We present a model-based design approach toward correct-by-construction implementations of reactive streaming software for multi-core systems. A system’s implementation is derived from a high-level process network model by applying semantics-preserving model transformations. The so-called fixed priority process networks (FPPNs) are programmed independently from the execution platform and combine streaming and reactive control behavior with task parallelism for utilizing multi-core processing. We first define the FPPN sequential execution semantics that specifies precedence constraints between job executions of different tasks. Applications are thus rendered such that for any given test stimuli, a deterministic output response is expected. Furthermore, we define the FPPN real-time semantics based on a timed-automata modeling framework. This is provably a functionally equivalent semantics specifying the real-time execution of FPPNs and enabling runtime managers for scheduling jobs on multi-cores. A model transformation framework has been developed for deriving executable implementations of FPPNs on the BIP (Behavior–Interaction–Priority) runtime environment, ported on multi-core platforms. Schedulability is established by static analysis of the FPPN, and it is guaranteed by construction. Thus, the developers do not need to program low-level real-time OS services (e.g., for task management) and applications are amenable to testing, as opposed to if their outputs would depend on timing behavior. We have successfully ported a guidance-navigation and control application of a satellite system, onto a radiation hardened multi-core platform. Various implementation scenarios for efficiently utilizing HW resources are illustrated, and the test results are discussed.
Read full abstract