1 / 28

CSCI 599 - Formal Methods Concurrency Examples

CSCI 599 - Formal Methods Concurrency Examples . Gas Station and Cruise Control Specifications Ronnie Apcar Edwin Chiu Hasmik Jerejian November 2, 2000. CSCI 599 Formal Methods November 2, 2000. Concurrency Examples R. Apcar, E. Chiu, H. Jerejian. Agenda . Concurrency Issues

mea
Download Presentation

CSCI 599 - Formal Methods Concurrency Examples

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CSCI 599 - Formal Methods Concurrency Examples Gas Station and Cruise Control Specifications Ronnie Apcar Edwin Chiu Hasmik Jerejian November 2, 2000 CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  2. Agenda • Concurrency Issues • Brief Tutorial of Petri Nets • The Gas Station Specification • The Cruise Control Specification • Concluding Remarks • Q&A CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  3. Concurrency Issues • Synchronization and Communication • Resource sharing • Deadlock • Starvation • Non-determinism CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  4. Tutorial of Petri Nets • What are Petri Nets? • Petri Nets are a graphical formalism for systems specification • Petri Nets are formed from finite sets of • Places • Transitions • Arrows connecting either places to transitions or transitions to places CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  5. Tutorial of Petri Nets (2) • A Petri Net (PN) is given a state by marking its places. • Marking of a PN consists of assigning a nonnegative integer to each place. • Graphically, tokens are inserted in places of a PN • Input place - arrow goes from the place to the transtion • Output place - arrow goes from the transition to the place CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  6. Tutorial of Petri Nets (3) CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  7. Tutorial of Petri Nets (4) CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  8. Tutorial of Petri Nets (5) • A transition may have one or more Input and Output places • A transition is enabled if there is at least one token in each of its input places. • An Enabled transition may fire: • one token is removed from each input place and one token is inserted in each ouput place of the transition CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  9. Tutorial of Petri Nets (6) • A Petri Net as a four-tuple (P,T,I,O), where • P is a set of places • T is a set of transitions • I is an input function: • for places leading into a transition • O is an output function • for places leading out of a transition CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  10. Tutorial of Petri Nets (7) • Describing Concurrent Systems with PN • Transitions - model events or actions • Transition Firings - model occurrence of events or execution of actions • Presence of tokens - denote existence of some condition, that allow an event or action • Transitions are concurrent - if enabled, firing of one does not prevent others from firing CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  11. Tutorial of Petri Nets (8) • Starvation • a process never receives access to a needed resource • Deadlock • iff no transition is enabled in that marking • Live • no deadlock can ever occur CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  12. Tutorial of Petri Nets (9) • Limitations and extensions of Petri Nets • similar to FSMs (Finite State Machines), control-oriented model • tokens are anonymous • solution: assigning values to tokens • not possible to specify selection policy • solution: prioritizing transitions • timing issues - don’t take time into account • solution: Timed PN CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  13. P2 P3 P1 1 3 4 4 7 t1 t2 P4 P5 Tutorial of Petri Nets (10) Assigning values to tokens - Predicates and Functions t1 associations: P2 > P1 and P4 := P2 + P1 t2 associations: P3 > P2 P4 := P3 + P2 P5 := P2 + P3 CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  14. Tutorial of Petri Nets (11) Producer-Consumer CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  15. Tutorial of Petri Nets (12) Producer-Consumer CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  16. AssumptionsGas Station Example • Assumptions • The gas filling process begins when a customer presses a nozzle, after which time the type of gas being filled cannot be changed. • The pump nozzle and common storage tank sensors continuously sense tank fill status. • When the set threshold of any one of the 3 common storage tanks is reached, all the pump nozzles associated with that storage tank are disabled. CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  17. AssumptionsGas Station Example (2) • Assumptions • No more than one customer can be pulled up to a particular pump at any one time, thereby eliminating the previously specified race conditions. • Each pump’s meter provides the following information: • Amount of gas dispensed in gallons • Total price of amount of gas dispensed. CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  18. Gas Station Example Tank Component Operator: Refill_Done Operator: Enable_Pump External: Refill_Status Operator: Schedule_Refill CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  19. Gas Station Example Operator Component External: Refill Event Tank: Reactivate_Fueling Tank: Refill_Detected Customer: Go_To_Operator Pump: Available Serve Customer: At_Pump Tank: Not_Empty CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  20. Gas Station Example Pump Component Customer: Drive_Away Operator: Enable_Pump Customer: Pumping Customer: Drive_Up Customer: Drive_Up External: Tank_Full Not_Available Customer: Change_Status Customer: Stop_Pumping CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  21. Gas Station Example Customer Component Pump: Available Pump: Available Pump: Not_Available Operator: Serve Operator: Available Operator: Available Operator: Busy Pump: Change_Status Operator: Customer_Paid Pump: Nozzle_Sensor CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian Operator: Enabled Tank: Not_Empty Pump: Start_Fueling

  22. Gas Station Example Example Linking Components CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  23. AssumptionsCruise Control Example • Assumptions • The six CC actions are implemented as pairs of actions on three separate steering column turn levers: on/off, set speed/resume speed, and accelerate/decelerate. • Order of precedence for the CC actions: • on/off • set speed/resume speed • accelerate/decelerate. CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  24. AssumptionsCruise Control Example (2) • Assumptions • When the cruise control system is enabled and either the accelerator pedal or brake pedal is depressed, the cruise control system is disabled and remains so until either set speed or resume speed is activated. • Cruising speed in uphill and downhill driving conditions is not maintained by the cruise control system, and thus not modeled in the following specification. CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  25. Cruise Control Example Engine Component CC: Turn_CC_Off CC: Turn_CC_On CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  26. Cruise Control Example Gas/Break Pedal Components CC: Disable_Cruising CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  27. Cruise Control Example Gas/Break Pedal Components Engine: On Gas/Break: Pressed CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

  28. Concluding Remarks • Challenges • Enforcing a certain selection property • Maintaining global conditions throughout the system for all the states of the components • Modeling complex multiple concurrencies • Modeling data storage and access (e.g. Notion of variables in a programming language) CSCI 599 Formal Methods November 2, 2000 Concurrency Examples R. Apcar, E. Chiu, H. Jerejian

More Related