Section: New Results

Schedulability of CCSL specifications via SMT

Participants : Frédéric Mallet, Robert de Simone.

The full expressive power of the CCSL language makes it very complex, if not impossible, to also find good, or even optimal, schedules as results of solving the CCSL constraints. Nevertheless, important subclasses can be devised, or efficient heuristics can be attempted. The study of CCSL scheduling decidability and efficient is a long-term source of theoretical developments in the team, here is a record of this year advances, split in two parts.

We have made progress on the inherent complexity of finding a schedule with a general CCSL specification. We have proved that the schedulability problem of CCSL is NP-hard. Then it makes sense to find whether there are still some practical ways to find solutions in specific cases. It turns out that in many cases, we can still find solutions in a reasonable duration. To do so, we have proposed [8] an encoding of CCSL specifications as an SMT (Satisfiability Modulo Theory) specification and we use Z3 and CVC4 as solvers for our experiments. Using a pure SAT solver is not possible for CCSL, as CCSL combines Boolean operations with arithmetics on unbounded integers. Using SMT allows to combine both. This encoding uses a sublogic called UFLIA that relies on quantified variables (boolean or integer), undefined functions on boolean and integers, and linear integer arithmetics. This logics is undecidable in the general case and the use of quantified variables makes it difficult to deal with, but we have found some interesting examples where we still get some results in a reasonable amount of time. We have also tried to identify subdomains where we get interesting results and we have focused on pure real-time schedulability problems. In that context, we showed that the schedulability problem for a set of real-time tasks reduces to the schedulability problem of CCSL specifications with a specific form (to be published).

The Clock Constraint Specification Language (CCSL) is a clock-based specification language for capturing causal and chronometric constraints between events in Real-Time Embedded Systems (RTESs). Due to the limitations of the existing verification approaches, CCSL lacks a full verification support for 'unsafe CCSL specifications' and a unified proof framework. In this paper [18], we propose a novel verification approach based on theorem proving and SMT-checking. We firstly build a logic called CCSL Dynamic Logic (CDL), which extends the traditional dynamic logic with 'signals' and 'clock relations' as primitives, and with synchronous execution mechanism for modelling RTESs. Then we propose a sound and relatively complete proof system for CDL to provide the verification support. We show how CDL can be used to capture RTES and verify CCSL specifications by analyzing a simple case study.