400 likes | 484 Vues
EECE 396-1 Hybrid and Embedded Systems: Computation. T. John Koo, Ph.D. Institute for Software Integrated Systems Department of Electrical Engineering and Computer Science Vanderbilt University 300 Featheringill Hall April 1, 2004 john.koo@vanderbilt.edu
E N D
EECE 396-1Hybrid and Embedded Systems: Computation T. John Koo, Ph.D. Institute for Software Integrated Systems Department of Electrical Engineering and Computer Science Vanderbilt University 300 Featheringill Hall April 1, 2004 john.koo@vanderbilt.edu http://www.vuse.vanderbilt.edu/~kootj
Outline • Motivation • Hybrid Systems • Verification of Timed Automata • A Design Example • Future Works
Route map router sensor appln application Active Messages packet Serial Packet Temp Radio Packet SW byte HW UART Radio byte i2c photo bit clocks RFM Distributed Sensing and Sensor Networks • Creation of a fundamental unifying framework for real-time distributed/decentralized information processing with applications to sensor networks System Architecture for Networked Sensor • ATMEL 4 Mhz CPU • RFM 916 MHz radio • 64KB EEPROM • Sensor Bus: • 7 Analog sensors • 2 I2C buses • 1 SPI bus • Runs Tiny OS • 2 weeks on AA batteries • 1% duty w/ solar power
Distributed Sensing and Sensor Networks • Networked sensors dropped from an aerial vehicle Ad hoc networking
Interpolate to grid points Compute flow Distributed Sensing and Sensor Networks • Recovering Flow from Distributed Networks • In a dense sensor scenario, environmental data can be interpolated • Over a few time steps, optical flow algorithms are applied to determine flow • Accuracy of results is highly dependent on the smoothness of the flow Sense temperature at nodes
Route map router sensor appln application Active Messages packet Serial Packet Temp Radio Packet SW byte HW UART Radio byte i2c photo bit clocks RFM System Architecture for Networked Sensors • Constrained two-level scheduling model: threads + events • Components: Frame (storage), Threads (concurrency), Commands, and Handlers (events) • Constrained Storage Model • Very lean multithreading • Layering: components issue commands to lower-level components
sensing application application packet Radio Packet Radio byte byte SW photo HW RFM command ADC bit clocks event TinyOS • TinyOS - component-based operating system • Modularity by assembling only the software components to synthesize application from hardware components • Components as reentrant cooperating finite state machines
Packet Level Byte Level RFM Bit Level Example: Communication … Event fountain handling Put processor sleep Task handling 1 byte = 18 bits 1 packet = 30 bytes
Design Considerations • Characteristic of sensor networks • Dynamical behaviors depend on the environment • Deploy once and leave without future maintenance • Energy consumption varies between applications • We suggest to use formal methods to • verify system performance to guarantee correct operation in every circumstances • predict lifetime of a given application scenario Functional Behaviors +Temporal Behaviors Timed Automata System States = Discrete States + Continuous States(Time + Energy) State Transitions = Discrete Transitions(Events) + Continuous Transitions
What Are Hybrid Systems? • Dynamical systems with interacting continuous and discrete dynamics
Why Hybrid Systems? • Modeling abstraction of • Continuous systems with phased operation (e.g. walking robots, mechanical systems with collisions, circuits with diodes) • Continuous systems controlled by discrete inputs (e.g. switches, valves, digital computers) • Coordinating processes (multi-agent systems) • Important in applications • Hardware verification/CAD, real time software • Manufacturing, communication networks, multimedia • Large scale, multi-agent systems • Automated Highway Systems (AHS) • Air Traffic Management Systems (ATM) • Uninhabited Aerial Vehicles (UAV) • Power Networks
Research Issues • Modeling & Simulation • Control: classify discrete phenomena, existence and uniqueness of execution, Zeno [Branicky, Brockett, van der Schaft, Astrom] • Computer Science: composition and abstraction operations [Alur-Henzinger, Lynch, Sifakis, Varaiya] • Analysis & Verification • Control: stability, Lyapunov techniques [Branicky, Michel], LMI techniques [Johansson-Rantzer] • Computer Science: Algorithmic [Alur-Henzinger, Sifakis, Pappas-Lafferrier-Sastry] or deductive methods [Lynch, Manna, Pnuelli], Abstraction [Pappas-Tabuada, Koo-Sastry] • Controller Synthesis • Control: optimal control [Branicky-Mitter, Bensoussan-Menaldi], hierarchical control [Caines, Pappas-Sastry], supervisory control [Lemmon-Antsaklis], safety specifications [Lygeros-Sastry, Tomlin-Lygeros-Sastry], control mode switching [Koo-Pappas-Sastry] • Computer Science: algorithmic synthesis [Maler et.al., Wong-Toi], synthesis based on HJB [Mitchell-Tomlin]
Verification • Deductive Methods • Theorem-Proving techniques [Lynch, Manna, Pnuelli] • Model Checking • State-space exploration [Alur-Henzinger, Sifakis, Pappas-Lafferrier-Sastry] Reachability Problem Forward Reachable Set
Post23(x1) Post2r(F) Post2r(x2) Post[0,2r](F) Postr(x1) Postr(F) Postr(x2) Post[0,r](F) x1 F x2 Computational Tools • Verification based on Modal Checking Finite Automata Timed Automata Linear Automata Linear Hybrid Systems Nonlinear Hybrid Systems COSPAN SMV VIS … Timed COSPAN KRONOS Timed HSIS VERITI UPPAAL HyTech Requiem d/dt CheckMate
Computational Tools • Simulation • Ptolemy II: ptolemy.eecs.berkeley.edu • Modelica: www.modelica.org • SHIFT: www.path.berkeley.edu/shift • Dymola: www.dynasim.se • OmSim: www.control.lth.se/~cace/omsim.html • ABACUSS: yoric.mit.edu/abacuss/abacuss.html • Stateflow: www.mathworks.com/products/stateflow • CHARON: http://www.cis.upenn.edu/mobies/charon/ • Masaccio: http://www-cad.eecs.berkeley.edu/~tah/Publications/masaccio.html
Computational Tools • Simulation Masaccio CHARON Ptolemy II Dymola Modelica StateFlow/Simulink System Complexity ABACUSS SHIFT OmSim Models of Computation
Hybrid Modeling of Sensor Networks • HyTech • Verifies functional and temporal properties of linear hybrid automata • Based on Model Checking and providing debugging traces • Hybrid Automaton with flows which are linear in time • SHIFT • Models and simulates dynamic networks of hybrid automata • Components created, interconnected, destroyed as the system evolves • Components interact through their inputs, outputs and exported events
Hybrid Modeling of Sensor Networks • HyTech Example start of an execution of the timed automaton
Hybrid Modeling of Sensor Networks • HyTech Reachability Problem: Starting from somewhere in an initial set, would the set of states eventually reach somewhere in the target set?
Hybrid Modeling of Sensor Networks • HyTech Equivalent Classes 12x2 30x2 18x2 Every point in an equivalent class has the same reachability property.
Hybrid Modeling of Sensor Networks • HyTech Equivalent Classes 12x2 30x2 18x2 Idea: The reachability problem for timed automaton (Transition System) can be answered on a FSM (Quotient Transition System) which is defined on the quotient space of the bisimulation.
Both initial and final sets are union of equivalence classes Bisimulation-based Abstraction • Transition System • To study the reachability properties of time automata, each timed automaton is converted into a transition system. • Consider the equivalence relation, we have the following definitions: • Definition 1 (Bisimulation)
Bisimulation-based Abstraction • Transition System
Bisimulation-based Abstraction • Consider the transition system and the equivalence relation, we have the following result: • Therefore, one can define the reachability preserving quotient system of the transition system
Bisimulation-based Abstraction • Transition System and its Quotient System
sensing application application transmit_pack receive_pack packet Radio Packet rx_byte_ ready tx_byte_ ready tx_ byte packet_ done_neg packet_ done_pos post_encode byte post_decode Radio byte Task handler rfm_rx_comp rfm_ rx_ev rfm_rx_ comp rfm_ tx_ev rfm_tx_ comp rfm_tx_comp bit RFM rfm_clock rfm_clock Packet generation Overall View of TinyOS Automata
Packet Generation and Application Automata Application Packet_generation idle rt>= cbit_time / rt’=0, pt’=pt+1, sync rfm_clock rt=0,pt=0 at=0 at>=cbetween/ at’=0, sync transmit_pack rt<=cbit_time pt<=cidle drt=1 pt>=cgeneration/ rt’=0, bit’=0, pt’=0, sync rfm_clock at<=cbetween dat=1 pt>=cidle/ rt’=0, bit’=1, pt’=0, sync rfm_clock rt<=cbit_time pt<=cgeneration drt=1 sync receive_pack/ at’=0, sync trans_packet rt>=cbit_time/ rt’=0, pt’=pt+1, sync rfm_clock generate cbit_time cidle cgeneration
Radio Byte From TinyOS to Hytech rfm_rx_comp rfm_rx_ev RFM Bit rfm_clock Packet Gen. RFM Energy spent by the transceiver RFM receive transmit sync rfm_rx_comp/ sync rfm_tx_comp/ drfmt=0 drfmt=0 sync rfm_clock/ rfmt’=0, energy’=energy+crec sync rfm_rx_comp/ sync rfm_clock/ rfmt’=0, energy’=energy+ctrans sync rfm_tx_comp/ rfmt<=crec_handler drfmt=1 drfmt=0 drfmt=0 rfmt<=ctrans_handler drfmt=1 rec_energy rfmt>=crec_handler/ sync rfm_rx_ev rec_wait trans_wait trans_energy rfmt>=crec_handler/ sync rfm_tx_ev
From TinyOS to HyTech Task Handler idle Energy spent by processing events dht=0 dct=0 denergy=cinactive sync rfm_rx_comp | sync rfm_tx_comp / exec ht<=0/ sync rfm_clock/ dht=0 dct=0 denergy=cactive op ht>=0 dht=-1 dct=0 denergy=cactive Energy spent by posting tasks sync rfm_clock/ sync encode/ ht’=cencode, ct’=0 sync decode/ ht’=cdecode, ct’=0 sync decode/ ht’=ht+cdecode, ct’=0 sync rfm_rx_comp | sync rfm_tx_comp / ct<=ctask_post dht=0 dct=1 denergy=cactive dht=0 dct=0 denergy=cactive sync encode/ ht’=ht+cencode, ct’=0 Energy spent by processing tasks op-wait ct>=ctask_post/ sync post_task_done op-exec
Packet Level Byte Level RFM Bit Level Verification of TinyOS with HyTech … transmitting packet level idle idle receiving receiving byte level
Verification of TinyOS with HyTech • Analysis commands for verification: init_reg := …..; final_reg := loc[rpacket]=transmit & loc[rbyte]=receive; reached := reach forward from init_reg endreach; if empty(reached & final_reg) then prints “working fine” else print trace to final_reg using reached; endif;
Power Analysis of TinyOS with HyTech • Power analysis through variable energy by using trace generation feature of HyTech by setting • final_reg = t>300000; • Power Consumption vs. # of Children power
Hybrid Modeling of a Sensor Network • Uniform Distribution • 100 node • 100m x 100m • 4 Macro Clusters • Children determined according to position distribution
Hybrid Modeling of a Sensor Network • 4 Types of Node Automata. • Create an instance for each node. • Destroy the instance when the node dies. • Distribute the load to its group. • Notify upper group when there is a death.
Hybrid Modeling of a Sensor Network • SHIFT - Describes dynamic networks of hybrid automata • Components created, interconnected, destroyed as the system evolves • Components interact through their inputs, outputs and exported events
Model of a node x – Consumed energy f – Power consumption S – Group of nodes
Validation Results • Need powerful nodes in group 1. • Group 1 suffers from high load and backoff time. • Group 4 dies at the same time.
Conclusion • Sensor nodes are aimed to be left without maintenance. • Verification is needed for reliability. • Power is a detrimental concern in sensor world. • Power analysis is needed for the life time of the node. • Network power analysis is needed for the life time of the network. • Modeling and Analysis are based on Hybrid Automata • Verification and Power analysis with HyTech . • Network power analysis with SHIFT.