Abdullah Al-Nayeem scite author profile

Many avionics systems must be implemented as redundant, distributed systems in order to provide the necessary level of fault tolerance. To correctly perform their function, the individual nodes of these systems must agree on some part of the global system state. Developing protocols to achieve this agreement is greatly simplified if the nodes execute synchronously relative to each other, but many Integrated Modular Avionics architectures assume nodes will execute asynchronously. This paper presents a simple design pattern, Physically Asynchronous/Logically Synchronous (PALS), that allows developers to design and verify a distributed, redundant system as though all nodes execute synchronously. This synchronous design can then be distributed over a physically asynchronous architecture in such a way that the logical correctness of the design is preserved. Use of this complexity reducing design pattern greatly simplifies the development and verification of fault tolerant distributed applications, ensures optimal system performance, and provides a standard argument for system certification.

A Formal Architecture Pattern for Real-Time Distributed Systems

Sun

Qiu

et al. 2009

Pattern solutions [1] for software and architectures have significantly reduced design, verification, and validation times by mapping challenging problems into a solved generic problem. In the paper, we present an architecture pattern for ensuring synchronous computation semantics using the PALS protocol [2]. We develop a modeling framework in AADL to automatically transform a synchronous design of a real-time distributed system into an asynchronous design satisfying the PALS protocol. We present a detailed example of how the PALS transformation works for a dual-redundant system. From the example, we also describe the general transformation in terms of intuitively defined AADL semantics. Furthermore, we develop a static analysis checker to find necessary conditions that must be satisfied in order for the PALS transformation to work correctly. The transformations and static checks that we have described are implemented in OSATE using the generated EMF metamodel API for model manipulation.

Synchronous AADL and Its Formal Analysis in Real-Time Maude

Bae

Ölveczky

et al. 2011

Abstract. Distributed Real-Time Systems (DRTS), such as avionics systems and distributed control systems in motor vehicles, are very hard to design because of asynchronous communication, network delays, and clock skews. Furthermore, their model checking typically becomes unfeasible due to the large state spaces caused by the interleavings. For many DRTSs, we can use the PALS methodology to reduce the problem of designing and verifying asynchronous DRTSs to the much simpler task of designing and verifying their synchronous versions. AADL is an industrial modeling standard for avionics and automotive systems. We define in this paper the Synchronous AADL language for modeling synchronous real-time systems in AADL, and provide a formal semantics for Synchronous AADL in Real-Time Maude. We have integrated into the OSATE modeling environment for AADL a plug-in which allows us to model check Synchronous AADL models in Real-Time Maude within OSATE. We exemplify such verification on an avionics system, whose Synchronous AADL design can be model checked in less than 10 seconds, but whose asynchronous design cannot be feasibly model checked.

Gpnocsim - A General Purpose Simulator for Network-On-Chip

Hossain

Ahmed

et al. 2007

Pattern-Based Composition and Analysis of Virtually Synchronized Real-Time Distributed Systems

Sha

Cofer

et al. 2012

Abstract-Designing and verifying distributed protocols in a multi-rate asynchronous system is, in general, extremely difficult when the distributed computations require consistent input views, consistent actions and synchronized state transitions. In this paper, we address this problem and introduce a formal, complexity-reducing architectural pattern, called Multi-rate PALS system, to support virtual synchronization in multi-rate distributed computations. The pattern supports a component to be virtually synchronized with other components in different instantiations of this pattern. We present an application of a hierarchical control system to show that the composition of these instantiations can be used to achieve desired systemlevel properties, such as distributed consistency and distributed coordination. We verify the logical synchronization guarantee of this pattern which holds as long as the pattern assumptions are satisfied. We also discuss the correctness analysis necessary to validate these assumptions and provide a tool support to perform this analysis automatically on the AADL models.