Section: New Results
Synchronous Programming
Participants : Louis Mandel, Florence Plateau, Marc Pouzet.
Modular Static Scheduling of Synchronous block-diagram
In collaboration with P. Raymond (VERIMAG, Grenoble), we have worked on the modular generation of sequential imperative code from synchronous data-flow networks. Precisely, given a system with several input and output flows, how to decompose it into a minimal number of classes executed atomically and statically scheduled without restricting possible feedback loops between input and output? Though this question has been identified in the early years of Lustre, it has almost been left aside until the recent work of Lublinerman, Szegedy and Tripakis presented at POPL'09. The problem is proven to be intractable and the authors derive an iterative algorithm looking for solutions for c = 1,2,... classes where each step is encoded as a SAT problem. Despite the apparent intractability of the problem, it appears that real problems rarely fall in this category. Based on an analysis of input/output dependences, we have proposed a polynomial algorithm which (1) either gives an optimal solution or (2) gives a non trivial lower bound on the number of classes to start an iterative combinatorial search. In all the examples we have considered (the whole SCADE library and two industrial examples), the polynomial algorithm finds an optimal scheduling.
This works has been presented at EMSOFT'09 [28] and was nominated among the three best papers.
Objects in Synchronous Block-diagrams
In collaboration with Paul Caspi, Pascal Raymond (VERIMAG, Grenoble), Jean-Louis Colaço (Prover Technologies), we have proposed an extension of a synchronous language with a classed-based mechanism. The problem we addressed is the modular specification and implementation of systems with modes . Typical applications involve different control laws corresponding to different phases, e.g., take-off, full flight and landing in a fly-by-wire control system. On one hand, existing methods such as the combination of Simulink/Stateflow provide powerful but unsafe mechanisms by means of imperative updates of shared variables. On the other hand, synchronous languages and tools such as Esterel or Scade/Lustre are too restrictive and forbid to fully separate the specification of modes from their actual instantiation with a particular control automaton.
We introduce a conservative extension of a synchronous data-flow language close to Lustre, in order to be able to define systems with modes in a more modular way, while insuring the absence of data-races. We show that such a system can be viewed as an object where modes are methods acting on a shared memory. The object is associated to a scheduling policy which specifies the ways methods can be called to build a valid synchronous reaction. We show that the verification of the proper use of an object reduces to a type inference problem using row types introduced by Wand, Rémy and Vouillon. We define the semantics of the extended synchronous language and the type system. This work has been presented at LCTES'09 [21] .
During the year, a new compiler — mainly the V4 of Lucid Synchrone — has been rebuilt on this paradigm.
Alternative synchronous models
The N -synchronous model introduced a way to compose streams which have almost the same clock and can be synchronized through the use of a finite buffer. This relaxed model of synchrony is achieved by introducing a subtyping rule in the clock type system to localise places where some synchronization code must be inserted. Subtyping can be checked when clocks are defined by ultimately periodic infinite binary words. Nevertheless, this check can be costly if the patterns are long, and is in any case restricted to periodic behaviors only.
To achieve this relaxed model on non periodic clocks, the notion of clock envelopes has been introduced. These envelopes are abstractions of clocks that gives bounds on the number of instants where the stream has been present since the beginning of the execution. An envelope is a set of (not necessarily periodic) clocks and subtyping can be checked by simple arithmetic comparison. A first abstraction has been presented in APLAS [67] . It has been improved and presented at JFLA 2009 [27] and HFL 2009 [22] .
Most of the algebraic properties of this new abstraction have been formalized and proved in the proof assistant Coq (http://www.lri.fr/~plateau/hfl09/ ).
An implementation called Lucy-n has been developped during the year. The language is a Lustre-like language extended with a buffer construct. It is based on a relaxed clock-calculus where the compiler automatically infers the size of buffers. Various techniques to solve constraints have been implemented (e.g., exact resolution method and abstract method based on the technique presented in [22] ).
F. Plateau will defend her PhD. Thesis on the N-synchronous model in January 2010.
L. Mandel, F. Plateau and M. Pouzet have worked on the relaxed model of synchrony during the period [67] .
Compiler certification
The work on the development of a certified compiler for a synchronous language has been pursued in 2008. We have formalized in Coq the semantics of the source and target language (work in collaborartion with Grégoire Hamon and Jean-Louis Colaço).
A prelimary version of this work presenting a minimal formalization of a compiler is presented in [54] .
Dynamic aspects in synchronous languages
We have continued the development of ReactiveML, an extension of Objective Caml with reactive constructs [95] . A tool demo has been done during the ML workshop 2009.
In addition, a toplevel for Lucid Synchrone has been proposed. It provides a way to interactively define synchronous data-flow programs and thus dynamically add new processes to execute. A new communication scheme through shared channels has also been proposed.
