desynchronization and distributed deployment of synchronous systems albert benveniste – inria 2002
TRANSCRIPT
![Page 1: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/1.jpg)
Desynchronization and distributed deployment of
synchronous systems
Albert Benveniste – Inria
2002
![Page 2: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/2.jpg)
The problem
• Ensure a smooth migration throughout the different phases of embedded systems design
• As analysis reveals, the diversity of communication/concurrency paradigms, throughout the design process, is a serious difficulty
![Page 3: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/3.jpg)
SystemFrom
Components
System on Chip
Control engineeringMatlab/Simulink…Domain specific
Functional aspects
Model engineeringUML
System architecture
Performance, timelinessFault-tolerance
Non-functional aspects
Deployment architectureMiddleware
Bus, protocolsTasks
Device
start()stop()
Operator<<Actor>>
0..*1 0..*1
controls
: Operator
: Device
start( )
stop( )
ControllingSite RemoteSite
TCP/IP
: Operator
: Device
Class diagram Sequence diagram
Statecharts
Idle
Active
start stop
Implementation diagram
![Page 4: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/4.jpg)
SystemFrom
Components
Model engineeringUML
System architecture
Performance, timelinessFault-tolerance
Non-functional aspects
Control engineeringMatlab/Simulink…Domain specific
Functional aspects
System on Chip
Deployment architectureMiddleware
Bus, protocolsTasks
MultiformMultiformModel ofModel of
communicationcommunication
Model engineeringComponents
looseloose
timelinessNon-functional aspects
timedtimed
Functional modelsEquations + states
synchronoussynchronous
Code generationGlobally AsynchronousGlobally AsynchronousLocally SynchronousLocally Synchronous
TasksSchedulingScheduling
Time-triggeredTime-triggered
![Page 5: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/5.jpg)
Zooming on
Synchrony&
Asynchrony
![Page 6: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/6.jpg)
Synchrony
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
![Page 7: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/7.jpg)
Synchrony
loop % unique non terminating while loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
![Page 8: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/8.jpg)
Synchrony
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] ||| % perfectly synchronous parallel composition
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
![Page 9: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/9.jpg)
Synchrony
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
![Page 10: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/10.jpg)
Synchrony
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
?X 3 -2 5 0 -1 -3 2 1
?Y 2 1 5 3
!Z * 3 6 8
![Page 11: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/11.jpg)
Synchrony
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
![Page 12: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/12.jpg)
Synchrony
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
?X 3 -2 5 0 -1 -3 2 1
?Z * 3 6 8
!V -4 0 -2 -6
![Page 13: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/13.jpg)
Synchrony
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] ||| % synchronizes the two blocks by unification
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
![Page 14: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/14.jpg)
Synchrony
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] ||| % synchronizes the two blocks by unification
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
?X 3 -2 5 0 -1 -3 2 1
?Y 2 1 5 3
!Z * 3 6 8
?X 3 -2 5 0 -1 -3 2 1
?Z * 3 6 8
!V -4 0 -2 -6
![Page 15: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/15.jpg)
V : set of typed variables; v can take value “absent”
State : valuation of V; Transition : pair of states
I : initial condition (set of states)
R : transition relation relating successive states
Run : sequence of R-consistent transitions
Formalizing synchrony
S = (V,I,R)
S ||| S’ = (VUV’,I&I’,R&R’)synch
![Page 16: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/16.jpg)
Formalizing synchrony
S = (V,I,R)
S ||| S’ = (VUV’,I&I’,R&R’)•Alike systems of dynamical equations in maths, but with multiple time-indices
•Perfectly synchronous parallel composition amounts to combining two systems of equations
•No recursion, no dynamical creation, only a single non terminating while loop; body with nested “when”
•Much simpler than Milner’s CCS or Hoare’s CSP
![Page 17: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/17.jpg)
From Synchrony to…
X
Y
V
![Page 18: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/18.jpg)
Asynchrony
X
Y
V
![Page 19: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/19.jpg)
Asynchrony
X
Y
V
![Page 20: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/20.jpg)
Asynchrony
X
Y
V
![Page 21: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/21.jpg)
Asynchrony
X
Y
V Assumes non synchronized,
point to point, re
liable channels
![Page 22: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/22.jpg)
Formalizing Asynchrony
A = (V,)
V : set of typed variables; “absent” meaningless
Flow : sequence of values, for a given variable
Run : tuple of flows
: set of runs
A || A’ = (VUV’, & ’)asynch
![Page 23: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/23.jpg)
Formalizing Asynchrony
A = (V,)
A || A’ = (VUV’, & ’)
A A’Point to point, non
synchronized, channels
![Page 24: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/24.jpg)
Synchrony/Asynchrony
XYV
XYV
?
OK
![Page 25: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/25.jpg)
Some synchronous systems are robust against Asynchronous
environment(a property on infinite runs)
syn
chro
no
us
asynchronous
![Page 26: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/26.jpg)
For these synchronous systems, desynchronization is injective
XYV
XYV
OK
OK
![Page 27: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/27.jpg)
They can be characterized: endochrony
(a property on finite objects)sy
nch
ron
ou
s
asynchronous
![Page 28: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/28.jpg)
Endochrony: example, counterexample
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
?X 3 -2 5 0 -1 -3 2 1
?Y 2 1 5 3
!Z * 3 6 8
![Page 29: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/29.jpg)
Endochrony: example, counterexample
loop [ when X>0 then
[get Y ; emit Z=Y+pre(Y)] ] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
?X 3 -2 5 0 -1 -3 2 1
?Z * 3 6 8
!V -4 0 -2 -6
![Page 30: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/30.jpg)
Formalizing endochrony
For W,W’ subsets of V : W W’ iff knowing the value of variables belonging to W determines the status present/absent for all variables of W’
Empty = W0 W1 W2 … Wmax
S is endochronous iff Wmax = V holds
S = (V,I,R)
![Page 31: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/31.jpg)
Endochrony is model-checkable, and can be synthesized
Syn
chro
no
us
exo
chro
no
us
wra
pp
er
![Page 32: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/32.jpg)
A wrapper to enforce endochrony
loop [ when C=1 then present(X,Z)
else when C=2 then present(X)] |||
[ present X then [ present Z then emit U=X+Z else emit V=2X ] ]
end
![Page 33: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/33.jpg)
Some pairs of systems are robust against Asynchronous
communications(a property on infinite runs)
syn
chro
no
us
syn
chro
no
us
asynchronous
![Page 34: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/34.jpg)
They can be characterized: isochrony
(a property on finite objects)sy
nch
ron
ou
s
syn
chro
no
us
asynchronous
![Page 35: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/35.jpg)
Formalizing isochrony
S = (V,I,R) , S ||| S’ = (VUV’,I&I’,R&R’)
R & R’ unify pairs of transitions which agree on the values of their common variables (including status present/absent)
R &w R’ unify pairs of transitions which agree on the values of their common present variables
Isochrony : R & R’ coincides with R &w R’
![Page 36: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/36.jpg)
Syn
chro
no
us
Pairs can be given a wrapper which makes them
isochronous(alike protocol generation)
Syn
chro
no
us
wrap
perw
rap
per
enforce isochrony
![Page 37: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/37.jpg)
GALS architectures as endo/isochronous
networks
iso
endo
![Page 38: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/38.jpg)
Isochrony is compositional
iso
endo
![Page 39: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/39.jpg)
This theory is useful for:
• Generating code, from a synchronous functional architecture, to a GALS architecture
• Handling hybrid synchro/asynchro models at design exploration phase, by performing virtual prototyping
![Page 40: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/40.jpg)
Further issues
• The assumed model of asynchronous communication requires blocking communication: not always acceptable
• Bus infrastructures for distributed control systems are typically non-blocking and time-triggered
![Page 41: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/41.jpg)
Bus for distributed control: loosely synchronized
clocksA small
protocol can emulate our
previous model of
asynchrony
In use, e.g., at Airbus
![Page 42: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/42.jpg)
CONCLUSION
![Page 43: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/43.jpg)
Most of the work presented is due to:
•The community on Synchronous Languages
•ESTEREL (G. Berry,…)
•LUSTRE (P. Caspi, N. Halbwachs,…)
•SIGNAL (P. Le Guernic, A. Benveniste,…)
•The Berkeley community
•PTOLEMY (Ed Lee,…)
•The METROPOLIS project at Cadence (Sangiovanni-Vincentelli,…)
•Supported by vendors (Esterel-Technologies, TNI-Valiosys, and others)
![Page 44: Desynchronization and distributed deployment of synchronous systems Albert Benveniste – Inria 2002](https://reader036.vdocument.in/reader036/viewer/2022081603/56649f295503460f94c432bc/html5/thumbnails/44.jpg)
Distributed computing can be
non-high performance
Distributed by the physics; made from
components
Correctness is a major issue
Study models of computation & communication
This is relevant and modern research !!