Ananda Basu - Academia.edu (original) (raw)
Papers by Ananda Basu
Proceeding of the …, 2008
Autonomous robots are complex systems that require the interaction/cooperation of numerous hetero... more Autonomous robots are complex systems that require the interaction/cooperation of numerous heterogeneous software components. Nowadays, robots are critical systems and must meet safety properties including in particular temporal and real-time constraints. We present a ...
We apply a model construction methodology to TinyOSbased networks, using the Behavior-Interaction... more We apply a model construction methodology to TinyOSbased networks, using the Behavior-Interaction-Priority (BIP) component framework. The methodology consists in building the model of a node as the composition of a model extracted from a nesC program describing the application, and models of TinyOS components. Models for networks are obtained by composition of models for nodes by using BIP connectors implementing different types of radio channels. This opens the way for enhanced analysis and early error detection by using verification techniques.
Lecture Notes in Computer Science, 2013
2013 International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation (SAMOS), 2013
Quality of video and audio output is a design-time constraint for portable multimedia devices. Un... more Quality of video and audio output is a design-time constraint for portable multimedia devices. Unfortunately, there is a huge cost (e.g. buffer size) incurred to deterministically guarantee good playout quality; the worst-case workload and the timing behavior can be significantly larger than the average-case due to high variability in a multimedia system. In future mobile devices, the playout buffer size is expected to increase, so, buffer dimensioning will remain as an important problem in system design. We propose a probabilistic analytical framework that enables low-cost system design and provides bounds for playing acceptable multimedia quality. We compare our approach with a framework comprising both simulation and statistical model checking, built to simulate large embedded systems in detail. Our results show significant reduction in output buffer size compared to deterministic frameworks.
Electronic Proceedings in Theoretical Computer Science, 2009
BIP is a component framework for constructing systems by superposing three layers of modeling: Be... more BIP is a component framework for constructing systems by superposing three layers of modeling: Behavior, Interaction, and Priority. Behavior is represented by labeled transition systems communicating through ports. Interactions are sets of ports. A synchronization between components is possible through the interactions specified by a set of connectors. When several interactions are possible, priorities allow to restrict the non-determinism by choosing an interaction, which is maximal according to some given strict partial order. The BIP component framework has been implemented in a language and a tool-set. The execution of a BIP program is driven by a dedicated engine, which has access to the set of connectors and priority model of the program. A key performance issue is the computation of the set of possible interactions of the BIP program from a given state. Currently, the choice of the interaction to be executed involves a costly exploration of enumerative representations for connectors. This leads to a considerable overhead in execution times. In this paper, we propose a symbolic implementation of the execution model of BIP, which drastically reduces this overhead. The symbolic implementation is based on computing boolean representation for components, connectors, and priorities with an existing BDD package.
The interest in System-On-Chip (SoC) design using the Uni- ed Modeling Language (UML) has been gr... more The interest in System-On-Chip (SoC) design using the Uni- ed Modeling Language (UML) has been growing signican tly during the last couple of years. In this paper we would like to present a methodology that aims to address embedded systems design issues at multiple levels of abstraction and to support a function/architecture codesign process. Our approach integrates UML with high-level
We present the BIP component framework for component-based construction of real-time systems from... more We present the BIP component framework for component-based construction of real-time systems from heterogeneous components. BIP stands for Behavior, Interaction and Priority, the three main elements for building components. It considers that systems can be obtained by composition of 3-layered components, where the lowest layer represents behavior as a set of transitions with triggers and actions; the intermediate level is the set of the interactions between the transitions of the behavior level, and the upper level is a set of dynamic priority rules. BIP has a rigorous formal semantics, and supports a system construction methodology based on a parameterized composition operator on components. The use of a layered composition operator allows incremental construction. The system construction process can be viewed as a sequence of transformations in a three-dimensional space of Behavior X Interaction X Priority, and provides a basis for the study of property preserving transformations ...
The design and implementation of software-intensive embedded product lines requires dealing with ... more The design and implementation of software-intensive embedded product lines requires dealing with a variety of constantly changing application- and system-dependent functional and non-functional requirements and constraints that spread out throughout the devel- opment process. Moreover, because product lines are built upon a set of core services which are improved, customized, extended and integrated to come up with differentiated products, there is a need to resort to component-based approaches. However, many embed- ded applications (e.g., video compression) are most likely specified in a transformational data-oriented style. The componentization of such applications is therefore deferred to the implementation phase, where performance and platform constraints are taken into account. This paper discusses a formally-grounded method to carry on this process. The approach consists in integrating (1) the component- based language and execution engine BIP (4), and (2) the coordina- tion l...
This chapter presents the components of the design flow shown in Figure 11.1. Gray-colored compon... more This chapter presents the components of the design flow shown in Figure 11.1. Gray-colored components constitute the kernel of the design flow. Components in dotted lines on the left are not mandatory, i.e., they may or may not exist in a specific tool based on FXML/JAHUEL. Noncolored elements on the right correspond to platform-dependent components. Sections 11.2 and 11.3 present the gray-colored components. Section 11.2 gives the syntax and semantics of the basic language. FXML can be used as a front-end specification language or obtained from an application’s source code in some other language. The role of FXML as formal specification language is illustrated in Section 11.2 with a simple Writer-Reader program and the Smith-Waterman local sequence matching algorithm. Section 11.3 overviews the code-generation approach for FXML implemented in the compilation chain JAHUEL. The Writer-Reader case-study is used to exemplify how C code is generated from FXML for several target run-time...
Forum on specification & Design Languages, 2004
Lecture Notes in Computer Science, 2008
The paper studies a distributed implementation method for the BIP (Behavior, Interaction, Priorit... more The paper studies a distributed implementation method for the BIP (Behavior, Interaction, Priority) component framework for modeling heterogeneous systems. BIP offers two powerful mechanisms for describing composition of components by combining interactions and priorities. A system model is layered. The lowest layer contains atomic components; the second layer, describes possible interactions between atomic components; the third layer includes priorities between the interactions. The current implementation of BIP is based on global state operational semantics. An Engine directly interprets the operational semantics rules and computes the possible interactions between atomic components from global states. The implementation method is a translation from BIP models into distributed models involving two steps. The first translates BIP models into partial state models where are known only the states of the components which are ready to communicate. The second implements interactions in the partial state model by using message passing primitives. The main results of the paper are conditions for which the three models are observationally equivalent. We show that in general, the translation from global state to partial state models does not preserve observational equivalence. Preservation can be achieved by strengthening the premises of the operational semantics rules by an oracle. This is a predicate depending on the priorities of the BIP model. We show that there are many possible choices for oracles. Maximal parallelism is achieved for dynamic oracles allowing interaction as soon as possible. Nonetheless, these oracles may entail considerable computational overhead. We study performance trade-offs for different types of oracles. Finally, we provide experimental results illustrating the application of the theory on a prototype implementation.
Lecture Notes in Computer Science, 2010
Design and implementation of distributed algorithms often involve many subtleties due to their co... more Design and implementation of distributed algorithms often involve many subtleties due to their complex structure, non-determinism, and low atomicity as well as occurrence of unanticipated physical events such as faults. Thus, constructing correct distributed systems has always been a challenge and often subject to serious errors. We present a methodology for component-based modeling, verification, and performance evaluation of self-stabilizing systems based on the BIP framework. In BIP, a system is modeled as the composition of a set of atomic components by using two types of operators: interactions describing synchronization constraints between components, and priorities to specify scheduling constraints. The methodology involves three steps illustrated using the distributed reset algorithm due to Arora and Gouda. First, a high-level model of the algorithm is built in BIP from the set of its processes by using powerful primitives for multi-party interactions and scheduling. Then, we use this model for verification of properties of a self-stabilizing algorithm including closure, deadlock-freedom, and finite reachability of the set of legitimate states. Finally, a distributed model which is observationally equivalent to the high-level model is generated. This model is used for performance analysis taking into account the degree of parallelism and convergence times for failure-free behavior as well as in the presence of faults.
Lecture Notes in Computer Science, 2009
Design and implementation of distributed algorithms often involve many subtleties due to their co... more Design and implementation of distributed algorithms often involve many subtleties due to their complex structure, nondeterminism, and low atomicity as well as occurrence of unanticipated physical events such as faults. Thus, constructing correct distributed systems has always been a challenge and often subject to serious errors. This is essentially due to the fact that we currently lack disciplined methods for the rigorous design and correct implementation of distributed systems, mainly for two reasons: (1) formal methods are not easy to use by designers and developers; and (2) there is a wide gap between modeling formalisms and automated verification tools on one side, and practical development and deployment tools on the other side.
Lecture Notes in Computer Science, 2012
ABSTRACT Rigorous system design requires the use of a single powerful component framework allowin... more ABSTRACT Rigorous system design requires the use of a single powerful component framework allowing the representation of the designed system at different levels of detail, from application software to its implementation. This is essential for ensuring the overall coherency and correctness. The paper introduces a rigorous design flow based on the BIP (Behavior, Interaction, Priority) component framework [1]. This design flow relies on several, tool-supported, source-to-source transformations allowing to progressively and correctly transform high level application software towards efficient implementations for specific platforms.
Sixth IEEE International Symposium on Network Computing and Applications (NCA 2007), 2007
We apply a model construction methodology to TinyOSbased networks, using the Behavior-Interaction... more We apply a model construction methodology to TinyOSbased networks, using the Behavior-Interaction-Priority (BIP) component framework. The methodology consists in building the model of a node as the composition of a model extracted from a nesC program describing the application, and models of TinyOS components. Models for networks are obtained by composition of models for nodes by using BIP connectors implementing different types of radio channels. This opens the way for enhanced analysis and early error detection by using verification techniques.
Lecture Notes in Computer Science, 2010
Until recently, there was not a strong need for networking inside aircrafts. Indeed, the communic... more Until recently, there was not a strong need for networking inside aircrafts. Indeed, the communications were mainly cabled and handled by etherned protocols. The evolution of avionics embedded systems and the number of integrated functions in civilian aircrafts has changed the situation. Indeed, those functionalities implies a huge increase in the quantity of data exchanged and thus in the number of connections between functions. Among the available mechanisms provided to handle this new complexity, one find Avionics Full Duplex Switched Ethernet (AFDX), a protocol that allows to simulate a point-to-point network between a source and one or more destinations. The core idea in AFDX is the one of Virtual Links (VL) that are used to simulate point-to-point communication between devices. One of the main challenge is to show that the total delivery time for packets on VL is bounded by some predefined value. This is a difficult problem that also requires to provide a formal, but quite evolutive, model of the AFDX network. In this paper, we propose to use a component-based design methodology to describe the behavior of the model. We then propose a stochastic abstraction that allows not only to simplify the complexity of the verification process but also to provide quantitative information on the protocol.
One of the most important challenges in complex embedded systems design is developing methods and... more One of the most important challenges in complex embedded systems design is developing methods and tools for modeling and analyzing the behavior of application software running on multi-processor platforms.
Ninth ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMPCODE2011), 2011
A grand challenge in complex embedded systems design is developing methods and tools for modeling... more A grand challenge in complex embedded systems design is developing methods and tools for modeling and analyzing the behavior of an application software running on a given hardware architecture. For application software running on multicore or distributed platforms, rigorous performance analysis techniques are essential for determining optimal implementations with respect to resource management criteria. We propose a rigorous method and a tool chain that allows to obtain a faithful model representing the behavior of a mixed hardware/software system from a model of its application software and a model of its underlying hardware architecture. The system model can be simulated and analyzed for validation of both functional and extra-functional properties. It also provides a basis for performance evaluation and automated code generation for target architectures. The method has been implemented as a tool chain that uses DOL (Distributed Operation Layer [23]) as the frontend for specifying the application software and hardware architecture, and BIP (Behavior Interaction Priority [6]) as the modeling and analysis framework. It is illustrated through the construction of system models of MJPEG and MPEG2 decoder applications running on MPARM, a multicore architecture.
Proceeding of the …, 2008
Autonomous robots are complex systems that require the interaction/cooperation of numerous hetero... more Autonomous robots are complex systems that require the interaction/cooperation of numerous heterogeneous software components. Nowadays, robots are critical systems and must meet safety properties including in particular temporal and real-time constraints. We present a ...
We apply a model construction methodology to TinyOSbased networks, using the Behavior-Interaction... more We apply a model construction methodology to TinyOSbased networks, using the Behavior-Interaction-Priority (BIP) component framework. The methodology consists in building the model of a node as the composition of a model extracted from a nesC program describing the application, and models of TinyOS components. Models for networks are obtained by composition of models for nodes by using BIP connectors implementing different types of radio channels. This opens the way for enhanced analysis and early error detection by using verification techniques.
Lecture Notes in Computer Science, 2013
2013 International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation (SAMOS), 2013
Quality of video and audio output is a design-time constraint for portable multimedia devices. Un... more Quality of video and audio output is a design-time constraint for portable multimedia devices. Unfortunately, there is a huge cost (e.g. buffer size) incurred to deterministically guarantee good playout quality; the worst-case workload and the timing behavior can be significantly larger than the average-case due to high variability in a multimedia system. In future mobile devices, the playout buffer size is expected to increase, so, buffer dimensioning will remain as an important problem in system design. We propose a probabilistic analytical framework that enables low-cost system design and provides bounds for playing acceptable multimedia quality. We compare our approach with a framework comprising both simulation and statistical model checking, built to simulate large embedded systems in detail. Our results show significant reduction in output buffer size compared to deterministic frameworks.
Electronic Proceedings in Theoretical Computer Science, 2009
BIP is a component framework for constructing systems by superposing three layers of modeling: Be... more BIP is a component framework for constructing systems by superposing three layers of modeling: Behavior, Interaction, and Priority. Behavior is represented by labeled transition systems communicating through ports. Interactions are sets of ports. A synchronization between components is possible through the interactions specified by a set of connectors. When several interactions are possible, priorities allow to restrict the non-determinism by choosing an interaction, which is maximal according to some given strict partial order. The BIP component framework has been implemented in a language and a tool-set. The execution of a BIP program is driven by a dedicated engine, which has access to the set of connectors and priority model of the program. A key performance issue is the computation of the set of possible interactions of the BIP program from a given state. Currently, the choice of the interaction to be executed involves a costly exploration of enumerative representations for connectors. This leads to a considerable overhead in execution times. In this paper, we propose a symbolic implementation of the execution model of BIP, which drastically reduces this overhead. The symbolic implementation is based on computing boolean representation for components, connectors, and priorities with an existing BDD package.
The interest in System-On-Chip (SoC) design using the Uni- ed Modeling Language (UML) has been gr... more The interest in System-On-Chip (SoC) design using the Uni- ed Modeling Language (UML) has been growing signican tly during the last couple of years. In this paper we would like to present a methodology that aims to address embedded systems design issues at multiple levels of abstraction and to support a function/architecture codesign process. Our approach integrates UML with high-level
We present the BIP component framework for component-based construction of real-time systems from... more We present the BIP component framework for component-based construction of real-time systems from heterogeneous components. BIP stands for Behavior, Interaction and Priority, the three main elements for building components. It considers that systems can be obtained by composition of 3-layered components, where the lowest layer represents behavior as a set of transitions with triggers and actions; the intermediate level is the set of the interactions between the transitions of the behavior level, and the upper level is a set of dynamic priority rules. BIP has a rigorous formal semantics, and supports a system construction methodology based on a parameterized composition operator on components. The use of a layered composition operator allows incremental construction. The system construction process can be viewed as a sequence of transformations in a three-dimensional space of Behavior X Interaction X Priority, and provides a basis for the study of property preserving transformations ...
The design and implementation of software-intensive embedded product lines requires dealing with ... more The design and implementation of software-intensive embedded product lines requires dealing with a variety of constantly changing application- and system-dependent functional and non-functional requirements and constraints that spread out throughout the devel- opment process. Moreover, because product lines are built upon a set of core services which are improved, customized, extended and integrated to come up with differentiated products, there is a need to resort to component-based approaches. However, many embed- ded applications (e.g., video compression) are most likely specified in a transformational data-oriented style. The componentization of such applications is therefore deferred to the implementation phase, where performance and platform constraints are taken into account. This paper discusses a formally-grounded method to carry on this process. The approach consists in integrating (1) the component- based language and execution engine BIP (4), and (2) the coordina- tion l...
This chapter presents the components of the design flow shown in Figure 11.1. Gray-colored compon... more This chapter presents the components of the design flow shown in Figure 11.1. Gray-colored components constitute the kernel of the design flow. Components in dotted lines on the left are not mandatory, i.e., they may or may not exist in a specific tool based on FXML/JAHUEL. Noncolored elements on the right correspond to platform-dependent components. Sections 11.2 and 11.3 present the gray-colored components. Section 11.2 gives the syntax and semantics of the basic language. FXML can be used as a front-end specification language or obtained from an application’s source code in some other language. The role of FXML as formal specification language is illustrated in Section 11.2 with a simple Writer-Reader program and the Smith-Waterman local sequence matching algorithm. Section 11.3 overviews the code-generation approach for FXML implemented in the compilation chain JAHUEL. The Writer-Reader case-study is used to exemplify how C code is generated from FXML for several target run-time...
Forum on specification & Design Languages, 2004
Lecture Notes in Computer Science, 2008
The paper studies a distributed implementation method for the BIP (Behavior, Interaction, Priorit... more The paper studies a distributed implementation method for the BIP (Behavior, Interaction, Priority) component framework for modeling heterogeneous systems. BIP offers two powerful mechanisms for describing composition of components by combining interactions and priorities. A system model is layered. The lowest layer contains atomic components; the second layer, describes possible interactions between atomic components; the third layer includes priorities between the interactions. The current implementation of BIP is based on global state operational semantics. An Engine directly interprets the operational semantics rules and computes the possible interactions between atomic components from global states. The implementation method is a translation from BIP models into distributed models involving two steps. The first translates BIP models into partial state models where are known only the states of the components which are ready to communicate. The second implements interactions in the partial state model by using message passing primitives. The main results of the paper are conditions for which the three models are observationally equivalent. We show that in general, the translation from global state to partial state models does not preserve observational equivalence. Preservation can be achieved by strengthening the premises of the operational semantics rules by an oracle. This is a predicate depending on the priorities of the BIP model. We show that there are many possible choices for oracles. Maximal parallelism is achieved for dynamic oracles allowing interaction as soon as possible. Nonetheless, these oracles may entail considerable computational overhead. We study performance trade-offs for different types of oracles. Finally, we provide experimental results illustrating the application of the theory on a prototype implementation.
Lecture Notes in Computer Science, 2010
Design and implementation of distributed algorithms often involve many subtleties due to their co... more Design and implementation of distributed algorithms often involve many subtleties due to their complex structure, non-determinism, and low atomicity as well as occurrence of unanticipated physical events such as faults. Thus, constructing correct distributed systems has always been a challenge and often subject to serious errors. We present a methodology for component-based modeling, verification, and performance evaluation of self-stabilizing systems based on the BIP framework. In BIP, a system is modeled as the composition of a set of atomic components by using two types of operators: interactions describing synchronization constraints between components, and priorities to specify scheduling constraints. The methodology involves three steps illustrated using the distributed reset algorithm due to Arora and Gouda. First, a high-level model of the algorithm is built in BIP from the set of its processes by using powerful primitives for multi-party interactions and scheduling. Then, we use this model for verification of properties of a self-stabilizing algorithm including closure, deadlock-freedom, and finite reachability of the set of legitimate states. Finally, a distributed model which is observationally equivalent to the high-level model is generated. This model is used for performance analysis taking into account the degree of parallelism and convergence times for failure-free behavior as well as in the presence of faults.
Lecture Notes in Computer Science, 2009
Design and implementation of distributed algorithms often involve many subtleties due to their co... more Design and implementation of distributed algorithms often involve many subtleties due to their complex structure, nondeterminism, and low atomicity as well as occurrence of unanticipated physical events such as faults. Thus, constructing correct distributed systems has always been a challenge and often subject to serious errors. This is essentially due to the fact that we currently lack disciplined methods for the rigorous design and correct implementation of distributed systems, mainly for two reasons: (1) formal methods are not easy to use by designers and developers; and (2) there is a wide gap between modeling formalisms and automated verification tools on one side, and practical development and deployment tools on the other side.
Lecture Notes in Computer Science, 2012
ABSTRACT Rigorous system design requires the use of a single powerful component framework allowin... more ABSTRACT Rigorous system design requires the use of a single powerful component framework allowing the representation of the designed system at different levels of detail, from application software to its implementation. This is essential for ensuring the overall coherency and correctness. The paper introduces a rigorous design flow based on the BIP (Behavior, Interaction, Priority) component framework [1]. This design flow relies on several, tool-supported, source-to-source transformations allowing to progressively and correctly transform high level application software towards efficient implementations for specific platforms.
Sixth IEEE International Symposium on Network Computing and Applications (NCA 2007), 2007
We apply a model construction methodology to TinyOSbased networks, using the Behavior-Interaction... more We apply a model construction methodology to TinyOSbased networks, using the Behavior-Interaction-Priority (BIP) component framework. The methodology consists in building the model of a node as the composition of a model extracted from a nesC program describing the application, and models of TinyOS components. Models for networks are obtained by composition of models for nodes by using BIP connectors implementing different types of radio channels. This opens the way for enhanced analysis and early error detection by using verification techniques.
Lecture Notes in Computer Science, 2010
Until recently, there was not a strong need for networking inside aircrafts. Indeed, the communic... more Until recently, there was not a strong need for networking inside aircrafts. Indeed, the communications were mainly cabled and handled by etherned protocols. The evolution of avionics embedded systems and the number of integrated functions in civilian aircrafts has changed the situation. Indeed, those functionalities implies a huge increase in the quantity of data exchanged and thus in the number of connections between functions. Among the available mechanisms provided to handle this new complexity, one find Avionics Full Duplex Switched Ethernet (AFDX), a protocol that allows to simulate a point-to-point network between a source and one or more destinations. The core idea in AFDX is the one of Virtual Links (VL) that are used to simulate point-to-point communication between devices. One of the main challenge is to show that the total delivery time for packets on VL is bounded by some predefined value. This is a difficult problem that also requires to provide a formal, but quite evolutive, model of the AFDX network. In this paper, we propose to use a component-based design methodology to describe the behavior of the model. We then propose a stochastic abstraction that allows not only to simplify the complexity of the verification process but also to provide quantitative information on the protocol.
One of the most important challenges in complex embedded systems design is developing methods and... more One of the most important challenges in complex embedded systems design is developing methods and tools for modeling and analyzing the behavior of application software running on multi-processor platforms.
Ninth ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMPCODE2011), 2011
A grand challenge in complex embedded systems design is developing methods and tools for modeling... more A grand challenge in complex embedded systems design is developing methods and tools for modeling and analyzing the behavior of an application software running on a given hardware architecture. For application software running on multicore or distributed platforms, rigorous performance analysis techniques are essential for determining optimal implementations with respect to resource management criteria. We propose a rigorous method and a tool chain that allows to obtain a faithful model representing the behavior of a mixed hardware/software system from a model of its application software and a model of its underlying hardware architecture. The system model can be simulated and analyzed for validation of both functional and extra-functional properties. It also provides a basis for performance evaluation and automated code generation for target architectures. The method has been implemented as a tool chain that uses DOL (Distributed Operation Layer [23]) as the frontend for specifying the application software and hardware architecture, and BIP (Behavior Interaction Priority [6]) as the modeling and analysis framework. It is illustrated through the construction of system models of MJPEG and MPEG2 decoder applications running on MPARM, a multicore architecture.