modeling embedded systems - university of california, … · 2017-02-16 · –...
TRANSCRIPT
![Page 1: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/1.jpg)
1
Modeling Embedded Systems
Tajana Simunic Rosing
Department of Computer Science and Engineering
University of California, San Diego.
![Page 2: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/2.jpg)
2 Tajana Simunic Rosing
ES Design
Verification and Validation
HardwareHardware components
![Page 3: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/3.jpg)
3 Tajana Simunic Rosing
Models, Languages and Tools
Sequent.
program
State
machine
Data-
flow
Concurrent
processes
C/C++Verilog Java VHDL
Implementation
A
Implementation
B
Implementation
C
![Page 4: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/4.jpg)
Components of a formal design model
• Functional specification
– Relationships between inputs, outputs & states
• Properties
– Relations between I/O/S that can be checked against the functional specification
– 3 types: inherent in model of computation, those that can be verified syntactically & semantically for a given specification
• Performance indices
– Evaluate quality of design
• Constraints
– On performance indices, usually inequalities
4
![Page 5: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/5.jpg)
Design process
Design:
• A set of components interacting with each other and with the environment that is not a part of design
Model of Computation (MOC):
• Defines the behavior and interaction of the design blocks
Design process:
• Takes a model at a higher level of abstraction and refines it to a lower level along with mapping constraints, performance indices and properties to the same level
Validation:
• Process of checking if design is correct
– Simulation/emulation, formal verification of specification or implementation
Synthesis:
• Design refinement where more abstract specifications are translated into less abstract specifications
5
![Page 6: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/6.jpg)
6 Tajana Simunic Rosing
Models of Computation Elements
• State
– e.g. in HW :
• Combinational states: one state for a given time t
• Sequential states: multiple states possible for time t
• Decidability
– Can a property be determined in a finite amount of time?
• Concurrency and communication
– Embedded systems usually have coordinated concurrent processes -> communication required
![Page 7: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/7.jpg)
7 Tajana Simunic Rosing
Modes of Communication
![Page 8: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/8.jpg)
8 Tajana Simunic Rosing
Communication
– Blocking
…
send ()
…
…
receive ()
…
…
send ()
…
…
receive ()
…
…
send ()
…
…
receive ()
…
ack
…process a {
..
P(S) //obtain lock
.. // critical section
V(S) //release lock
}
process b {
..
P(S) //obtain lock
.. // critical section
V(S) //release lock
}
Message Passing
Non-blocking
Shared memory
Extended
rendezvous
![Page 9: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/9.jpg)
Models of computation comparison
Communication/
local computations
Shared
memory
Message passing
Synchronous | Asynchronous
Communicating finite
state machines
StateCharts SDL
Data flow (Not useful) Kahn networks,
DFG, SDF
Petri nets various versions of Petri Nets
Discrete event (DE)
models
VHDL*,
Verilog*,
SystemC*, …
Only experimental systems, e.g.
distributed DE in Ptolemy
Von Neumann
models+
C, C++, Java C, C++, Java & libraries, ADA
*Classification based on implementation with centralized data structures+Consists of a processing unit, control unit and storage for instructions & data
![Page 10: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/10.jpg)
10 Tajana Simunic Rosing
Model of Computation Examples• State machine models
– FSMs, StateCharts , SDL
• Petri nets
• Communicating processes– Kahn processes, Communicating Sequential Processes
• Ada
• Dataflow models– DFG, SDFG
• Discrete event models– VHDL, Verilog, SystemC, SpecC
• Synchronous languages – Cycle based models, Esterel, Lustre
![Page 11: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/11.jpg)
11 Tajana Simunic Rosing
Classical automata
• Moore-automata:
O = H(S); S+ = f(I, S)
• Mealy-automata
O = H(I, S); S+ = f(I, S)
Internal state Sinput I output O
S0 S1
S2S3
e=1
e=1
e=1
e=1
0 1
23
clock
![Page 12: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/12.jpg)
12 Tajana Simunic Rosing
Finite-state machines (FSMs)
Idle
GoingUp
req > floor
req < floor
!(req > floor)
!(timer < 10)
req < floor
DoorOpen
GoingDn
req > floor
u,d,o, t = 1,0,0,0
u,d,o,t = 0,0,1,0
u,d,o,t = 0,1,0,0
u,d,o,t = 0,0,1,1
u is up, d is down, o is open
req == floor
!(req<floor)
timer < 10
t is timer_start
Elevator Control process using a state machine
![Page 13: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/13.jpg)
13 Tajana Simunic Rosing
Elevator Control with Fire Mode
• FireMode – When fire is true, move elevator to 1st floor and open door
Idle
GoingUp
req>floor
req<floor
!(req>floor)
timeout(10)
req<floor
DoorOpen
GoingDn
req>floor
u,d,o = 1,0,0
u,d,o = 0,0,1
u,d,o = 0,1,0
req==floor
!(req<floor)
fire
fire
fire
fire
FireGoingDn
floor>1
u,d,o = 0,1,0
u,d,o = 0,0,1
!fire
FireDrOpen
floor==1
fire
u,d,o = 0,0,1
UnitControl
![Page 14: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/14.jpg)
14 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , CFSM, SDL
• Petri nets
• Communicating Processes– Kahn processes, Communicating Sequential Processes
• Ada
• Dataflow models– DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• Synchronous languages – Cycle based models, Esterel, Lustre
![Page 15: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/15.jpg)
15 Tajana Simunic Rosing
StateCharts: Hierarchy
![Page 16: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/16.jpg)
16 Tajana Simunic Rosing
Back to Elevator Example
fire
!fireFireGoingDn
floor>1
u,d,o = 0,1,0
FireDrOpen
floor==1
fire
FireMode
u,d,o = 0,0,1
Idle
GoingUp
req>floor
req<floor
!(req>floor)
timeout(10)
req<floor
DoorOpen
GoingDn
req>floor
u,d,o = 1,0,0
u,d,o = 0,0,1
u,d,o = 0,1,0
req==floor
!(req>floor)
u,d,o = 0,0,1
NormalMode
UnitControl
NormalMode
FireMode
fire!fir
e
UnitControl
ElevatorController
RequestResolver
...
![Page 17: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/17.jpg)
17 Tajana Simunic Rosing
StateCharts: Default state
![Page 18: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/18.jpg)
18 Tajana Simunic Rosing
StateCharts: History
![Page 19: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/19.jpg)
19 Tajana Simunic Rosing
History & default state
same meaning
![Page 20: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/20.jpg)
20 Tajana Simunic Rosing
StateCharts: Concurrency
![Page 21: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/21.jpg)
21 Tajana Simunic Rosing
Conditional Transitions
![Page 22: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/22.jpg)
22 Tajana Simunic Rosing
StateCharts: Timers
![Page 23: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/23.jpg)
23 Tajana Simunic Rosing
Example: Answering machine
![Page 24: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/24.jpg)
24
StateCharts: edge labels
event [condition] / reaction
Events: Exist only until the next evaluation of the model
Can be either internally or externally generated
Conditions: Refer to values of variables that keep their value until they are
reassigned
Reactions: Can either be assignments for variables
or creation of events
Example: service-off [not in Lproc] / service:=0
![Page 25: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/25.jpg)
25 Tajana Simunic Rosing
Propagations and BroadcastsSource: B. P. Douglass & iLogix
![Page 26: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/26.jpg)
26 Tajana Simunic Rosing
StateCharts: Simulation
Status= values of all variables + set of events + current time
Step = execution of the three phases
Status phase 2
Three phases:
1.Effects of external changes on events and conditions are evaluated,
2.The set of transitions to be made in the current step and right hand
sides of assignments are computed,
3.Transitions become effective, variables obtain new values.
![Page 27: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/27.jpg)
StateCharts Simulation Example
![Page 28: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/28.jpg)
Statecharts – Example 1
28 Tajana Simunic Rosing
A B C
ef
gh
D
km
A B C
D
g
fh
e
k
kkm
Equivalent FSM
Representation
Statechart
Example
![Page 29: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/29.jpg)
Statecharts – Example 2
29 Tajana Simunic Rosing
A B
f
g
n Ek
mC D
h
Statechart
Example
AC AD BC BD
E
nn
f f
gg
h h
mm
m mk Equivalent FSM
Representation
![Page 30: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/30.jpg)
StateCharts to FSM
30 Tajana Simunic Rosing
![Page 31: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/31.jpg)
31 Tajana Simunic Rosing
StateCharts: Application Examples
• Power converter system for trams, metros & trains
– System-level modeling and automated code generation
– Guarantee latencies less than 10 microseconds
– Cut development time by 50%
– Time from design completion to first prototype down to 1hr from 3 months
– Defect free code automatically generated for a number of RTOS implementations
By Alstom
![Page 32: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/32.jpg)
32 Tajana Simunic Rosing
StateCharts: Application Examples
• Development of defibrillator and pacemaker technology
– Model system behavior before requirements are finalized
– Check that SW provides mathematically consistent representation of the product’s system – correct and unambiguous representation of model behavior
– More accurate and extensive verification – guarantee device works 100% of the time for at least 7-10yrs
– Cut product verification costs by 20%
– 15-20% overall cost reduction per projects on future development
By Guidant CRM
![Page 33: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/33.jpg)
33 Tajana Simunic Rosing
StateCharts: Application Examples
• Jet engine electronic controller design– System level specification and consistency check
– Construction of on-screen simulation of the cockpit display
– Evaluate correctness in normal and faulty operation modes
– Project so successful that now StateCharts are used for:• Independent overspeed protection system
• Thrust reverse control system
• Engine fuel control system
By BMW
![Page 34: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/34.jpg)
34 Tajana Simunic Rosing
StateCharts: Summary• Hierarchy• AND- and OR-super states• Default state, History• Timing behavior• State oriented behavior• Edge labels• Concurrency• Synchronization & communication
– Broadcast, shared memory
• Simulation
• Cross compiling
![Page 35: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/35.jpg)
35 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , SDL
• Petri nets
• Communicating Processes– Kahn processes, Communicating Sequential Processes
• Ada
• Dataflow models– DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• Synchronous languages – Cycle based models, Esterel, Lustre
![Page 36: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/36.jpg)
Specification & Description Language (SDL)
• Designed for specification of distributed systems.
• Dates back to early 70s,formal semantics defined in the late 80s, updates from 1984 to 1999 by International Telecommunication Union (ITU)
• Provides textual and graphical formats
• Similar to StateCharts, each FSM is called a process, but it uses message passing instead of shared memory for communication
• Supports operations on data
![Page 37: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/37.jpg)
SDL-representation of FSMs/processes
output
input
state
![Page 38: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/38.jpg)
Communication among SDL-FSMs• Communication between FSMs (or “processes“)
is based on message-passing, assuming a potentially indefinitely large FIFO-queue.
Each process
fetches next entry
from FIFO,
checks if input
enables transition,
if yes: transition
takes place,
if no: input is ignored
(exception: SAVE-
mechanism).
![Page 39: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/39.jpg)
Determinate?• Let tokens be arriving at FIFO at the same time:Order in which they are stored is unknown:
All orders are legal so simulators can show different behaviors for the
same input, all of which are correct.
![Page 40: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/40.jpg)
Operations on data• Variables can be declared locally for processes.
• Their type can be predefined or defined in SDL itself.
• SDL supports abstract data types (ADTs)
![Page 41: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/41.jpg)
Process interaction diagrams• Interaction between processes can be described in process
interaction diagrams, which are a special case of block diagrams
• In addition to processes, these diagrams contain channels and declarations of local signals.
,
B
![Page 42: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/42.jpg)
Hierarchy in SDL• Process interaction diagrams can be included in blocks. The
root block is called system.
Processes cannot contain other processes, unlike in StateCharts.
![Page 43: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/43.jpg)
Timers
• Timers can be declared locally
• Elapsed timers put signal into queue, but are not necessarily processed immediately; RESET removes a timer from FIFO-queue
![Page 44: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/44.jpg)
Description of network protocols
![Page 45: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/45.jpg)
Vending machine example
Machine sells pretzels, chips, cookies, &
doughnuts
Accepts nickels, dime, quarters, and half-dollars
It is not a distributed application.
° [J.M. Bergé, O. Levia, J. Roullard: High-Level System Modeling, Kluwer Academic Publishers, 1995]
![Page 46: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/46.jpg)
Overall view of vending machine
![Page 47: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/47.jpg)
Decode Requests
p
![Page 48: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/48.jpg)
Chip Handler
no
yes
yes
no
![Page 49: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/49.jpg)
49 Tajana Simunic Rosing
SDL: Real World Examples
• FlexRay RTIO protocol specification
• ADSL design
– Ideal language for telecom design; communication between components and their different states of operation can be easily modeled with SDL
– Object orientation and automatic code generation significantly simplified system design verification
– Early testing done on SDL – significant savings in the cost of expensive test equiptment
By Siemens
![Page 50: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/50.jpg)
SDL summary
– FSM model for the components,
– Non-blocking message passing for communication,
– Implementation requires bound for the maximum length of FIFOs; may be very difficult to compute,
– Not necessarily determinate
– Timer concept adequate just for soft deadlines,
– Limited way of using hierarchies,
– Limited programming language support,
– No description of non-functional properties,
– Excellent for distributed applications (used for ISDN),
– Commercial tools available (see http://www.sdl-forum.org)
![Page 51: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/51.jpg)
51 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , SDL, CFSM
• Petri nets
• Communicating Processes– Kahn processes, Communicating Sequential Processes
• Ada
• Dataflow models– DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• Synchronous languages – Cycle based models, Esterel, Lustre
![Page 52: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/52.jpg)
Petri net definitions
• H2OExample
52 Tajana Simunic RosingSource: Murata’89
![Page 53: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/53.jpg)
53 Tajana Simunic Rosing
Petri net – Train tracks model
![Page 54: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/54.jpg)
54 Tajana Simunic Rosing
Concurrency, Causality, Choice
![Page 55: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/55.jpg)
55 Tajana Simunic Rosing
Concurrency, Causality, Choice
![Page 56: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/56.jpg)
56 Tajana Simunic Rosing
Concurrency, Causality, Choice
![Page 57: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/57.jpg)
57 Tajana Simunic Rosing
Concurrency, Causality, Choice
![Page 58: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/58.jpg)
58 Tajana Simunic Rosing
Concurrency, Causality, Choice
![Page 59: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/59.jpg)
Petri nets: confusion
• Concurrency & conflict lead to confusion….
– Symmetric
– Asymmetric
59 Tajana Simunic RosingSource: Murata’89
![Page 60: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/60.jpg)
60 Tajana Simunic Rosing
Conflict for resource „track“
![Page 61: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/61.jpg)
61 Tajana Simunic Rosing
Communication Protocol
![Page 62: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/62.jpg)
62 Tajana Simunic Rosing
Communication Protocol
![Page 63: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/63.jpg)
63 Tajana Simunic Rosing
Communication Protocol
![Page 64: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/64.jpg)
64 Tajana Simunic Rosing
Communication Protocol
![Page 65: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/65.jpg)
65 Tajana Simunic Rosing
Communication Protocol
![Page 66: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/66.jpg)
66 Tajana Simunic Rosing
Communication Protocol
![Page 67: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/67.jpg)
67 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 68: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/68.jpg)
68 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 69: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/69.jpg)
69 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 70: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/70.jpg)
70 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 71: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/71.jpg)
71 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 72: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/72.jpg)
72 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 73: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/73.jpg)
73 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 74: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/74.jpg)
74 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 75: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/75.jpg)
75 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 76: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/76.jpg)
76 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 77: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/77.jpg)
77 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 78: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/78.jpg)
78 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 79: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/79.jpg)
79 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 80: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/80.jpg)
80 Tajana Simunic Rosing
Producer-Consumer Problem
![Page 81: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/81.jpg)
81 Tajana Simunic Rosing
Producer-Consumer with Priority
Modeling synchronization control when sharing resources Multiprocessor CPUs, distributed systems
![Page 82: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/82.jpg)
Petri net definitions
• H2OExample
82 Tajana Simunic RosingSource: Murata’89
![Page 83: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/83.jpg)
83 Tajana Simunic Rosing
Petri Net Properties
• Behavioral– Reachability
• Marking M reachable from marking Mo
– k - Boundedness• Number of tokens in each place does not exceed finite number k
• Safe if 1-bounded
– Liveness• A transition is live if it can never deadlock.
• A transition is deadlocked if it can never fire.
• Structural – Controlability
• Any marking can be reached from any other marking
– Structural boundednes
– Conservativeness – weighted sum of tokens constant
![Page 84: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/84.jpg)
84 Tajana Simunic Rosing
PN Properties - Reachability
![Page 85: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/85.jpg)
85 Tajana Simunic Rosing
PN Properties – Deadlock-free
![Page 86: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/86.jpg)
86 Tajana Simunic Rosing
PN Properties – Deadlock-free
![Page 87: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/87.jpg)
Petri Net Liveness
• L0-live (dead): a particular transition can never fire
– In the figure below, t0 can never fire
• see reachability graph
![Page 88: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/88.jpg)
Petri Net Liveness
• L1-live: a particular transition can fire at least once for some firing sequence
– In the figure below, t1 can only fire once, for some firing sequence
![Page 89: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/89.jpg)
Petri Net Liveness
• L2-live: a particular transition can fire k times for a particular firing sequence, for any k.
– In the figure below, t2 can only fire once, twice, etc, for different firing sequences
![Page 90: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/90.jpg)
Petri Net Liveness
• L3-live: a particular transition can fire infinitely in a particular firing sequence.
– In the figure below, t3 can fire infinitely for the firing sequence t3, t3, t3, t3,…
– Note that the number of times t1 and t2, fire is finite for any firing sequence.
![Page 91: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/91.jpg)
91 Tajana Simunic Rosing
PN Properties - Boundedness
![Page 92: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/92.jpg)
92 Tajana Simunic Rosing
PN Properties - Boundedness
![Page 93: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/93.jpg)
93 Tajana Simunic Rosing
PN Properties - Boundedness
![Page 94: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/94.jpg)
94 Tajana Simunic Rosing
PN Properties - Boundedness
![Page 95: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/95.jpg)
95 Tajana Simunic Rosing
PN Properties - Boundedness
![Page 96: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/96.jpg)
96 Tajana Simunic Rosing
PN Properties - Conservation
![Page 97: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/97.jpg)
97 Tajana Simunic Rosing
PN Properties - Conservation
![Page 98: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/98.jpg)
98 Tajana Simunic Rosing
PN Properties - Conservation
![Page 99: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/99.jpg)
99 Tajana Simunic Rosing
Petri Nets - Analysis
• Structural
– Incidence matrix
• State Space Analysis techniques
– Coverability Tree
– Reachability Graph
![Page 100: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/100.jpg)
100 Tajana Simunic Rosing
PN Properties – Analysis
Incident
Matrix
State
Equations
![Page 101: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/101.jpg)
101 Tajana Simunic Rosing
Petri Nets – Coverability Tree
![Page 102: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/102.jpg)
Example• Assume
– e=6
– Mo=[0 12]
• Can we reach M=[6 0] from Mo?
• Can it be statically scheduled?
• What size buffers are needed at P1 & P2?
102 Tajana Simunic Rosing
P1
P2
T1 T2
32
4 e
![Page 103: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/103.jpg)
Petri net problem
Consider the Petri net defined by:
P = { p1, p2, p3}
T = { t1, t2, t3}
A = { (p1 t1) (p1 t3) (p2 t1) (p2 t2) (p3 t3) (t1 p2) (t1 p3) (t2 p3) (t3 p1) (t3 p2)}
With all weights being one except w(p1 t1) = 2
103 Tajana Simunic Rosing
![Page 104: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/104.jpg)
Draw a Petri net that describes a game in which there is an urn with black and red balls. In each round the player takes two balls:
– If both are black, then the player returns one black
– If both are red, then the player returns one red
– If one is red and one is black, then the player returns one red.
104 Tajana Simunic Rosing
Urn Game with Petri Nets
![Page 105: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/105.jpg)
105 Tajana Simunic Rosing
Petri nets: Applications
• Model, simulate and analyze networking protocols (e.g. TCP, Ethernet, etc)
• Model, simulate and analyze complex network elements (e.g. router, switch, optical mux); check their logical behavior
• Design and analyze network performance and AoS with logical models of traffic generators, protocols and network elements
• Study network behavior characteristics (e.g. throughput, blocking probability etc)
By Siemens
![Page 106: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/106.jpg)
Petri nets in practice
• Example apps:
– TCP performance
– Security system design and automated code geneeration
– MAC design
– ….
106 Tajana Simunic Rosing
![Page 107: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/107.jpg)
107 Tajana Simunic Rosing
Petri Nets - Summary
• PN Graph– places (buffers), transitions (action), tokens (data)
• Firing rule – Transition enabled if enough tokens in a place
• Properties– Structural (consistency, structural boundedness)
– Behavioral (reachability, boundedness, etc.)
• Analysis techniques
• Applications– Modeling of resources, mutual exclusion, synchronization
![Page 108: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/108.jpg)
108 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , SDL, CFSM
• Petri nets• Communicating Processes
– Communicating Sequential Processes, Ada, Kahn processes
• Dataflow models– DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• Synchronous languages – Cycle based models, Esterel, Lustre
• HW Models• Unified Modeling Language (UML)
![Page 109: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/109.jpg)
109 Tajana Simunic Rosing
Process
• A sequential program– Executes concurrently with other
processes
• Basic operations on processes– Create & terminate, suspend & resume,
join
• Process communication– Shared memory (and mutexes)
– Message passing
– Rendezvous
buttons
inside
elevator
Unit
Control
b1
down
open
floor
...
Request
Resolver
...
up/down
buttons on
each
floor
b2
bN
up1
up2
dn2
dnN
req
up
System interface
up3
dn3
![Page 110: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/110.jpg)
110 Tajana Simunic Rosing
ADA-rendez-vous
task screen_out isentry call_ch(val:character; x, y: integer);entry call_int(z, x, y: integer);
end screen_out;task body screen_out is...selectaccept call_ch ... do ..end call_ch;
oraccept call_int ... do ..end call_int;
end select;
Sending a message:
begin
screen_out.call_ch('Z',10,20);
exception
when tasking_error =>
(exception handling)
end;
![Page 111: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/111.jpg)
111 Tajana Simunic Rosing
Task graphs
Nodes are a „program“
described in some
programming language
Sequence
constraint
![Page 112: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/112.jpg)
112 Tajana Simunic Rosing
Task graphs - Timing
]
Arrival time deadline
![Page 113: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/113.jpg)
113 Tajana Simunic Rosing
Task graphs - I/O
![Page 114: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/114.jpg)
114 Tajana Simunic Rosing
Task graphs - Shared resources
![Page 115: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/115.jpg)
115 Tajana Simunic Rosing
Task graphs - Periodic schedules
.. infinite task graphs
![Page 116: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/116.jpg)
116 Tajana Simunic Rosing
Task graphs - Hierarchy
![Page 117: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/117.jpg)
117 Tajana Simunic Rosing
Your job is to design a process P with the sub tasks:
Q1(x,y) = (u,v)=(2x, x+y)
Q2(x,y) = 2x + y
Q3(x,y) = x + 2y
Assume you have an adder (2s, 1W) and a shifter (1s, 0.5W) to implement P.
Show the fastest possible schedule, and get the total energy consumption for P.
Do your results change if battery can supply maximum 1W at any point in time?
Design problem
![Page 118: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/118.jpg)
118 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , SDL, CFSM
• Petri nets• Communicating Processes
– Communicating Sequential Processes, Ada
• Dataflow models– Kahn processes – DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• Synchronous languages – Cycle based models, Esterel, Lustre
• Petri nets• HW Models• Unified Modeling Language (UML)
![Page 119: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/119.jpg)
119
Tajana Simunic Rosing
Kahn process network
processchannel
KPN - executable task graphs
Communication is via infinitely large FIFOs
Nonblocking write, blocking read => DETERMINATE
Important properties of KPN:Continuous
Output signals can be gradually produced; never have to consume all input to produce some output
MonotonicOutput depends on input but doesn’t change previous output
Continuous monotonic processes => ITERATIVE
![Page 120: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/120.jpg)
120 Tajana Simunic Rosing
Petri net model of a Kahn process
• KPNs are deterministic:
– Output determined by
• Process, network, initial tokens
![Page 121: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/121.jpg)
121 Tajana Simunic Rosing
Dataflow Process Networks
A
B
C D
modulate convolve
transform
A B C D
Z
Nodes with more complex
transformations
t1 t2
+ –
*
A B C D
Z
Nodes with arithmetic
transformations
t1 t2
Z = (A + B) * (C - D)
• Dataflow: – Maps input tokens to output tokens– Outputs function of current inputs
• No need to keep state on suspend/resume
– Scheduling for resource sharing
![Page 122: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/122.jpg)
122 Tajana Simunic Rosing
Dataflow process examples
• HW resource scheduling
– Constraints: 2 mult, 2 ALU
– List scheduler
– Additional constraints
• Performance
• Power
• Area etc.
*
NOP
*
*
<
*
*
+
NOP
1 2
3
4
5
6
7
*8
+9
10
11
0
n
T1
T2
T3
T4
![Page 123: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/123.jpg)
123 Tajana Simunic Rosing
Synchronous dataflow
![Page 124: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/124.jpg)
124 Tajana Simunic Rosing
SDF notation
• Nodes have rates of data production or consumption.
• Edges have delays.– Delays do not change rates, only the amount of
data stored in the system at startup.
+ -1 2
50
![Page 125: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/125.jpg)
Tajana Simunic Rosing
SDF examples
n1
n2
11
n32 1
21
n11
n3
1
1
n2
12D
D
![Page 126: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/126.jpg)
126Tajana Simunic Rosing
SDF Scheduling
• By building a set of “flow and conservation” equations
3a – 2b = 0
4b – 3d = 0
b – 3c = 0
2c – a = 0
d – 2a = 0
Solution: a = 2c; b = 3c; d = 4c
Possible schedules:
BBBCDDDDAA
BDBDBCADDA
BBDDBDDCAA
…
![Page 127: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/127.jpg)
SDF problem
127 Tajana Simunic Rosing
![Page 128: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/128.jpg)
128 Tajana Simunic Rosing
Dataflow process examples
• Design of a first 802.11b WLAN card– New product – combines RF, MAC and PHY; lots of DSP
– Implemented on an ASIC
– Previous design hand coded VHDL
• System level design with COSSAP by Synopsys– Explore architectural trade-offs – what in gates, what on DSP
– Scheduling trade-offs: latency, area, propagation delay between clocks, and vendor library
• Results:– Reduced time to market by a factor of TWO!
– Architectural exploration within 10% of actual measurements in terms of timing and area
by Symbol Tech.
![Page 129: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/129.jpg)
129 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , SDL, CFSM
• Petri nets• Communicating Processes
– Kahn processes, Communicating Sequential Processes
• Ada• Dataflow models
– DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• Synchronous languages – Cycle based models, Esterel, Lustre
• HW Models• Unified Modeling Language (UML)
![Page 130: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/130.jpg)
130 Tajana Simunic Rosing
Discrete Events
• Notion of time is fundamental: global order– events are objects which carry ordered time info
– there is a casual relationship between events
• DE simulator maintains global event queue– Verilog, VHDL
• Expensive - ordering tame stamps can be time consuming
• Large state & low activity => effective simulation
• Simultaneous events lead to non-determinacy– require complex conflict resolution schemes
– e.g. delta delays
![Page 131: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/131.jpg)
131 Tajana Simunic Rosing
Simultaneous Events in the
Discrete Event Model
A B Ct
t
A B C
t
A B C
t
t
B has 0 delay B has delta delay
t+
![Page 132: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/132.jpg)
132 Tajana Simunic Rosing
VHDL: Entities
entity full_adder is
port(a, b, carry_in: in Bit; -- input ports
sum,carry_out: out Bit); --output ports
end full_adder;
![Page 133: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/133.jpg)
133 Tajana Simunic Rosing
VHDL: Architectures
architecture structure of full_adder iscomponent half_adder
port (in1,in2:in Bit; carry, sum:out Bit);
end component;component or_gate
port (in1, in2:in Bit; o:out Bit);
end component;
signal x, y, z: Bit; -- local signals
begin -- port map section
i1: half_adder port map (a, b, x, y);
i2: half_adder port map (y, carry_in, z, sum);
i3: or_gate port map (x, z, carry_out);
end structure;
architecture behavior of full_adder is
begin
sum <= (a xor b) xor carry_in after 10
Ns;
carry_out <= (a and b) or (a and carry_in) or
(b and carry_in) after 10
Ns;
end behavior;
![Page 134: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/134.jpg)
135 Tajana Simunic Rosing
VHDL processes & waits
Processes model HW parallelismprocessbegin
a <= b after 10 nsend process
begin
prod <= x and y ;
wait on x,y;
end process;
process (x, y)
begin
prod <= x and y ;
end process;
Waits:
wait until signal list;
wait until a;
wait until condition;
wait until c='1';
wait for duration;
wait for 10 ns;
wait; suspend indefinitely
wait on = sensitivity list
![Page 135: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/135.jpg)
136 Tajana Simunic Rosing
VHDL Simulation
![Page 136: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/136.jpg)
137 Tajana Simunic Rosing
VHDL Simulation of an RS FFarchitecture one of RS_Flipflop isbeginprocess: (R,S,Q,nQ)
beginQ <= R nor nQ;nQ <= S nor Q;
end process;end one;
0ns 0ns+ 0ns+2
R 1 1 1
S 0 0 0
Q 1 0 0
nQ 0 0 1
0001
1100
0000
0111
1st
2nd
cycles reflect the fact that no
real gate comes with zero delay.
![Page 137: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/137.jpg)
138 Tajana Simunic Rosing
VHDL Summary
• Entities and architectures
• Multiple-valued logic
• Modeling hardware parallelism by processes
– Wait statements and sensitvity lists
• VHDL simulation cycle
– cycles
![Page 138: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/138.jpg)
139 Tajana Simunic Rosing
SystemC: Motivation
![Page 139: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/139.jpg)
140 Tajana Simunic Rosing
SystemC: Methodology
![Page 140: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/140.jpg)
141 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , SDL, CFSM
• Petri nets• Communicating Processes
– Kahn processes, Communicating Sequential Processes
• Ada • Dataflow models
– DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• HW Models• Synchronous languages
– Cycle based models, Esterel, Lustre
• Unified Modeling Language (UML)
![Page 141: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/141.jpg)
142 Tajana Simunic Rosing
Levels of hardware modeling
1. System level
2. Algorithmic level
3. Instruction set level
4. Register-transfer level (RTL)
5. Gate-level models
6. Switch-level models
7. Circuit-level models
8. Device-level models
9. Layout models
10. Process and device models
![Page 142: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/142.jpg)
143 Tajana Simunic Rosing
Instruction level
Assembler (MIPS) Simulated semantics
and $1,$2,$3 Reg[1]:=Reg[2] Reg[3]
or $1,$2,$3 Reg[1]:=Reg[2] Reg[3]
andi $1,$2,100 Reg[1]:=Reg[2] 100
sll $1,$2,10 Reg[1]:=Reg[2] << 10
srl $1,$2,10 Reg[1]:=Reg[2] >> 10
![Page 143: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/143.jpg)
144 Tajana Simunic Rosing
Register transfer level: MIPSController
BP
C
Instr
ucti
on
reg
iste
r IR
Mem
ory
Speic
her
T
sign_
extend
4
*
AL
U
Reg
0
0
0
0
0
01
1
1
1
1
1
2
2
3
§
31:26
25:21
20:16
25:0
15:0
15:11
i2 a
2 a
1
i3
a3
a2
a1
PC
So
urc
e
Ta
rge
tWrite
AL
UO
p
AL
US
elA
AL
US
elB
RegW
rite
RegD
est
IRW
rite
Me
mR
ea
d
Me
mW
rite
PC
Write
*§31: 28
"00“
![Page 144: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/144.jpg)
145 Tajana Simunic Rosing
Gate-level model
![Page 145: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/145.jpg)
146 Tajana Simunic Rosing
Switch level model
![Page 146: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/146.jpg)
147 Tajana Simunic Rosing
Circuit level model
![Page 147: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/147.jpg)
148 Tajana Simunic Rosing
Device level
Measured and simulated currents
![Page 148: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/148.jpg)
149 Tajana Simunic Rosing
Layout model
din
powlo
powhi
dout
![Page 149: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/149.jpg)
150 Tajana Simunic Rosing
Process model
Simulated
Measured
![Page 150: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/150.jpg)
151 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , SDL, CFSM
• Petri nets• Communicating Processes
– Kahn processes, Communicating Sequential Processes
• Ada• Dataflow models
– DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• HW Models• Synchronous reactive languages
– Cycle based models, Esterel, Lustre
• Unified Modeling Language (UML)
![Page 151: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/151.jpg)
Tajana Simunic Rosing
Reactive Synchronous Languages
• Assumptions– Instantaneous reactions
– Discrete events
– Static
• Cycle based models– Excellent for (single) clocked synchronous circuits
• Control flow oriented (imperative) languages– Esterel
• Data flow languages– Lustre, Signal
• Deterministic behavior
• Simulation, software and hardware synthesis, verification
![Page 152: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/152.jpg)
Lustre example
153 Tajana Simunic Rosing
![Page 153: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/153.jpg)
154 Tajana Simunic Rosing
Reactive Synchronous Models: Esterel Statements
• Emit S
• Present S then p else q end
• Pause
• P; Q, P||Q
• Loop p end
• Await S
• Abort p when S
• Suspend p when S
• Sustain S = (loop emit S; pause end)
![Page 154: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/154.jpg)
155 Tajana Simunic Rosing
Abort Statement
Normal termination
Aborted termination
Aborted termination,
Emit A preempted
Normal termination
B not checked in the
first cycle (like await)
![Page 155: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/155.jpg)
156 Tajana Simunic Rosing
Esterel Examples
![Page 156: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/156.jpg)
157 Tajana Simunic Rosing
Esterel Examples
![Page 157: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/157.jpg)
158 Tajana Simunic Rosing
Time in Esterel• Global clock with precise control over when
events appear– At every tick: read inputs, compute, output
• Statements– A bounded number in one cycle
• Emit, present, loop
– Take multiple cycles: • Pause, await, sustain
• Causality analysis– Deterministic & non-contradictory
![Page 158: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/158.jpg)
160 Tajana Simunic Rosing
Esterel Application Examples
TI used Esterel to automatically synthesize full coverage tests for a safety-critical design
Showed functional coverage covered only 30% of the design, with Esterl 100% covered
AirbusSignificant decrease in errors due to increase in automated code generation (40-70%)
e.g fly by wire controls & automatic flight control 70%, display computer 50%, warning & maintenance computer 40%
Major increase in productivity
![Page 159: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/159.jpg)
161 Tajana Simunic Rosing
Esterel Summary
Reactive synchronous language
Control flow oriented
Imperative syntax
Synchrony assumption useful for safety critical embedded systems
Convert timing relations to causal ordering
Used in verification
e.g. TI, Airbus
![Page 160: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/160.jpg)
162 Tajana Simunic Rosing
Models of Computation
• State Machine Models– FSM, StateCharts , SDL, CFSM
• Petri nets• Communicating Processes
– Kahn processes, Communicating Sequential Processes
• Ada• Dataflow models
– DFG, SDFG
• Discrete Event Systems– VHDL, Verilog, SystemC, SpecC
• HW Models• Synchronous reactive languages
– Cycle based models, Esterel, Lustre
• Unified Modeling Language (UML)
![Page 161: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/161.jpg)
163 Tajana Simunic Rosing
UML (Unified modeling language)
![Page 162: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/162.jpg)
164 Tajana Simunic Rosing
UML - StateCharts
![Page 163: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/163.jpg)
Tajana Simunic Rosing
UML – Extended Petri Nets
„swimlane“
![Page 164: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/164.jpg)
166 Tajana Simunic Rosing
UML Summary UML
- State machine diagram (StateChart-like)
- Activity diagram (extended Petri nets)
- Deployment diagram (exec. arch.)
- Use case diagram
- Package diagram (hierarchy)
- Class diagrams
- Timing diagrams (UML 2.0), UML for real-time
![Page 165: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/165.jpg)
167 Tajana Simunic Rosing
Models and Languages Summary
• Multiple models and languages are essential for high-level design– Managing complexity by abstraction
– Formality ensures refinement correctness
– Model choice depends on• Class of applications
• Required operations (synthesis, scheduling, ...)
• Multiple MOCs can co-exist during all phases of design– Specification
– Architectural mapping and simulation
– Synthesis, code generation, scheduling
– Detailed design and implementation
– Co-simulation
![Page 166: Modeling Embedded Systems - University of California, … · 2017-02-16 · – Simulation/emulation, formal verification of specification or implementation Synthesis: • Design](https://reader031.vdocuments.us/reader031/viewer/2022020104/5b1bd6927f8b9a46258efe3b/html5/thumbnails/166.jpg)
168 Tajana Simunic Rosing
Sources and References
• Peter Marwedel, “Embedded Systems Design,” 2004.• Frank Vahid, Tony Givargis, “Embedded System Design,” Wiley,
2002. • Wayne Wolf, “Computers as Components,” Morgan
Kaufmann, 2001. • Axel Jantsch, “Modeling Embedded Systems and SOCs,”
Morgan Kaufmann, 2004. • Alberto Sangiovanni-Vincentelli @ UCB• Mani Srivastava @ UCLA• Rajesh Gupta @ UCSD• Nikil Dutt @ UCI