RIStAL Centre de Recherche en Informatique, Signal et Automatique - - PowerPoint PPT Presentation

Centre de Recherche en Informatique, Signal et Automatique de Lille

RIStAL

Temporal Interfaces for Adaptive Real-Time Components

Giuseppe Lipari, University of Lille CRTS Workshop @ RTSS, 5 december 2017

1

Outline

1

Introduction

2

Activation Parameters

3

Execution Time Parameters

4

Conclusions

2

1

Introduction

2

Activation Parameters

3

Execution Time Parameters

4

Conclusions

3

Introduction

Component-based design System = set of simpler components, interacting with each other Compositional analysis Each component is analysed independently Its behaviour is abstracted into an interface Real-Time Interface = functional interface + timed interface

4

Real-Time component

Component A

A component consists of a set of tasks, a list of provided functions, and a list of required functions Tasks are activated by internal or external requests (through the provided interface) Tasks can invoke external services (through the required interface)

5

Real-Time component

Component A Provided Interface Required Interface

A component consists of a set of tasks, a list of provided functions, and a list of required functions Tasks are activated by internal or external requests (through the provided interface) Tasks can invoke external services (through the required interface)

5

Real-Time component

Component A Provided Interface Required Interface

activation activation periodic task call call call

A component consists of a set of tasks, a list of provided functions, and a list of required functions Tasks are activated by internal or external requests (through the provided interface) Tasks can invoke external services (through the required interface)

5

Temporal interface

What is a temporal interface ? Amount of computational resources assigned to the component Set of constraints on how to use the component’s functional interface How to specify the interface ? When analysing a component in isolation, we do not know :

the activation patterns of the provided services the maximum delay of required services

Timed interfaces :

we will consider all of them as parameters, and compute the schedulability region in the space of such parameters the obtained region is the parametric timed interface of our component 6

Component connection

Component A Component B Component C Component D

Integration

the overall system is correct if the intersection of all component interfaces is non-empty the intersection contains all valid values for the parameters 7

Temporal interfaces

How to compute the temporal interface of a component ? when considering only periodic independent tasks, (no provided/required methods)

many solutions in the literature (Lipari & Bini, Shih & Lee, etc.) However, not so much in the general case of interacting tasks

The resource requirements of a component depend on

the rate at which interface methods are called the delay of required methods the internal resource requirements (execution times)

Moreover :

components can have configuration parameters ! 8

Configuration parameters

Example : Image recognition component the execution time to process an image depends on its resolution the image resolution is a configuration parameter Configuration parameters may impact on the execution times how to express this variation in the interface ?

9

Solutions

1

The interface is computed only once the system is deployed

at that time, we know all the components, their activation rates, the configuration parameters, therefore, we can compute the all the interfaces however, we are going back to big monolithic systems !

1

We compute parametric interfaces

the temporal requirements and the constraints are parametric in the configuration of the component, and in the way it is used (worst-case activation rate, configuration parameters, etc.) more difficult, but truly component-based 10

Solutions

1

The interface is computed only once the system is deployed

at that time, we know all the components, their activation rates, the configuration parameters, therefore, we can compute the all the interfaces however, we are going back to big monolithic systems !

1

We compute parametric interfaces

the temporal requirements and the constraints are parametric in the configuration of the component, and in the way it is used (worst-case activation rate, configuration parameters, etc.) more difficult, but truly component-based 10

This presentation

I am going to present on-going research on two related problems :

1

Activation parameters

How to compute the temporal interface of a component when tasks are activated by remote procedure calls with unknown activation rates ?

• Y. Sun, G. Lipari, É. André, L. Fribourg, Toward

Parametric Timed Interfaces for Real-Time Components, SynCoP 2014

2

WCET parameters

Compute parametric resource requirements when the WCET of tasks depends on the parameters

• C. Ballabriga, J. Forget, G. Lipari, Symbolic WCET

Computation, to appear on ACM TECS

11

1

Introduction

2

Activation Parameters

3

Execution Time Parameters

4

Conclusions

12

Parametric Timed Automata

Finite state automaton (sets of locations and actions) augmented with

A set X of clocks (i.e., real-valued variables evolving linearly at the same rate [Alur and Dill, 1994]) A set P of parameters (i.e., unknown constants), used in guards and invariants [Alur et al., 1993]

Features

Location invariant : property to be verified to stay at a location Transition guard : property to be verified to enable a transition Clock reset : some of the clocks can be set to 0 at each transition 13

Inverse Method

Algorithm for the synthesis of parameters in PTA [André, Chatain, Encrenaz, Fribourg, 2009] Takes as input a reference parameter valuation π0, and outputs a constraint K generalizing this reference valuation p1 p2

K

·

π0

For all π | = K, the trace set is the same as for π0

14

Cartography

Principle : Tiling of the parametric space by iteratively calling the analysis [A. and Fribourg, 2010] Each tile has the same trace set Good or bad depending on the presence or not of deadline misses Good values for the parameters : union of all regions

15

Model of a task

Idle ActEvent Waiting stop{c} d ≤ D Running c ≤ N ∗ C∧ d ≤ D Deadline Missed arrival_event d := 0, c := 0, N := 1 arrival dispatch d = D preemption c < N ∗ C c < N ∗ C∧ d = D end c = N ∗ C arrival_event d < D d := 0, N := N + 1 arrival_event arrival_event d < D d := 0, N := N + 1 arrival_event

16

Activations

Modelled by a periodic arrival curve (from Real-Time Calculus)

α(t) = N + t

P

• Bursting

n :=0

ArrEvent p ≤ P

arrival_event n < Nu − 1 n := n + 1 arrival_event n = Nu − 1 p := 0 arrival_event p = P p := 0

17

Analysis

Now we have all the pieces

A parametric model, with parametric arrival curves In particular, our parameter is the period P A tool to find all good values of parameters

Example with 2 periodic tasks

τ1 = (31, T1, T1), τ2 = (49, T2, T2)

initial values T1 = 60 and T2 = 120,

However, the analysis does not converge !

why ?

Inverse Method finds all values for which we have trace equivalence with the initial valuation For periodic tasks, the trace repeats identically every hyperperiod H lcm T T Changing one parameter, even for a small amount, yields very different hyperperiods, so completely different traces !

18

Analysis

Now we have all the pieces

A parametric model, with parametric arrival curves In particular, our parameter is the period P A tool to find all good values of parameters

Example with 2 periodic tasks

τ1 = (31, T1, T1), τ2 = (49, T2, T2)

initial values T1 = 60 and T2 = 120,

However, the analysis does not converge !

why ?

Inverse Method finds all values for which we have trace equivalence with the initial valuation For periodic tasks, the trace repeats identically every hyperperiod H lcm T T Changing one parameter, even for a small amount, yields very different hyperperiods, so completely different traces !

18

Analysis

Now we have all the pieces

A parametric model, with parametric arrival curves In particular, our parameter is the period P A tool to find all good values of parameters

Example with 2 periodic tasks

τ1 = (31, T1, T1), τ2 = (49, T2, T2)

initial values T1 = 60 and T2 = 120,

However, the analysis does not converge !

why ?

Inverse Method finds all values for which we have trace equivalence with the initial valuation For periodic tasks, the trace repeats identically every hyperperiod H = lcm(T1, T2) Changing one parameter, even for a small amount, yields very different hyperperiods, so completely different traces !

18

Solution

In this work, we are not interested in trace equivalence, we want to make sure that a deadline miss never happens Therefore, we want to reduce the length of the analysed trace We stop analysis when we reach a safe condition, in which we know that no deadline miss will happen Since we are dealing with independent tasks, scheduled by fixed priority, we can use the Critical Instant and stop at the first idle time.

in this way, traces have bounded length, and the method easily converges 19

Example revisited :

τ1 = (31, T1, T1), τ2 = (49, T2, T2),

initial valuation T1 = 60, T2 = 120 Length of critical scenario 2C1 + C2 = 111 Length of critical scenario 2C1 + C2 = 111 T does not change the trace in the critical scenario T does not change the trace in the critical scenario 20

Example revisited :

τ1 = (31, T1, T1), τ2 = (49, T2, T2),

initial valuation T1 = 60, T2 = 120 Length of critical scenario 2C1 + C2 = 111 Length of critical scenario 2C1 + C2 = 111 T1 ∈ [56, 79] does not change the trace in the critical scenario T does not change the trace in the critical scenario 20

Example revisited :

τ1 = (31, T1, T1), τ2 = (49, T2, T2),

initial valuation T1 = 60, T2 = 120 Length of critical scenario 2C1 + C2 = 111 Length of critical scenario 2C1 + C2 = 111 T1 ∈ [56, 79] does not change the trace in the critical scenario T does not change the trace in the critical scenario 20

Example revisited :

τ1 = (31, T1, T1), τ2 = (49, T2, T2),

initial valuation T1 = 60, T2 = 120 Length of critical scenario 2C1 + C2 = 111 Length of critical scenario 2C1 + C2 = 111 T1 ∈ [56, 79] does not change the trace in the critical scenario T2 ≥ 112 does not change the trace in the critical scenario 20

Cartography

By applying IMITATOR with cartography, we obtain the following set

• f regions :

21

Applicability

The critical scenario approach can be used with : Generic arrival curves Generalized recurring task model (Baruah, Yi et Stigge) (work in progress) It cannot be applied to : Periodic tasks with offsets Generic self-suspending tasks Task pipelines with explicit activations Dependent tasks in general Generalization (?) we could use other techniques to bound the analysis interval and avoid the problem of non-convergence alternative solution : integer parameter synthesis

22

1

Introduction

2

Activation Parameters

3

Execution Time Parameters

4

Conclusions

23

Parametric WCET

Parametric Worst-case execution time (PWCET)

analysis of a sequential program produces a formula that represents the worst-case execution time of the program

Parameters are user-defined parameters of the program

loop bounds values of inputs values of configuration constants

PWCET can be used to

Explore the space of parameters efficiently Implement adaptive systems Implement Compositional analysis 24

CFG to CFT

First-step :

Binary code → Control Flow Graph → Control Flow Tree

b1 b2 b3 b4 b5 b6 Seq Loop(b1) b1 b5 b1 Alt b3 Seq b6 Loop(b2) b2 Seq b2 b4

25

Annotations

A context annotation ann(t) specifies the conditions (constraints) under which a sub-tree can be executed.

Example (Cache)

Loop(b2) b2 Seq b2 Alt b4h b4m

(b4m, lb2, 1) Annotation (b4m, lb2, 1) tell us that block b4m can only execute

• ne time every time loop lb2 is entered.

26

Abstract WCET

The Abstract WCET α of a sub-tree t represents the set of possible WCETs of the sub-tree, for every iteration of a loop l that contains the sub-tree.

α = (l, η)

where l is a loop header and η is a multiset

Example (Cache)

In the cache example, the Abstract WCET of the Alt node is :

(lb2, {w(b4m), w(b4h), w(b4h), w(b4h), ...})

27

Computing Abstract WCET

Key observation : The CFT is similar to an Abstract Syntax Tree

Leaves correspond to basic blocks (terminal) Seq represents the sum of the Abs. WCETs of the children Alt represents the max of the Abs. WCETs of the children Loop represents a linear formula (body × iter. + exit)

Therefore, we can define an algebra of Abstract WCETs, and transform the CFT into a formula

Example (Cache)

For the internal loop, assuming k iterations, and w(b2) = 2, w(b4) = 4 : w(Loop(b2)) = (⊤, pack(⊤, {6}, k) ⊕ (⊤, {2}))

28

Grammar

Our grammar w

::=

const | id | w↓(h,it) | w ⊕ w | w ⊎ w | (w, w, b)it h

::=

b | id it

::=

i | id id is an unknown parameter that can represent :

the WCET of a basic block ; the number of iterations it of a loop ; a loop header h.

We can perform some elementary simplifications to reduce the size of the formula Known limitations : currently, we cannot relate different parameters with each other to further simplify the formula.

29

Performance

The method has been implemented in OTAWA

Formula size Time (ms) Pessimism (%) Bench CFG Initial Final Common Us ILP Us Min Max MPA matmult 111 130 5 1105 1 0.01 0.00 3.88 0.31 cnt 153 284 3 2278 2 8 0.15 0.00 3.59 30.4 fft 391 453 8 2968 4 16 0.00 0.00 1.51

• compress

694 906 3 4760 11 40 0.02 0.01 0.03

• lift

814 1799 5 5130 19 40 1.51 0.05 2.29

• adpcm

2032 2211 3 10688 67 272 0.01 0.01 0.33

• aes_enc

2205 2651 2 4914 30 260 0.04 0.03 0.04

• powerwindow

3738 4453 24 45702 224 4192 0.01 0.01 1.43

• fbw

10612 27251 2 36940 1198 8960 2.62 0.03 7.05

• audiobeam

12299 47248 37 56566 1222 12824 0.12 0.00 0.49

• mpeg2

38612 1658109 3 267332 12221

> 1 week

• Table – Benchmarking results

30

PWCET and components

How to integrate PWCET formulae in Compositional analysis ?

1

Linear parametric formulae can be used in PTA to specify execution times

Problem : PWCET may produce non-linear formulae Need to find linear upper bounds → approximations

1

Express WCET as unknown parameters, then try to solve a general (non-linear) constraint

Problem : Difficult to express relationships between the WCETs

→ more complex model

31

1

Introduction

2

Activation Parameters

3

Execution Time Parameters

4

Conclusions

32

Conclusion

A true component-based methodology implies a compositional analysis Componenent are analysed in isolation of each other Analysis of the whole system is composed from components’ analysis Temporal interfaces Constraints on resources and on usage (worst-case rate of activations) Inherently parametric, as resource requirements depends on usage and on configuration Work-in-progress A methodology for compositional analysis of dependent components

33

Conclusion

A true component-based methodology implies a compositional analysis Componenent are analysed in isolation of each other Analysis of the whole system is composed from components’ analysis Temporal interfaces Constraints on resources and on usage (worst-case rate of activations) Inherently parametric, as resource requirements depends on usage and on configuration Work-in-progress A methodology for compositional analysis of dependent components

33

Conclusion

A true component-based methodology implies a compositional analysis Componenent are analysed in isolation of each other Analysis of the whole system is composed from components’ analysis Temporal interfaces Constraints on resources and on usage (worst-case rate of activations) Inherently parametric, as resource requirements depends on usage and on configuration Work-in-progress A methodology for compositional analysis of dependent components

33

Questions

34