Timing analysis of an SDL subset in UPPAAL

Anders HesselInstitution of Information Technology

Department of Computer SystemsUppsala University

M.Sc. ThesisARTES August 2002

http://www.docs.uu.se/~hessel/sdl2xta/

(ISD Datasystem AB)http://www.isd.se/

About the project

Started 1998 at ISD Datasystem AB as a 10 credit point D-level Master thesis (10 weeks)

Continued as a hobby project at spare time.

Extended for “dynamic” SDL processes and the “new” UPPAAL xta format

Became in September 2001 main occupation for 2-3 months supported by Uppsala University.

Report finished in Mars 2002 as a 20 credit point master thesis.

UPPAAL

Validation and verification tool built on timed finite-state automata.

Editor, Simulator, and Verifier.

The UPPAAL verifier explores state-space with timing intervals. Model check.

Jointly developed at DoCS/Uppsala and BRICS/Aalborg

http://www.uppaal.com/

SDL

SDL (Specification and Description Language) is intended for the specification of complex, event driven, real-time, and interactive applications involving many concurrent

activities that communicate using discrete signals. ITU-T standard Z.100

Contribution

Sdl2xta, a tool for converting SDL syntax into UPPAAL's xta format

The run-time system interprets all possible receivers of an implicit output signal.

Dynamic process creation, Asynchronous communication (queues) Adding WCET/BCET for timing analysis (model check).

Related work (IF project)

IF: Intermediate Format (Bozga, Fernandez Ghirvu, Graf et al at VERIMAG, LSR/IMAG)

SDL2IF, Converting SDL to an Intermediate Format.

Improvement of the toolset ObjectGEODE

What we shall create:SDL run-time system

Signals are queued

Queue that delivers input signals which must not be in the state's save-set.

Flattened structure

Signal delivery mechanism explicit and implicit

Timers (per instance)

New instances can be created (in bounds)

The building blocks:UPPAAL xta statements

System of process instances Global variables, (clocks, integers, array of integer, constants) Channels, ability to synchronize two processes ! And ? Process instances from process templates Process templates, can have parameters Local variables Locations, initial, committed, urgent, invariant TransitionsGuardsSyncAssignment

SDL Specification:The syntax to convert from

Stuctural levels: System, Block, Substructure, (Leaf) Block, Process Set, Procedure

Connections: Channel, Signal Route Types: System, Block , Process, Procedure Numerous instances of block and processes at a block/process set,

initial and maximum

Process level specification:

State, Input (parameters), Save

Create, Stop

Nextstate, Join

Decision

Task, “Procedure call”

Output (Explicit, implicit) to, via (gate or channel)

Generate from a process set

Full run-time system

Comparison with SDL2IF

Dynamic process creation not in SDL2IF

Uncertain implicit output, not in SDL2IF

Signal parameters in SDL2IF, only integers in SDL2XTA

Priority inputs not in SDL2XTA

Continuous signals not in SDL2XTA

Enabling conditions not in SDL2XTA

Procedures (inlined in SDL2IF)