Page 1 ... derived system implementations as well as JADE, a tool that sup- ports the complete ... Therefore, the use of optimization techniques appears as.
JADE: An Embedded Systems Specification, Code Generation and Optimization Tool Cristiano L. Pereira Di´ogenes C. da Silva Jr.
Reuber G. Duarte Claudionor J. N. Coelho Jr. Antˆonio O. Fernandes Luciana L. Ambrosio Luciana H. Canaan LECOM / DCC / UFMG – Federal University of Minas Gerais - Brazil email: ligieri,reuber,coelho,dgns,otavio,leal,lucanaan @dcc.ufmg.br
�
Abstract Market pressures with ever-increasing complexity and shorter time urges the use of formal methods in the system development process to produce new systems faster and cheaper due to the capacity to automate the verification, simulation and code generation. A problem that comes up, however, is that code generated from formal languages is not the most efficient because of the mapping between the specification and the implementation models. To cope with this, we present an optimization technique to enhance the performance of SDL (Specification and Description Language) derived system implementations as well as JADE, a tool that supports the complete development process, from the specification to the implementation.
1. Introduction As system design gets more complex and a highly competitive market requires new and more powerful products in shorter periods of time, the need of formal methods in system development process increases. Formal methods are mathematically based techniques used for describing system properties unambiguously. Formal methods are based solely on the use of formal languages, which allows the production of systems faster and cheaper due to the capacity to automate the verification, simulation and code generation processes systematically rather than in an ad hoc manner. The mathematical foundation of formal languages also enables total compliance between the specification, verification and implementation phases. A problem that comes up, however, is that code generated from formal languages is not the most efficient one. As shown in [10, 6, 5], this is mostly due to the fact that the specification model is not the most efficient to be used in the implementation phase but it is the one that guarantees full coherence between both. Therefore, the use of optimization techniques appears as a solution to the lack of efficiency of implementations derived from formal languages. The optimization consists in
some transformations in the implementation model in order to increase its efficiency. A challenge, however, is that the optimization must still keep the implementation compliant with the specification in order to be valid. Consequently, the transformations must be done very carefully so that they do not change the specification semantics. In this paper we propose a technique to optimize system implementations from a formal specification language called SDL (Specification and Description Language). Our approach aims to compose groups of SDL processes into a single process so that less overhead processing is wasted with context switching and process communication. Consequently the system performance is improved. We also show JADE, a specification tool that supports the complete design process, from the specification to the code generation and optimization. This paper is outlined as follows. Section 2 presents the related work concerning optimization techniques from SDL specifications and Section 3 gives an overview of the SDL language. Section 4 describes our optimization technique followed by Section 5, that shows JADE, a specification and code generation tool based on this technique. Section 6 presents two examples of the optimization applied in the SDL specifications of a scanner prototype and a reliable and connection-oriented protocol called XDT and finally Section 7 we present the conclusions.
2. Related Work Code generation and optimization from SDL systems specification is a topic that has already been addressed in the literature. The justification for the optimization is the same as we stated – lack of efficiency of implementations automatically derived from the specification. In [11], some aspects related to performance of SDL systems are discussed. Many of them are related to design and implementation phases where the implementation issues are the most relevant to the final system performance. The implementation
model defines the mapping between the specification and the generated code such as how the processes are mapped; how the dynamic behavior (or dynamic process creation) of the system is addressed and more. With respect to code optimization from SDL protocol specifications, Leue [10, 9] proposed an optimization technique based on the exploration of the inherent parallelism of protocol specifications by the systematic anticipation of what they called ”common cases”. They first derive a data and control dependency graphs from each SDL process. Then they optimize and parallelize operations related to processing a packet along the way the packet enters the protocol stack to where it exits. In [6, 5], Henke shows a technique for optimization of communication protocols specified in SDL. In this work, the SDL specification or part of it is transformed into a single operating system thread, each SDL process is transformed in a function and some assumptions regarding the synchronicity of the system with respect to the external environment are taken.
3. The SDL Language SDL is a formal language defined by the ITU (International Telecommunication Union) Z.100 recommendation [2]. It is broadly used in the telecommunication domain, specially on protocol specifications, as well as on the specification of reactive real-time and embedded systems. Since SDL is a formal language, it is widely used for specification, verification, simulation and code generation processes. An SDL specification is basically a hierarchical data flow with Extended Finite State Machines (EFSM) at the bottom level. The main structure of a SDL specification is the system entity, that provides the framework for the description and defines the interface of the system with the external world. Inside the system entity, blocks can be defined. The main function of a block is to define the specification structure. Blocks communicate with each other and with the external environment via messages sent through structures called channels. Each block contains a set of processes. A SDL process is a EFSM that communicates with other processes via signals using structures called signals routes. Each process possesses an infinite queue in which all incoming signals are stored and consumed according to FIFO (First-In-First-Out), with some exceptions. If a signal is expected in the current state of the process, the transition related to this event is executed. Otherwise the signal is discarded unless it is saved in the queue by means of the save construct. SDL follows a totally asynchronous model of computation that combines characteristics of processes networks [7] with FSMs. Each SDL process executes concurrently and the specification behavior of a SDL system is the sum of the individual behaviors of each specification process. SDL
also allows new abstract data types definitions and dynamic creation of processes. Details about the SDL language can be found in [2, 3].
4. Code Generation and Optimization Model In this section we explain our optimization technique. In order to do this, we first give an overview of our approach. Then we formalize the representation of a SDL specification and based on this formalization we state how to optimize the specification. The approach proposed in this article is similar to the one proposed by Henke [6, 5] in the sense that we also reduce the number of concurrent threads in the implementation. We also impose some restrictions to the specification model or part of it and then we compose groups of SDL processes into a single process. The major difference is that in our method the processes are not transformed into functions. Rather they are composed through a product between their internal states avoiding in this way the function calls extra overhead.
4.1. Overview of the approach The mapping between the specification and implementation is the main reason to the inefficiency of implementations derived from formal specifications. In SDL, each process is associated with an input queue from which signals are read. The implementation model which directly follows this behavior is called server model, where each process consumes signals from its input queue until the queue gets empty and the process blocks. The same number of processes from the specification is kept in the implementation. The problem is that the basic execution entity in a SDL specification is the process. Based on this, we claim that for modularity reasons, the user can divide the specification in too many processes that do not work truly concurrently and asynchronously. This adds overhead to the system implementation because more than necessary resources are wasted with context switching and process communication. We propose a technique to deal with this inefficiency, where we try to aggressively compose groups of processes from the specification into a single implementation process. This composition is performed from the state product among the processes of the group. The state product is extracted from the reachability state graph of the process group. The designer must choose the processes to be grouped using his/her intuition. In order to compose them, some assumptions regarding their behavior must be considered (Section 4.3).
4.2. Formal Model for a SDL Specification 4.2.1. Signals and Queues A message or signal (from now on we will use the term message) instance received/sent in a SDL specification can be defined by the tuple where is the ID of the sender process, is the name or tag message (Each is associated with a set of values that the message can convey) and is the value received/sent in the specification among the possible values for the signal with tag . A message representing an environment temperature, for where example, can be represented by is the message tag, 22 is the signal value and the ID of the sender. A non-valued message can be represented by . Over a message instance in the form, we can apply the operator , which returns the message tag and , which returns the message sender. represents the set of all possible message instances and the set of all possible message instances sequences where denotes an is a signal sequence empty sequence. A queue where the sequence size is . The number of elements which have a tag in a queue is defined as . Over a queue we can also apply the operations enqueue and dequeue, that inserts and retrieves messages to and from the queue respectively, according to the SDL semantics.
���
��
���#� �'&)(+*,('-/.��!0�"
������� � ����� ����� ��� � � � ��� � �
����� ���������!�#"
�
�
���$�%�
�
31 25476��98 � � :
