skip to main content
research-article

Specification and verification of time requirements with CCSL and Esterel

Published:19 June 2009Publication History
Skip Abstract Section

Abstract

The UML Profile for Modeling and Analysis of Real-Time and Embedded (MARTE) systems has recently been adopted by the OMG. Its Time Model extends the informal and simplistic Simple Time package proposed by UML2 and offers a broad range of capabilities required to model real-time systems including discrete/dense and chronometric/logical time. MARTE OMG specification introduces a Time Structure inspired by Time models of the concurrency theory and proposes a new clock constraint specification language (CCSL) to specify, within the context of UML, logical and chronometric time constraints.

This paper introduces the formal semantics of a fundamental subset of CCSL clock constraints and proposes a process to use CCSL both as a high-level specification language for UML models and as a golden model to verify the conformance of implementations with the specification.

A digital filtering video application is used as a running example to support the discussion. The application is first formally specified with CCSL and the specification is refined based on feedback from our CCSL-dedicated simulator. In a second phase, an Esterel program of the application is considered. This program is instrumented with observers derived from the CCSL specification. Esterel Studio formal verification facilities are then used to check the conformity of the Esterel implementation with the CCSL specification. A specific library of Esterel observers has been built for this purpose.

References

  1. C. André. Representation and analysis of reactive behaviors: A synchronous approach. In Computational Engineering in Systems Applications (CESA), pages 19--29. IEEE-SMC, July 1996.Google ScholarGoogle Scholar
  2. C. André. Computing SyncCharts reactions. Electronic Notes in Theoretical Computer Science, 88: 3--19, October 2004. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. C. André, F. Mallet, and R. de Simone. Modeling time(s). In G. Engels, B. Opdyke, D. C. Schmidt, and F. Weil, editors, phMoDELS, volume 4735 of phLecture Notes in Computer Science, pages 559--573. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. J-R. Beauvais, E. Rutten, T. Gautier, R. Houdebine, P. Le Guernic, and Y.-M. Tang. Modeling statecharts and activitycharts as signal equations. ACM Trans. Softw. Eng. Methodol., 10 (4): 397--451, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. A. Benveniste, P. Le Guernic, and C. Jacquemot. Synchronous programming with events and relations: the SIGNAL language and its semantics. Sci. Comput. Program., 16 (2): 103--149, 1991. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. and de Simone}12yearslaterA. Benveniste, P. Caspi, S. Edwards, N. Halbwachs, P. Le Guernic, and R. de Simone. The synchronous languages twelve years later. Proceedings of the IEEE, 91 (1): 64--83, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  7. G. Berry. The foundations of Esterel. In C. Stirling G. Plotkin and M. Tofte, editors, Proof, Language and Interaction: Essays in Honour of Robin Milner. MIT Press, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. F. Boulanger and C. Hardebolle. Simulation of multi-formalism models with modhelx. In ICST, pages 318--327. IEEE Computer Society, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. A. Cohen, M. Duranton, C. Eisenbeis, C. Pagetti, F. Plateau, and M. Pouzet. N-synchronous kahn networks: a relaxed model of synchrony for real-time systems. In J. Gregory Morrisett and Simon L. Peyton Jones, editors, POPL, pages 180--193. ACM, January 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. W. Damm, B. Josko, A. Pnueli, and A. Votintseva. A discrete-time UML semantics for concurrency and communication in safety-critical applications. Sci. Comput. Program., 55 (1-3): 81--115, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. J. Eker, J. W. Janneck, E. A. Lee, J. Liu, X. L., J. Ludvig, S. Neuendorffer, S. Sachs, and Y. Xiong. Taming heterogeneity -- the ptolemy approach. Proceedings of the IEEE, 91 (1): 127---144, 2003.Google ScholarGoogle ScholarCross RefCross Ref
  12. N. Halbwachs. Synchronous Programming of Reactive Systems. Kluwer Academic Publishers, Amsterdam, 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. L. Lamport. Time, clocks, and the ordering of events in a distributed system. Commun. ACM, 21 (7): 558--565, 1978. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. A. Le Guennec and B. Dion. Bridging UML and safety-critical software development environments. In Int. Conf. on Embedded and Real-Time Software, ERTS, 2006. URL http://www.esterel--technologies.com/.Google ScholarGoogle Scholar
  15. E. A. Lee and A. L. Sangiovanni-Vincentelli. A framework for comparing models of computation. phIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 17 (12): 1217--1229, December 1998. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. X. Li, C. Meng, P. Yu, J. Zhao, and G. Zheng. Timing analysis of UML activity diagrams. In M. Gogolla and C. Kobryn, editors, UML, volume 2185 of Lecture Notes in Computer Science, pages 62--75. Springer, October 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. F. Mallet and C. André. On the semantics of UML/MARTE clock constraints. In ISORC, pages 305--312. IEEE Computer Society, March 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. F. Mallet, C. André, and R. de Simone. CCSL: specifying clock constraints with UML/Marte. ISSE, 4 (3): 309--314, 2008.Google ScholarGoogle Scholar
  19. K.L. McMillan. Interpolation and SAT-based model checking. In Warren A. Hunt Jr. and Fabio Somenzi, editors, CAV, volume 2725 of Lecture Notes in Computer Science, pages 1--13. Springer, July 2003. ISBN 3-540-40524-0.Google ScholarGoogle Scholar
  20. P. Merlin. A Study of the Recoverability of Computer Systems. PhD, University of California, Irvine, 1974. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. OMG. Systems Modeling Language (SysML) Specification 1.1. Object Management Group, May 2008. OMG document number: ptc/08-05-17.Google ScholarGoogle Scholar
  22. OMG. phUnified Modeling Language, Superstructure, November 2007. Version 2.1.2 formal/2007-11-02.Google ScholarGoogle Scholar
  23. C. A. Petri. Concurrency theory. In W. Brauer, W. Reisig, and G. Rozenberg, editors, phPetri Nets: Central Models and their properties, volume 254 of phLecture Notes in Computer Science, pages 4--24. Springer, 1987. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. D. Potop-Butucaru, S. Edwards, and G. Berry. Compiling Esterel. Springer, 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. W. Reisig. Petri nets: an introduction. Monograph on Theoretical Computer Science. Springer, Berlin, 1985. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. M. Sheeran, S. Singh, and G. Stålmarck. Checking safety properties using induction and a sat-solver. In W. A. Hunt Jr. and S. D. Johnson, editors, FMCAD, volume 1954 of Lecture Notes in Computer Science, pages 108--125. Springer, November 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. H. Störrle. Semantics and verification of data flow in UML 2.0 activities. phElectr. Notes Theor. Comput. Sci., 127 (4): 35--52, 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. The ProMARTE Consortium. UML Profile for MARTE, beta 2. Object Management Group, June 2008. OMG document number: ptc/08-06-08.Google ScholarGoogle Scholar
  29. T. Weilkiens. Systems Engineering with SysML/UML: Modeling, Analysis, Design. The MK/OMG Press, Burlington, MA, USA., 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. L. Zaffalon. Programmation synchrone de systèmes réactifs avec Esterel et les SyncCharts. Presses Polytechniques et Universitaires Romandes, Lausane (CH), 2005.Google ScholarGoogle Scholar

Index Terms

  1. Specification and verification of time requirements with CCSL and Esterel

        Recommendations

        Reviews

        Pierre Jouvelot

        Timing is a key issue in reactive programming, a development paradigm suited to the design and implementation of safety-critical systems such as control and navigation devices that closely interact with their environment. While integrating some time specifications is possible in unified modeling language 2 (UML2), its time model is too limited to deal with the asynchronous and synchronous behaviors found in real-life situations. The Object Management Group (OMG)-sanctioned MARTE UML profile is an extension of the time model and comes with a powerful time specification framework: clock constraint specification language (CCSL). This paper provides a formal specification and one simple use case for CCSL. CCSL is based on time structures, which are sets of clocks seen as discrete or dense sets of instants, and sets of precedence relations between them. One can use CCSL to specify the constraints that such clocks must satisfy, such as sub-clocking or synchronization relationships. These constraints can be either synchronous or asynchronous. One can run a given CCSL specification on the TimeSquare simulator that generates sets of possible instant histories. To illustrate CCSL, a digital video filtering application is used throughout the paper. In particular, the authors show how its Esterel implementation can be verified against its CCSL specification, by adding observer code that generates exceptions if one clock constraint is not satisfied at a particular time. This paper, although lacking in focus, can be of use to readers interested in learning more about timing considerations in current advanced development environments for reactive systems. Online Computing Reviews Service

        Access critical reviews of Computing literature here

        Become a reviewer for Computing Reviews.

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM SIGPLAN Notices
          ACM SIGPLAN Notices  Volume 44, Issue 7
          LCTES '09
          July 2009
          176 pages
          ISSN:0362-1340
          EISSN:1558-1160
          DOI:10.1145/1543136
          Issue’s Table of Contents
          • cover image ACM Conferences
            LCTES '09: Proceedings of the 2009 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems
            June 2009
            188 pages
            ISBN:9781605583563
            DOI:10.1145/1542452

          Copyright © 2009 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 19 June 2009

          Check for updates

          Qualifiers

          • research-article

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!