Part I - Chess - Center for Hybrid and Embedded Software Systems

Transcription

Predictable Timing of Cyber-Physical Systems
Future Research Challenges
DREAMS Seminar, EECS, UC Berkeley
January 17, 2012
David Broman
[email protected]
EECS Department
UC Berkeley, USA
Department of Computer and Information Science
Linköping University, Sweden
2
Agenda
[email protected]
Part I
Semantic gap regarding time
Part II
Bridging the gap –
the PRETIL project
Part I !
Semantic gap regarding time !
Part II!
Reducing the gap – the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS
Part III Utilizing a bridged gap – virtual optimization of CPS!
3
[email protected]
Part I
Semantic gap regarding time
Part I !
Part II!
4
Modeling Cyber-Physical Systems
[email protected]
Model
Equation-based model
Abstraction
“physical modeling”
Networking
Sensors
System
Actuators
Physical system (the plant)
Part I !
Part II!
Embedded systems (computation)
5
Equation-Based Object-Oriented (EOO)
Languages
Domain-Specific
Language (DSL)
[email protected]
Models and Objects
•  Primarily domain:
Modeling of physical
systems
•  Multiple physical domains:
e.g., mechanical, electrical,
hydraulic
Equation-Based
Object-Oriented
(EOO)
Part II!
Part I !
•  Object in e.g., Java, C++:
object = data + methods
•  Objects in EOO languages:
object = data + equations
6
Languages
Domain-Specific
Language (DSL)
systems
connections!
objects (components)!
Models and Objects
Equation-Based
ports!
Object-Oriented
(EOO)
hydraulic
EOO model (textual)
Part I !
[email protected]
Part II!
EOO model (graphical)
Languages
Domain-Specific
Language (DSL)
7
[email protected]
Models and Objects
systems
hydraulic
Equation-Based
Object-Oriented
(EOO)
Acausality
•  At the equation-level
u=R*i
•  At the object connection level
Part II!
Part I !
Languages
Domain-Specific
Language (DSL)
[email protected]
Direction not determined at modeling time!
systems
hydraulic
Models and Objects
Equation-Based
acausal (non-causal)
Object-Oriented
(EOO)
Acausality
causal
Part I !
8
Part II!
Variables !
!  Potential!
!  Flow!
Physical topology !
u = Ris*lost!
i
Languages
Domain-Specific
Language (DSL)
systems
hydraulic
Equation-Based
acausal (non-causal)
Object-Oriented
(EOO)
causal
u=R*i
Part II!
Languages
Domain-Specific
Language (DSL)
systems
hydraulic
•  Modelica
•  VHDL-AMS
•  gPROMS
•  MKL
•  (SPICE)
Part I !
[email protected]
Models and Objects
Acausality
Part I !
9
10
[email protected]
Models and Objects
Equation-Based
Object-Oriented
(EOO)
Acausality
u=R*i
Part II!
11
Modeling Cyber-Physical Systems
[email protected]
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Computation 4
Computation 2
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical Plant
Plant 12
Physical
Model
Physical
Interface
Actuator
Different models of computation
Abstraction
“physical modeling”
C-code
Networking
Sensors
System
Actuators
Part I !
Part II!
12
Modeling the Systems for Computing and
[email protected]
Networking
Ptolemy II
Heterogenous modeling environment supporting many different
models of computation (MoC). For example, synchronous dataflow
(SDF), discrete-event (DE), process networks (PN), etc.
PTIDES
Currently implementation in Ptolemy. Modeling of event-based realtime distributed systems. Based on DE semantics.
Synchronous reactive languages
For example, Lustre, Signal and Esterel
Next versions of Modelica
New semantics for synchronouse discrete semantics
(for improved code generation).
Simulink
And all other languages/environments not listed here!
Part I !
Part II!
13
Simulation the CPS
[email protected]
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
FMI
Delay 1
Computation 4
Computation 2
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical
Interface
Physical Plant
Plant 12
Physical
Model
Actuator
C-code
Networking
Sensors
System
Actuators
Part I !
Part II!
14
Simulation the CPS
[email protected]
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Computation 4
Computation 2
Software-in-the-loop
(SIL) simulation
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical Plant
Plant 12
Physical
Model
Hardware-in-the-loop
(HIL) simulation
Physical
Interface
Actuator
Code
generation
Physical system
available?
Networking
Sensors
System
C-code
Actuators
Part I !
Part II!
15
Simulation the CPS
[email protected]
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Predictable Timing of
Cyber-Physical Systems
Computation 4
Computation 2
Sensor
Platform 3
Physical
Interface
Delay 2
(SIL) simulation
meaning that the continuous-time
timing behavior for
SIL simulation ҮHIL simulation ҮReal-time system execution
Code
Hardware-in-the-loop
generation
Note that predictability is a continuum.
The
“cyber”
can
be
(HIL) simulation
C-code
made deterministic, but the physics cannot.
Computation 3
Physical Plant
Plant 12
Physical
Model
Physical
Interface
Actuator
Physical system
available?
Networking
Sensors
System
Actuators
Part II!
Part I !
16
Physical Model
problems
Model and Timing Problems
Incorrect Parameters
Control Delay
Cyber timing problems
Modelica / MKL
Incorrect System of Equations
Validation of models
From sampling to
actuation
Jitter
[email protected]
Ptolemy II /
PTIDES
Large model libraries.
Mature tools.
Computation
Precision-timed machines
Clock sync, IEEE 1588
Hard to predict.
E.g., loss data packets.
Related to robustness.
(Wittenmark et al., 1996)
Part I !
Precision-timed
-  Scratchpad memory
-  Timing instructions
-  Thread-interleaved
piplines
Part II!
Automatic
allocation of
scratchpads?
Semantic gap
regarding time
Variation of start times
(e.g., clock accuracy,
architecture)
Transient Errors
Timingconstraints
of tasks
WCET
of tasks
Communication Bounded delays
How to ensure
that compilation
is semantically
correct regarding
time?
PRET
17
[email protected]
Part II
Bridging the gap –
the PRETIL project
Part II!
Part I !
18
Precision-Timed Intermediate Language (PRETIL)
[email protected]
High-level requirements
Modelica / MKL
Ptolemy II / PTIDES
Make code generation
from source language
to PRETIL simple
(e.g., via suitable API)
Other MoC and tools
Support multiple
modeling (source)
languages
Expose language constructs for (physical) execution time
PRETIL
Hide (abstract away)
architecture dependent
details (e.g., scratchpad)
PRETIL compiler
PRET
PRET
PRET
Part I !
Part II!
Formal semantics –
reason about correctness
of execution time
General purpose
CPU
PRET
PRET
Enable
comparison
of platforms
19
Execution time – a correctness factor
[email protected]
Worst-case execution time (WCET)
Best-case execution time (BCET)
Estimated upper
bound of WCET
Challenge to make it tight
Part I !
Part II!
20
Sketch - primitives for handling time
(pseudo-code, part of research to be performed)
[email protected]
F(x1,…,xn) is a function in the language with n parameters. !
Dynamic usage of execution time
Static Usage of execution time
Execute with padding without guarantees
Propagating WCET info up the tool chain:
-  For meta-programming (static scheduling)
-  For tool support (e.g., show WCET for
specific actors in Ptolemy)
execute f(3,2) during 10ms else …!
Use WCET/BCET info dynamically in the
model/program.
if WCET(f) > 10ms then … else …!
Propagate time constraint downwards
constraint WCET(f) < 10ms!
Execute with padding (exact time)
WCET of parameterized functions in runtime
using parametric WCET analysis (Lisper,
2003)
execute f(3,2) during 10ms!
Part I !
Part II!
if WCET(f(x3 = v)) > 10ms then …
else …!
21
Proposed Infrastructure Overview
[email protected]
Part I: Modeling language front end
Part II: PRETIL front end
Part III: PRETIL backend
Part IV: Runtime environment
Part I !
Part II!
22
Part I – Modeling language front end
[email protected]
Research challenge 1: To design (or extend) an intermediate
language that hides architecture details and exposes language
constructs for programming with (physical) execution time.
Part I !
Part II!
23
[email protected]
Part I !
Part II!
24
Part II – PRETIL Front end
[email protected]
Research challenge 2: To statically guarantee that timing constraints
defined for high-level models hold during run-time.
Formally verified compilers
(Leroy, 2009)
Part I !
Translation Validation Infrastructure
(Necula, 2000)
Part II!
25
[email protected]
Part I !
Part II!
26
Part III – PRETIL Back end
[email protected]
Research challenge 3: To optimize allocation of bounded memory
resources so that both memory constraints and timing constraints hold
simultaneously.
Part I !
Part II!
27
[email protected]
Part I !
Part II!
28
Part IV – Runtime environment
[email protected]
Research challenge 4: To guarantee safe execution concerning timing
of a deployed binary of machine code, without trusting the correctness
of the compiler, e.g., by executing a lightweight safety proof before
executing the binary.
Proof-carrying code (Necula, 1997)
Part I !
Part II!
29
[email protected]
Part III
Utilizing a bridged gap –
virtual optimization of CPS
Part I !
Part II!
30
Simulation with Predictable Timing
[email protected]
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Computation 4
Computation 2
(SIL) simulation
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical Plant
Plant 12
Physical
Model
Physical
Interface
Actuator
The PRETIL project aims at
adding one piece of the puzzle to
getting predictable timing of CPS
Networking
Sensors
System
Actuators
Part I !
Part II!
31
Optimization with Predictable Timing
[email protected]
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Computation 4
Computation 2
(SIL) simulation
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical Plant
Plant 12
Physical
Physical
Interface
Actuator
Design optimization problems
•  Parameter optimization of physical objects (e.g., thickness of shafts)
•  Architecture parameters, e.g., minimize clock frequency to lower energy
consumptions.
Predictable timing with correct timing constraints are essential to
performing the optimization on a global CPS model
Hard problems. One approach is to combine CPS simulation
with local search heuristics (e.g., tabu search or simulated annealing).
Part I !
Part II!
32
Conclusions and Summary
[email protected]
Modelica / MKL
Ptolemy II /
PTIDES
New project in the Ptolemy group
(starting Jan 2012).
Overall challenge
To establish a new formal foundation of timing
predictability for the semantics of correct translation/
compilation from high-level CPS modeling languages
down to machine code for PRET machines.
Thank you for listening!
Part I !
Part II!
Semantic gap
PRETIL
regarding
time
PRETIL compiler
PRET

Part I - Chess - Center for Hybrid and Embedded Software Systems

Transcription

Similar documents

Asst.US.Treasury Secretary Phillip Swagel Speaks on

La Sabatera, Moraira - Elite International Real Estate

FICTION and How to get FILTHY RICH in RISING ASIA

Best of James Grebey

NESA Sustained PD Themes

Working on the Front Lines of the State Prof. Michael Musheno

Lord Wakeham Letter to Inquiry

Exam View (4-27-07)

AUNT BEA`S bungalow