Team s4

Overall Objectives
Scientific Foundations
Application Domains
New Results
Contracts and Grants with Industry
Other Grants and Activities
Inria / Raweb 2003
Project: s4

Project : s4

Section: New Results

Keywords : synchronous , Kahn's networks , distributed architectures , endochrony , isochrony , loosely synchronous architectures .

Heterogeneous reactive systems

Participants : Albert Benveniste, Benoît Caillaud, Dumitru Potop-Butucaru.

In the framework of the Columbus project (see Section  7.2) we have developed a systematic method to formally model heterogeneous reactive systems. This is joint work with Alberto Sangiovanni-Vincentelli and Luca Carloni (U.C. Berkeley and Parades) and Paul Caspi (Verimag).

The motivation is twofold. On the one hand, heterogeneous models are encountered throughout the design flow for embedded systems: use of UML notations, of Simulink-Stateflow, of synchronous languages. On the other hand, execution architectures for deployment generally follow a model of computation that is different from that of the modeling tools. For example, whereas the Time-Triggered Architecture (TTA) by H. Kopetz [39] strictly obeys the synchronous model, this is no longer the case for other commonly used infrastructures (field buses, CAN, ARINC, etc.). In 2002, we analyzed the Loosely Time-Triggered Architecture (LTTA), that is in use at Airbus.

To address this issue of heterogeneity in a formal way, we started from the so-called tag system model originally due to Edward Lee and Alberto Sangiovanni-Vincentelli. We have simplified and restricted this model to our needs. The new version covers synchronous and asynchronous models, timed and untimed models, and their free combination. We have formally defined what it means to migrate from one model to another. We have formally defined what heterogeneous parallel composition means (e.g., what P Q means, for P synchronous and Q asynchronous. We have formally defined what it means to preserve semantics, e.g., when migrating from a synchronous to a globally asynchronous, locally synchronous design (GALS). We have characterized, by algebraic means, those designs that preserve semantics when deployed on an infrastructure which model of computation differs.

These results nicely complement the previous results from our group on desynchronization and endochrony/isochrony. They have been published in [15].

On another direction, Dumitru Potop-Butucaru and Benoît Caillaud have found an error [37] in our long Information and Computation paper on desynchronization [3]. Isochrony is not compositional, unlike claimed in this paper (other results are correct). In the process of correcting this, a totally new theory has emerged for correct GALS deployment for more than two components. It is currently under study and its results will be reported next year.