Formal verification of real-time systems with preemptive scheduling

Lime, Didier; Roux, Olivier H.

doi:10.1007/s11241-008-9059-0

Cited by 37 publications

(48 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To perform the schedulability analysis of real-time systems, computational approaches involve modeling real-time tasks with scheduling algorithms and analyzing the state space of the models. For computational methods for the schedulability analysis of real-time systems, there have been process algebraic approaches [15] [16]; automata theories based on stopwatch automata [17], task automata [18] [19] and timed automata [20][21]; net-based models such as preemptive Time Petri Nets (pTPNs) [22], Petri Nets with hyper-arcs [23] and SchedulingTPNs [24]. However, none of these approaches consider the modeling of resource model explicitly and can analyze hierarchical real-time systems.…”

Section: Related Workmentioning

confidence: 99%

A process algebraic approach to the schedulability analysis and workload abstraction of hierarchical real-time systems

Park¹,

Lee²,

Sokolsky³

et al. 2017

Journal of Logical and Algebraic Methods in Programming

View full text Add to dashboard Cite

Real-time embedded systems have increased in complexity. As microprocessors become more powerful, the software complexity of real-time embedded systems has increased steadily. The requirements for increased functionality and adaptability make the development of real-time embedded software complex and errorprone. Component-based design has been widely accepted as a compositional approach to facilitate the design of complex systems. It provides a means for decomposing a complex system into simpler subsystems and composing the subsystems in a hierarchical manner. A system composed of real-time subsystems with hierarchy is called a hierarchical real-time system This paper describes a process algebraic approach to schedulability analysis of hierarchical real-time systems. To facilitate modeling and analyzing hierarchical real-time systems, we conservatively extend an existing process algebraic theory based on ACSR-VP (Algebra of Communicating Shared Resources with ValuePassing) for the schedulability of real-time systems. We explain a method to model a resource model in ACSR-VP which may be partitioned for a subsystem. We also introduce schedulability relation to define the schedulability of hierarchical real-time systems and show that satisfaction checking of the relation is reducible to deadlock checking in ACSR-VP and can be done automatically by the tool support of ERSA (Verification, Execution and Rewrite System for ACSR). With the schedulability relation, we present algorithms for abstracting real-time system workloads. AbstractReal-time embedded systems have increased in complexity. As microprocessors become more powerful, the software complexity of real-time embedded systems has increased steadily. The requirements for increased functionality and adaptability make the development of real-time embedded software complex and errorprone. Component-based design has been widely accepted as a compositional approach to facilitate the design of complex systems. It provides a means for decomposing a complex system into simpler subsystems and composing the subsystems in a hierarchical manner. A system composed of real-time subsystems with hierarchy is called a hierarchical real-time system. This paper describes a process algebraic approach to schedulability analysis of hierarchical real-time systems. To facilitate modeling and analyzing hierarchical real-time systems, we conservatively extend an existing process algebraic theory based on ACSR-VP (Algebra of Communicating Shared Resources with Value-Passing) for the schedulability of real-time systems. We explain a method to model a resource model in ACSR-VP which may be partitioned for a subsystem. We also introduce schedulability relation to define the schedulability of hierarchical real-time systems and show that satisfaction checking of the relation is reducible to deadlock checking in ACSR-VP and can be done automatically by the tool support of VERSA (Verification, Execution and Rewrite System for ACSR). With the schedulability relation, we present algorit...

show abstract

Section: Related Workmentioning

confidence: 99%

A process algebraic approach to the schedulability analysis and workload abstraction of hierarchical real-time systems

Park¹,

Lee²,

Sokolsky³

et al. 2017

Journal of Logical and Algebraic Methods in Programming

View full text Add to dashboard Cite

show abstract

“…Due to the usage of the input and output gates, the TAN models, proposed in this paper, are more flexible than the petri net-based models mentioned above. In addition, due to the marking-dependent process rate functions of TANs, these models are more flexible than the models introduced in [27,32,42].…”

Section: Definition 20 (Bisimulation)mentioning

confidence: 99%

“…However, petri net-based models do not allow for marking dependent process rates. Although the approach in [27] was capable of modeling the special case of a round-robin scheduling policy, a more general model is needed to deal with the above-mentioned situations. On the other hand, the enabling and firing rules in petri net-based models are very naive.…”

Section: Introductionmentioning

confidence: 99%

A new extension of activity networks for modeling and verification of timed systems

Motallebi¹,

Azgomi²,

MIRZAEI³

et al. 2013

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

Stochastic activity networks (SANs) are a well-known petri net-based formalism used for the performance and dependability modeling of a wide range of systems. On the other hand, the growing complexity of timed systems makes it imperative to apply formal analysis techniques in the early stages of the system's development. Finding a suitable framework for the modeling, evaluation, and verification of these systems is still a great challenge. In this paper, we introduce a new formalism named timed activity networks (TANs), which are based on the activity networks that are the nondeterministic settings of the SANs. The advantages of TANs are 2-fold: 1) allowing the construction of more compact petri net-based models of timed systems and 2) allowing the assignment of time intervals to timed activities where the activity completion rates are marking-dependent, which makes TANs a better model for timed systems.Thanks to the presence of the input/output gates, TANs are capable of describing a situation whose specification using petri net-based formalisms was not practical, due to the naivety of the enabling and firing rules in these models. In addition, a great benefit of TANs is the similarity of their primitives and notations to ordinary SANs, which allows us to easily obtaining these 2 models from each other. Accordingly, SANs can be used for performance, and dependability modeling and evaluation, while TANs can be used for the model checking of timed systems. In this paper, we present the definitions, semantics, and model checking techniques of the proposed formalism. In order to model check TAN models, a transformation procedure is given for translating TAN models into the equivalent linear hybrid automaton, which can then be used with the existing techniques and tools.

show abstract

“…Moreover, analytical approaches do not encompass computations associated with a non-deterministic Execution Time, providing schedulability results for assigned values usually coincident with the Worst Case Execution Time (WCET). For complex task-sets that expose any of these factors, the verification of both sequencing and timing correctness may become sufficiently critical to motivate the use of state space analysis of models based on formalisms such as StopWatch Automata [9], preemptive Time Petri Nets (pTPNs) [4], Petri Nets with hyper-arcs [27], and Scheduling-TPNs [21]. As a common trait, these formalisms encompass temporal parameters varying within an assigned interval and support the representation of suspension in the advancement of clocks.…”

Section: Introductionmentioning

confidence: 99%

A Formal Approach to Design and Verification of Two-Level Hierarchical Scheduling Systems

Carnevali

Lipari

Pinzuti

et al. 2011

Reliable Software Technologies - Ada-Europe 2011

View full text Add to dashboard Cite

Abstract. Hierarchical scheduling (HS) systems manage a set of realtime applications through a scheduling hierarchy, enabling partitioning and reduction of complexity, confinement of failure modes, and temporal isolation among system applications. This plays a crucial role in all industrial areas where high-performance microprocessors allow growing integration of multiple applications on a single platform. We propose a formal approach to the development of real-time applications with non-deterministic Execution Times and local resource sharing managed by a Time Division Multiplexing (TDM) global scheduler and preemptive Fixed Priority (FP) local schedulers, according to the scheduling hierarchy prescribed by the ARINC-653 standard. The methodology leverages the theory of preemptive Time Petri Nets (pTPNs) to support exact schedulability analysis, to guide the implementation on a Real-Time Operating System (RTOS), and to drive functional conformance testing of the real-time code. Computational experience is reported to show the feasibility of the approach.

show abstract

Formal verification of real-time systems with preemptive scheduling

Cited by 37 publications

References 36 publications

A process algebraic approach to the schedulability analysis and workload abstraction of hierarchical real-time systems

A process algebraic approach to the schedulability analysis and workload abstraction of hierarchical real-time systems

A new extension of activity networks for modeling and verification of timed systems

A Formal Approach to Design and Verification of Two-Level Hierarchical Scheduling Systems

Contact Info

Product

Resources

About