Computers as ComponentsPrinciples of EmbeddedComputing System Design
Dr. Prof. Huang Tingle
Group of IIPIGuilin University of Electronic Technology
Embedded Computing 2
Outline
The embedded computing space. Platforms: system-on-chip,
networks. Architectures, applications,
methodologies. Standards-based design.
Multiple standards.
Ch1-1
Embedded Computing 3
Example embedded computing systems
Motorola Siemens
BMW
Apple
Embedded Computing 4
Early history
Late 1940’s: MIT Whirlwind computer was designed for real-time operations. Originally designed to control an aircraft
simulator.
First microprocessor was Intel 4004 in early 1970’s.
HP-35 calculator used several chips to implement a microprocessor in 1972.
Embedded Computing 5
Early history, cont’d.
Automobiles used microprocessor-based engine controllers starting in 1970’s. Control fuel/air mixture, engine
timing, etc. Multiple modes of operation: warm-
up, cruise, hill climbing, etc. Provides lower emissions, better fuel
efficiency.
Embedded Computing 6
Multiprocessor systems-on-chips
Roughly speaking, system-on-chip with at least two processors.
Usually heterogeneous multiprocessor: CPUs, DSPs, etc. Hardwired accelerators. Mixed-signal front end.
Embedded Computing 7
Consumer electronics categories
2001 2002 2003 2004
Satellite TV
$1.18 $1.12 $1.48 $1.89
DVR (40E6)
0.14 0.57 0.18 0.54
DVD 2.1 2.43 2.7 2.46Set-top Internet
0.20 0.12 0.63 0.341
PC (120E6)
12.96 12.61 15.58 17.2
Wall Street Journal/EIA
Embedded Computing 8
Consumer electronics prices
Best Buy November 2003:
Embedded Computing 9
Characteristics of embedded systems
Very high performance. Vision + compression + speech + networking
all on the same platform.
Multiple task, heterogeneous.Real-time.Often low power.Highly reliable.
I reboot my piano every 4 months, my PC every day.
Embedded Computing 10
Mudge et al: Mobile supercomputing
Future mobile platform: Speech recognition. Cryptography. Augmented reality. Typical applications (email, etc.).
Requires 16x 2 GHz Pentium 4. Peak power must not exceed 75 mW.
Assumes 5% battery improvement per year.
Embedded Computing 11
Mudge et al: Performance trends for desktop processors
0.1
1
10
100
1000
10000
i386 i486 Pentium Pentium Pro Pentium II Pentium III Pentium 4 One Gen Two Gen Three Gen
Pe
rfo
rma
nce
(S
PE
CIn
t20
00
)
Technology (relative FO4 delay)
Pipelining (relative FO4 gates/stage)
ILP (relative SPECInt/Mhz)
Performance
Moore's Law Speedup
Performance Gap
10k SPECInt2000
0.1
1
10
100
1000
10000
i386 i486 Pentium Pentium Pro Pentium II Pentium III Pentium 4 One Gen Two Gen Three Gen
Pe
rfo
rma
nce
(S
PE
CIn
t20
00
)
Technology (relative FO4 delay)
Pipelining (relative FO4 gates/stage)
ILP (relative SPECInt/Mhz)
Performance
Moore's Law Speedup
Performance Gap
10k SPECInt2000
Moore's Law Speedup
Performance Gap
10k SPECInt2000
© 2004 IEEE Computer Society
Embedded Computing 12
Mudge et al: Power trends for desktop processors
0.1
1
10
100
1000
i386 i486 Pentium Pentium Pro Pentium II Pentium III Pentium 4 One Gen Two Gen Three Gen
Po
we
r (W
)
Total Power (W)
Dynamic Power (W)
Static Power (W)
75 mW Peak Power
Power Gap
0.1
1
10
100
1000
i386 i486 Pentium Pentium Pro Pentium II Pentium III Pentium 4 One Gen Two Gen Three Gen
Po
we
r (W
)
Total Power (W)
Dynamic Power (W)
Static Power (W)
75 mW Peak Power
Power Gap
© 2004 IEEE Computer Society
Embedded Computing 13
Platforms
An architecture that is designed for an application domain: Can be used in several products. Allows customization.
Platforms are often customized for their target audience.
Platforms spread out development costs over more products.
Some people hope for a single universal platform…
Embedded Computing 14
Why multiple platforms?
People still care about cost. People care about power
consumption. Sufficiently general solutions don’t
fit on one chip.
Embedded Computing 15
Intel IXP2850 network processor
Packet processing, control processing, security.
Software development environment includes simulator.
Xscale
Securityprocessor
…
…
16 microengines
Embedded Computing 16
TI OMAP
Targets communications, multimedia.
Multiprocessor with DSP, RISC.
C55x DSP
OMAP 5910:
ARM9
MMU
Memory ctrl
MPUinterface
SystemDMA
control
bridge
I/O
Embedded Computing 17
ST Nomadik
Targets mobile multimedia.
A multiprocessor-of-multiprocessors.
ARM9
Mem
ory
syst
em
I/O
bri
dges
Audioaccelerator
Videoaccelerator
heterogeneousmultiprocessors
Embedded Computing 18
ST MMDSP+
Embedded processor core used in multiple chips: Runs at 175 MHz. 1 cycle per instruction. 2-level instruction cache. 16/24-bit fixed point. 32-bit floating point. C programmed Fully synthesizable.
Embedded Computing 19
Nomadik video accelerator
MMDSP+data
RAMinstrRAM
Xbus
Interruptcontroller
Picturepost
processing
Videocodec
Pictureinput
processing
Localdatabus
MasterAHBDMA
Embedded Computing 20
Automotive embedded systems
Today’s high-end automobile may have 100 microprocessors: 4-bit microcontroller checks seat
belt; microcontrollers run dashboard
devices; 16/32-bit microprocessor controls
engine.
Embedded Computing 21
BMW 850i brake and stability control system
Anti-lock brake system (ABS): pumps brakes to reduce skidding.
Automatic stability control (ASC+T): controls engine to improve stability.
ABS and ASC+T communicate. ABS was introduced first---needed to
interface to existing ABS module.
Embedded Computing 22
BMW 850i, cont’d.
brake
sensor
brake
sensor
brake
sensor
brake
sensor
ABShydraulic
pump
Embedded Computing 23
The eternal triangle
Hardware and software architectures determine capabilities.
Applications guide design decisions.
Methodologies allow repeatable, predictable design.
architectures
applications
methodologies
Embedded Computing 24
Observations and implications
A little domain knowledge helps a lot. The architectural design space is
large and chunky. Less synthesis, more analysis.
IP components must be adapted to play together. Configurable IP, wrappers. Supporting tools (compilers, etc.) must
be adaptable.
Embedded Computing 25
Software in consumer devices (ST)
Modern audio standards (Dolby, MP3, etc.):
Modern video standards (MPEG-2, DV, etc.):
1 million lines of code.
2 million lines of code and counting.
Embedded Computing 26
Software and MPSoC design
The MPSoC must run the application. Design verification must include the soft
ware running on the hardware. May not know all possible code at desi
gn time. Limits design characterization. Must provide programming environment
.
Embedded Computing 27
MPSoCs and standards
Standards enable large markets. MPSoCs need large markets to justify chip deve
lopment costs, reduce manufacturing overhead.
MPSoCs provide benefits: Low power. High performance.
Meeting the standard requires effort: Platform must allow multiple implementations. Standard is complex and hard to implement.
Embedded Computing 28
Design challenges in standards-driven markets
Design and verify methods within the standard. Standards allow differentiation.
Design and verify methods outside the standard’s scope. User interface, etc.
Design and verify interfaces. Within standard, connection to extra-
standard elements.
Embedded Computing 29
Standards-based systems
Reference implementation forms a basis for product. Port to platform. Enhance performance, features.
Want to minimize unnecessary changes to the software.
Must make some changes to the software.
Embedded Computing 30
Characteristics of reference implementations
The specification does not describe hardware or software.
The spec is in the domain of signal processing, etc.
Designed for and tested on workstations. Infinite memory. Poor cache behavior. Single process. Limited real-time behavior.
The executable spec misrepresents some system properties:
Error handling. Buffer management.
Embedded Computing 31
H.264 motion estimation, cont’d.
Multiple reference frames increases accuracy. Handles
occlusion.
Once again, receiver is more complex.
Embedded Computing 32
Why are standards so complex?
Algorithm designers like to design algorithms. Standards are
complex.
Standards bodies must embody competing interests, ideas in their standards.
MPEG Tamperemeeting
Embedded Computing 33
Design refinement
Bad news: hard to learn the platform in order to
change it.
Good news: an existing design can be measured,
analyzed, and refined.
Worldwide shipping by UPS ...
roughly US$ 50 for CD and US$ 100 for paper copy
(1500 pages, heavy!) Bluetooth.com
Embedded Computing 34
Four types of people
Algorithms people. Don’t like programming. Don’t know that hardware exists.
Software people. Don’t like hardware.
Hardware people. Tolerate software. Don’t know applications exist.
Managers. Don’t know anything. Don’t do anything.
Embedded Computing 35
Example: MPEG-2 codec
One of the reference MPEG-2 codecs. Simple algorithms.
Designed for workstation operation. Implementers must port to chosen plat
form. Limited memory. Limited CPU.
Embedded Computing 36
MPEG-2 porting challenges
Codec uses a mixture of buffering strategies. Some buffers are statically allocated. Some buffers are allocated from the
heap.
May need to change number representation. Integer, double-precision, etc.
Error messages use Unix methods.
Embedded Computing 37
Example: H.264 codec
Reference encoder is 700,000 lines of C code. Uses simple algorithms.
Supports a wide range of: Display sizes. Features.
Embedded Computing 38
H.264 porting challenges
Figure out what code is of interest. Large call graph.
May need to change number representation. Integer, double-precision, etc.
Buffer management. Buffer allocation takes up over 50%
of CPU time.
Embedded Computing 39
Multiple standards
Many MPSoCs must implement multiple standards: Communications. Networking. Multimedia. Security.
Requires running a lot of different types of algorithms. Good case for specialization, co-design, configu
rable CPUs, etc. Need some general-purpose computers for loa
d sharing, compatibility.
Embedded Computing 40
Platforms, standards, and MPSoCs
A platform allows multiple variations of a system. Well-suited to standards.
Programmability is key to platform-based design.
Embedded Computing 41
The design productivity gap
0
100
200
300
400
500
600
2001 2003 2006 2009
size
design
Embedded Computing 42
Two phases of platform-based design
Semiconductor house designs the platform. Requirements may
come from standards, systems houses.
Systems house uses the platform. May need to start
design before chip is available.
requirements past designs
platform
userneeds
product
Embedded Computing 43
Challenges in platform-based design
Don’t have the full application. Must estimate characteristics of part
of the application. Must determine the appropriate
level of programmability. Programmability often costs in area,
power. Must provide programming tools
along with the chip.
Embedded Computing 44
Transaction-level modeling is not enough
The MPSoC must run the complete application. Implementing transactions is necessary
but not sufficient. Transactions are relatively short term. SoCs have a lot of state in memory.
Need to thoroughly exercise that state over a long period.
Embedded Computing 45
Summary
Chip designers are now system designers. Must deal with hardware and software.
Today’s applications are complex. Reference implementations must be
optimized, extended.
Platforms present challenges for: Hardware designers---characterization,
optimization. Software designers---performance/power
evaluation, debugging.
CD-PLAYER
CH1-2
47
Compact disc players
Device characteristics.Hardware architectures.Software.
48
CD audio
44.1 kHz sample rate.16 bit samples.Stereo.Additional data tracks.
49
Compact disc
Data stored on bottom of disc:
substrate aluminumcoating
plasticcoating
50
CD medium
Rotational speed: 1.2-1.4 m/s (CLV).Track pitch: 1.6 microns.Diameter: 120 mm.Pit length: 0.8 -3 microns.Pit depth: .11 microns.Pit width: 0.5 microns.Laser wavelength: 780 nm.
51
CD layout
Data stored in spiral, not concentric circle:
52
CD mechanism
Laser, lens, sled:
lase
r
CD
detectorsdiffraction
gratingsled
track
track
focus
53
Laser focus
Focus controlled by vertical position of lens.
Unfocused beam causes irregular spot:
In focusOut of focus Out of focus
54
Laser pickup
A
B
C
D
F
E
Side spotdetectors
Level:A+B+C+DFocus error:(A+C)-(B+D)Tracking error:E-F
55
Servo control
Four main signals: focus (laser) @ 245 kHz; tracking (laser) @ 245 kHz; sled (motor): @ 800 Hz; Disc motor.
Optical pickup
56
EFM
Eight-to-fourteen modulation: Fourteen-bit code guarantees a
maximum distance between transitions.
00000011 00100100000000
57
Error correction
CD capacity: 6.99 GB raw, 700 MB formatted.
Reed-Solomon code: g(x) = (x-) (x- 2) … (x- n-k-1) (x- n-k)
Produces data, erasure bits.Time to solve varies greatly depending on
noise.CD interleaves Reed-Solomon blocks to
reduce effects of large data gaps.
58
CIRC encoding
Cross-interleaved Reed-Solomon coding. Interleaves to reduce burst errors.
Each 16-bit sample split into two 8-bit symbols.
Specs: Max correctable burst: 4000 bits = 2.5 mm Max interpolatable burst: 12,300 bits = 7.7 m
m
59
CIRC algorithm
Sample split into two symbols.Six samples from each channel (=24
symbols) are chosen.Samples are delayed and scrambled.Parity symbols (Q symbols) are generated.Values are delayed by various amounts.P parity symbols are generated.Even words delayed by one symbol, P and Q
words are inverted.Frame = 32 8-bit symbols.
60
Control word
8-bit control word for every 32-symbol block: P: 1 during music/lead-in, 0 at start of
selection. Q: track number, time, etc (spread over
98 bits). R, S, T, U, V, W: reserved.
61
Control and error correction
Skips caused by physical disturbance. Wait for disturbance to subside. Retry.
Read errors caused by disc/servo problems. Detect error. Choose location for retry. Retry. Fail and interpolate.
62
Retry problems
Data is stored in a spiral. Can’t seek track as on magnetic disc. Sled servo is very coarse.
Data is only weakly addressed. Must read data to know where to go.
63
Audio playback
Audio CD needs no audio processing.Tasks:
convert to analog; amplify.
64
Digital/analog conversion
1-bit MASH conversion:
interpolationnoise
shapingPWM integrator
65
MP3
Decoding is easier than encoding, but requires: decompression; filtering.
Basic CD standard for data discs.No standards for MP3 disc file
structure: player must understand Windows, Mac, Unix discs.
66
Jog/skip memory
Read samples into RAM, play back from RAM.
Modern RAMs are larger than needed for reasonable jog/skip.
Jog memory saves some power.
67
CD/MP3 player
AudioCPU
amp
Jogmemory
Errorcorrector
ServoCPU
Analogin
Analogout
FE, TE, amp
focus,tracking,sled,motor
head
drive
memory
memory
display
DAC
I2S
68
DVD format
Similar to CD, but: shorter wavelength laser; tighter pits; two layers of data.
69
Audio on DVD
Alternatives: MP3 on data DVD (stereo). Audio track of video DVD (5.1). DVD audio (5.1). SACD (5.1).
UML
CH1-3
© 2000 Morgan Kaufman 71
Introduction
Object-oriented design.Unified Modeling Language (UML).
© 2000 Morgan Kaufman 72
System modeling
Need languages to describe systems: useful across several levels of
abstraction; understandable within and between
organizations.Block diagrams are a start, but don’t
cover everything.
© 2000 Morgan Kaufman 73
Object-oriented design
Object-oriented (OO) design: A generalization of object-oriented programming.
Object = state + methods. State provides each object with its own
identity. Methods provide an abstract interface
to the object.
© 2000 Morgan Kaufman 74
OO implementation in C++
class display {pixels : pixeltype[IMAX,JMAX];
public:display() { }pixeltype pixel(int i, int j) { return pixels[i,j]; }void set_pixel(pixeltype val, int i, int j) { pixels[i,j] = val; }
}
© 2000 Morgan Kaufman 75
OO implementation in C
typedef struct { pixels: pixeltype[IMAX,JMAX]; } display;
display d1;
pixeltype pixelval(pixel *px, int i, int j) { return px[i,j]; }
© 2000 Morgan Kaufman 76
Objects and classes
Class: object type.Class defines the object’s state
elements but state values may change over time.
Class defines the methods used to interact with all objects of that type. Each object has its own state.
© 2000 Morgan Kaufman 77
OO design principles
Some objects will closely correspond to real-world objects. Some objects may be useful only for
description or implementation.Objects provide interfaces to
read/write state, hiding the object’s implementation from the rest of the system.
© 2000 Morgan Kaufman 78
UML
Developed by Booch et al.Goals:
object-oriented; visual; useful at many levels of abstraction; usable for all aspects of design.
© 2000 Morgan Kaufman 79
UML object
d1: Display
pixels: array[] of pixelselementsmenu_items
pixels is a2-D array
comment
object nameclass name
attributes
© 2000 Morgan Kaufman 80
UML class
Display
pixelselementsmenu_items
mouse_click()draw_box
operations
class name
© 2000 Morgan Kaufman 81
The class interface
The operations provide the abstract interface between the class’s implementation and other classes.
Operations may have arguments, return values.
An operation can examine and/or modify the object’s state.
© 2000 Morgan Kaufman 82
Choose your interface properly
If the interface is too small/specialized: object is hard to use for even one application; even harder to reuse.
If the interface is too large: class becomes too cumbersome for designers
to understand; implementation may be too slow; spec and implementation are probably buggy.
© 2000 Morgan Kaufman 83
Relationships between objects and classes
Association: objects communicate but one does not own the other.
Aggregation: a complex object is made of several smaller objects.
Composition: aggregation in which owner does not allow access to its components.
Generalization: define one class in terms of another.
© 2000 Morgan Kaufman 84
Class derivation
May want to define one class in terms of another. Derived class inherits attributes,
operations of base class.
Derived_class
Base_class
UMLgeneralization
© 2000 Morgan Kaufman 85
Class derivation example
Display
pixelselementsmenu_items
pixel()set_pixel()mouse_click()draw_box
BW_display Color_map_display
baseclass
derived class
© 2000 Morgan Kaufman 86
Multiple inheritance
Speaker Display
Multimedia_display
base classes
derived class
© 2000 Morgan Kaufman 87
Links and associations
Link: describes relationships between objects.
Association: describes relationship between classes.
© 2000 Morgan Kaufman 88
Link example
Link defines the contains relationship:
message
msg = msg1length = 1102
message
msg = msg2length = 2114
message set
count = 2
© 2000 Morgan Kaufman 89
Association example
message
msg: ADPCM_streamlength : integer
message set
count : integer
0..* 1
contains
# contained messages # containing message sets
© 2000 Morgan Kaufman 90
Stereotypes
Stereotype: recurring combination of elements in an object or class.
Example: <<foo>>
© 2000 Morgan Kaufman 91
Behavioral description
Several ways to describe behavior: internal view; external view.
© 2000 Morgan Kaufman 92
State machines
a b
state state name
transition
© 2000 Morgan Kaufman 93
Event-driven state machines
Behavioral descriptions are written as event-driven state machines. Machine changes state when receiving
an input.An event may come from inside or
outside of the system.
© 2000 Morgan Kaufman 94
Types of events
Signal: asynchronous event.Call: synchronized communication.Timer: activated by time.
© 2000 Morgan Kaufman 95
Signal event
<<signal>>mouse_click
leftorright: buttonx, y: position
declaration
a
b
mouse_click(x,y,button)
event description
© 2000 Morgan Kaufman 96
Call event
c d
draw_box(10,5,3,2,blue)
© 2000 Morgan Kaufman 97
Timer event
e f
tm(time-value)
© 2000 Morgan Kaufman 98
Example state machine
regionfound
got menuitem
calledmenu item
foundobject
objecthighlighted
start
finish
mouse_click(x,y,button)/find_region(region)
input/outputregion = menu/which_menu(i) call_menu(I)
region = drawing/find_object(objid) highlight(objid)
© 2000 Morgan Kaufman 99
Sequence diagram
Shows sequence of operations over time.
Relates behaviors of multiple objects.
© 2000 Morgan Kaufman 100
Sequence diagram example
m: Mouse d1: Display u: Menu
mouse_click(x,y,button)which_menu(x,y,i)
call_menu(i)
time
© 2000 Morgan Kaufman 101
Summary
Object-oriented design helps us organize a design.
UML is a transportable system design language. Provides structural and behavioral
description primitives.
Models of Computation
CH1-4
103
Topics
Why models of computation? Structural models. Finite-state machines. Turing machines. Petri nets. Control flow graphs. Data flow models. Task graphs. Control flow models.
104
Models of computation
Models of computation affect programming style.
No one model of computation is good for all algorithms.
Large systems may require different models of computation for different parts.Models must communicate compatibly.
105
Processor graph
M1
L1
M2
M3 M4
L2
L3
106
Finite state machine
State transition graph and table are equivalent:
s3
s1 s20/0
0/1
1/0
0/0
1/1
1/0
0 s1 s2 0
1 s1 s1 0
0 s2 s2 1
1 s2 s3 0
0 s3 s3 0
1 s3 s1 1
107
Finite state machine properties
Finite state. Nondeterministic variant.
108
Nondeterministic FSM
Several transitions out of a state for a given input. Equivalent to executing
all alternatives in parallel.
Can allow moves---goes to next state without input.
s1 s2a
a
109
Deterministic FSM from nondeterministic FSM Add states for the v
arious combinations of nondeterminism.
s1 s2a
a
s3
nondeterministic
b
s4
c
s1 s12a
s3
b
s4
cc
deterministic
110
1 0 1 0 10 1 0 1 1 0 11 0
Turing machine
General model of computing:
program
head
tape
state
111
Turing machine step
1. Read current square.
2. Erase current square.
3. Take state-dependent action:1. Print new value.
2. Move to adjacent cell.
3. Set machine to next state.
112
Turing machine properties
Example program: If (state = 2 and cell =
0): print 0, move left, state = 4.
If (state = 2 and cell = 1): print 1, move left, state = 3.
Can be implemented on many physical devices.
Turing machine is a general model of computability.
Can be extended to probabilistic behavior.
113
Turing machine properties
Infinite tape = infinite state machine. Basic model of computability.
Lambda calculus is alternative model.Other models of computing can be shown to
be equivalent/proper subset of Turing machine.
114
Control flow graph
Commonly used to model program structure.
x = a - b
i = 0?
y = c + d
x = a
115
CDFG properties
Finite state model. Single thread of control. Can handle subroutines.
116
Petri net
Parallel model of computation.
place
arc
token transition
117
Firing rule
A transition is enabled if each place at its inputs have at least one token.A transition doesn’t have to fire right away.
Firing a transition removes tokens from inputs and adds a token to each output place.
In general, may require multiple tokens to enable.
118
Properties of Petri nets
Turing complete. Arbitrary number of tokens.
Nondeterministic behavior.Naturally model parallelism.
119
Task graph
Used to model multi-rate systems.
12
P1 P2
P3
P4
P5
120
Task graph properties
Not a Turning machine. No branching behavior. May be extended to provide conditionals.
Possible models of execution time: Constant. Min-max bounds. Statistical.
Can model late arrivals, early departures by adding dummy processes.
121
Data flow graph
Partially-ordered computations:
+ -
*
+ -, *
+, -, *
-, +, *
122
Data flow streams
Captures sequence but not time. Totally-ordered set of values.
New values are appended at the end as they appear.
May be infinite.
+
88 -23 7 44 9 -28 -44 88 -23 7 44 9
123
Firing rules
A node may have one or more firing rules.
Firing rules determine when tokens are consumed and produced.Firing consumes a set of tokens at inputs,
generates token at output.
124
Example firing rules
Basic rule fires when tokens are available at all inputs:
Conditional firing rule depends on control input:
+
a
b
c
a
b
T
125
Data flow graph properties
Finite state model. Basic data flow graph is acyclic. Scheduling provides a total ordering of
operations.
126
Synchronous data flow
Lee/Messerschmitt: Relate data flow graph properties to schedulability.Synchronous communication between data flo
w nodes.Nodes may communicate at multiple rates.
127
SDF notation
Nodes may have rates at which data are produced nor consumed.
Edges may have delays.
+ -1 2
5
128
SDF example
This graph has consistent sample rates:
+ +2 1
+
1
1 2
1
separateoutputs
129
Delays in SDF graphs
Delays do not change rates, only the amount of data stored in the system.
Changes system start-up.
+ -1 2
50
130
Kahn process network
Process has unbounded FIFO at each input:
Each channel carries a possibly infinite sequence or stream. A process maps one or more input sequences to one or more output sequences.
processchannel
131
Properties of processes
Processes are usually required to be continuous: least upper boundedness can be moved across function boundary.
Monotonicity:X in X’ => F(X) in F(X’)
132
Networks of processes
A network of processes relates the streams of several processes.
If I = input sequences, X = internal sequences + outputs, then network behavior fixed point isX = F(X,I)
133
Network properties
A network of monotonic processes is a monotonic process.Even in the presence of feedback loops.
Can add nondeterminism in several ways:allow process to test for emptiness;allow process to be internally nondeterminate;allow more than one process to consume data from a c
hannel;etc.
134
Statecharts
Ancestor of UML state diagrams. Provided composite states:
OR states;AND states.
Composite states reduce the size of the state transition graph.
135
Statechart OR state
S1
S2
S3
S4
i1
i1
i2
i2
i2
traditional
S1
S2
S3
S4
i1
i1 i2
OR state
s123
136
Statechart AND state
S1-3 S1-4
S2-3 S2-4
S5
traditional
c
d
b a
r
c
d
b a
S1 S3
S2 S4
S5AND state
c d
r
b a
sab
r
137
TCAS II specification
TCAS II: aircraft collision avoidance system.
Monitors aircraft and air traffic info. Provides audio warnings and directives to
avoid collisions. Leveson et al used RMSL language to cap
ture the TCAS specification.
138
RMSL
State description: Transition bus for transitions between many states:state1
inputs
state description
outputs
a
b
c
d
139
TCAS top-level descriptionCAS
power-offpower-onInputs:TCAS-operational-status {operational,not-operational}
fully-operationalC
standby
own-aircraft
other-aircraft i:[1..30]
mode-s-ground-station i:[1..15]
140
Own-Aircraft AND stateCAS
Inputs:own-alt-radio: integer standby-discrete-input: {true,false}own-alt-barometric:integer, etc.
Effective-SL Alt-SL Alt-layer Climb-inibit Descend-inibit
Increase-climb-inibit
Increase-Descend-inibit
Advisory-Status
...
... ......
...
......
1
2
7
...
1
2
7
Outputs:sound-aural-alarm: {true,false} aural-alarm-inhibit: {true, false}combined-control-out: enumerated, etc.