Professional Documents
Culture Documents
Deadlock
Model-Based Design
&RQFHSWVGHVLJQSURFHVV
UHTXLUHPHQWVWRPRGHOVWRLPSOHPHQWDWLRQV
0RGHOV FKHFNSURSHUWLHVRILQWHUHVW
3UDFWLFH PRGHOLQWHUSUHWDWLRQWRLQIHUDFWXDOV\VWHP
WKUHDGVDQGPRQLWRUV
EHKDYLRU
$LP ULJRURXVGHVLJQSURFHVV
Concurrency: model-based design
Magee/Kramer
5HTXLUHPHQWV
$Q\
LJQLWLRQ LV VZLWFKHG
RQ DQG WKH
LGHQWLI\
GHVLJQ
LGHQWLI\
LGHQWLI\
FDQ EH
XVHG
RQ
EXWWRQ LV SUHVVHG
DSSURSULDWH
DSSURDFK
Magee/Kramer
VWUXFWXUH
LW PDLQWDLQV WKH
VSHHG RI WKH FDU DW
WKH UHFRUGHG
VHWWLQJ
DUFKLWHFWXUH
0RGHO
Concurrency: model-based design
FKHFN
WUDFHV RI LQWHUHVW
FKHFN
SURSHUWLHV RI LQWHUHVW
DFFHOHUDWRU RU
RII
EXWWRQV
3
Magee/Kramer
V\VWHP 3UHVVLQJ
UHVXPH RU RQ UH
4
HQDEOHV WKH V\VWHP
Magee/Kramer
buttons
brake
accelerator
EXWWRQV on
polled
PIA
CPU
engine
brake
off resume
SUHVVHG
accelerator
DFFHOHUDWRU DQG
SUHVVHG
Sensors
HQJLQH HYHQWV
Prompts
Engine
D/A
interrupt
wheel
throttle
speed
WR EH FDOFXODWHG
VSHHG UHDGLQJV WR
DFWXDO
WKURWWOH
setThrottle
Magee/Kramer
model -design
Magee/Kramer
0DLQHYHQWVDFWLRQVDQGLQWHUDFWLRQV
7KH
&21752/
V\VWHP LV
VWUXFWXUHG
DV WZR
SURFHVVHV
Sensors
Prompts
7KH PDLQ
DFWLRQV DQG
LQWHUDFWLRQV
DUH DV
VKRZQ
,GHQWLI\PDLQSURFHVVHV
Sensor Scan, Input Speed,
Cruise Controller, Speed Control and
Throttle
,GHQWLI\PDLQSURSHUWLHV
VDIHW\ GLVDEOHG ZKHQ
VHWV WKH
VSHHG FRQWURO
2XWSXW 7KH FUXLVH FRQWURO V\VWHP FRQWUROV WKH FDU VSHHG E\ VHWWLQJ
WKH throttle YLD WKH GLJLWDOWRDQDORJXH FRQYHUWHU
Concurrency: model-based design
speed
7KURWWOH
off brake
'HILQHDQGVWUXFWXUHHDFKSURFHVV
Concurrency: model-based design
RU
accelerator
SUHVVHG
7
Magee/Kramer
CONTROL
SENSOR
SCAN
Sensors
Engine
INPUT
SPEED
CRUISE
CONTROLLER
CRUISE
CONTROL
SYSTEM
Prompts
speed
SPEED
CONTROL
THROTTLE
set
Throttle
8
Magee/Kramer
CRUISECONTROLLER = INACTIVE,
INACTIVE =(engineOn -> clearSpeed -> ACTIVE),
ACTIVE
=(engineOff -> INACTIVE
|on->recordSpeed->enableControl->CRUISING
),
CRUISING =(engineOff -> INACTIVE
|{ off,brake,accelerator}
-> disableControl -> STANDBY
|on->recordSpeed->enableControl->CRUISING
),
STANDBY =(engineOff -> INACTIVE
|resume -> enableControl -> CRUISING
|on->recordSpeed->enableControl->CRUISING
).
Magee/Kramer
10
Magee/Kramer
||CONTROL =(CRUISECONTROLLER
||SPEEDCONTROL
).
6DIHW\FKHFNVDUHFRPSRVLWLRQDO,IWKHUHLVQRYLRODWLRQ
DWDVXEV\VWHPOHYHOWKHQWKHUHFDQQRWEHDYLRODWLRQ
ZKHQWKHVXEV\VWHPLVFRPSRVHGZLWKRWKHUVXEV\VWHPV
$QLPDWHWRFKHFNSDUWLFXODU
WUDFHV ,V FRQWURO HQDEOHG
7KLVLVEHFDXVHLIWKHERRORVWDWHRIDSDUWLFXODUVDIHW\
SURSHUW\LVXQUHDFKDEOHLQWKH/76RIWKHVXEV\VWHPLW
UHPDLQVXQUHDFKDEOHLQDQ\VXEVHTXHQWSDUDOOHO
FRPSRVLWLRQZKLFKLQFOXGHVWKHVXEV\VWHP+HQFH
+RZHYHUZHQHHGWR
DQDO\VHWRH[KDXVWLYHO\
FKHFN 6DIHW\ ,V WKH
FRQWURO GLVDEOHG
ZKHQ
off brake
accelerator LV
6DIHW\SURSHUWLHVVKRXOGEHFRPSRVHGZLWKWKH
DSSURSULDWHV\VWHPRUVXEV\VWHPWRZKLFKWKH
SURSHUW\UHIHUV,QRUGHUWKDWWKHSURSHUW\FDQFKHFN
WKHDFWLRQVLQLWVDOSKDEHWWKHVHDFWLRQVPXVWQRWEH
KLGGHQLQWKHV\VWHP
RU
SUHVVHG"
12
Magee/Kramer
model analysis
property CRUISESAFETY =
({off,accelerator,brake,disableControl} -> CRUISESAFETY
|{on,resume} -> SAFETYCHECK
),
SAFETYCHECK =
({on,resume} -> SAFETYCHECK
|{off,accelerator,brake} -> SAFETYACTION
|disableControl -> CRUISESAFETY
),
SAFETYACTION =(disableControl->CRUISESAFETY).
/76"
||CONTROL =(CRUISECONTROLLER
||SPEEDCONTROL
||CRUISESAFETY
).
,VCRUISESAFETY
YLRODWHG"
:HFDQQRZFRPSRVHWKHZKROHV\VWHP
||CONTROL =
(CRUISECONTROLLER||SPEEDCONTROL||CRUISESAFETY
)@ {Sensors,speed,setThrottle}.
||CRUISECONTROLSYSTEM =
(CONTROL||SENSORSCAN||INPUTSPEED||THROTTLE).
'HDGORFN"
6DIHW\"
No deadlocks/errors
3URJUHVV"
13
Magee/Kramer
3URJUHVVFKHFNVDUHQRWFRPSRVLWLRQDO(YHQLIWKHUHLVQR
YLRODWLRQDWDVXEV\VWHPOHYHOWKHUHPD\VWLOOEHD
YLRODWLRQZKHQWKHVXEV\VWHPLVFRPSRVHGZLWKRWKHU
VXEV\VWHPV
&KHFN ZLWK QR
KLGGHQ DFWLRQV
Progress violation for actions:
{engineOn, clearSpeed, engineOff, on, recordSpeed,
enableControl, off, disableControl, brake,
accelerator...........}
Path to terminal set of states:
engineOn
clearSpeed
on
recordSpeed
enableControl
&RQWUROLVQRWGLVDEOHG
engineOff
ZKHQWKHHQJLQHLV
engineOn
VZLWFKHGRII
Actions in terminal set:
{speed, setThrottle, zoom}
7KLVLVEHFDXVHDQDFWLRQLQWKHVXEV\VWHPPD\VDWLVI\
SURJUHVV\HWEHXQUHDFKDEOHZKHQWKHVXEV\VWHPLV
FRPSRVHGZLWKRWKHUVXEV\VWHPVZKLFKFRQVWUDLQLWV
EHKDYLRU+HQFH
3URJUHVVFKHFNVVKRXOGEHFRQGXFWHGRQWKHFRPSOHWH
WDUJHWV\VWHPDIWHUVDWLVIDFWRU\FRPSOHWLRQRIWKH
VDIHW\FKHFNV
14
Magee/Kramer
15
Magee/Kramer
16
Magee/Kramer
||CRUISEMINIMIZED = (CRUISECONTROLSYSTEM)
@ {Sensors,speed}.
engineOn
on
2
speed
engineOn
3
on
speed
engineOff
on
resume
engineOff
accelerator
brake
off
CRUISECONTROLLER
speed
speed
engineOff
Concurrency: model-based design
17
Magee/Kramer
accelerator
brake
off
on
2
speed
engineOff
on
resume
Magee/Kramer
No deadlocks/errors
Progress violation for actions:
{engineOn, engineOff, on, off, brake, accelerator,
resume, setThrottle, zoom}
Path to terminal set of states:
engineOn
tau
Actions in terminal set:
7KHV\VWHPPD\EH
{speed}
3
on
speed
speed
No progress
violations detected.
engineOff
VHQVLWLYHWRWKH
SULRULW\RIWKH
DFWLRQ speed.
engineOff
:KDWDERXWXQGHUDGYHUVHFRQGLWLRQV"
&KHFNIRUV\VWHPVHQVLWLYLWLHV
Concurrency: model-based design
2.QRZ"
19
Magee/Kramer
20
Magee/Kramer
model interpretation
0RGHOVFDQEHXVHGWRLQGLFDWHV\VWHPVHQVLWLYLWLHV
'HVLJQ
,ILWLVSRVVLEOHWKDWHUURQHRXVVLWXDWLRQVGHWHFWHGLQWKH
PRGHOPD\RFFXULQWKHLPSOHPHQWHGV\VWHPWKHQWKH
PRGHOVKRXOGEHUHYLVHGWRILQGDGHVLJQZKLFKHQVXUHV
WKDWWKRVHYLRODWLRQVDUHDYRLGHG
+RZHYHULILWLVFRQVLGHUHGWKDWWKHUHDOV\VWHPZLOOQRW
H[KLELWWKLVEHKDYLRUWKHQQRIXUWKHUPRGHOUHYLVLRQVDUH
QHFHVVDU\
Architecture
DUFKLWHFWXUH
GHVFULEHV WKH
JURVV
RUJDQL]DWLRQ
DQG JOREDO
VWUXFWXUH RI
WKH V\VWHP LQ
WHUPV RI LWV
FRQVWLWXHQW
FRPSRQHQWV
0RGHOLQWHUSUHWDWLRQDQGFRUUHVSRQGHQFHWRWKH
LPSOHPHQWDWLRQDUHLPSRUWDQWLQGHWHUPLQLQJWKHUHOHYDQFH
DQGDGHTXDF\RIWKHPRGHOGHVLJQDQGLWVDQDO\VLV
Concurrency: model-based design
21
Program Construction
Analysis
:HFRQVLGHUWKDWWKHPRGHOVIRUDQDO\VLVDQG
WKHLPSOHPHQWDWLRQVKRXOGEHFRQVLGHUHGDV
HODERUDWHGYLHZVRIWKLVEDVLFGHVLJQVWUXFWXUH
Concurrency: model-based design
22
Magee/Kramer
Magee/Kramer
A p p le t
0RGHO
LGHQWLI\
d is p
C ru ise C o n tro l
s e t T h ro t tle ()
g e t S p e e d ()
ca r
C a rS im u la to r
WR EH LPSOHPHQWHG DV WKUHDGV
LGHQWLI\
c o n tro l
b ra k e ()
a c c e le ra to r()
e n g in e O ff()
e n g in e O n ()
o n ()
o ff()
re s u m e ()
WR EH LPSOHPHQWHG DV PRQLWRUV
LGHQWLI\
VWUXFWXUH
-DYD
C ru ise D isp la y
23
Magee/Kramer
R u n n ab le
C o n tro lle r
sc
S p e e d C o n tro l
e n a b le C o n t ro l()
d is a b le C o n tro l()
re c o rd S p e e d ()
c le a rS p e e d ()
d is p
cs
SpeedControl
LQWHUDFWV ZLWK
WKH FDU
VLPXODWLRQ YLD
LQWHUIDFH
CarSpeed
24
CRUISECONTROLLER
SPEEDCONTROL
Magee/Kramer
class Controller {
final static int INACTIVE = 0; // cruise controller states Controller
final static int ACTIVE
= 1;
LV D SDVVLYH
final static int CRUISING = 2;
HQWLW\ LW
final static int STANDBY = 3;
private int controlState = INACTIVE; //initial state
UHDFWV WR
private SpeedControl sc;
HYHQWV
Controller(CarSpeed cs, CruiseDisplay disp)
+HQFH ZH
{sc=new SpeedControl(cs,disp);}
LPSOHPHQW LW
synchronized void brake(){
DV D PRQLWRU
if (controlState==CRUISING )
{sc.disableControl(); controlState=STANDBY; }
}
synchronized void accelerator(){
if (controlState==CRUISING )
{sc.disableControl(); controlState=STANDBY; }
}
synchronized void engineOff(){
if(controlState!=INACTIVE) {
if (controlState==CRUISING) sc.disableControl();
controlState=INACTIVE;
} model-based design
Concurrency:
25
}
Magee/Kramer
7KLV LV D
GLUHFW
WUDQVODWLRQ
IURP WKH
PRGHO
26
Magee/Kramer
SpeedControl
28
Magee/Kramer
Summary
Course Outline
&RQFHSWV
z GHVLJQ SURFHVV
3URFHVVHVDQG7KUHDGV
IURP UHTXLUHPHQWV WR
&RQFXUUHQW([HFXWLRQ
PRGHOV WR LPSOHPHQWDWLRQV
6KDUHG2EMHFWV ,QWHUIHUHQFH
&RQFHSWV
0RGHOV
z FKHFN SURSHUWLHV RI LQWHUHVW
VDIHW\ FRPSRVH VDIHW\ SURSHUWLHV DW DSSURSULDWH VXEV\VWHP
SURJUHVV DSSO\ SURJUHVV FKHFN RQ WKH ILQDO WDUJHW V\VWHP PRGHO
0RQLWRUV &RQGLWLRQ6\QFKURQL]DWLRQ
0RGHOV
'HDGORFN
3UDFWLFH
3UDFWLFH
z PRGHO LQWHUSUHWDWLRQ WR LQIHU DFWXDO V\VWHP EHKDYLRU
z WKUHDGV DQG PRQLWRUV
0RGHOEDVHG'HVLJQ
z GHVLJQ DUFKLWHFWXUH
$LP ULJRURXVGHVLJQSURFHVV
Concurrency: model-based design
29
Magee/Kramer
6DIHW\DQG/LYHQHVV3URSHUWLHV
'\QDPLFV\VWHPV
&RQFXUUHQW6RIWZDUH$UFKLWHFWXUHV
0HVVDJH3DVVLQJ
7LPHG6\VWHPV
30
Magee/Kramer