Section: New Results

From affine-related dataflow models to Safety-critical Java

Participants : Adnan Bouakaz, Jean-Pierre Talpin, Jan Vitek.

The objective of this work is to investigate a dataflow concurrency model in order to help specifying, analyzing, and synthesizing functionally deterministic and schedulable SCJ applications. Indeed, the SCJ shared-memory concurrency model makes proving functional determinism and schedulability of applications quite hard if not impossible.

The new model is called the firing related dataflow (FRDF) model in which actors are connected to each other by means of bounded channels. The operational semantics of this model is based on the notion of firing relations. Each actor is associated with a firing clock (an infinite set of activation ticks). The proportionality of the rates of two clocks is expressed by a firing relation. A special and enough expressive case of firing relations is the class of affine relations. Some results about the canonical form of affine relations are already developed by the ESPRESSO team.

Our first study was about synthesizing affine relations between firing clocks in such a way that overflow and underflow exceptions cannot occur during execution. This synthesis is conducted by minimizing the overall of buffer sizes. It is proven that the operational semantics of the dataflow graph based on the computed affine relations is equivalent to the Kahn semantics. This implies that functional determinism is guaranteed.

The previous analysis step (called affine relations synthesis) aims to produce an abstract schedule of the dataflow graph. The computed schedule is abstract in the sense that it is independent from the implementation code of actors and from the target machine. Executing the graph on a mono-processor system using EDF scheduling algorithm is investigated in our study. We synthesize the timing characteristics of each actor (i.e. its period and phase) in such a way the set of tasks is schedulable. In this timing synthesis, we use the worst-case execution times computed from the Java implementation code of actors.

Our objective is to automatically generate a SCJ application from a dataflow specification. Currently, we work on increasing the expressivity of the underlying dataflow model together with providing the necessary analysis tool for generating deterministic and schedulable SCJ code.