Showing papers by "Alberto Sangiovanni-Vincentelli published in 2003"
TL;DR: Based on a metamodel with formal semantics that developers can use to capture designs, Metropolis provides an environment for complex electronic-system design that supports simulation, formal analysis, and synthesis.
Abstract: Today, the design chain lacks adequate support, with most system-level designers using a collection of unlinked tools. The implementation then proceeds with informal techniques involving numerous human-language interactions that create unnecessary and unwanted iterations among groups of designers in different companies or different divisions. The move toward programmable platforms shifts the design implementation task toward embedded software design. When embedded software reaches the complexity typical of today's designs, the risk that the software will not function correctly increases exponentially. The Metropolis project seeks to develop a unified framework that can cope with this challenge. Based on a metamodel with formal semantics that developers can use to capture designs, Metropolis provides an environment for complex electronic-system design that supports simulation, formal analysis, and synthesis.
549 citations
22 Oct 2003
TL;DR: A taxonomy for classification of faults in sensor networks and the first on-line model-based testing technique that can be applied on an arbitrary system of heterogeneous sensors with an arbitrary type of fault model is introduced.
Abstract: On-line fault detection in sensor networks is of paramount importance due to the convergence of a variety of challenging technological, application, conceptual, and safety related factors. We introduce a taxonomy for classification of faults in sensor networks and the first on-line model-based testing technique. The approach is generic in the sense that it can be applied on an arbitrary system of heterogeneous sensors with an arbitrary type of fault model, while it provides a flexible tradeoff between accuracy and latency. The key idea is to formulate on-line testing as a set of instances of a non-linear function minimization and consequently apply nonparametric statistical methods to identify the sensors that have the highest probability to be faulty. The optimization is conducted using the Powell nonlinear function minimization method. The effectiveness of the approach is evaluated in the presence of random noise using a system of light sensors.
191 citations
30 Oct 2003
TL;DR: This work addresses the issue of fault tolerant chip architectures for automotive applications by reviewing fault-tolerant architectures commonly used in other industrial domains and comparing them with a metric that combines traditional terms such as cost, performance and fault coverage with flexibility.
Abstract: Fault-tolerant electronic sub-systems are becoming a standard requirement in the automotive industrial sector as electronics becomes pervasive in present cars. We address the issue of fault tolerant chip architectures for automotive applications. We begin by reviewing fault-tolerant architectures commonly used in other industrial domains where fault-tolerant electronics has been a must for a number of years, e.g., the aircraft manufacturing industrial sector. We then proceed to investigate how these architecture could be implemented on a single chip and we compare them with a metric that combines traditional terms such as cost, performance and fault coverage with flexibility, i.e. the ability of adapting to changing requirements and capturing a wide range of applications, an emerging criterion for platform design. Finally, we describe in some details a cost effective dual lock-step platform that can be used as a single fail-operational unit or as two fail-silent channels trading fault-tolerance for performance.
159 citations
13 Oct 2003
TL;DR: An analytical model is provided that justifies the choice of the clustering cost function and a set of experiments are discussed showing the effectiveness of the overall approach with respect to the exact algorithm.
Abstract: We propose an efficient heuristic for the constraint-driven communication synthesis (CDCS) of on-chip communication networks. The complexity of the synthesis problems comes from the number of constraints that have to be considered. We propose to cluster constraints to reduce the number that needs to be considered by the optimization algorithm. Then a quadratic programming approach is used to solve the communication synthesis problem with the clustered constraints. We provide an analytical model that justifies our choice of the clustering cost function and we discuss a set of experiments showing the effectiveness of the overall approach with respect to the exact algorithm.
151 citations
02 Jun 2003
TL;DR: This paper directly model performance spaces as mathematical relations based on two-class and one-class SVMs, with the latter providing a better tradeoff between accuracy and complexity avoiding "curse of dimensionality" issues with 2- class SVMs.
Abstract: The use of Support Vector Machines (SVMs) to represent the performance space of analog circuits is explored. In abstract terms, an analog circuit maps a set of input design parameters to a set of performance figures. This function is usually evaluated through simulations and its range defines the feasible performance space of the circuit. In this paper, we directly model performance spaces as mathematical relations. We study approximation approaches based on two-class and one-class SVMs, the latter providing a better tradeoff between accuracy and complexity avoiding "curse of dimensionality" issues with 2-class SVMs. We propose two improvements of the basic one-class SVM performances: conformal mapping and active learning. Finally, we develop an efficient algorithm to compute projections, so that top-down methodologies can be easily supported.
112 citations
09 Dec 2003
TL;DR: In this article, the notion of generic final-state asymptotically determinable hybrid systems is introduced and sufficient conditions for a linear hybrid system to be generic final state determinable are given These conditions are related to the minimum and maximum sojourn time in each location as well as the dimension and orientation of the unobservable subspaces and the reset mappings between them.
Abstract: The notion of generic final-state asymptotically determinable hybrid system is introduced Then, sufficient conditions for a linear hybrid system to be generic final-state asymptotically determinable are given These conditions show that generic final-state asymptotic determinability can be verified even if each of the continuous subsystems of the hybrid system is not observable More precisely, these conditions are related to the minimum and maximum sojourn time in each location as well as on the dimension and orientation of the unobservable subspaces and on the reset mappings between them
77 citations
01 Jan 2003
TL;DR: This paper addresses the fundamental issue of defining a standard set of services and interface primitives which should be made available to an application programmer independently on their implementation on any present and future sensor network platform.
Abstract: This paper addresses the fundamental issue of defining a standard set of services and interface primitives which should be made available to an application programmer independently on their implementation on any present and future sensor network platform. As the definition of sockets has made the use of communication services in the Internet independent of the underlying protocol stack, communication medium and even operating system, the application interface we propose identifies an abstraction that is offered to any sensor network application and supported by any sensor network platform. The distributed service platform we introduce builds on the query/command paradigm already used in several sensor network implementations and includes time synchronization, location and naming services that support the communication and coordination among application components.
69 citations
[...]
TL;DR: The 40th anniversary of the design automation conference with a keynote lecture intended to place in perspective the most relevant research results presented at DAC in all these years and to identify trends and challenges for the future of electronic design automation (EDA).
Abstract: The 40th anniversary of the design automation conference with a keynote lecture intended to place in perspective the most relevant research results presented at DAC in all these years and to identify trends and challenges for the future of electronic design automation (EDA). EDA is a unique, wonderful field where research, innovation, and business have come together for many years, as demonstrated by its accomplishments over the past 40 years.
66 citations
13 Oct 2003
TL;DR: A mathematical framework to deal with the composition of heterogeneous reactive systems is proposed, which allows to establish theorems, from which design techniques can be derived.
Abstract: We propose a mathematical framework to deal with the composition of heterogeneous reactive systems. Our theory allows to establish theorems, from which design techniques can be derived. We illustrate this by two cases: the deployment of synchronous designs over GALS architectures, and the deployment of synchronous designs over the so-called Loosely Time-Triggered Architectures.
51 citations
01 Jan 2003
TL;DR: This chapter presents a specification technique based on UML for the design of embedded systems and platforms that covers stereotypes and extended notations to represent platform services and their attributes in embedded software development.
Abstract: This chapter presents a specification technique based on UML for the design of embedded systems and platforms. It covers stereotypes and extended notations to represent platform services and their attributes in embedded software development. It also presents a design methodology for embedded systems that is based on platform-based design principles.
46 citations
TL;DR: An estimation technique for injector characteristics based on a set of measurements that can be carried out using the sensors present in the car, i.e., intake manifold pressure, crank-shaft speed, throttle-valve plate angle, injection timings and exhaust A/F ratio, which is measured by a single UEGO sensor placed at the exhaust pipe output is presented.
TL;DR: A new platform-based methodology can revolutionize the way a car is designed and help to provide entertainment and communication, and to ensure safety.
Abstract: Electronic components are now essential to control a car's movements and chemical, mechanical, and electrical processes; to provide entertainment and communication; and to ensure safety A new platform-based methodology can revolutionize the way a car is designed
01 Jan 2003
TL;DR: This paper defines a UML profile, called UML Platform, and shows how it can be used to represent platforms, and as an example, the Intercom platform designed at the Berkeley Wireless Research Center is presented to illustrate the approach.
Abstract: Important trends are emerging for the design of embedded systems: a) the use of highly programmable platforms, and b) the use of the Unified Modeling Language (UML) for embedded software development. We believe that the time has come to combine these two concepts into a unified embedded system development methodology. Although each concept is powerful in its own right, their combination magnifies the effective gains in productivity and implementation. This paper defines a UML profile, called UML Platform, and shows how it can be used to represent platforms. As an example, the Intercom platform designed at the Berkeley Wireless Research Center is presented to illustrate the approach.
29 Jan 2003
TL;DR: The concepts of platform-based design are used to develop a methodology for the design of automatic control systems that builds in modularity and correct-by-construction procedures that is successful to design a time-based control system for a helicopter-based uninhabited aerial vehicle.
Abstract: Automatic control systems typically incorporate legacy code and components that were originally designed to operate independently. Furthermore, they operate under stringent safety and timing constraints. Current design strategies deal with these requirements and characteristics with ad hoc approaches. In particular, when designing control laws, implementation constraints are often ignored or cursorily estimated. Indeed, costly redesigns are needed after a prototype of the control system is built because of missed timing constraints and subtle transient errors. In this paper, we use the concepts of platform-based design to develop a methodology for the design of automatic control systems that builds in modularity and correct-by-construction procedures. We illustrate our strategy by describing the (successful) application of the methodology to the design of a time-based control system for a helicopter-based uninhabited aerial vehicle.
02 Jun 2003
TL;DR: A tool suite for building, simulating, and analyzing the results of hierarchical tree-like structure descriptions of the scheduling policy for modules sharing a bus in real-time applications that can describe many popular arbitration schemes.
Abstract: We present a tool suite for building, simulating, and analyzing the results of hierarchical tree-like structure descriptions of the scheduling policy for modules sharing a bus in real-time applications. These schedules can be based on a variety of factors including characteristics of messages and time slicing and are represented in a hierarchical tree-like structure that specifies multiple levels of arbitration. This structure can describe many popular arbitration schemes. Our simulator evaluates the specified scheduling structure on a set of message traces for a given bus. We illustrate our approach by applying it to two examples: the SAE automotive benchmark and Voice over IP (VoIP). Although this paper deals with just bus scheduling policies, the approach can be easily extended to other real-time scheduling problems.
25 Aug 2003
TL;DR: In this paper, the authors address the fundamental problem of how to maximize the life-time of the network by using only local information while preserving network connectivity and introduce the care-free sleep (CS) theorem that provides provably optimal necessary and sufficient conditions for a node to turn off its radio while ensuring that global connectivity is not affected.
Abstract: Distributed wireless ad-hoc networks (DWANs) pose numerous technical challenges. Among them, two are widely considered as crucial: autonomous localized operation and minimization of energy consumption. We address the fundamental problem of how to maximize the life-time of the network by using only local information while preserving network connectivity. We start by introducing the care-free sleep (CS) theorem that provides provably optimal necessary and sufficient conditions for a node to turn off its radio while ensuring that global connectivity is not affected. The CS theorem is the basis for an efficient localized algorithm that decides which node will turn its radio off, and for how long. The effectiveness of the approach is demonstrated using numerous simulations of the performance of the algorithm over a wide range of network parameters.
Book•
30 Nov 2003
TL;DR: In this article, the authors present a survey of existing techniques for noise analysis of non-autonomous circuits with multitone inputs and phase-locked loops, as well as a solution for SDEs.
Abstract: 1. Introduction.- 2. Overview of Existing Techniques.- 3. Perturbation Analysis of Stable Oscillators.- 4. Noise Analysis of Stable Oscillators.- 5. Noise Analysis of Nonautonomous Circuits.- 6. Noise Analysis of Circuits with Multitone Inputs.- 7. Noise Analysis of Phase-Locked Loops.- 8. Conclusions and Future Directions.- Appendices.- Definitions and Solution Techniques of SDEs.- 1 Mathematical Preliminaries.- 2 Ito Integrals.- 3 Stochastic Differential Equations.
08 Sep 2003
TL;DR: This model identifies the conditions under which an optimally-retimed synchronous circuit can be further sped-up and determines the amount of the resulting performance gain.
Abstract: Recycling was recently proposed as a system-level design technique to facilitate the building of complex system-on-chips (SOC) by assembling pre-designed components. Recycling allows us to model the communication patterns among the components, analyze the impact of interconnect latency on the overall data processing throughput, and manage computation/communication tradeoffs to optimize the performance of the system. In this paper, we present recycling as a circuit-level design technique for optimizing the performance of sequential circuits beyond what can be achieved by retiming. We also provide a theoretical framework to guide the simultaneous application of the two techniques. Our model identifies the conditions under which an optimally-retimed synchronous circuit can be further sped-up and determines the amount of the resulting performance gain.
09 Nov 2003
TL;DR: Anvel approach for the computation of the upper bound that avoid the untractable exhaustive exploration of the entire space is presented and the accuracy of both the algorithm and the noisecurrent models used for the library characterization are proven.
Abstract: Currents injected by CMOS digital circuit blocks into the power grid and into the substrate of a system-on-a-chip may affect reliability and performance of other sensitive circuit blocks. To verify the correct operation of the system, an upper bound for the spectrum of the noise current has to be provided with respect to all possible transitions of the circuit inputs. The number of input transitions is exponential in the number of circuit inputs. In this paper, we present a novel approach for the computation of the upper bound that avoids the untractable exhaustive exploration of the entire space. Its computational complexity is indeed linear in the number of gates. Our approach requires CMOS standard cell libraries to be characterized for injected noise current. In this paper, we also present an approach for this characterization of CMOS standard cells. Experimental results have proven the accuracy of both the algorithm and the noise current models used for the library characterization.
TL;DR: In this article, the interaction between the controller and a non- deterministic hybrid plant is viewed as a two-person game, where the controller wins if it keeps the state of the closed-loop system within a specified set of good states; its adversarial environment tries to force the system outside the good set.
Abstract: A systematic procedure for synthesizing all full-state feedback controllers for a hybrid system subject to a safety (state-invariance) specification has been proposed in the literature. The interaction between the controller and a non- deterministic hybrid plant is viewed as a two-person game. The controller wins if it keeps the state of the closed-loop system within a specified set of good states; its adversarial environment tries to force the system outside the good set. The synthesis procedure iteratively augments the set of states from which the environment wins via either one additional discrete step, or one additional continuous flow. The key difficulty in carrying out the synthesis procedure lies in the computations for continuous flows. One must essentially solve a differential game in which the environment is trying to drive the system into its target set at the same time as avoiding the target set of the controller. In this paper, we study hybrid systems with lower bounds on the separation betwe...
04 Jun 2003
TL;DR: A sub-optimal but effective and easily implementable solution is obtained by resorting to the command governor methodology for a discrete-time abstraction of the hybrid model.
Abstract: The idle speed control problem for automotive GDI engines is formalized as a constrained optimal control problem for a hybrid model of the GDI engine, where fuel consumption is the cost function to be minimized. A sub-optimal but effective and easily implementable solution is obtained by resorting to the command governor methodology for a discrete-time abstraction of the hybrid model. Simulation results of the hybrid closed-loop system are presented.
01 Oct 2003
TL;DR: Latency-insensitive design is a step in the direction of new methodologies that regard the chip as a distributed system and will have a major impact on the design of on-chip communication architectures, which increasingly rely on wire pipelining to go beyond the capabilities of traditional wire buffering.
Abstract: The semiconductor industry is experiencing a paradigm shift from "computation-bound design" to "communication-bound design": the number of transistors that can be reached in a clock cycle, and not those that can be integrated on a chip, will drive the design process. Interconnect latency will have a major impact on the design of on-chip communication architectures, which increasingly rely on wire pipelining to go beyond the capabilities of traditional wire buffering. The insertion of stateful repeaters on long wires, instead of simply stateless repeaters, carries major sequences for the synchronous design methodology. This is the foundation of the design flows for the majority of commercial chips today, but, if left unchanged, will lead to an exacerbation of the timing closure problem for tomorrow's design flows. New methodologies that regard the chip as a distributed system are necessary. Latency-insensitive design is a step in this direction.
01 Jan 2003
TL;DR: An overview of the optimization system including the input language, the algorithms which minimize the area of the implementation, and the algorithms used to re-structure the logic network to meet the system-level timing constraints is provided.
Abstract: MIS is a multi-level logic synthesis and minimization system and is an integral part of the Berkeley Synthesis Project. MIS starts from a description of a combinational logic macro-cell and produces an optimized set of logic equations which preserves the input-output behavior of the macro-cell. The system includes algorithms for minimizing the area required to implement the logic equations, and a global timing optimization step which is used to change the form of the logic equations along the critical path in order to meet system-level timing constraints. This paper provides an overview of the optimization system including the input language, the algorithms which minimize the area of the implementation, and the algorithms used to re-structure the logic network to meet the system-level timing constraints. Although the system is still under development, pieces of an industrially designed chip have been re-synthesized with MIS and the results compare favorably with the manual designs.
01 Jan 2003
TL;DR: This work casts the problem of designing a component that combined with a known part of a system, called the context, conforms to a given overall specification as solving abstract equations over languages and studies the most general solutions under the synchronous and parallel composition operators.
Abstract: Consider the problem of designing a component that combined with a known part of a system, called the context, conforms to a given overall specification. This question arises in several applications ranging from logic synthesis to the design of discrete controllers. We cast the problem as solving abstract equations over languages and study the most general solutions under the synchronous and parallel composition operators. We also specialize such language equations to languages associated with important classes of automata used for modeling systems, e.g., regular languages as counterparts of finite automata, FSM languages as counterparts of FSMs. Thus we can operate algorithmically on those languages through their automata and study how to solve effectively their language equations. We investigate the maximal subsets of solutions closed with respect to various language properties. In particular, we investigate classes of the largest compositional solutions (defined by properties exhibited by the composition of the solution and of the context). We provide the first algorithm to compute the largest compositionally progressive solution of synchronous equations. This approach unifies in a seamless frame previously reported techniques. As an application we solve the classical problem of synthesizing a converter between a mismatched pair of protocols, using their specifications, as well as those of the channel and of the required service.
13 Oct 2003
TL;DR: This work presents a method for finding symmetries of Boolean functions based on a two-step approach that avoids the complexity issues inherent to methods using BDDs, yet it still works automatically and independently from the input specification format.
Abstract: Functional symmetries provide significant benefits for multiple tasks in synthesis and verification. Many applications require the manual specification of symmetries using special language features such as symmetric data types. Methods for automatically detecting symmetries are based on functional analysis, e.g. using BDDs, or structural methods. The latter search for circuit graph automorphisms which imply functional symmetry. We present a method for finding symmetries of Boolean functions based on a two-step approach. First, the circuit structure is modified to maximize its structural regularity and thus the number of inherent automorphisms. The next step implements a fast algorithm for detecting the automorphism generators of the circuit graph. The generators provide a compact representation of all automorphisms, which in turn encode a subset of the functional symmetries. Because of its pure structural nature, our approach avoids the complexity issues inherent to methods using BDDs, yet it still works automatically and independently from the input specification format. However, the described method may not detect all functional symmetries, however, our experiments demonstrate that it can find the majority of the symmetries present in practical circuits.
01 Jan 2003
TL;DR: An algorithm for determining the minimum representation of an incompletely-specified, multiple-valued input, binary-valued output, function and derived minimum representations for several mathematical functions whose unsuccessful exact minimization has been previously reported in the literature.
Abstract: We present an algorithm for determining the minimum representation of an incompletely-specified, multiple-valued input, binary-valued output, function. The overall strategy is similar to the well-known Quine-McCluskey algorithm; however, the techniques used to solve each step are new. The advantages of the algorithm include a fast technique for detecting and eliminating from further consideration the essential prime implicants and the totally redundant prime implicants, and a fast technique for generating a reduced form of the prime implicant table. The minimum cover problem is solved with a branch and bound algorithm using a maximal independent set heuristic to control the selection of a branching variable and the bounding. Using this algorithm, we have derived minimum representations for several mathematical functions whose unsuccessful exact minimization has been previously reported in the literature. The exact algorithm has been used to determine the efficiency and solution quality provided by the heuristic minimize Espresso-MV [11] Also, a detailed comparison with McBoole [2] shows that the algorithm presented here is able to solve a larger percentage of the problems from a set of industrial examples within a fixed allocation of computer resources.
23 Jun 2003
TL;DR: An idle speed controller for automotive GDI engines is presented by using the Command Governor methodology for a discrete-time relaxation of the hybrid model, which describes the multirate nature of the engine input signals.
Abstract: In this paper we present an idle speed controller for automotive GDI engines. The idle speed control problem is formalized as a robust constrained optimal control problem for a hybrid model of the GDI engine. The cost to be minimized is fuel consumption. A sub-optimal robust controller is obtained by using the Command Governor methodology for a discrete-time relaxation of the hybrid model, which describes the multirate nature of the engine input signals. Simulation results of the hybrid closed-loop system are presented.
01 Jan 2003
TL;DR: This work introduces a formal semantic foundation that supports a wide range of levels of abstraction and describes how it can integrate several models for reactive systems.
Abstract: Embedded system design methodologies that are based on the effective use of multiple levels of abstraction hold promise for substantial productivity gains. Starting the design process at a high level of abstraction improves control over the design and facilitates verification and synthesis. In particular, if we use a rigorous approach to link the levels of abstraction, we can establish properties of lower levels from analysis at higher levels. This process goes by the name of “design by refinement”. To maximize its benefit, design by refinement requires a formal semantic foundation that supports a wide range of levels of abstraction. We introduce such a semantic foundation and describe how it can integrate several models for reactive systems.
03 Mar 2003
TL;DR: A case study in the design of automotive engine controllers: the development of a knock detection algorithm and its implementation in an optimized platform and the final design with the trade-offs explored.
Abstract: We present a case study in the design of automotive engine controllers: the development of a knock detection algorithm and its implementation in an optimized platform. The design problem is complicated by the need of using heterogeneous models of computation and different design environments. The use of different design environments, one for functional design and one for architectural design space exploration, requires to transform a model of computation into another. We describe how we solved this problem and we present the final design with the trade-offs explored.