Interfaces for Control Components

Interfaces for Control Components

Interfaces for Control Components Rajeev Alur University of Pennsylvania Joint work with Gera Weiss (and many others) Interface-based Control Design Control Designs Interface: Simplified description useful for system integration Implementation Platforms

Interface Specs: Desirable Properties Compositional: Design each component in isolation Dependable: If interface spec is satisfied, performance goals are met Separation of concerns: Between control and software engineers Analyzability: Tool support to check if all interface specs can be met Execution Period as Interface Spec

Control Designer: Does sampling frequency ensure performance spec? 5 ms Discrete-time control theory 3 ms Interface: Period at which sense-compute-actuate cycle to be executed System Integrator: Can resource requirements of all the components be met? Platform-specific WCET analysis

Real-time scheduling theory Execution Period as an Interface Spec Challenges: Composition, adaptation to changes in resource availability, online admission control, performance optimization Composing two periodic specs does not give periodic spec Should component be executed more frequently, if possible? How does period relate to control performance ? Time-triggered Resource Scheduling

Plant 1 Controller 2 Controller 1 Resource Controller 1 Controller 2 Time

Plant 2 Automata Based Interfaces Generalization of the periodic interface: Automaton (regular language) for each component specifying allowed patterns of resource allocations 1 0 1 1 1

0 Spec: Component must get at least one slot in a window of 4 slots 0 0: Slot not allocated to the component 1: Slot allocated to the component Automata Based Interfaces Infinite schedules specified using Buchi automata 1

0 0 Spec: Component must get infinitely many slots 1 Example specs: Component must get at least 2 slots in a window of 5 Eventually component must get every alternate slot Periodic: (k 0s . 1) *

Composing Specs Composition : Rename followed by intersection (product) 1 1 1 0 0 0

1 1 Component A 0 1 1 1 1

0 Component B 1 Rename A Rename 0

A B 0/B A 0/A 0/A B A Product

A B A 0 B Schedulability Test: Check if composition of all specs is nonempty Analyzing stability with resource scheduling

Different dynamics based on controller has the resource or not t models elapsed time Transitions happen at the beginning of intervals Next discrete mode is determined by the schedule Challenge: Compute set of schedules s for which system is stable

Stable modes Stability stable stable unstable Switching may introduce instability ! Can we express stability with a Finite Automaton?

Answer: No! (Language of stable schedules is not regular) Proof: Transform a stable word to an unstable one by pumping Exponential Stability Regular Exp. Stability Stability Quantified version of stability

Automata-based Interfaces Control Designer: Specify all acceptable allocation sequences as a regular language E.g. Periodicity, Exponential stability, Fairness Interface: Regular language for desired allocation on time-triggered platform System Integrator: Can resource requirements of all the components be met? Find a schedule acceptable to all using automata constructions

Talk Overview Motivation Embedded Control Software Networked Control Systems Wireless Control Networks Embedded Control Software Java ??? Discrete Control (Software) Sensors Actuators

Physical Plant (Continuous Dynamics) Java for Real-Time Java Bytecode portability Component based Java RTS Real-time guarantees No timing portability! Can I run the same code on a faster machine and expect better performance?

RTComposer A tool for building modular Real-Time Java applications RTComposer Interrupts Non Real-Time Real-Time Java Real-Time Operating System Component: Java Class + Automaton specifying patterns of method calls

Logical Execution Time Macro Schedule: Assignment of methods to time slots Micro Schedule: CPU scheduling within each slot I/O I/O I/O I/O

I/O Macro Micro Short method Component 1 Heavy method Component 2

Interrupts Tasks finish in allotted slots Dynamics determined by macro schedule Dynamics determined by macro schedule We use automata interfaces for specifying macro schedules Example component Class signature: public class Example { void p() {...}; void q() {...}; void r() {...}; } Requirement:

Temporal logic: Automaton: Methods p and q not invoked for 3 consecutive slots Dynamics determined by macro schedule q must run in the next slot Proposed Methodology Component Automaton empty? Component

Automaton Product Automaton Which methods can be executed together within a slot? Platform Automaton Macro Scheduler

inter-slot schedule Interrupts Background tasks Micro Scheduler intra-slot schedule CPU Timing Portability Bytecode portability is not enough for real-time systems Previous approaches: Same timing on fast and slow machines [Giotto, Metronome, Exotasks]

Displacement (millimeters) RTComposer: Faster machines allow better performance (faster convergence) Time (milliseconds) Dynamic Scheduling Static schedules [Giotto, Exotasks]: Same set of methods in all execution slots. Displacement (millimeters)

RTComposer: Dynamic assignment of methods to execution slots allows to adjust to changing conditions Time (milliseconds) Talk Overview Motivation Embedded Control Software Networked Control Systems Wireless Control Networks

Networked Control Systems Systems where control loops are closed through a real-time network State of the art: Static time-triggered scheduling mechanisms Our focus: Dynamic network scheduling based on sensor reading Resource Allocation for Communication

High Priority Low Priority When should the node near the sensor send messages? Static Schedules Advantages: Lightweight implementation, analyzable Limitation: Cannot adjust to changing conditions Challenge: Use sensor reading to generate schedules?

Constraint: Light-weight and analyzable computation Automata Based Dynamic Scheduling Challenge: Design such automata in a systematic way Problem Formulation Switched System rand

Transducer First Step: Alarm Automaton Computing the Guards From Automaton to Transducer Switched System Transducer ???

rand This scheme ensures stable words, unless the initial state is bad Scheduling Scheme Simulation Results Varying Load Static schedules will give worst case response all the time

Simulation Results Sporadic Disturbances A static schedule must keep a constant (high) network load With our approach: High load comes only after disturbances State of the Work 1. Automaton generation in Mathematica

2. Simulation in TrueTime based on Network Code Machine 3. Software prototype on CAN, Ethernet+RTLinux 4. FPGA IP core working at line speed on 100Mb Ethernet Courtesy of Robert Trausmuth et al. Talk Overview Motivation Embedded Control Software Network Control Systems

Wireless Control Networks Motivation Growing use of wireless technologies for control Sensors, controllers, and actuators communicate using multi-hop network Aspects: Control design, network topology, routing, scheduling Compositional analysis for co-design of network and control Multi-Hop Control Networks

A distributed system of sensor and actuator nodes interconnected by communication links: Plant 2 Plant 1 Controller measureme nt feedback

Plant 3 WirelessHART Time Division Multiple Access (TDMA) Each device maintains a precise sense of time Communication is done in pre-scheduled time frames A periodic schedule, called Superframe, is distributed Challenge: Systematic design and evaluation of schedules?

Formal Model Dynamics of plants and controllers, names of input and output signals Communication channels, assignment of signals to nodes, and routing Example Plant

2 1 Plant 1 2 Controller 3 4

Plant 3 Resource Allocation Schedules Exampl e Plant 2 Plant 1

1 2 3 4 Plant 3 Controller

Switched System Semantics Mathematica Based Tool Multi-Hop Control Network Switched Systems Schedules &

Controller Design Input syntax: the mathematical model presented earlier Automatic translation to switched systems Experimental implementation of some design methodologies Supports compositional analysis (separate model for each control loop)

Example 1: Controller Design We demonstrate an application of the following recipe: 1)Model the Multi-Hop Control Network, including schedules 2)Design a parametric controller for each control loop 3)Resolve parameters, using the Mathematica based tool, by requiring stability of the switched system Example 1: Controller Design 1

2 Controller Plant 3 4 Multi Hop Control Network Obtain a switched system dynamics

Choose parameters by solving a pole assignment equation Example 2: Stability Verification 1 Plant 3 2 4

Controller Example 3: Compositional Analysis Plant 1 Controller Plant 2 Case Study Separation of minerals using floatation cells Boliden mine, Garpenberg, Sweden 17 Control loops communicating using WirelessHART

Computed set of acceptable schedules/routes for each loop Schedule generated by interesecting 17 automata using NuSMV Shortest path generated by SMV as a counter-example to the claim that no schedule exists that is acceptable to all References Automata based interfaces for control and scheduling Weiss, Alur. HSCC 2007 RTComposer: A framework for real-time components with scheduling interfaces Alur, Weiss. EMSOFT 2008 Specification and analysis of network resource requirements of control systems

Weiss, Fischmeister, Anand, Alur. HSCC 2008 Modeling and analysis of multi-hop control networks Alur, DInnocenzo, Johansson, Pappas, Weiss. RTAS 2008 Scalable scheduling algorithms for wireless networked control DInnocenzo, Weiss, Alur, Isaksson, Johansson, Pappas. CASE 2009 Recap: Automata-based Interfaces Control Designer: Specify all acceptable allocation sequences as a regular language E.g. Periodicity, Exponential stability, Fairness Interface: Regular language for desired allocation on time-triggered platform

System Integrator: Can resource requirements of all the components be met? Find a schedule acceptable to all using automata constructions Applications: Real-time Java components, Networked sensors/actuators Wireless control network (WirelessHART)

Recently Viewed Presentations

  • HRA / FSA Training

    HRA / FSA Training

    Transition to HealthEquity®HSA Fund Administrator. Group 51+ Producer Training [Anne/Christine]Good _____ [afternoon/morning] and welcome to the "Transition to HealthEquity HSA Fund Administrator" producer training for large, fifty-one plus groups.Thank you for joining us today. Before we get started, I do...
  • Sport and Recreation Spatial Background and demonstration Background

    Sport and Recreation Spatial Background and demonstration Background

    VicHealth research practice fellowship- 2011-2015. Aim: Data analysis to inform growth in sport participation in Victoria ... Mission. Provide leading-edge GIS/spatial know-how and research techniques to measure the impact of current sports industry on health, community wellness, facilities and ...
  • SSM/I Sea Ice Concentrations in the Marginal Ice Zone* A ...

    SSM/I Sea Ice Concentrations in the Marginal Ice Zone* A ...

    SSM/I Sea Ice Concentrations in the Marginal Ice Zone A Comparison of Four Algorithms with AVHRR Imagery submitted to IEEE Trans. Geosci. and Rem. Sensing ... Summer Mixing Method June 2001 - August 2001 Assume Channel 2 (0.72-1.10 m) albedo...
  • Questions for Discussion - University of Pittsburgh

    Questions for Discussion - University of Pittsburgh

    Meta-Analysis of Risk of Multiple Myeloma in Petroleum Workers 22 cohort studies of >250,000 workers 220.93 deaths expected; 205 observed SMR 0.93; 95% CI 0.81-1.07 Bergsagel et al; Blood, 1999 Nested Case Control Study of Multiple Myeloma and AML >18,000...
  • Starter Questions 21/02/11 1. Calculate the circumference 15cm

    Starter Questions 21/02/11 1. Calculate the circumference 15cm

    Find percentage values. 1. Convert percentages to fractions and decimals. 2. Change fraction to percentages. 21/02/11 Created by Mr. Lafferty Maths Dept. Created by Mr. Lafferty Maths Dept. Created by Mr. Lafferty Maths Dept. Created by Mr. Lafferty Maths Dept.
  • Environmental Journalism Notes on an emerging journalism ...

    Environmental Journalism Notes on an emerging journalism ...

    Environmental Journalism JOU 9742 FIMS UWO Bill Kovarik, PhD * Journalism is first rough draft of history, --- History is the description of people and events, also the search for correlation and causation * Professional and scholarly issues / didn't...
  • How orderly was decolonisation? C aim - to identify overall ...

    How orderly was decolonisation? C aim - to identify overall ...

    How orderly was decolonisation? C aim - to identify overall themes, causation and give examples B/A aim - to give an overall argument by drawing out themes, causation and examples Write down key words about what happened to these countries...
  • Title with Background Master, Arial 24 pt

    Title with Background Master, Arial 24 pt

    While in the tractor, the driver should perform the following air brake checks: static air loss (less than 3 PSI per minute for combination vehicles.) pressurized air loss (less than 4 PSI per minute for combination vehicles) low air warning...