Almost ASAP Semantics: From Timed Models to Timed Implementations

Wulf, Martin; Doyen, Laurent; Raskin, Jean-François

doi:10.1007/978-3-540-24743-2_20

Cited by 67 publications

(95 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Properties We informally recall the main properties of the AASAP semantics which have been established in [DDR04]. First, the AASAP semantics has the desirable property that "faster is better": if a controller with reaction time bounded by δ 1 safely controls an environment, then so does the same controller with a reaction time bounded by any δ 2 < δ 1 .…”

Section: Definition 4 [Elastic Controllers] Anmentioning

confidence: 99%

“…In definitions and theorems of [DDR04], we used a classical simulation relation (without the possibility of using transitions). The results we have obtained are not affected by this new definition because weak simulation preserve observable labels as simulation does.…”

Section: A Preliminary Definitionsmentioning

confidence: 99%

“…To avoid such problems we impose input enabledness of the STTS that we compose, which means that input labels have the property of being enabled in every state. In this point, the presentation differs from [DDR04].…”

mentioning

confidence: 90%

“…To overcome those problems, we recently proposed an alternative semantics to timed automata in [DDR04]. This semantics is called the Almost ASAP semantics, AASAP for short.…”

mentioning

confidence: 99%

“…To use the AASAP semantics in practice, we need tool support. In [DDR04], we have shown that the AASAP semantics of a controller can be encoded using a single parameter timed automaton. Unfortunately, this construction is exponential in all cases, which makes it useless for all but the toy examples.…”

mentioning

confidence: 99%

See 4 more Smart Citations

Systematic Implementation of Real-Time Models

Wulf

Doyen

Raskin

2005

FM 2005: Formal Methods

Self Cite

View full text Add to dashboard Cite

Recently we have proposed the "almost ASAP" semantics as an alternative semantics for timed automata. This semantics is useful when modeling realtime controllers : control strategies modeled with this semantics are robust and implementable (without making the synchrony hypothesis). We show in this paper how to effectively encode this semantics using timed automata along with their classical semantics. We have implemented a tool set that allows us to verify, using HyTech and Uppaal, the almost ASAP behavior of controllers and generate automatically provably correct code from verified models. To illustrate the applicability of our results, we show how we have synthesized the code for the Philips Audio Control Protocol for Lego Mindstorms TM . IntroductionTimed automata are an important formal model for the specification and analysis of real-time systems. Formalisms like timed automata and hybrid automata are central in the so-called model-based development methodology for embedded controllers. The steps underlying that methodology can be summarized as follows: (i) construct a (timed/hybrid automaton) model Env of the environment in which the controller will be embedded; (ii) make clear what is the control objective: for example, prevent the environment to enter a set of Bad states; (iii) design a (timed automaton) model Cont of the control strategy; (iv) verify that Reach( Env Cont ) ∩ Bad = ∅. When Cont has been proven correct, it would be valuable to ensure that an implementation Impl of that model can be obtained in a systematic way in order to ensure the conservation of correctness, that is to ensure that Reach( Env Impl ) ∩ Bad = ∅ is obtained by construction.Unfortunately, this is often not possible for several fundamental and/or technical reasons. First, the notion of time used in the traditional semantics of timed automata is continuous and defines perfect clocks with infinite precision while implementations can only access time through digital and finitely precise clocks. Second, * This is the extended version of the paper with the same title to appear in Proc. , is a parametric semantics that leaves as a parameter ∆, which takes value δ ∈ Q ≥0 , the reaction delay of the controller. This semantics relaxes the classical semantics of timed automata in that it does not impose on the controller to react instantaneously but imposes on the controller to react within δ time units. We have proven that a timed controller is implementable with a sufficiently fast hardware if there exists δ ∈ Q >0 such that Reach( Env Cont AAsap δ ) ∩ Bad = ∅. To use the AASAP semantics in practice, we need tool support. In [DDR04], we have shown that the AASAP semantics of a controller can be encoded using a single parameter timed automaton. Unfortunately, this construction is exponential in all cases, which makes it useless for all but the toy examples. In this paper, we define a new compositional construction that avoids the exponential blow-up. The exponential behavior can still appear during the verification phase but ...

show abstract

Section: Definition 4 [Elastic Controllers] Anmentioning

confidence: 99%

Section: A Preliminary Definitionsmentioning

confidence: 99%

mentioning

confidence: 90%

“…To overcome those problems, we recently proposed an alternative semantics to timed automata in [DDR04]. This semantics is called the Almost ASAP semantics, AASAP for short.…”

mentioning

confidence: 99%

mentioning

confidence: 99%

See 3 more Smart Citations

Systematic Implementation of Real-Time Models

Wulf

Doyen

Raskin

2005

FM 2005: Formal Methods

Self Cite

View full text Add to dashboard Cite

show abstract

Control of Timed Systems

Cassez¹,

Markey

2013

Communicating Embedded Systems

View full text Add to dashboard Cite

show abstract

Timing Tolerances in Safety-Critical Software

Wassyng

Lawford

2005

FM 2005: Formal Methods

View full text Add to dashboard Cite

Abstract. Many safety-critical software applications are hard real-time systems. They have stringent timing requirements that have to be met. We present a description of timing behaviour that includes precise definitions as well as analysis of how functional timing requirements interact with performance timing requirements, and how these concepts can be used by software designers. The definitions and analysis presented explicitly deal with tolerances in all timing durations. Preliminary work indicates that some requirements may be met at significantly reduced CPU bandwidth through reduced variation in cycle time.

show abstract

Almost ASAP Semantics: From Timed Models to Timed Implementations

Cited by 67 publications

References 8 publications

Systematic Implementation of Real-Time Models

Systematic Implementation of Real-Time Models

Control of Timed Systems

Timing Tolerances in Safety-Critical Software

Contact Info

Product

Resources

About