Mode-automata: a new domain-specific construct for the development of safe critical systems
Florence Maraninchi,Yann Rémond +1 more
- Vol. 46, Iss: 3, pp 219-254
Reads0
Chats0
TLDR
This paper defines the language of mode-automata and its semantics, gives some ideas on the compilation process, illustrates the approach with the example of the production cell, and comment on the benefits of the approach, in general.Abstract:
Over the past ten years, the family of synchronous languages (Special Section of the Proc. IEEE 79 (9) (1991)) has been very successful in offering domain-specific, formally defined languages and programming environments for safety-critical systems. Among them, Lustre is well-suited for the development of regulation systems, which are first designed by control engineers, and can then be programmed as block-diagrams. Automatic generation of C code provides the embedded software.The success of Lustre showed that it is a good idea to offer domain-specific languages and constructs to reduce the gap between the first design of a system (for instance a control law) and the program written for it. When the structure of the first design has to be encoded into the available constructs of a general-purpose programming language, the interesting information is likely to be lost somewhere on the way from the original design to the actual implementation. This may have consequences on the efficiency of the code produced, or even on the correctness of the design.Working with the systems Lustre is well-suited for, we observed that they are often specified informally using the notion of running modes. However, there seemed to exist no language in which the mode-structure of a complex system could be expressed directly. Following the approach of domain-specific languages, we proposed to extend Lustre with a new construct, called mode-automaton, devoted to the description of these running modes of regulation systems.In this paper, we define the language of mode-automata and its semantics, give some ideas on the compilation process, illustrate the approach with the example of the production cell, and comment on the benefits of the approach, in general.read more
Citations
More filters
Proceedings ArticleDOI
A conservative extension of synchronous data-flow with state machines
TL;DR: The central idea of the paper is to base this extension of a synchronous data-flow language such as Lustre with imperative features expressed in terms of powerful state machine à la SyncChart on the use of clocks, translating imperative constructs into well clocked data- flow programs from the basic language.
Book ChapterDOI
A conceptual framework for adaptation
TL;DR: A conceptual vision of adaptation, a key feature of autonomic systems, is presented and how some of the programming paradigms and models used for adaptive systems match with this conceptual framework is argued.
Proceedings ArticleDOI
Zélus: a synchronous language with ODEs
Timothy Bourke,Marc Pouzet +1 more
TL;DR: It is shown that it is possible to build a modeler for explicit hybrid systems à la Simulink/Stateflow on top of an existing synchronous language, using it both as a semantic basis and as a target for code generation.
Proceedings ArticleDOI
Clock-directed modular code generation for synchronous data-flow languages
TL;DR: This article presents in full detail the modular compilation of synchronous block diagrams into sequential code with a first-order functional language reminiscent of LUSTRE, which it extends with a general n-ary merge operator, a reset construct, and a richer notion of clocks.
Journal ArticleDOI
Automating the addition of fault tolerance with discrete controller synthesis
Alain Girault,Eric Rutten +1 more
TL;DR: The demonstration that DCS can be elegantly used to design fault tolerant systems, with guarantees on key properties of the obtained system, such as the fault tolerance level, the satisfaction of quantitative constraints, and so on is demonstrated.
References
More filters
Journal ArticleDOI
Design patterns and language design
Joseph Gil,David H. Lorenz +1 more
TL;DR: Treating patterns as mechanisms that are candidates for being language features, rather than treating them as what they are meant to be, can help demystify them.
Proceedings ArticleDOI
A tool for high-level language analysis of worst-case execution times
TL;DR: A tool, called WCET analyzer (WCET stands for Worst-Case Execution Time), derives an upper bound for the execution time of a given piece of program code and provides detailed information about the worst-case behavior of that code at the programming language level.
Proceedings ArticleDOI
Safe and efficient elimination of infeasible execution paths in WCET estimation
TL;DR: Another approach for the safe elimination of infeasible execution paths is presented, based on the R/T programming language SIGNAL and its internal Dynamic Graph representation.
Book ChapterDOI
Real-Time Mode-Machines
TL;DR: This paper analyses the possible relationships between modes and states and argues that RTMMs should not behave like abstract state-machines, and is given a proof-theoretic semantics using many-sorted logic.
Proceedings ArticleDOI
A translation of Statecharts into Signal
TL;DR: A way to translate a Statecharts specification (imperative) to a Signal one (declarative, equational, synchronous) is shown, which gives access to the Signal tools from a State charts specification: verification, efficient/distributed/compact code generation using the clock calculus available in Signal.