Part I - Chess - Center for Hybrid and Embedded Software Systems

Transcription

Part I - Chess - Center for Hybrid and Embedded Software Systems
Predictable Timing of Cyber-Physical Systems
Future Research Challenges
DREAMS Seminar, EECS, UC Berkeley
January 17, 2012
David Broman
broman@eecs.berkeley.edu
EECS Department
UC Berkeley, USA
Department of Computer and Information Science
Linköping University, Sweden
2
Agenda
broman@eecs.berkeley.edu
Part I
Semantic gap regarding time
Part II
Bridging the gap –
the PRETIL project
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
3
broman@eecs.berkeley.edu
Part I
Semantic gap regarding time
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
4
Modeling Cyber-Physical Systems
broman@eecs.berkeley.edu
Model
Equation-based model
Abstraction
“physical modeling”
Networking
Sensors
System
Actuators
Physical system (the plant)
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Embedded systems (computation)
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
5
Equation-Based Object-Oriented (EOO)
Languages
Domain-Specific
Language (DSL)
broman@eecs.berkeley.edu
Models and Objects
•  Primarily domain:
Modeling of physical
systems
•  Multiple physical domains:
e.g., mechanical, electrical,
hydraulic
Equation-Based
Object-Oriented
(EOO)
Part II!
Reducing the gap –
the PRETIL project!
Part I !
Semantic gap
regarding time !
•  Object in e.g., Java, C++:
object = data + methods
•  Objects in EOO languages:
object = data + equations
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
6
Equation-Based Object-Oriented (EOO)
Languages
Domain-Specific
Language (DSL)
•  Primarily domain:
Modeling of physical
systems
connections!
objects (components)!
Models and Objects
Equation-Based
ports!
Object-Oriented
(EOO)
•  Multiple physical domains:
e.g., mechanical, electrical,
hydraulic
EOO model (textual)
Part I !
Semantic gap
regarding time !
broman@eecs.berkeley.edu
Part II!
Reducing the gap –
the PRETIL project!
•  Object in e.g., Java, C++:
object = data + methods
•  Objects in EOO languages:
object = data + equations
EOO model (graphical)
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
Equation-Based Object-Oriented (EOO)
Languages
Domain-Specific
Language (DSL)
7
broman@eecs.berkeley.edu
Models and Objects
•  Primarily domain:
Modeling of physical
systems
•  Multiple physical domains:
e.g., mechanical, electrical,
hydraulic
•  Object in e.g., Java, C++:
object = data + methods
Equation-Based
Object-Oriented
(EOO)
Acausality
•  Objects in EOO languages:
object = data + equations
•  At the equation-level
u=R*i
•  At the object connection level
Part II!
Reducing the gap –
the PRETIL project!
Part I !
Semantic gap
regarding time !
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
Equation-Based Object-Oriented (EOO)
Languages
Domain-Specific
Language (DSL)
broman@eecs.berkeley.edu
Direction not determined at modeling time!
•  Primarily domain:
Modeling of physical
systems
•  Multiple physical domains:
e.g., mechanical, electrical,
hydraulic
Models and Objects
Equation-Based
acausal (non-causal)
Object-Oriented
(EOO)
Acausality
causal
Part I !
Semantic gap
regarding time !
8
Part II!
Reducing the gap –
the PRETIL project!
•  Object in e.g., Java, C++:
object = data + methods
Variables !
•  Objects in EOO languages:
!  Potential!
object = data + equations
!  Flow!
Physical topology !
•  At the equation-level
u = Ris*lost!
i
•  At the object connection level
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
Equation-Based Object-Oriented (EOO)
Languages
Domain-Specific
Language (DSL)
•  Primarily domain:
Modeling of physical
systems
•  Multiple physical domains:
e.g., mechanical, electrical,
hydraulic
•  Object in e.g., Java, C++:
object = data + methods
Equation-Based
acausal (non-causal)
Object-Oriented
(EOO)
causal
•  Objects in EOO languages:
object = data + equations
•  At the equation-level
u=R*i
•  At the object connection level
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
Equation-Based Object-Oriented (EOO)
Languages
Domain-Specific
Language (DSL)
•  Primarily domain:
Modeling of physical
systems
•  Multiple physical domains:
e.g., mechanical, electrical,
hydraulic
•  Modelica
•  VHDL-AMS
•  gPROMS
•  MKL
•  (SPICE)
Part I !
Semantic gap
regarding time !
broman@eecs.berkeley.edu
Models and Objects
Acausality
Part I !
Semantic gap
regarding time !
9
10
broman@eecs.berkeley.edu
Models and Objects
Equation-Based
Object-Oriented
(EOO)
Acausality
•  Object in e.g., Java, C++:
object = data + methods
•  Objects in EOO languages:
object = data + equations
•  At the equation-level
u=R*i
•  At the object connection level
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
11
Modeling Cyber-Physical Systems
broman@eecs.berkeley.edu
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Computation 4
Computation 2
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical Plant
Plant 12
Physical
Model
Physical
Interface
Actuator
Different models of computation
Equation-based model
Abstraction
“physical modeling”
C-code
Networking
Sensors
System
Actuators
Physical system (the plant)
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Embedded systems (computation)
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
12
Modeling the Systems for Computing and
broman@eecs.berkeley.edu
Networking
Ptolemy II
Heterogenous modeling environment supporting many different
models of computation (MoC). For example, synchronous dataflow
(SDF), discrete-event (DE), process networks (PN), etc.
PTIDES
Currently implementation in Ptolemy. Modeling of event-based realtime distributed systems. Based on DE semantics.
Synchronous reactive languages
For example, Lustre, Signal and Esterel
Next versions of Modelica
New semantics for synchronouse discrete semantics
(for improved code generation).
Simulink
And all other languages/environments not listed here!
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
13
Simulation the CPS
broman@eecs.berkeley.edu
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
FMI
Delay 1
Computation 4
Computation 2
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical
Interface
Physical Plant
Plant 12
Physical
Model
Actuator
Different models of computation
Equation-based model
C-code
Networking
Sensors
System
Actuators
Embedded systems (computation)
Physical system (the plant)
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
14
Simulation the CPS
broman@eecs.berkeley.edu
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Computation 4
Computation 2
Software-in-the-loop
(SIL) simulation
Different models of computation
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical Plant
Plant 12
Physical
Model
Equation-based model
Hardware-in-the-loop
(HIL) simulation
Physical
Interface
Actuator
Code
generation
Physical system
available?
Networking
Sensors
System
C-code
Actuators
Physical system (the plant)
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Embedded systems (computation)
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
15
Simulation the CPS
broman@eecs.berkeley.edu
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Predictable Timing of
Cyber-Physical Systems
Software-in-the-loop
Computation 4
Computation 2
Sensor
Platform 3
Physical
Interface
Delay 2
(SIL) simulation
meaning that the continuous-time
timing behavior for
Different models of computation
Equation-based model
SIL simulation ҮHIL simulation ҮReal-time system execution
Code
Hardware-in-the-loop
generation
Note that predictability is a continuum.
The
“cyber”
can
be
(HIL) simulation
C-code
made deterministic, but the physics cannot.
Computation 3
Physical Plant
Plant 12
Physical
Model
Physical
Interface
Actuator
Physical system
available?
Networking
Sensors
System
Actuators
Embedded systems (computation)
Physical system (the plant)
Part II!
Reducing the gap –
the PRETIL project!
Part I !
Semantic gap
regarding time !
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
16
Physical Model
problems
Model and Timing Problems
Incorrect Parameters
Control Delay
Cyber timing problems
Modelica / MKL
Incorrect System of Equations
Validation of models
From sampling to
actuation
Jitter
broman@eecs.berkeley.edu
Ptolemy II /
PTIDES
Large model libraries.
Mature tools.
Computation
Precision-timed machines
Clock sync, IEEE 1588
Hard to predict.
E.g., loss data packets.
Related to robustness.
(Wittenmark et al., 1996)
Part I !
Semantic gap
regarding time !
Precision-timed
-  Scratchpad memory
-  Timing instructions
-  Thread-interleaved
piplines
Part II!
Reducing the gap –
the PRETIL project!
Automatic
allocation of
scratchpads?
Semantic gap
regarding time
Variation of start times
(e.g., clock accuracy,
architecture)
Transient Errors
Timingconstraints
of tasks
WCET
of tasks
Communication Bounded delays
How to ensure
that compilation
is semantically
correct regarding
time?
PRET
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
17
broman@eecs.berkeley.edu
Part II
Bridging the gap –
the PRETIL project
Part II!
Reducing the gap –
the PRETIL project!
Part I !
Semantic gap
regarding time !
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
18
Precision-Timed Intermediate Language (PRETIL)
broman@eecs.berkeley.edu
High-level requirements
Modelica / MKL
Ptolemy II / PTIDES
Make code generation
from source language
to PRETIL simple
(e.g., via suitable API)
Other MoC and tools
Support multiple
modeling (source)
languages
Expose language constructs for (physical) execution time
PRETIL
Hide (abstract away)
architecture dependent
details (e.g., scratchpad)
PRETIL compiler
PRET
PRET
PRET
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Formal semantics –
reason about correctness
of execution time
General purpose
CPU
PRET
PRET
Enable
comparison
of platforms
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
19
Execution time – a correctness factor
broman@eecs.berkeley.edu
Worst-case execution time (WCET)
Best-case execution time (BCET)
Estimated upper
bound of WCET
Challenge to make it tight
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
20
Sketch - primitives for handling time
(pseudo-code, part of research to be performed)
broman@eecs.berkeley.edu
F(x1,…,xn) is a function in the language with n parameters. !
Dynamic usage of execution time
Static Usage of execution time
Execute with padding without guarantees
Propagating WCET info up the tool chain:
-  For meta-programming (static scheduling)
-  For tool support (e.g., show WCET for
specific actors in Ptolemy)
execute f(3,2) during 10ms else …!
Use WCET/BCET info dynamically in the
model/program.
if WCET(f) > 10ms then … else …!
Propagate time constraint downwards
constraint WCET(f) < 10ms!
Execute with padding (exact time)
WCET of parameterized functions in runtime
using parametric WCET analysis (Lisper,
2003)
execute f(3,2) during 10ms!
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
if WCET(f(x3 = v)) > 10ms then …
else …!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
21
Proposed Infrastructure Overview
broman@eecs.berkeley.edu
Part I: Modeling language front end
Part II: PRETIL front end
Part III: PRETIL backend
Part IV: Runtime environment
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
22
Part I – Modeling language front end
broman@eecs.berkeley.edu
Research challenge 1: To design (or extend) an intermediate
language that hides architecture details and exposes language
constructs for programming with (physical) execution time.
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
23
Proposed Infrastructure Overview
broman@eecs.berkeley.edu
Part I: Modeling language front end
Part II: PRETIL front end
Part III: PRETIL backend
Part IV: Runtime environment
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
24
Part II – PRETIL Front end
broman@eecs.berkeley.edu
Research challenge 2: To statically guarantee that timing constraints
defined for high-level models hold during run-time.
Formally verified compilers
(Leroy, 2009)
Part I !
Semantic gap
regarding time !
Translation Validation Infrastructure
(Necula, 2000)
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
25
Proposed Infrastructure Overview
broman@eecs.berkeley.edu
Part I: Modeling language front end
Part II: PRETIL front end
Part III: PRETIL backend
Part IV: Runtime environment
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
26
Part III – PRETIL Back end
broman@eecs.berkeley.edu
Research challenge 3: To optimize allocation of bounded memory
resources so that both memory constraints and timing constraints hold
simultaneously.
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
27
Proposed Infrastructure Overview
broman@eecs.berkeley.edu
Part I: Modeling language front end
Part II: PRETIL front end
Part III: PRETIL backend
Part IV: Runtime environment
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
28
Part IV – Runtime environment
broman@eecs.berkeley.edu
Research challenge 4: To guarantee safe execution concerning timing
of a deployed binary of machine code, without trusting the correctness
of the compiler, e.g., by executing a lightweight safety proof before
executing the binary.
Proof-carrying code (Necula, 1997)
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
29
broman@eecs.berkeley.edu
Part III
Utilizing a bridged gap –
virtual optimization of CPS
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
30
Simulation with Predictable Timing
broman@eecs.berkeley.edu
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Computation 4
Computation 2
Software-in-the-loop
(SIL) simulation
Different models of computation
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical Plant
Plant 12
Physical
Model
Equation-based model
Physical
Interface
Actuator
The PRETIL project aims at
adding one piece of the puzzle to
getting predictable timing of CPS
Networking
Sensors
System
Actuators
Physical system (the plant)
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Embedded systems (computation)
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
31
Optimization with Predictable Timing
broman@eecs.berkeley.edu
Platform 1
Actuator
Physical
Interface
Physical Plant 2
Network
Physical
Interface
Platform 2
Sensor
Computation 1
Delay 1
Computation 4
Computation 2
Software-in-the-loop
(SIL) simulation
Different models of computation
Sensor
Platform 3
Physical
Interface
Delay 2
Computation 3
Physical Plant
Plant 12
Physical
Equation-based model
Physical
Interface
Actuator
Design optimization problems
•  Parameter optimization of physical objects (e.g., thickness of shafts)
•  Architecture parameters, e.g., minimize clock frequency to lower energy
consumptions.
Predictable timing with correct timing constraints are essential to
performing the optimization on a global CPS model
Hard problems. One approach is to combine CPS simulation
with local search heuristics (e.g., tabu search or simulated annealing).
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Part III
Utilizing a bridged gap –
virtual optimization of CPS!
32
Conclusions and Summary
broman@eecs.berkeley.edu
Modelica / MKL
Ptolemy II /
PTIDES
New project in the Ptolemy group
(starting Jan 2012).
Overall challenge
To establish a new formal foundation of timing
predictability for the semantics of correct translation/
compilation from high-level CPS modeling languages
down to machine code for PRET machines.
Thank you for listening!
Part I !
Semantic gap
regarding time !
Part II!
Reducing the gap –
the PRETIL project!
Semantic gap
PRETIL
regarding
time
PRETIL compiler
PRET
Part III
Utilizing a bridged gap –
virtual optimization of CPS!