Section: New Results

Semantics and Implementation of Hybrid System Modelers

Hybrid systems modelers have become the corner stone of embedded system development, with Simulink  (http://www.mathworks.fr/products/simulink/index.html ) a de facto standard and Modelica  (https://modelica.org/ ) a new player. They allow both discrete controllers and their continuous environments to be expressed in a single language. Despite the availability of such tools, there remain a number of issues related to the lack of reproducibility of simulations and to the separation of the continuous part, which has to be exercised by a numerical solver, from the discrete part, which must be guaranteed not to evolve during a step. Such tools still raise a number of issues that, we believe, require more fundamental understanding.

In collaboration with Albert Benveniste and Benoit Caillaud (INRIA Rennes) we have proposed using non standard analysis as a semantic domain for hybrid systems. Non standard analysis is an extension of classical analysis in which infinitesimals can be manipulated as first class citizens. This allows us to provide a denotational semantics and a constructive semantics for hybrid systems, thus establishing simulation engines on a firm mathematical basis. In passing, we cleanly separate the job of the numerical analyst (solving differential equations) from that of the computer scientist (generating execution schemes).

• In late 2010, we presented in 49th Conference on Design and Control in 2010  [11] the use of non standard semantics as a semantical ground for a hybrid synchronous language.

• Since the, we have extended this work in the following directions: 1/ a synchronous Kahn semantics for hybrid programs. Programs are viewed as synchronous ones running on an infinitely fast discrete base clock of the form $\mathrm{𝐵𝑎𝑠𝑒𝐶𝑙𝑜𝑐𝑘}\left(\partial \right)=\{n\partial \mid n\in {}^{☆}\mathbb{N}\}$, with infinitesimal step $\partial$ and ${}^{☆}\mathbb{N}$ the non-standard extension of $\mathbb{N}$. 2/ the definition of a standardization principle that gives sufficient conditions for a hybrid program to be standardizable. Under these conditions, the semantics corresponds to the semantics using super-dense time  [44] , [40] , [42] for hybrid systems defined in  [10] . 3/ a large amount of experimentations with Simulink to illustrate some of its pitfalls concerning in particular the treatment of zero-crosing cascades. This work is detailled in a long paper appearing in the Journal of Computer Science and Systems [1] , in 2011.

• Starting from a minimal, yet full-featured, Lustre-like synchronous language, we have proposed a conservative extension where data-flow equations can be mixed with ordinary differential equations (ODEs) with possible reset. A type system is proposed to statically distinguish discrete computations from continuous ones and to ensure that signals are used in their proper domains. The extended data-flow language is realized through a source-to-source transformation into a synchronous subset, which can then be compiled using existing tools into routines that are both efficient and bounded in their use of memory. These routines are orchestrated with a single off-the-shelf numerical solver using a simple but precise algorithm which treats causally-related cascades of zero-crossings. We have validated the viability of the approach through experiments with the SUNDIALS  (https://computation.llnl.gov/casc/sundials/main.html ) library. The basis of this work has been presented at the ACM International Conference on Languages, Compilers, Theory of Embedded Systems, 2011 [3] .

• This work shows that it is possible to define a language which combines both the expressiveness of synchronous a synchronous language and that of ODEs where continuous solvers are approximated by a black-box solver. The most noticiable result was to recycle several techniques developed for synchronous languages: Kahn semantics, compilation techniques, static analysis. During year 2011, we extended the basic language with with hierarchical automata. This work has been presented at the ACM International Conference on Embedded Software, 2011 [2] .

• In parallel with these theoretical works, M. Pouzet and T. Bourke have developed during year 2011 a new synchronous language and its compiler. The language, called Zelus , extends a synchronous language with ODEs. It is first-order, functional and which mixes continuous-time and discrete-time signals. The expressiveness is that of (the first-order subset of) Lucid Synchrone (e.g., type inference and polymorphism, mix of data-flow and hierarchical automata) and ODEs with possible reset. Continuous trajectories are computed by a black-box numerical solver and we made our experiments with SUNDIALS.