synchronous programming of tasks that can miss deadlines
play

Synchronous Programming of Tasks that can miss Deadlines 4 december - PowerPoint PPT Presentation

Valentin Perrelle Synchronous Programming of Tasks that can miss Deadlines 4 december 2014 Sommaire 01 The FSF Project The FSF Project FSF Partners FSF Project Overview The component factory The application factory The FSF Project A case


  1. Valentin Perrelle Synchronous Programming of Tasks that can miss Deadlines 4 december 2014

  2. Sommaire 01 The FSF Project The FSF Project FSF Partners FSF Project Overview The component factory The application factory The FSF Project A case study Describing functional dependencies Tasks missing deadlines 1

  3. 1.1 - The FSF Project FSF Partners The FSF Project A case study Describing functional dependencies Tasks missing deadlines 2

  4. 1.2 - The FSF Project FSF Project Overview The FSF Project A case study Describing functional dependencies Tasks missing deadlines 3

  5. 1.3 - The FSF Project The component factory The FSF Project A case study Describing functional dependencies Tasks missing deadlines 4

  6. 1.4 - The FSF Project The application factory The FSF Project A case study Describing functional dependencies Tasks missing deadlines 5

  7. Sommaire 02 A case study A case study Passenger exchange Simulation Metrics Partitionning and scheduling [Zhang 2014] The FSF Project A case study Describing functional dependencies Tasks missing deadlines 6

  8. 2.1 - A case study Passenger exchange Mission Issue commands to open or close doors according to a given mission Issue announcements to inform the passenger of an imminent opening/closing Send warnings to the traffic supervision when the passenger exchange cannot be completed Safety If the train is not immobilized, the doors can’t be opened Only properly aligned doors can be opened The train is not allowed to leave as long as all the doors are not closed The FSF Project A case study Describing functional dependencies Tasks missing deadlines 7

  9. 2.2 - A case study Simulation The FSF Project A case study Describing functional dependencies Tasks missing deadlines 8

  10. 2.3 - A case study Metrics Software specifications metrics ≈ 30 Functions ≥ 100 Requirements Code metrics Files LOC Heptagon sources 27 2741 C generated from Heptagon 70 7014 Additionnal C code 11 611 The FSF Project A case study Describing functional dependencies Tasks missing deadlines 9

  11. 2.4 - A case study Partitionning and scheduling [Zhang 2014] MTF = 40 P2 / Dur8 P0 / Dur7 P1 / Dur4 P0 / Dur4 P2 / Dur18 − Train and platform − Proc. inputs − Non−vital door − Dep authorization − Display − Simulation − Doors aligned command − Proc. ouputs − ...... − ...... & enabled − ...... − ...... − ...... Doors state Dep auth Train kinematic state Enabled doors Non−vital cmd Vital doors cmd ...... ..... ...... ...... The FSF Project A case study Describing functional dependencies Tasks missing deadlines 10

  12. Sommaire Describing functional de- pendencies 03 pendencies Describing functional de- Tool chain Some advantages of LoPhT and Heptagon Writting clocked graphs in Heptagon Clocked Graphs Heptagon architecture Clock translation 1/2 Clock translation 2/2 The FSF Project A case study Describing functional dependencies Tasks missing deadlines 11

  13. 3.1 - Describing functional dependencies Tool chain The FSF Project A case study Describing functional dependencies Tasks missing deadlines 12

  14. 3.2 - Describing functional dependencies Some advantages of LoPhT and Heptagon Passenger Exchange software specifications are written in a equational and synchronous style Almost direct translation from Heptagon to Clocked Graphs Easy to implement experimental features in Heptagon Mutual exclusion in LoPhT The FSF Project A case study Describing functional dependencies Tasks missing deadlines 13

  15. 3.3 - Describing functional dependencies Writting clocked graphs in Heptagon node fdc ( hs : bool ) returns ( id : i n t ) l e t i f hs then id = g ( ) ; else var v : i n t ; in id = f1 ( ) ; v = f2 ( id ) ; ( ) = f3 ( v ) ; end t e l node correction ( fs : bool ; id : i n t ) returns ( ) l e t i f fs then ( ) = n ( ) ; else ( ) = m( id ) ; end t e l node main ( ) returns ( ) var id : i n t ; fs , hs : bool ; l e t fs = fs_in ( ) ; hs = hs_in ( ) ; id = fdc ( hs ) ; ( ) = correction ( fs , id ) ; t e l The FSF Project A case study Describing functional dependencies Tasks missing deadlines 14

  16. 3.4 - Describing functional dependencies Clocked Graphs [Potop-Butucaru et al. 2009] fs true ¬ hs ¬ hs ¬ hs ¬ hs ¬ hs fs m fs_in f_1 f_2 f_3 ¬ hs ∧ ¬ fs ¬ fs true hs hs ∧ ¬ fs g hs_in hs n The FSF Project A case study Describing functional dependencies Tasks missing deadlines 15

  17. 3.5 - Describing functional dependencies Heptagon architecture C Heptagon MiniLS Obc Java CG The FSF Project A case study Describing functional dependencies Tasks missing deadlines 16

  18. 3.6 - Describing functional dependencies Clock translation 1/2 merge b_1 ( e_1 when b_1 ) ( merge b_2 e_2 e_3 ) merge e 1 b 1 b 1 when b 1 merge − → e 2 • ¬ b ∧ b 1 2 ¬ b 1 ∧ ¬ b 2 e 1 b 2 e 2 whenot b 2 e 3 e 3 The FSF Project A case study Describing functional dependencies Tasks missing deadlines 17

  19. 3.7 - Describing functional dependencies Clock translation 2/2 merge ( merge b_1 b_2 b_3 ) e_1 e_2 merge ( b ∧ e 1 b 1 ) ∨ 2 ¬ ( b ∧ b 1 ) 3 e 1 e 2 merge − → • ) b ¬ ∧ 3 ( b ¬ ∨ 1 ) e 2 b ¬ ∧ 2 ( b 1 b 1 b 2 b 3 The FSF Project A case study Describing functional dependencies Tasks missing deadlines 18

  20. Sommaire 04 Tasks missing deadlines Tasks missing deadlines Mixed criticality The Idea Example Using clocks Ideas and Future work The FSF Project A case study Describing functional dependencies Tasks missing deadlines 19

  21. 4.1 - Tasks missing deadlines Mixed criticality Check Compute Compute Critical Get platform departure door map commands conditions Non Logging utility critical The FSF Project A case study Describing functional dependencies Tasks missing deadlines 20

  22. 4.1 - Tasks missing deadlines Mixed criticality Check Life Check Check Get platform departure door map critical commands conditions Mission Compute Compute door map commands critical Non Logging utility critical The FSF Project A case study Describing functional dependencies Tasks missing deadlines 20

  23. 4.2 - Tasks missing deadlines The Idea Non time-critical tasks must not delay time-critical ones Allow non time-critical tasks to miss deadlines to reduce certification cost Handle data absence programmatically Safety vs Disponibility The FSF Project A case study Describing functional dependencies Tasks missing deadlines 21

  24. 4.3 - Tasks missing deadlines Example task check_commands ( unpunctual door_commands : command^n ; door_map : i n t ^n ) returns ( safe_commands : command^n ) l e t i f ontime door_commands then safe_commands = map <<n>> check_command ( door_commands , door_map ) ; else safe_commands = None^n ; end t e l node check_command ( door_command : command; door_map : i n t ) returns ( safe_command : command) l e t safe_command = i f door_map <> − 1 then door_command else None ; t e l The FSF Project A case study Describing functional dependencies Tasks missing deadlines 22

  25. 4.3 - Tasks missing deadlines Example task check_commands ( unpunctual door_commands : command^n = None^n ; door_map : i n t ^n ) returns ( safe_commands : command^n ) l e t safe_commands = map <<n>> check_command ( door_commands , door_map ) ; t e l The FSF Project A case study Describing functional dependencies Tasks missing deadlines 22

  26. 4.3 - Tasks missing deadlines Example task check_commands ( door_commands : command^n ; door_map : i n t ^n ) returns ( safe_commands : command^n ) task check_commands_degenerated ( door_map : i n t ^n ) returns ( safe_commands : command^n ) unpunctual task compute_commands ( door_map : i n t ^n ) returns (commands : command^n ) The FSF Project A case study Describing functional dependencies Tasks missing deadlines 22

  27. 4.3 - Tasks missing deadlines Example node passenger_exchange ( ) returns ( ) var door_map : i n t ^n ; unpunctual door_commands : command^n ; ... l e t ... door_commands = compute_commands ( door_map ) ; i f ontime door_commands then check_commands ( door_commands , door_map ) ; else check_commands_degenerated ( door_map ) ; end ... t e l The FSF Project A case study Describing functional dependencies Tasks missing deadlines 22

  28. 4.4 - Tasks missing deadlines Using clocks node check_commands ( door_commands_clock : bool ; door_commands_value : command^n : : door_commands_clock ; door_map : i n t ^n ) returns ( safe_commands : command^n ) l e t i f door_commands_clock then safe_commands = map <<n>> check_command ( door_commands_value , door_map ) ; else safe_commands = None^n ; end t e l The FSF Project A case study Describing functional dependencies Tasks missing deadlines 23

  29. 4.4 - Tasks missing deadlines Using clocks node check_command ( door_commands_clock : bool ; door_commands_value : command^n : : door_commands_clock ; door_map : i n t ^n ) returns ( safe_commands : command^n ) var door_commands : command^n ; l e t door_commands = merge door_commands_clock door_commands_value (None^n whenot door_commands_clock ) ; safe_commands = map <<n>> check_command ( door_commands , door_map ) ; t e l The FSF Project A case study Describing functional dependencies Tasks missing deadlines 23

Recommend


More recommend