Simon Bliudze

The Algebra of Connectors—Structuring Interaction in BIP

We provide an algebraic formalization of connectors in the BIP component framework. A connector relates a set of typed ports. Types are used to describe different modes of synchronization, in particular, rendezvous and broadcast. Connectors on a set of ports P are modeled as terms of the algebra AC(P), generated from P by using a binary fusion operator and a unary typing operator. Typing associates with terms (ports or connectors) synchronization types - trigger or synchron - that determine modes of synchronization. Broadcast interactions are initiated by triggers. Rendezvous is a maximal interaction of a connector that includes only synchrons. The semantics of AC(P) associates with a connector the set of its interactions. It induces on connectors an equivalence relation which is not a congruence as it is not stable for fusion. We provide a number of properties of AC(P) used to symbolically simplify and handle connectors. We provide examples illustrating applications of AC(P), including a general component model encompassing methods for incremental model decomposition and efficient implementation by using symbolic techniques.

A Notion of Glue Expressiveness for Component-Based Systems

Comparison between different formalisms and models is often by flattening structure and reducing them to behaviorally equivalent models e.g.automaton and Turing machine. This leads to a notion of expressiveness which is not adequate for component-based systems where separation between behavior and coordination mechanisms is essential. The paper proposes a notion of glue expressiveness for component-based frameworks characterizing their ability to coordinate components. Glueis a closed under composition set of operators mapping tuples of behavior into behavior. Glue operators preserve behavioral equivalence. They only restrict the behavior of their arguments by performing memoryless coordination. Behavioral equivalence induces an equivalence on glue operators. We compare expressiveness of two glues G 1 and G 2 by considering whether glue operators of G 1 have equivalent ones in G 2 (strong expressiveness). Weak expressiveness is defined by allowing a finite number of additional behaviors in the arguments of operators of G 2 . We propose an SOS-style definition of glues, where operators are characterized as sets of SOS-rules specifying the transition relation of composite components from the transition relations of their constituents. We provide expressiveness results for the glues of BIP and of process algebras such as CCS, CSP and SCCS. We show that for the considered expressiveness criteria, glues of the considered process calculi are less expressive than general SOS glue. Furthermore, glue of BIP has exactly the same strong expressiveness as glue definable by the SOS characterization.

The algebra of connectors: structuring interaction in BIP

We provide an algebraic formalization of connectors in the BIP component framework. A connector relates a set of typed ports. Types are used to describe different modes of synchronization, in particular, rendezvous and broadcast. Connectors on a set of ports P are modeled as terms of the algebra AC(P), generated from P by using a binary fusion operator and a unary typing operator. Typing associates with terms (ports or connectors) synchronization types - trigger or synchron - that determine modes of synchronization. Broadcast interactions are initiated by triggers. Rendezvous is a maximal interaction of a connector that includes only synchrons. The semantics of AC(P) associates with a connector the set of its interactions. It induces on connectors an equivalence relation which is not a congruence as it is not stable for fusion. We provide a number of properties of AC(P) used to symbolically simplify and handle connectors. We provide examples illustrating applications of AC(P), including a general component model encompassing methods for incremental model decomposition and efficient implementation by using symbolic techniques.

Causal Semantics for the Algebra of Connectors

The Algebra of Connectors is used to model structured interactions in the BIP component framework. Its terms are connectors , i.e. relations describing synchronization constraints between the ports of component-based systems. Connectors are structured combinations of two basic synchronization protocols between ports: rendezvous and broadcast . They are generated from the ports of P by using a binary fusion operator and a unary typing operator. Typing associates with terms (ports or connectors) synchronization types: trigger or synchron . In a previous paper, we studied interaction semantics for which defines the meaning of connectors as sets of interactions. This semantics reduces broadcasts into the set of their possible interactions and thus blurs the distinction between rendezvous and broadcast. It leads to exponentially complex models that cannot be a basis for efficient implementation. Furthermore, the induced semantic equivalence is not a congruence. For a subset of , we propose a new causal semantics that does not reduce broadcast into a set of rendezvous and explicitly models the causal dependency relation between triggers and synchrons. The Algebra of Causal Trees formalizes this subset. It is the set of the terms generated from interactions on the set of ports P , by using two operators: a causality operator and a parallel composition operator. Terms are sets of trees where the successor relation represents causal dependency between interactions: an interaction can participate in a global interaction only if its parent participates too. We show that causal semantics is consistent with interaction semantics. Furthermore, it defines an isomorphism between and the set of the terms of involving triggers. Finally, we define for causal trees a boolean representation in terms of causal rules .

Modelling of Complex Systems: Systems as Dataflow Machines

We develop a unified functional formalism for modelling complex systems, that is to say systems that are composed of a number of heterogeneous components, including typically software and physical devices. Our approach relies on non-standard analysis that allows us to model continuous time in a discrete way. S ystems are defined as generalized Turing machines with temporized input, internal and output mechanisms. Behaviors of systems are represented by transfer functions. A transfer function is said to be implementable if it is associated with a system. This notion leads us to define a new class - which is natural in our framework - of computable functions on (usual) real numbers. We show that our definitions are robust: on one hand, the class of implementable transfer functions is closed under composition; on the other hand, the class of computable functions in our meaning includes analytical functions whose coefficients are computable in the usual way, and is closed under addition, multiplication, differentiation and integration. Our class of computable functions also includes solutions of dynamical and Hamiltonian systems defined by computable functions. Hence, our notion of system appears to take suitably into account physical systems.

Synthesizing glue operators from glue constraints for the construction of component-based systems

We study glue operators used in component-based frameworks to obtain systems as the composition of atomic components described as labeled transition systems (LTS). Glue operators map tuples of LTS into LTS. They restrict the behavior of their arguments by performing memoryless coordination. In a previous paper, we have proposed a simple format for SOS rules that captures, in particular, glue operators from known frameworks such as CCS, SCCS, CSP, and BIP. This paper studies a new way for characterizing glue operators: as boolean glue constraints between interactions (sets of ports) and the state of the coordinated components. We provide an SOS format for glue, which allows a natural correspondence between glue operators and glue constraints. This correspondence is used for automated synthesis of glue operators implementing given glue constraints. By focusing on the properties that do not bear computation, we reduce a very hard (and, in general, undecidable) problem of synthesizing controllers to a tractable one. The examples in the paper show that such properties are natural and can be expressed as glue constraints in a straightforward manner. Finally, we compare expressiveness of the proposed formalisms with the glue used in the BIP framework and discuss possible applications.

Applying Model Checking to Industrial-Sized PLC Programs

Programmable logic controllers (PLCs) are embedded computers widely used in industrial control systems. Ensuring that a PLC software complies with its specification is a challenging task. Formal verification has become a recommended practice to ensure the correctness of safety-critical software, but is still underused in industry due to the complexity of building and managing formal models of real applications. In this paper, we propose a general methodology to perform automated model checking of complex properties expressed in temporal logics [e.g., computation tree logic (CTL) and linear temporal logic (LTL)] on PLC programs. This methodology is based on an intermediate model (IM) meant to transform PLC programs written in various standard languages [structured text (ST), sequential function chart (SFC), etc.] to different modeling languages of verification tools. We present the syntax and semantics of the IM, and the transformation rules of the ST and SFC languages to the nuXmv model checker passing through the IM. Finally, two real cases studies of the European Organization for Nuclear Research (CERN) PLC programs, written mainly in the ST language, are presented to illustrate and validate the proposed approach.

Formal Verification of Infinite-State BIP Models

We propose two expressive and complementary techniques for the verification of safety properties of infinite-state BIP models. Both our techniques deal with the full BIP specification, while the existing approaches impose considerable restrictions: they either verify finite-state systems or they do not handle the transfer of data on the interactions and priorities.

Architecture internalisation in BIP

We consider two approaches for building component-based systems, which we call respectively architecture-based and architecture-agnostic. The former consists in describing coordination constraints in a purely declarative manner through parametrizable glue operators; it provides higher abstraction level and, consequently, stronger correctness by construction. The latter uses simple fixed coordination primitives, which are spread across component behaviour; it is more error-prone, but allows performance optimisation. We study architecture internalisation leading from an architecture-based system to an equivalent architecture-agnostic one, focusing, in particular, on component-based systems described in BIP. BIP uses connectors for hierarchical composition of components. We study connector internalisation in three steps. 1) We introduce and study the properties of interaction expressions, which represent the combined information about all the effects of an interaction. We show that they are a very powerful tool for specifying and analysing structured interaction. 2) We formalize the connector semantics of BIP by using interaction expressions. The formalization proves to be mathematically rigorous and concise. 3) We introduce the T/B component model and provide a semantics preserving translation of BIP into this model. The translation is compositional that is, it preserves the structure of the source models. The results are illustrated by simple examples. A Java implementation is evaluated on two case studies.

An Operational Semantics for Hybrid Systems Involving Behavioral Abstraction

We discuss the challenges of building a simulation framework for hybrid systems, in particular the well-known Zeno effect and correct composition of models idealised by abstracting irrelevant behavioural details (e.g. the bounce dynamics of a bouncing ball or the process of fuse melting in an electrical circuit). We argue that the cornerstone of addressing these challenges is the definition of a semantic framework with an appropriate underlying model of time. Using two simple examples, we illustrate the properties of such a model and explain why existing models are not sufficient. Finally, we propose a new Zeno-free semantic model that allows mixing discrete and continuous behaviour in a rigorous way and provides for the compositional behavioural abstraction. Although it is based on non-standard analysis, we explain how our semantic model can be used to develop hybrid system simulators.