Composing Time- and Event-driven Distributed Real-time Systems

1. Composing Time- andEvent-driven DistributedReal-time Systems Gabor Madl (gabe@ics.uci.edu), Ph.D. Candidate, UC Irvine Advisor: Nikil Dutt (dutt@ics.uci.edu) Chancellor’s Professor, UC Irvine Cyber-Physical System Challenges in the Automotive Domain, RTSS 2007

2. Pietr Mondrian, Composition No. 10, 1939-42 Hans Hofmann, The Gate, 1959-60 Kazimir Malevich, Black Square, 1915 Challenges Traditional Design Compose Functionalities Combine Analysis Model-based Analysis Challenges in NGAS • How to safely increase functionality? • Primary concern is safety (at least it should be) • Secondary concern is cost (?) • Increase functionality while constraints above are preserved • How would a painter work under these conditions?

3. Challenges Traditional Design Compose Functionalities Combine Analysis Model-based Analysis Separate Functionalities • Dedicated hardware for each functionality • “Protect” components from each other • Design them independently • Are we sure that there is no interaction between critical and non-critical functionalities? • Leakage power: drains power even when the car is idle • Energy consumption: could become a bottleneck • How will critical functionalities perform in a resource-constrained environment? • Suboptimal utilization • More components are needed • Limited interaction with the environment

4. Challenges Traditional Design Compose Functionalities Combine Analysis Model-based Analysis Rethink Design of NGAS • We need to use more flexible design methodologies than the current practice • We need to learn to better utilize the potential of distributed real-time embedded (DRE) systems • More and more sensors and actuators • More interaction between components and their environment • We need to build on the strengths of existing design methodologies, but also encourage interaction • Cars could use information from the environment (i.e. weather information, GPS, other cars) to prepare for unforeseen circumstances, such as fog, freezing, accidents ahead etc. • Non-critical functionality could be used as “backup” to increase fault tolerance

5. Challenges Traditional Design Compose Functionalities Combine Analysis Model-based Analysis Compose Functionalies • Critical functionalities • Time-triggered systems • Focus on control (scheduling) • Execution times, periods, deadlines, priorities, etc. • Mathematical model for analysis (scheduling theory) • Simple analysis, costly implementation • Non-critical functionalities • Event-driven systems • Focus on the flow of data • Throughput, communication architecture, parallelization, etc. • Complex model, hard to predict all behaviors • Simple implementation, costly analysis

6. Challenges Traditional Design Compose Functionalities Combine Analysis Model-based Analysis Need to Combine Analysis Methods • Static analysis methods • Often too abstract, resulting in conservative/inaccurate results • Cannot capture dynamic effects • Simulations • Can show the presence of an error, never its absence • Ad-hoc, hard to measure coverage • Limited design space exploration • Model checking • State space explosion problem • No partial results • Time consuming and costly • Each method has its advantage and disadvantage

7. Challenges Traditional Design Compose Functionalities Combine Analysis Model-based Analysis Model-based Design & Analysis • Model-based design provides the means for the early exploration of design alternatives • The design flow is driven by the DSM, a high-level specification that captures key properties • Mappings play a key role in abstraction • Formal models drive functional verification • We propose the combination of simulations and formal methods for the evaluation of designs

8. Questions? Links to relevant work: http://dre.sourceforge.net http://alderis.ics.uci.edu http://www.ics.uci.edu/~gabe Cyber-Physical System Challenges in the Automotive Domain, RTSS 2007