Modélisation compositionnelle d'architectures GALS dans un modèle de calcul polychrone

(Compositional modeling of GALS architecture in a polychronous model of computation)

**Yue MA**, Thierry Gautier, Jean-Pierre Talpin, Paul Le Guernic, Huafeng Yu

INRIA Rennes/IRISA



## **Embedded systems**

#### **Application domains**

Avionics, automobile, telecommunications, ...

#### Embedded systems design

- Design methodology
   Modular design
   System level co-design
   GALS
- Modeling & design language
   UML, AADL, SystemC, ...
- Connecting Sreen Phore Mobile Phore Mobile Phore Set Bor Auto PC Auto PC Data Chent This Chent Mellow Mellow
- Problems: determinism, property verification, ...

## Motivation (1)



## Motivation (2)

- Synchronous models of computation
- Master clock
- Lustre, Simulink, ...



Asynchronous models of computation

- No global clock
- UML, SysML, ...



## Motivation (3)

Polychronous model of computation

- Composing modules
- Each module is a synchronous software
- No master clock
- Clocks are related to synchronization constraints



### Proposition of this work



#### Modeling



### Simulation & validation



6

# Outline

### Context

AADL specification

Signal language and Polychrony

- Contributions
- Case study
- Perspectives and conclusions

## Architecture Analysis and Design Language



### AADL

### Component-based architecture

- Application software
- Execution platform
- Composite

| A data    | <pre>improcessor improcessor i</pre> |
|-----------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| composite |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |

### Signal – a multi-clocked data-flow language

- Formal specification of embedded real-time systems
- Model of computation suitable for GALS
- Polychronous model of computation: multi-clocked



# Outline

- Context
- Contribution

Modeling AADL components in Signal

Distributed model generation

- Case study
- Perspectives and conclusions

## **Proposed approach**

### Modeling AADL in Signal

- Architecture components
- Behavior specifications (Behavior Annex, Simulink ...)



#### Polychrony



#### TopCased



12

### From abstract logical time to more concrete simulation time (1)

### Modeling computation latencies

- Synchronous program: logical instantaneous execution
- AADL model: computation for a specified time interval
- Adapter: interface different timing semantics
  - P: process
  - P\_o: container

#### OM: (output) "memory" process



### From abstract logical time to more concrete simulation time (2)

### Modeling propagation delays

- Synchronous program: instantaneous communication
- AADL model: received input could be memorized
- Activation signal

IM: (input) "memory" process



### From abstract logical time to more concrete simulation time (3)

### Towards modeling time-based scheduling

- How to control the activation and delay conditions
- How to generate these conditions
- Timing environment



## Thread modeling



## Components implemented in this work

- Software
   Thread
   Process
   Subprogram
   Data
- Hardware
   Processor
   Bus
   Device
- System



# Outline

- Context
- Contribution

Modeling AADL components in Signal

Distributed model generation

- Case study
- Perspectives and conclusions

### Virtual prototyping of distributed code generation



## A distribution example

- Distribution properties
- Assign each module to a different processor
- Scheduling



Communication



20

# Outline

Context

## Contribution

Modeling AADL components in Signal

Distributed model generation

- Case study
- Perspectives and conclusions

#### A350 Doors Management System

#### **Flight control systems**

- Landing gear system
- **Doors management system** 
  - Passenger doors, emergency exits, cargo doors
  - Monitor doors status via door sensors



### Simplified Doors and Slides Control System

 Software component monitor door status control flight lock



Core Processing Remote Data Hardware equipments Input/Output Modules **Concentrators** (CPIOM) (RDC) Door actuators Aircraft Full Duplex (AFDX) Door sensors AFDX bus Overflow Differential Landing gear door. door Valve Control pressure system (LGS) sensors actuators Unit (OCU) system (DPS)

### **Co-modeling**

Simulink

#### AADL



Asynchronous structural specification



Synchronous functional specification

### Polychrony



#### GALS simulation model

### Global view of co-design



25

### Simulation

- System modeling
- Formal transformation
- System composition
- VCD-based simulation





## **Conclusions and perspectives**

#### Conclusions

#### Polychronous modeling of a subset of AADL model

- Formal interpretation of AADL components
- An effective method for modeling and validation of GALS architecture

#### Distributed code generation

Distribute code to different processors

#### Formal verification, simulation and analysis

A case study for co-modeling and simu

#### Perspectives

#### Extension of the modeling

- Cover a larger subset of AADL
- Dynamic scheduling model and schedulability analysis

#### Extension of validation

Test case generation



27