Towards a Platform for Widespread Embedded Intelligence - ERCIM
Towards a Platform for Widespread Embedded Intelligence - ERCIM
Towards a Platform for Widespread Embedded Intelligence - ERCIM
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Formally Bounded <strong>Embedded</strong> Systems<br />
by Kevin Hammond<br />
The EU-funded EmBounded project aims to develop new techniques <strong>for</strong> providing<br />
<strong>for</strong>mal guarantees on resource usage bounds. It is a collaborative project between<br />
AbsInt GmbH, a high-tech company specialising in high integrity real-time systems,<br />
and academic partners in the UK, France and Germany.<br />
A major difficulty with constructing<br />
embedded systems is that the available<br />
system resources (processor, computer<br />
memory, power) are necessarily<br />
restricted due to cost and other considerations.<br />
If it were possible to determine<br />
strong bounds on the use of such<br />
resources, then potentially there would<br />
be significant benefits in terms of manufacturing<br />
cost, reliability and per<strong>for</strong>mance.<br />
However, determining such<br />
bounds automatically is a difficult<br />
problem and doing so manually is<br />
becoming impracticable as embedded<br />
software increases in complexity.<br />
The EmBounded project, led by Dr<br />
Kevin Hammond at the University of St<br />
Andrews, aims to research this problem.<br />
Our vision is one where certificates of<br />
the bounds on resource usage can be<br />
obtained from a source program, through<br />
automatic program analysis, independently<br />
of the usual software compilation<br />
process. These certificates may then be<br />
verified using <strong>for</strong>mal proof techniques<br />
based on a program logic that captures<br />
the meaning and behaviour of programs.<br />
The EmBounded project builds on<br />
European strengths in programming language<br />
design, program analysis and<br />
embedded applications. Our work is<br />
embound, v.<br />
poet. arch.<br />
trans. To set bounds to; to confine, contain, hem in.<br />
Hence embounded ppl. a.<br />
1595 SHAKESPEARE: The Life and Death of King John IV. iii 137<br />
That sweete breath which was embounded in this beauteous clay.<br />
The 'EmBounded' vision.<br />
SPECIAL THEME: <strong>Embedded</strong> <strong>Intelligence</strong><br />
based around a new domain-specific<br />
programming language notation, Hume,<br />
that aims to find an optimum point<br />
between good programming abstraction<br />
and the ability to derive good cost in<strong>for</strong>mation.<br />
Hume embeds a rule-based<br />
notation <strong>for</strong> sequential computations<br />
within a finite-state-machine-based notation<br />
<strong>for</strong> concurrency control. The process<br />
notation is designed to be easily<br />
tractable to standard analyses such as<br />
model-checking <strong>for</strong> deadlock detection;<br />
while the rule-based notation is designed<br />
so that we can easily expose in<strong>for</strong>mation<br />
about cost. Hume is designed to be practical<br />
as well as having interesting language<br />
properties. Prototype implementations<br />
of Hume produced at Heriot-Watt<br />
University can run in less than 30KB on<br />
a standalone Renesas M32C development<br />
board, with minimal dynamic<br />
memory requirements,<br />
depending on the end-application.<br />
To date, project researchers at<br />
Ludwig-Maximilians-<br />
Universität, München, and St<br />
Andrews University have developed<br />
new theoretical models of<br />
bounded resource usage <strong>for</strong><br />
dynamic memory and time metrics<br />
based on Hume program<br />
source. They have related these<br />
<strong>for</strong>mally to the underlying<br />
machine operations using an<br />
abstract-machine approach. We<br />
are now constructing automatic<br />
analyses based on these models<br />
that will expose resource constraints<br />
and other program properties<br />
in our program logic. This<br />
will give a good model of program<br />
cost based on the program<br />
structure.<br />
In order to obtain accurate in<strong>for</strong>mation<br />
about time usage on a<br />
specific computer architecture,<br />
we are using the aiT tool developed<br />
by AbsInt GmbH to provide<br />
precise and guaranteed timing<br />
costs <strong>for</strong> fragments of machine<br />
code programs. This low-level<br />
<strong>ERCIM</strong> News No. 67, October 2006 45