An alternative approach to correctness is post-programming formal verification but today's formal verification tools are severely capacity limited and techniques for compositional, assume/guarantee reasoning for verification are not fully developed yet. The three most important requirements for the mission-critical embedded systems are: correctness, timeliness and resilience to faults. Our proposed formalism entails a model of computation (MoC) based on a multi-rate synchronous data-flow paradigm: Polychrony.
#Open arena multithreading software
For scalable modeling of larger embedded software systems, the specification formalism has to be compositional and hierarchical. We plan to develop formal models, methods, algorithms and techniques for generating provably correct multi-threaded reactive real-time embedded software for mission-critical applications. In the desktop market, most processors now being sold are multi-core, and very soon this trend might conquer the embedded world as well. This shift has brought parallel and concurrent programming to the desktop and embedded arena. The multi-threaded software generation is inspired by a recent shift in the hardware design paradigms from single-core to multi-core processors. Code synthesis for such execution model must be thoroughly investigated.
While time-triggered programming model simplifies code generation, we feel that multi-rate event driven execution model is much more efficient. Hence the execution is less efficient than it could be. Normally they run on multiple processors communicating over a time-triggered bus. Such models are simpler but less efficient than multi-threaded software on multi-core processors. Unfortunately, software generated in those contexts usually operate in a time-triggered execution model. In Europe, it has been widely claimed that the embedded software for 'fly-by-wire' was mostly automatically generated using tools based on the synchronous programming models. It is therefore desirable to synthesize multi-threaded code from formal specifications using a provably `correct-by-construction' approach. Ensuring correctness with respect to the specification and deterministic behavior is necessary for safe execution of such code. Resolving concurrency, synchronization, and coordination issues, and tackling the non-determinism germane in multi-threaded software is extremely difficult. Models of computation for embedded software design of multi-core architecturesĪnyone experienced with multi-threaded programming would recognize the difficulty of designing and implementing such software.
0 kommentar(er)
