jonatan Wiik Pontus Bostrm bo Akademi University, Finland Nordic Workshop on Programming Theory 2015 1 / 20 Introduction Modern software systems are increasingly

612 views • 25 slides
Symbolic Verification of Programs with Pointers using Tree Automata Ji r Sim a

Symbolic Verification of Programs with Pointers using Tree Automata Ji r Sim a

Symbolic Verification of Programs with Pointers using Tree Automata Ji r Sim a cek Universit e Joseph Fourrier (France) Brno University of Technology (Czech Republic) 1 Ph.D. 1st year of doctoral degree programme at

377 views • 21 slides
Higher-Order Distributions for Linear Logic Marie Kerjean (Inria Rennes -LS2N) Based joints works

Higher-Order Distributions for Linear Logic Marie Kerjean (Inria Rennes -LS2N) Based joints works

Choco - November 2019 Higher-Order Distributions for Linear Logic Marie Kerjean (Inria Rennes -LS2N) Based joints works with Jean-Simon Lemay (Oxford) 1 / 49 Choco - November 2019 Higher-Order Distributions for Linear Logic Differentiation

961 views • 48 slides
Threat Model at the County Level Eric L. Lazarus David L. Dill Jeremy Epstein Joseph Lorenzo

Threat Model at the County Level Eric L. Lazarus David L. Dill Jeremy Epstein Joseph Lorenzo

Applying a Reusable Election Threat Model at the County Level Eric L. Lazarus David L. Dill Jeremy Epstein Joseph Lorenzo Hall Motivation Legitimacy of government depends on trustworthy elections. Potential for undetected fraud

484 views • 19 slides
Linear- is CP (more or less) Jennifer Paykin and Steve Zdancewic University of

Linear- is CP (more or less) Jennifer Paykin and Steve Zdancewic University of

Linear- is CP (more or less) Jennifer Paykin and Steve Zdancewic University of Pennsylvania Wadlerfest April 11, 2016 Linear- is CP (more or less) Linear- is CP (more or less) 1. What is CP? -calculus Linear- is

1.4k views • 100 slides
The Dark Side of Timed Opacity Franck Cassez http://www.irccyn.fr/franck National ICT Australia

The Dark Side of Timed Opacity Franck Cassez http://www.irccyn.fr/franck National ICT Australia

The Dark Side of Timed Opacity Franck Cassez http://www.irccyn.fr/franck National ICT Australia &amp; CNRS Work supported by a Marie Curie International Outgoing Fellowship 7th European Community Framework Programme ISA 2009, Seoul, Korea

615 views • 61 slides
Adding Symmetry Reduction to Uppaal M. Hendriks 1 G. Behrmann 2 K.G. Larsen 2 P. Niebert 3 F.

Adding Symmetry Reduction to Uppaal M. Hendriks 1 G. Behrmann 2 K.G. Larsen 2 P. Niebert 3 F.

Adding Symmetry Reduction to Uppaal M. Hendriks 1 G. Behrmann 2 K.G. Larsen 2 P. Niebert 3 F. Vaandrager 1 1 University of Nijmegen, The Netherlands 2 Aalborg University, Denmark 3 Universit e de Provence, France Introduction Motivation

781 views • 28 slides
Schedulability Analysis under Uncertainty using Formal Methods (part 2) tienne Andr and

Schedulability Analysis under Uncertainty using Formal Methods (part 2) tienne Andr and

ESWEEK Tutorial Sunday, 30th of September Schedulability Analysis under Uncertainty using Formal Methods (part 2) tienne Andr and Giusppe Lipari LIPN, Universit Paris 13, CNRS, France tienne Andr (Universit Paris 13) Tutorial @

1.87k views • 149 slides
Extending the swsusp Hibernation Framework to ARM Russell Dill 1 Introduction Russ Dill of

Extending the swsusp Hibernation Framework to ARM Russell Dill 1 Introduction Russ Dill of

Extending the swsusp Hibernation Framework to ARM Russell Dill 1 Introduction Russ Dill of Texas Instruments swsusp/hibernation on ARM Overview Challenges Implementation Remaining work Debugging swsusp

619 views • 45 slides
A Nivat Theorem for Weighted Timed Automata and Weighted Relative Distance Logic Manfred Droste

A Nivat Theorem for Weighted Timed Automata and Weighted Relative Distance Logic Manfred Droste

A Nivat Theorem for Weighted Timed Automata and Weighted Relative Distance Logic Manfred Droste and Vitaly Perevoshchikov Leipzig University ICALP, Track B 9 th of July 2014 Timed automata 1 Nondeterministic finite automata A with clocks a ,

947 views • 32 slides

More recommend