prototyping of real-time component based systems by the use of timed automata trevor jones lancaster...
TRANSCRIPT
Prototyping of Real-time Component Based Systems by the use of Timed Automata
Trevor JonesLancaster University, [email protected]
Automata-beans
Automata-beans are Java-beans which have been derived from automata;These automata-beans can then be used in conjunction with other java-beans to model and then build a prototype system;
AutomataModel
Automata-beans
Java-beans
System ???
Aims and Objectives
To be able to model and, validate and verify components using timed automata;To be able to generate executable code from TA;To be able to use modelled/developing components alongside:
Existing components; Existing environments; Existing systems;
To not have to rely on requirements specified, but to instead use any “real” components available in order to model, validate and verify, and then prototype components.
Modelling a Light Bulb
This is a seemingly very simple example;What features need to be modelled? Light on Light off
The Automata Model
There are 2 possible states for the light bulb:- ON or OFF
The light bulb comes on when an appropriate current is applied, but how is this supplied?
OFF
ON
Current Applied
Current Removed
The Components
Obvious components: Light Bulb; Switch; Power Source;
Perhaps overlooked components: Bulb socket; Cables; People.
The Environment
Which components need to be part of the model?Which components are part of the environment?What is required in the specification of the environment?How is the interaction between the environment and the “device”?
The System
What is the System?Here are 3 possibilities: The components; The components and environment; The components interacting with the
environment.
The Model
What is going to be modelled?Here are some possibilities: The components; The components and the environment; The components interacting with the
environment: Simulated input, simulated output; “Real” input, simulated output; Simulated input, “real” output; “Real” input, “real” output.
Possibility #1
An attempt is made to model all components involved in the system.Light Socket
(supplying required power)
Light switch
Power supply
Light Bulb
Possibility #2
The light bulb is modelled along with its environment.
Light Bulb
Environment
Possibility #3
The light bulb itself is modelled along with interfaces to the environment.
Light BulbDestruction
Light Socket(supplying required power)
What Automata-beans allow
Automata-beans can be used for both possibility #1 and #3:
#1: Each device is modelled using timed automata;
#3: Only the light bulb is modelled using an automata. The interfaces between it and the environment can be implemented using java-beans and “real” hardware components.
Solution #1
Advantages Simple; Highlights
problems with model, which can then be fixed;
Cheap; Convincing.
Disadvantages May have to model
several components;
Components may be difficult to model (e.g. People);
Only modelled behaviour can be simulated (I.e. the unexpected may never happen).
Solution #2
Advantages Gives a, hopefully,
complete picture;
Disadvantages Almost impossible to
model; Any model will have
limitations; Unexpected behaviour
cannot be modelled; Complexity will be
very high; Expensive on time
when trying to model; Model checking will be
near impossible.
Solution #3
Advantages Fewer automata
to be written; Less chance to
make mistakes; More focus can be
put on the components in question;
Unexpected behaviour occurs;
Disadvantages Hardware interfaces
may need to be implemented;
May be expensive; It is not always
possible to interface a model with an environment;
It may not be sensible to interface with the environment;
May be difficult to model check.
Things to note
You may simply have been asked to supply a component and given a set of interfaces;Access to the environment may or may not be available;Previous models of the environment may be available;Requirements must be accurate and specific; For example, our light bulb may be placed in an
area where it is under fire from projectiles: It may be that we need to provide some protective
shielding; Or, the protective shielding may already be in place.
The Final Solution
A hybrid approach may be taken;Input can be from both the environment and modelled components from that environment;
“Real”input
Simulated
input
Requiredcomponent
model
Additionalcomponents
Validation and Verification
Additionalbehaviour
The Light-bulb
The power,People, the switch
Destruction
The automata model of a light bulb
NA
Validation and Verification
Light bulbexplodes
Automata-beans
By mapping automata component models onto automata-beans, more “real” components can be used AND it is easier to integrate other formal modelling techniques;In addition, automata-beans themselves can be used as software components when prototyping a system.
The Future
Areas of further research include: Components; Middleware; Formal Modelling Techniques; Validation and Verification
Techniques;