Engineering the Hardware/Software Interface for Robotic Platforms - A Comparison of
Applied Model Checking with Prolog and Alloy
Md Abdullah Al MamunChristian BergerJörgen Hansson
Division of Software EngineeringDepartment of Computer Science & Engineering
The 4th Workshop on DSLRob 2013
Tokyo, Japan
Outline
• Problem Domain• Research Questions• Overall Workflow• Prolog Approach• Alloy Approach• Result• Other Observations• Future Work• Summary & Conclusion
2
Problem Domain: Sensor Layout
3
WE
WE
Wheel Encoders
Problem Domain: DSL Meta-Model• EMF ECORE
Model
• Sensors
• Sensor
Properties
• Configuration
Properties
• Execution
Platform
• Application
Platform
• Unit Types
• Enumerations
4
Problem Domain: Solution for a Desired Configuration
5
Infrared Steer Motor
Flashing LEDs
left
Flashing LEDs right
BrakingLEDs
Infrared
Pow
er S
uppl
y
LED Board
PandaBoard ES
USBI2C PowerPWM
UART ADC
Infrared
Ultrasonic Ultrasonic Ultrasonic
ESC
STM32F4 Discovery Board
RazorBoard
Camera
PD8 (TX)PD9 (RX)
PC8PC9
PB6 (SCL) PB9(SDA)
PC1 PC4 PC5
Pxy = Connection PIN
P_138P_140
Wheel Encoder Sensor 1
Wheel Encoder Sensor 2
Wheel Encoder Sensor 3
Wheel Encoder Sensor 4 ICU
PB7 PB14 PA1 PA7
P_039
Schematic Hardware Architecture with assigned pinConnection
Problem Domain: Configuration Space
6
Configuration space for the pins with more than one use‐case
Total 1,099,126,862,792 configuration possibilities (considering all pins)
Total 14,689,111 configuration possibilities (considering pins with multiple usage)
Finding a feasible/all possible/best pin assignment configuration for the interface board
Model checking the domain of configuration with Prolog & Alloy
Basic Representation Model
7
Visualization of the graph G = {N,E,A}
A concrete configuration is represented by a path P from nB to nE with |P| < |N|
Problem Domain: Complexity
8
Total 1,099,126,862,792 configuration possibilities (considering all pins)
Total 14,689,111 configuration possibilities (considering pins with multiple usage)
Research Questions
• To determine a feasible, all possible, and the best configuration assignment:– How can Prolog be used to apply model checking on instances
of the domain of possible pin assignment configurations?
– How can Alloy be used to apply model checking on instances of the domain of possible pin assignment configurations?
• Which approach performs quicker compared to the other for the particular use cases?
9
Overall Workflow
Alloy Specification
Table
Domain of pin assignment
configurations
Prolog Generator
Systematic enumeration of configuration space by recursive construction
Alloy Generator
Systematic enumeration of configuration space by iteration
Prolog specification- Cost-based mapping - Feasible, all, or best assignments
Meta-modelGraph-based representation
Instance model
AssertionsFeasible, all, or best assignments
Spreadsheet tool.Once per board.
Java.Once per board.
Prolog/Alloy.For each desired configuration.
Tool:Frequency:
1st stage. 2nd stage. 3rd stage.
Prolog Approach
• Consists of two parts– Facts (generated)
config([analog,analog],[[pa1,pa2],7]).
– Inference getConfig(RequiredConfiguration, Pair) :-
msort(RequiredConfiguration, S), config(S, Pair).
allConfigs(RequiredConfiguration, Set) :-setof([Pins,Costs],
getConfig(RequiredConfiguration,[Pins,Costs]), Set).
cheapestConfig(R, Pins, Costs) :-setof([Pins,Costs],getConfig(R, [Pins,Costs]), Set), Set = [_|_],minimal(Set, [Pins,Costs]).
11
Alloy Approach
• Instance specification for a pinone sig PA2 extends Pin {} {conntype = ANALOG + SERIAL_TX + ICU + ICUconn_detail = ADC1_IN2 + UART2_TX + TIM2_CH3 + TIM5_CH3cost = 4}
• Generated negated assertion for the desired configuration “ANALOG,ANALOG”.assert ANALOG_ANALOG {all disj p1, p2:Pin |not (ANALOG in p1.conntype &&ANALOG in p2.conntype &&p1.cost.add[p2.cost] < = 3)}check ANALOG_ANALOG
12
Pin
ConnDetailConnType Cost
costconntype conn_detail
Alloy meta‐model
Result
13
Alloy
Prolog
Alloy
Prolog
Generated specification size
Time to generate specification
Time to load specification
Other Observation
Prolog Alloy
1.7GB 100KB
14
Prolog Alloy
2102s (~35min) Less than 1s
Prolog Alloy
347s (~6min) Less than 1s
Future Work
vs. vs.
• Extend the work with other available COTS interface boards (Odroid, Rapsberry, Arduino, etc.)
• How good are the tools wrt. longer configuration length and more pins?
15
OptimizationAlgorithm
Model Checker with Higher Order Quantification
Alloy/Prolog
Summary & Conclusion
Prolog performs up to more than 3-times faster to find all possible and best solution
Alloy performs up to more than 3-times faster to find feasible solution and reporting insolvable configurations
Alloy does not directly support higher order quantification but workaround solution is possible
With the considered total number of pins (16) and configuration length (10) both Prolog and Alloy offers practicable solution.
16
Thank You
Top Related