DOCSLIB.ORG

New Results and Trends in Formal Techniques & Tools for the Development of Software for Transportation Systems — a Review1

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
New Results and Trends in Formal Techniques & Tools for the Development of Software for Transportation Systems — a Review1 NEW RESULTS AND TRENDS IN FORMAL TECHNIQUES & TOOLS FOR THE DEVELOPMENT OF SOFTWARE FOR TRANSPORTATION SYSTEMS — A REVIEW1 Dines Bjørner Computer Science and Engineering, Informatics and Mathematical Modelling Technical University of Denmark, DK–2800 Kgs.Lyngby, Denmark E–Mail: [email protected], URL: www.imm.dtu.dk/˜db Abstract: We characterise what is meant by a metod in the context of software devel- opment. Then what is meant by a formal technique. We refute the possibility of formal methods, but express the desirability of formal techniques. Some such techniques are briefly surveyed. We will outline what has been done recently and what is currently being done using formal techniques in the area predominantly of railway systems. Problems are out- lined, as are avenues for future research. Being an invited survey, the paper features an extensive, albeit far from complete, literature reference list of almost 180 entries, taking up half the paper size ! There are no examples of formal techniques being actually shown in this paper — but there should be at least three papers (Pˇeniˇcka et al., 2003; Strupchanska et al., 2003; Haxthausen and Peleska, 2003b) in these proceedings which illustrate such techniques as are the subject of the current review. Keywords: Formal Method, Domain Description, Requirements Prescription, Software Design, Provable Correctness, Safety Criticality, Real–time, Embedded Systems, Interlock- ing 1. INTRODUCTION 1.2 Sub–System Interfaces Transportation systems pose extraordinary challenge when it comes to their monitor- Thus the challenge is compounded by the ing and control by combinations of classical possibility, when using computers, of com- automatic control systems and digital com- bining many diverse “sub-systems”, sub– puters. systems that, in the days of only combina- tions of classical automatic control system and human monitoring and control, were quite “separate”: Where information from one sub–system was basically only handed 1.1 Infra–Structure on to another sub–system via human inter- vention. Such human intervention often en- This is in particular the case for rail and air tailed data vetting: Is the information to be systems due to their hard real–time charac- passed–on relevant and valid ? teristics combined with the need for very high dependability. In these kinds of infra- With automated interfaces, even within –structure systems we see a need to inte- purely digital computer, ie., software, grate many diverse management planning, controlled sub–systems, the problem of and operational execution, monitoring and “switching domains” is staggering, but en- control facets. ticing. 1The writing of this paper, as well as the papers (Pˇeniˇcka et al., 2003; Pˇeniˇcka et al., 2003), also contained in these proceedings, and their presentation at Budapest, is sponsored by the EU IST Research Training Network AMORE: Algorithmic Models for Optimising Railways in Europe: www.inf.uni-konstanz.de/algo/amore/. Contract no. HPRN-CT-1999-00104, Proposal no. RTN1-1999-00446 1.3 Hybrid Systems what to choose. Such principles can not be automated. Problems under investiga- Perhaps, from a scientific and engineering tion are usually too complex and “never point of view, the most obviously interest- the same”. So the choice has to be done ing area of study is that of hybrid systems: by the developers. Hence cannot be for- These are not just combinations of contin- malised. Unfortunately the term ‘Formal uous and discrete systems, but are such in Method’ has stuck. which there is not just one, but several con- trollers — to use a standard terminology in automatic control theory. The software 2.3 Desirability of Formal Tech- controls the decisions when to exchange one niques & Tools controller for another. Such hybrid systems have been studied at UNU/IIST, the UN But many techniques can be formalised, University’s Intl. Inst. for Software Tech- and tools can be provided for the support of nology, Macau, nr. Hong Kong: (Wang such formal techniques. These techniques et al., 1994; Chen et al., 1994b; Chen et al., apply to oftentimes very large scale engi- 1994a; Yu, 1994a; Hung and Wang, 1994; neering documents, formally specified, and Widjaja et al., 1994; Wang and He, 1995; far too large to be analysed by humans. It is Zhou et al., 1995). An interesting concept therefore desirable to use such formal tech- in this connection is ‘Hybrid Automata’ niques and tools — since they may help en- (Henzinger, 1996). Hybrid automata com- sure, amongst others, correctness of soft- bine discrete transition graphs with contin- ware with respect to likewise formally pre- uous dynamical systems. They are mathe- scribed requirements. matical models for digital systems that in- teract with analog environments. Hybrid automata can be viewed as infinite-state 2.4 Examples of Techniques & Tools transition systems, and this view gives in- sights into the structure of hybrid state We take specification languages, and cor- spaces. rectness (of software or hardware) veri- fiers and model checkers to be tools. By techniques we then mean the specific way 1.4 Structure of paper in which the developer performs ‘calcula- The topic of this invited paper was sug- tions’ (ie., development steps), including gested by the Programme Chair. In effect applying these tools. Verifiers are soft- they chose the title ! It therefore behooves ware packages that either assist the devel- me to explain some of the terms of the title oper in conducting proofs of correctness or such as they are understood in computing which perform such proofs more or less au- science and software engineering. We there- tomatically. Model checkers are also soft- fore first explain — to an audience usu- ware packages which symbolically — al- ally associated with the field of automatic most “exhaustively” — tests the software control — what is meant by a method, its (hardware), while subject to usual com- principles and techniques; when such tech- puter interpretation, enters only desirable niques can be based on mathematics, and states. Certain kinds of compilers from do- in particular on discrete mathematics, in- main specific language scripts are tools that cluding notably mathematical logic. transform specifications into semantically consistent executable systems. 2. ON TECHNIQUES & TOOLS 2.5 Why Formal Techniques ? 2.1 What is a Method ? There are several, and in the mind of the By a (software development) method we current author, fully equivalent, good rea- shall understand a set of principles for se- sons for why one should apply formal cal- lecting a number of techniques and tools for culi (ie., techniques) in the pursuit of com- the study and solution of problems — in puting systems development: Usually one the form of the construction of an artifact is mentioned as being the most important (here: Software). one: Correctness of software — with re- spect to requirements (ie., that “the soft- 2.2 Impossibility of Formal Meth- ware is right”). To this we add that “it ods ! is the right software”, ie., that it affine to users expectations. Finally: “it is fun, it The method principles amount to criteria is professionally satisfying” to use formal for selection and application: When and techniques. 2.6 Convincing the Skeptics and developed at the IBM Vienna (Austria) Laboratory in the early 1970s and can be The subject of so–called Formal Methods, said to be have offered first comprehensive is, strangely, to the curent author — who formal techniques for general software de- is one of the “pioneers” of the field (within velopment. VDM-SL is now an ISO standard software) — still somewhat “controversial”. (Larsen et al., 1996). So a number of popularising papers have VDM basically offers model oriented, ie., been and are being offered: (Wood, 1990; discrete mathematics means of specifying Wing, 1990; Thomas, 1992; Bowen and and reasoning about software. Major texts Stavridou, 1992; Bowen and Stavridou, are (Bjørner and Jones, 1978; Bjørner and 1993; Bowen, 1993; Rushby, 1993; Bowen Jones, 1982; Fitzgerald and Larsen, 1997). and Hinchey, 1994; Butler et al., 1995; Cle- The autor of this paper was one of the land and MacKenzie, 1995; Hinchey and co–designers of VDM. Bowen, 1995; Kelly, 1995; Liu et al., 1995; Rushby, 1995; Caldwell, 1996; Kelly, 1996). These papers explain why developers 3.3 CSP might very well wish to use formal methods CSP stands for ‘Communicating Sequential in the development of software. (Rushby, Processes’. Put forward by Tony Hoare in 1993; Kelly, 1995; Rushby, 1995; Kelly, 1978 (Hoare, 1978) CSP has become one 1996) explain very well NASAs position on of the leading means for specifying, suc- the need for formal verification of safety cinctly and elegantly, the interaction be- critical on–board software. tween parallel processes. Leading books (Bowen and Hinchey, 1995b; Bowen on CSP are: (Hoare, 1985; Roscoe, 1997; and Hinchey, 1995a; Hall, 1990) provides Schneider, 2000) (entertaining) capsule advice to “skeptics”. 3.4 Z 3. SOME TECHNIQUES & TOOLS Z derives from the Z in Zermelo, who, as In this section we overview, ever so briefly, a mathematician, together with Frankel, some of the formal techniques that have established the Zermelo–Frankel axiomatic shown effectiveness in solving problems — basis for a set theory. also in the domain of railway operations Proposed around 1980 by Jean– and management. Raymond Abrial, Z has become one of the The possible distinction between a leading model oriented, ie., discrete math- method, like ASM, B, RAISE or VDM, a speci- ematics means of specifying and reasoning fication language, like CSP, RSL, VDM-SL or about software. The Z literature is abun- Z, or a technique cum tool, like SPIN — for dant, but we refer only to the delightful all of these see below — has here been de- text book: (Woodcock and Davies, 1996). liberately blurred. The next section will then comment on 3.5 Statecharts specific uses of these formal techniques.
Load more

Recommended publications
  • Towards a Time Model for Circus
    Towards a Time Model for Circus Adnan Sherif and He Jifeng ∗ The United Nations University, International Institute for Software Technology, Casa Silva Mendes, Est. do Engenheiro Trigo No. 4, P.O Box 3058, Macau Tel.:+853 - 712.930, Fax: +853 - 712.940 [email protected], [email protected] Abstract. In this work we propose a time model for Circus. The model is an extension to the model proposed by the unifying theories of pro- gramming and used by Circus. We take a subset of Circus and study its semantics in the new model. We create an abstraction function that maps the timed model to the original model. The main objective of this mapping is to create a relation between the two models. This allows the exploration of some properties of the timed semantics in the untimed model. We study a toy example to illustrate the use of this mapping. 1 Introduction Real time systems have always been a strong candidate for formal develop- ment methods. This fact rises due to the complexity and, usually, critical nature of these systems. The development of formal specification languages, and the adaptation of existing languages with time expressing capacity, was and still is a challenging task. Many languages such as DC [1], and RTL [4] are based on temporal logic and are powerful for expressing timed functionalities. Timed CSP [8] is an extension to the well known CSP [9]. Reed and Roscoe have developed several semantic models for the language [8]. Lately the combination of different languages and techniques have been adapted to obtain formalisms that can be used in a wider range of applications.
    [Show full text]
  • Spreading Excellence
    IST-004527 ARTIST2 NoE Year 3 JPASE: Joint Programme of Activities for D3-Mgt-Y3 Spreading Excellence IST-004527 ARTIST2 Network of Excellence on Embedded Systems Design Spreading Excellence Artist2 Technical Coordinator: Bruno Bouyssounouse (Verimag) with inputs from all NoE participants The visibility of the ARTIST2 research effort in embedded systems design is worldwide. This is progressively creating a European embedded systems design community, and spreading the “artist culture” in all major research institutions. To ensure that the next generation of researchers will continue in this direction we, as a consortium, devote a great deal of effort to Spreading Excellence, in both academic and industrial circles. Furthermore, through our links with both core and affiliated partners, we are actively setting up permanents links between industry and public research, leveraging on existing partner collaborations with major industrial players in the area. This document shows that ARTIST2 has a strategic impact on the integration of multiple academic research communities, which are necessary to establish the new area of embedded systems design. 1 / 126 IST-004527 ARTIST2 NoE Year 3 JPASE: Joint Programme of Activities for D3-Mgt-Y3 Spreading Excellence Table of Contents 1. Vision and Strategy for Spreading Excellence - Executive Summary.................................5 1.1 Overall Vision and Strategy .........................................................................................5 1.2 Affiliated partners.........................................................................................................6
    [Show full text]
  • Terahertz Detectors Based on Superconducting Hot Electron Bolometers
    Editorial Board Supported by NSFC Honorary Editor General ZHOU GuangZhao (Zhou Guang Zhao) Editor General ZHU ZuoYan Institute of Hydrobiology, CAS Editor-in-Chief LI Wei Beihang University Executive Associate Editor-in-Chief WANG DongMing Centre National de la Recherche Scientifique Associate Editors-in-Chief GUO Lei Academy of Mathematics and Systems Science, CAS HUANG Ru Peking University QIN YuWen National Natural Science Foundation of China SUN ZengQi Tsinghua University YOU XiaoHu Southeast University ZHAO Wei University of Macau ZHAO QinPing Beihang University Members CHEN JianEr LI Joshua LeWei TSAI WeiTek Texas A&M University University of Electronic Science and Arizona State University Technology of China DU Richard LiMin WANG Ji Voxeasy Institute of Technology LIU DeRong National University of Defense Technology Institute of Automation, CAS GAO Wen WANG JiangZhou Peking University LIN HuiMin University of Kent Institute of Software, CAS GE ShuZhi Sam WANG Long National University of Singapore LIN ZongLi Peking University GUO GuangCan University of Virginia University of Science and Technology of WU YiRong LONG KePing Institute of Electronics, CAS China University of Science and Technology Beijing HAN WenBao XIE WeiXin Shenzhen University PLA Information Engineering University LU Jian Nanjing University HE JiFeng XU Jun Tsinghua University East China Normal University MEI Hong Peking University XU Ke HU WeiWu Beihang University Institute of Computing Technology, CAS MENG LuoMing Beijing University of Posts and YIN QinYe HU ZhanYi
    [Show full text]
  • UNU-IIST Annual Report 2004
    UNU-IIST International Institute for Software Technology UNU-IIST Annual Report 2004 Chris George and Wendy Hoi Iok Wa March 2005 UNU-IIST Report No. 314 A UNU-IIST and UNU-IIST Reports UNU-IIST (United Nations University International Institute for Software Technology) is a Research and Training Centre of the United Nations University (UNU). It is based in Macau, and was founded in 1991. It started operations in July 1992. UNU-IIST is jointly funded by the Governor of Macau and the governments of the People’s Republic of China and Portugal through a contribution to the UNU Endownment Fund. As well as providing two-thirds of the endownment fund, the Macau authorities also supply UNU-IIST with its office premises and furniture and subsidise fellow accommodation. The mission of UNU-IIST is to assist developing countries in the application and development of software technology. UNU-IIST contributes through its programmatic activities: 1. Advanced development projects, in which software techniques supported by tools are applied, 2. Research projects, in which new techniques for software development are investigated, 3. Curriculum development projects, in which courses of software technology for universities in devel- oping countries are developed, 4. University development projects, which complement the curriculum development projects by aiming to strengthen all aspects of computer science teaching in universities in developing countries, 5. Schools and Courses, which typically teach advanced software development techniques, 6. Events, in which conferences and workshops are organised or supported by UNU-IIST, and 7. Dissemination, in which UNU-IIST regularly distributes to developing countries information on international progress of software technology.
    [Show full text]
  • ACD Fotocanvas Print
    Editorial Board Supported by NSFC . Honorary Editor General ZHOU GuangZhao (Zhou Guang Zhao) Editor General ZHU ZuoYan Institute of Hydrobiology, CAS Editor-in-Chief LI Wei Beihang University Executive Associate Editor-in-Chief WANG DongMing Centre National de la Recherche Scientifique Associate Editors-in-Chief GUO Lei Academy of Mathematics and Systems Science, CAS HUANG Ru Peking University QIN YuWen National Natural Science Foundation of China SUN ZengQi Tsinghua University YOU XiaoHu Southeast University ZHAO QinPing Beihang University ZHAO Wei University of Macau Members CHEN JianEr LI Joshua LeWei TSAI WeiTek Texas A&M University University of Electronic Science and Arizona State University Technology of China DU Richard LiMin WANG Ji Voxeasy Institute of Technology LIU DeRong National University of Defense Technology Institute of Automation, CAS GAO Wen WANG JiangZhou Peking University LIN HuiMin University of Kent Institute of Software, CAS GE ShuZhi Sam University of Electronic Science and WANG Long LIN ZongLi Peking University Technology of China University of Virginia GUO GuangCan WU YiRong LONG KePing University of Science and Technology of Institute of Electronics, CAS University of Science and Technology China Beijing XIE WeiXin HAN WenBao Shenzhen University LU Jian PLA Information Engineering University Nanjing University XU Jun Tsinghua University HE JiFeng MEI Hong East China Normal University Peking University XU Ke HU WeiWu MENG LuoMing Beihang University Institute of Computing Technology, CAS Beijing University of
    [Show full text]
  • Mutation Testing in UTP Bernhard K
    Mutation testing in UTP Bernhard K. Aichernig, He Jifeng To cite this version: Bernhard K. Aichernig, He Jifeng. Mutation testing in UTP. Formal Aspects of Computing, Springer Verlag, 2008, 21 (1-2), pp.33-64. 10.1007/s00165-008-0083-6. hal-00477906 HAL Id: hal-00477906 https://hal.archives-ouvertes.fr/hal-00477906 Submitted on 30 Apr 2010 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. DOI 10.1007/s00165-008-0083-6 BCS © 2008 Formal Aspects Formal Aspects of Computing (2009) 21: 33–64 of Computing Mutation testing in UTP Bernhard K. Aichernig1,2 and He Jifeng3 1Institute for Software Technology, Graz University of Technology, Graz, Austria. E-mail: [email protected] 2International Institute for Software Technology, United Nations University, Macao, S.A.R. China 3East China Normal University, Shanghai, China Abstract. This paper presents a theory of testing that integrates into Hoare and He’s Unifying Theory of Programming (UTP). We give test cases a denotational semantics by viewing them as specification predicates. This reformulation of test cases allows for relating test cases via refinement to specifications and programs. Having such a refinement order that integrates test cases, we develop a testing theory for fault-based testing.
    [Show full text]
  • UNIVERSITY of CALIFORNIA Santa Barbara the Aesthetics of Non-Discrimination: Chinese Poetics and Social Critique in Huihong's N
    UNIVERSITY OF CALIFORNIA Santa Barbara The Aesthetics of Non-Discrimination: Chinese Poetics and Social Critique in Huihong's Night Chats from Chilly Hut (c. 1121) A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in East Asian Languages and Cultural Studies by Sarah Jane Babcock Committee in charge: Professor Ronald C. Egan, Chair Professor Xiaorong Li Professor Hsiao-jung Yu December 2020 The dissertation of Sarah Jane Babcock is approved. __________________________________________________ Xiaorong Li __________________________________________________ Hsiao-jung Yu __________________________________________________ Ronald C. Egan, Committee Chair December 2020 The Aesthetics of Non-Discrimination: Chinese Poetics and Social Critique in Huihong's Night Chats from Chilly Hut (c. 1121) Copyright © 2020 By Sarah Jane Babcock iii ACKNOWLEDGMENTS I would like to thank the organizations that provided generous funding for my doctorial research: The China Scholarship Council for funding a semester of research at Sichuan University, The Center for Chinese Studies at the National Central Library for the Research Grant for Foreign Scholars in Chinese Studies, and Dharma Drum Mountain for providing affordable housing for dissertation writing on their beautiful campus at Dharma Drum Institute of Liberal Arts. I would also like to thank UCSB for the generous Graduate Opportunity Fellowship and the department of East Asian Languages and Cultural Studies obtaining Foreign Language and Area Studies (FLAS) grants and other scholarships for my graduate studies. To begin a doctoral program requires the involvement of several people. But it takes a village to complete a dissertation. I have received guidance and support from numerous teachers, colleagues, staff, friends, and family members throughout my graduate studies, and each person provided something essential to help me realize the goal of completing this Ph.D.
    [Show full text]
  • Lecture Notes in Computer Science 4700 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan Van Leeuwen
    Lecture Notes in Computer Science 4700 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Friedemann Mattern ETH Zurich, Switzerland John C. Mitchell Stanford University, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel Oscar Nierstrasz University of Bern, Switzerland C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen University of Dortmund, Germany Madhu Sudan Massachusetts Institute of Technology, MA, USA Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Moshe Y. Vardi Rice University, Houston, TX, USA Gerhard Weikum Max-Planck Institute of Computer Science, Saarbruecken, Germany Cliff B. Jones Zhiming Liu Jim Woodcock (Eds.) Formal Methods and Hybrid Real-Time Systems Essays in Honour of Dines Bjørner and Zhou Chaochen on the Occasion of Their 70th Birthdays 1 3 Volume Editors Cliff B. Jones Newcastle University, School of Computing Science Newcastle upon Tyne, NE1 7RU, UK E-mail: [email protected] Zhiming Liu United Nations University, International Institute for Software Technology Macao, China E-mail: [email protected] Jim Woodcock University of York, Department of Computer Science Heslington, YorkYO10 5DD, UK E-mail: [email protected] The illustration appearing on the cover of this book is the work of Daniel Rozenberg (DADARA). Library of Congress Control Number: 2007935177 CR Subject Classification (1998): D.2, D.3, C.3, F.3-4, C.2, H.4 LNCS Sublibrary: SL 1 – Theoretical Computer Science and General Issues ISSN 0302-9743 ISBN-10 3-540-75220-X Springer Berlin Heidelberg New York ISBN-13 978-3-540-75220-2 Springer Berlin Heidelberg New York This work is subject to copyright.
    [Show full text]
  • Mutation Testing in UTP Bernhard K
    Mutation testing in UTP Bernhard K. Aichernig, He Jifeng To cite this version: Bernhard K. Aichernig, He Jifeng. Mutation testing in UTP. Formal Aspects of Computing, Springer Verlag, 2008, 21 (1-2), pp.33-64. 10.1007/s00165-008-0083-6. hal-00477906 HAL Id: hal-00477906 https://hal.archives-ouvertes.fr/hal-00477906 Submitted on 30 Apr 2010 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. DOI 10.1007/s00165-008-0083-6 BCS © 2008 Formal Aspects Formal Aspects of Computing (2009) 21: 33–64 of Computing Mutation testing in UTP Bernhard K. Aichernig1,2 and He Jifeng3 1Institute for Software Technology, Graz University of Technology, Graz, Austria. E-mail: [email protected] 2International Institute for Software Technology, United Nations University, Macao, S.A.R. China 3East China Normal University, Shanghai, China Abstract. This paper presents a theory of testing that integrates into Hoare and He’s Unifying Theory of Programming (UTP). We give test cases a denotational semantics by viewing them as specification predicates. This reformulation of test cases allows for relating test cases via refinement to specifications and programs. Having such a refinement order that integrates test cases, we develop a testing theory for fault-based testing.
    [Show full text]
  • Programme Guide [PDF]
    IEEE Geoscience and Remote Sensing Society · https://grss-ieee.org/ Contents Welcome from the General Chairs ..........................................................................................2 Sponsors & Exhibitors ................................................................................................................3 Plenary Speakers .......................................................................................................................7 Organizing Committee ..............................................................................................................8 Technical Program Committee ...............................................................................................11 Theme Coordinators ..................................................................................................11 Session Organizers ....................................................................................................12 Invited Session Organizers ........................................................................................13 Reviewers ...................................................................................................................14 Student Paper Competition ....................................................................................................20 IGARSS 2019 Technical Program .........................................................................................21 1 2021 IEEE International Geoscience and Remote Sensing Symposium · Virtual · Brussels,
    [Show full text]
  • Manifest Domains:Analysis and Description
    View metadata,Downloaded citation and from similar orbit.dtu.dk papers on:at core.ac.uk Apr 10, 2018 brought to you by CORE provided by Online Research Database In Technology Manifest domains:analysis and description Bjørner, Dines Published in: Formal Aspects of Computing Link to article, DOI: 10.1007/s00165-016-0385-z Publication date: 2017 Document Version Peer reviewed version Link back to DTU Orbit Citation (APA): Bjørner, D. (2017). Manifest domains:analysis and description. Formal Aspects of Computing, 29(2), 175-225. DOI: 10.1007/s00165-016-0385-z General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain • You may freely distribute the URL identifying the publication in the public portal If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim. 17 June 2016: 11:32 am: Accepted for publication in Formal Aspects of Computing Manifest Domains: Analysis and Description Dines Bjørner1 1 Fredsvej 11, DK-2840 Holte, Denmark. DTU, DK-2800 Kgs. Lyngby, Denmark. e-mail: [email protected], URL: www.imm.dtu.dk/˜dibj To the memory of Peter Lucas: 13 Jan.
    [Show full text]
  • An Optimal Approach to Hardware/Software Partitioning for Synchronous Model
    An Optimal Approach to Hardware/software Partitioning for Synchronous Model Pu Geguangyx?, Dang Van Hungy, He Jifengy?? and Wang Yiz yInternational Institute for Software Technology United Nations University, Macau. z Department of Computer Systems, Uppsala University, Sweden. x LMAM, Department of Informatics, School of Math. Peking University, Beijing, China 100871 [email protected], fggpu,dvh,[email protected] Abstract. Computer aided hardware/software partitioning is one of the key challenges in hardware/software co-design. This paper describes a new approach to hardware/software partitioning for synchronous com- munication model. We transform the partitioning into a reachability problem of timed automata. By means of an optimal reachability al- gorithm, an optimal solution can be obtained in terms of limited re- sources in hardware. To relax the initial condition of the partitioning for optimization, two algorithms are designed to explore the dependency relations among processes in the sequential specification. Moreover, we propose a scheduling algorithm to improve the synchronous communi- cation efficiency further after partitioning stage. Some experiments are conducted with model checker UPPAAL to show our approach is both effective and efficient. Keywords: hardware/software partitioning, timed automata, reachabil- ity, scheduling algorithm. 1 Introduction Computer system specification is usually completely implemented as software solution. However, some strong requirements for performance of the system de- mand an implementation fully in hardware. Consequently, in between the two extremes, Hardware/software Co-design [25], which studies systematically the design of systems containing both hardware/software components, has emerged as an important field. A critical phase of co-design process is to partition a specification into hardware and software components.
    [Show full text]