real-time systems, dtu, feb 29, 2000 paul pettersson, brics, aalborg, denmark. uppaal’s modeling...
TRANSCRIPT
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
UPPAAL’s Modeling and Specification Language
&Philips Bounded
Retransmission Protocol
Paul PetterssonBRICS@Aalborg
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Timed Automata
n
m
a
(Alur & Dill, 1990)
Clocks: x, y
x<=5 & y>3
x := 0
Guard Boolean combination of comp withinteger bounds
ResetAction perfumed on clocks
Transitions
( n , x=2.4 , y=3.1415 ) ( n , x=3.5 , y=4.2415 )
e(1.1)
( n , x=2.4 , y=3.1415 ) ( m , x=0 , y=3.1415 )
a
State ( location , x=v , y=u ) where v,u are in R
Actionused
for synchronization
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
n
m
a
Clocks: x, y
x<=5 & y>3
x := 0
Transitions
( n , x=2.4 , y=3.1415 ) ( n , x=3.5 , y=4.2415 )
e(1.1)
( n , x=2.4 , y=3.1415 )
e(3.2)
x<=5
y<=10
LocationInvariants
g1g2 g3
g4
Timed Safety Automata = Timed Automata + Invariants
(Henzinger et al, 1992)
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Networks of Timed Automata + Integer Variables + arrays ….
l1
l2
a!
x>=2i==3
x := 0i:=i+4
m1
m2
a?
y<=4
…………. Two-way synchronizationon complementary actions.
Closed Systems!
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Timed Automata in UPPAAL• Timed (Safety) Automata
+ urgent actions + urgent locations+ committed locations+ data-variables (with bounded domains)+ arrays of data-variables + constants + guards and assignments over data-variables and arrays…+ templates with local clocks, data-variables, and constants.
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Declarations in UPPAALclock x1, …, xn;
int i1, …, im;
chan a1, …, ao;
const c1 n1, …, cp np;
Examples:
clock x, y;
int i, J0; int[0,1] k[5];
const delay 5, true 1, false 0;
Array k of five booleans.
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Timed Automata in UPPAAL
n
m
a
x<=5 & y>3
x := 0
x<=5
y<=10
g1g2 g3
g4
invinvnxnxinv ,||::
clock natural number and
}!,,,,,{
},,,,{
::
|::
,||::
op
ExpropExprg
nyxnxg
ggggg
d
c
dc
nx :
clock guards
data guards
clock assignments
clock assignments
):?(
|/
|*
|
|
||
|][|::
:
ExprExprg
ExprExpr
ExprExpr
ExprExpr
ExprExpr
Exprn
ExpriiExpr
Expri
d
location invariants
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Urgent Channels
urgent chan hurry;
Informal Semantics:• There will be no delay if transition with urgent action can be taken.
Restrictions:• No clock guard allowed on transitions with urgent actions.
• Invariants and data-variable guards are allowed.
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Urgent Locations
Click “Urgent” in State Editor.
Informal Semantics:• No delay in urgent location.
Note: the use of urgent locations reduces the number of clocks
in a model, and thus the complexity of the analysis.
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Committed Locations
Click “Committed” in State Editor.
Informal Semantics:• No delay in committed location.• Next transition must involve automata in committed location.
Note: the use of committed locations reduces the number of
clocks in a model, and allows for more space and time efficient
analysis.
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
UPPAAL Specification Language
A[] p (AG p)
E<> p (EF p)
p::= a.l | gd | gc | p and p |
p or p | not p | p imply p |
( p )
clock guardsdata guardsprocess location
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Philips Bounded Retransmission Protocol
[D’Argenio et.al. 97]
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Protocol Overview
• Protocol developed by Philips.
• Transfer data between Audio/Video components via infra-red communication.
• Data files sent in smaller chunks.
• Problem: Unreliable communication medium.
• Sender retransmit if receiver respond too late.
• Receiver abort if sender sends too late.
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Overview of BRP
Sender Receiver
S R
K
L
Input: file = p1, …, pn
lossy
lossy
Output: p1, …, pn
BRP
pi
ack
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
How It Works
• Sender input: file = p1, …, pn.
• S sends (p1,FST,0), (p2,INC,1), …, (pn-1,INC,1), (pn,OK,0).
• R sends: ack, …, ack.
• S retransmits pi if timeout.
• Receiver recives: p1, …, pn.
• Sender and Receiver receives NOK or OK.
whole file OK
more parts
will followfirst part of file
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
BRP Model Overview
Sender Receiver
S R
K
L
Input: file = p1, …, pn
ack
(pi,INDication,abit)
lossy
lossy
ok, nok, dkIND, ok, nok
Output: p1, …, pn
BRP
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
The Lossy Media
value-passing
lossy = may drop
messages
one-place
capacity
delay
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Bounded Retransmission
• S sends a chunk pi and waits for ack from R.
• If timeout the chunk is retransmitted.
• If too many timeout the transmission fails (NOK is sent to Sender).
• If whole file successfully sent OK is sent to Sender.
• Receiver is similar.
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Process S
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
Process R
Real-Time Systems, DTU, Feb 29, 2000Paul Pettersson, BRICS, Aalborg, Denmark.
The Sender and Receiver