Formalization and Correctness of the PALS Architectural Pattern for Distributed Real-Time Systems

Meseguer, José; Ölveczky, Peter Csaba

doi:10.1007/978-3-642-16901-4_21

Cited by 24 publications

(9 citation statements)

References 23 publications

(34 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…that generalizes to multirate systems the original single-rate PALS transformation defined in [9,10]. As before, we have proved in [4] that MA (E , T, Γ) is a correct-by-construction implementation of E , and that E and MA (E , T, Γ) are bisimilar, making it possible to verify temporal logic properties about MA (E , T, Γ) on the much simpler system E .…”

Section: Introductionsupporting

confidence: 54%

“…Both design and verification of such virtually synchronous distributed real-time systems is very hard because of asynchronous communication, network delays, clock skews, and because the state space explosion caused by the system's concurrency can make it unfeasible to apply model checking to verify required properties. The (single-rate) PALS ("physically asynchronous, logically synchronous") formal design pattern [9,11] reduces the design and verification of a virtually synchronous distributed real-time system to the much simpler task of designing and verifying its synchronous version, provided that the network infrastructure can guarantee bounds on the messaging delays and the skews of the local clocks.…”

Section: Multirate Palsmentioning

confidence: 99%

“…For these reasons, we and other colleagues at UIUC and Rockwell-Collins Corporation have been developing the physically asynchronous but logically synchronous PALS methodology [9,11], which can drastically reduce the system complexity of a DCPS so as to make it amenable to model checking verification (for a comparison of PALS with related methodologies see [13]). The PALS methodology applies to the frequently occurring case of a DCPS whose implementation must be asynchronous due to physical constraints and for fault-tolerance reasons, but whose logical design requires that the system components should act together in a virtually synchronous way.…”

Section: Introductionmentioning

confidence: 99%

“…The original PALS methodology presented in [9,11] assumes a single logical period, during which all components of the DCPS must communicate with each other and transition to their next states. However, a DCPS such as a distributed control system may have components that, for physical reasons, must operate with different periods, even though those periods may all divide an overall longer period.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

PALS-Based Analysis of an Airplane Multirate Control System in Real-Time Maude

Bae

Krisiloff

Meseguer

et al. 2012

Electron. Proc. Theor. Comput. Sci.

Self Cite

View full text Add to dashboard Cite

Distributed cyber-physical systems (DCPS) are pervasive in areas such as aeronautics and ground transportation systems, including the case of distributed hybrid systems. DCPS design and verification is quite challenging because of asynchronous communication, network delays, and clock skews. Furthermore, their model checking verification typically becomes unfeasible due to the huge state space explosion caused by the system's concurrency. The PALS ("physically asynchronous, logically synchronous") methodology has been proposed to reduce the design and verification of a DCPS to the much simpler task of designing and verifying its underlying synchronous version. The original PALS methodology assumes a single logical period, but Multirate PALS extends it to deal with multirate DCPS in which components may operate with different logical periods. This paper shows how Multirate PALS can be applied to formally verify a nontrivial multirate DCPS. We use Real-Time Maude to formally specify a multirate distributed hybrid system consisting of an airplane maneuvered by a pilot who turns the airplane according to a specified angle through a distributed control system. Our formal analysis revealed that the original design was ineffective in achieving a smooth turning maneuver, and led to a redesign of the system that satisfies the desired correctness properties. This shows that the Multirate PALS methodology is not only effective for formal DCPS verification, but can also be used effectively in the DCPS design process, even before properties are verified

show abstract

Section: Introductionsupporting

confidence: 54%

Section: Multirate Palsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

PALS-Based Analysis of an Airplane Multirate Control System in Real-Time Maude

Bae

Krisiloff

Meseguer

et al. 2012

Electron. Proc. Theor. Comput. Sci.

Self Cite

View full text Add to dashboard Cite

show abstract

“…In a number of systems targeted by AADL, such as integrated modular avionics systems and distributed control systems in motor vehicles, the system design is essentially a synchronous design that must realized in an asynchronous distributed setting. The key idea of the PALS architectural pattern [16,17] is to reduce the design, verification, and implementation of a distributed real-time system to that of its much simpler synchronous version, provided that the network infrastructure guarantees bounds on the messaging delays and the skews of the local clocks. For a synchronous design SD and network bounds Γ, we then have a semantically equivalent asynchronous distributed design PALS(SD, Γ).…”

Section: Synchronous Aadlmentioning

confidence: 99%

Formal Model Engineering for Embedded Systems Using Real-Time Maude

Ölveczky

2011

Electron. Proc. Theor. Comput. Sci.

Self Cite

View full text Add to dashboard Cite

This paper motivates why Real-Time Maude should be well suited to provide a formal semantics and formal analysis capabilities to modeling languages for embedded systems. One can then use the code generation facilities of the tools for the modeling languages to automatically synthesize Real-Time Maude verification models from design models, enabling a formal model engineering process that combines the convenience of modeling using an informal but intuitive modeling language with formal verification. We give a brief overview six fairly different modeling formalisms for which Real-Time Maude has provided the formal semantics and (possibly) formal analysis. These models include behavioral subsets of the avionics modeling standard AADL, Ptolemy II discrete-event models, two EMF-based timed model transformation systems, and a modeling language for handset software.Comment: In Proceedings AMMSE 2011, arXiv:1106.596

show abstract

Real-Time Maude and Its Applications

Ölveczky

2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Real-Time Maude extends the rewriting-logic-based Maude system to support the executable formal modeling and analysis of realtime systems. Real-Time Maude is characterized by its general and expressive, yet intuitive, specification formalism, and offers a spectrum of formal analysis methods, including: rewriting for simulation purposes, search for reachability analysis, and both untimed and metric temporal logic model checking. Real-Time Maude is particularly suitable for specifying real-time systems in an object-oriented style, and its flexible formalism makes it easy to model different forms of communication. This modeling flexibility, and the usefulness of both Real-Time Maude simulation and model checking, has been demonstrated in many advanced state-of-the-art applications, including both distributed protocols of different kinds and industrial embedded systems. Furthermore, Real-Time Maude's expressiveness has also been exploited to define the formal semantics of a number of modeling languages for real-time/embedded systems. Real-Time Maude thereby provides formal analysis for these languages for free, and such analysis has been integrated into the tool environment of a number of modeling languages. This paper gives an informal overview of Real-Time Maude and some of its applications.

show abstract

Formalization and Correctness of the PALS Architectural Pattern for Distributed Real-Time Systems

Cited by 24 publications

References 23 publications

PALS-Based Analysis of an Airplane Multirate Control System in Real-Time Maude

PALS-Based Analysis of an Airplane Multirate Control System in Real-Time Maude

Formal Model Engineering for Embedded Systems Using Real-Time Maude

Real-Time Maude and Its Applications

Contact Info

Product

Resources

About