Team espresso
Members
Overall Objectives
Scientific Foundations
Application Domains
Software
New Results
Contracts and Grants with Industry
Other Grants and Activities
Dissemination
Bibliography
previous up next PDF XML

Section: New Results

Verifications of GALS architectures

Participants : Julio Peralta, Thierry Gautier, Loïc Besnard, Jean-Pierre Talpin.

This work is sponsored by project Topcased and aims to bridge specifications expressed in a subset of the synchronous Signal language with tools for model checking, with the aim of validating such specifications when composed asynchronously (thus forming so-called GALS architectures).

Our current work aims two languages amenable for model checking: Fiacre and SMV   [60] . Fiacre is a language for describing Lts (Labelled Transition Systems), and thus is action-based, whereas SMV is state-based. Also, Fiacre gives rise (through model checkers CADP   [58] and Tina   [54] ) to so-called explicit-state models, while SMV is symbolic-based. And finally, SMV is deemed closer to hardware description than Fiacre since the former semantics assumes a tick while the latter doesn't. For this reason, the translation into Fiacre poses more problems.

On the side of translating Signal to Fiacre we found that our translation was not semantics preserving if we apply it on the source Signal programs, however if we apply the translation after the clock calculus we found out that a particular interpretation (as LTS) of clock synchronization classes renders the translation into Fiacre semantics-preserving for the Signal class of endochronous programs. At the moment we are successfully experimenting on extending our results to so-called poly-endochronous programs. In particular, our current problem boils down to showing that a trace-based reduction of Lts (our Fiacre generated programs) corresponds to the right Signal semantics, and the related question of what temporal properties are preserved through such Lts reduction operation. It is worth noting that the translation here discussed is implemented in the model transformation language ATL , and it is integrated, together with its documentation, into two Eclipse plugins.

On the work of translating Signal programs into SMV , we have better results even though SMV is single-clocked and Signal sources may be multiple-clocked. Additionally, we have succeeded in translating and model-checking multi-clocked Signal programs [34] . These experiments have helped in correcting some translation bugs from Signal to its other model-checker, namely Sigali . It remains to implement this translation to render it fully automatic, nonetheless our first experiments are promising.


previous
next

Logo Inria