130 likes | 441 Views
The Usage of Stochastic Processes in Embedded System Specifications. Axel Jantsch , Ingo Sander , Wenbiao Wu Royal Institute of Technology, Stockholm. Outline. Motivation Nondeterminism Constraining purpose Descriptive purpose ForSyDe Methodology Processes Skeletons
E N D
The Usage of Stochastic Processes in Embedded System Specifications Axel Jantsch, Ingo Sander, Wenbiao Wu Royal Institute of Technology, Stockholm
Outline • Motivation • Nondeterminism • Constraining purpose • Descriptive purpose • ForSyDe Methodology • Processes • Skeletons • (Refinement of stochastic processes) • Usage of stochastic processes A. Jantsch, KTH
Nondeterminism • Nondeterminism is used to model incomplete information • Not known • Not interesting B t3 t1 A D Communication time is not defined. C t2 t4 A. Jantsch, KTH
B t3 E t7 t1 t5 A D G C F t2 t4 t6 t8 Nondeterminism: Objectives System Objective: Specify and implement determinate behaviour. Constraining purpose Environment Objective: Describe relevant aspects of the environment. Descriptive purpose A. Jantsch, KTH
t1 t1 = c may be a constant in the implementation. A B Descriptive and Constraining Purpose • Descriptive: the real world object behaves like the model. • Constraining: the real world object instantiates one of the possibilities of the model. t1 t1 varies nondeterministically for each event. A B A. Jantsch, KTH
S t A B Nondeterminism in Specification and Design • System S behaves determinately and independently of the delay t. (E.g. data flow process networks) • System S behaves determinately if t T. (e.g. synchronous languages, synchronous circuits) • System S behaves differently for different values of t. (e.g. CCS, Erlang, SDL) A. Jantsch, KTH
Drawbacks with Nondeterminism • Pure nondeterminism is undesirable. • Fair nondeterminism is difficult to handle because we have to deal with many possible behaviours. • Simulation: It cannot be simulated. • Synthesis: Which particular possibility should be implemented? • Verification: Which behaviour is acceptable? Transaction Server Merge A. Jantsch, KTH
Probability versus Nondeterminism • Often we know a probability distribution. • Stochastic processes can be realized with pseudo random number generators. • Fair nondeterminism can be approximated well by stochastic processes. A. Jantsch, KTH
g2(f(e),state) e f f(e) g1,g2 map mealy ForSyDe - Formal System Design • System specification based on concurrent processes. • Computation and communication is perfectly synchronized. • ForSyDe models are determinate. • Timing, communication and computation is separated. • Skeletons are templates to instantiate processes. A. Jantsch, KTH
…, n3, n2, n1 …, 8, 2, 4 Processes • Bar-processes have to be implemented by selecting one or several possibilities. • Tilde-processes must be implemented such that the statistical properties are preserved. A. Jantsch, KTH
e f g f(e) or g(e) selMap (f, g, seed, type) Stochastic Skeletons • selMap is a stochastic skeleton which contains a process with uniform distribution in the range [0,1]. • If generates 0, f is applied, otherwise g is applied to the current input. A. Jantsch, KTH
Usage of Stochastic Skeletons • Descriptive purpose • Very useful for environment entities; • A stochastic description is superior to a nondeterministic description; • Not useful for system under design because we can control it if we want; • Constraining purpose • Stochastic processes allow for fine control over how behaviour and timing of the implementation is constrained. • Different probability distributions; • Bar and tilde processes; A. Jantsch, KTH
Summary • In system specifications nondeterminsm should be replaced by stochastic processes. • Stochastic processes can be used to fine tune the amount of information that shall be provided. • The descriptive usage is for environment entities. • The constraining usage is for entities under design. • Two types of stochastic processes are interpreted differently in design: • Tilde processes require the implementation of all probabilistic properties. • Bar processes allow the implementation of any of the possible behaviours. A. Jantsch, KTH