Transcript Modular Specification of Hybrid Systems in CHARON V. Kumar, I. Lee

Modular Specification of
Hybrid Systems in CHARON
R. Alur, R. Grosu, Y. Hur,
V. Kumar, I. Lee
University of Pennsylvania
SDRL and GRASP
Software Framework for the
Deployment of Multiple Robots
1. High-level modeling language
–
–
–
–
platform independent
hierarchical and modular
specify modes and constraints
hierarchical and sequential composition of modes
parallel composition of agents
Software Framework for the
Deployment of Multiple Robots
2. Tools for design, programming, and analysis
– simulation and execution
– analysis and optimization
– automated generation of code
3. Demonstrate on multiple coordinating robots
Challenges in Coordinating Multiple Robots
• Large number of modes
– Individual modes are
well understood, but not
their interaction.
• Software design
– modes are designed
bottom up.
– coordination protocols
are traditionally designed
top down.
Charon Framework Architecture
CHARON Code
(High level language)
Charon to Java Translator
Drivers
Java
Libraries
Java Code
Control Code Generator
Simulator Code Generator
Human Interface
Analysis
Charon Language
• Individual components described as agents
– Composition, Instantiation, and Hiding
• Individual behaviors described as modes
– Encapsulation, Instantiation, and Scoping
• Support for concurrency
– Shared variables as well as message passing
• Support for discrete and continuous behavior
• Well-defined formal semantics
Robot Team Approaching a Target
T
Architectural Hierarchy
write diff analog position pos1, pos2
class position { float x; float y;}
Robots
pos1
pos2
Monitor
Variables Specifiers
Range: discrete/analog
Computation: diff/alg
Access: read/write/local
Architectural Hierarchy
Robots
r1Est1
Robots
pos1
r1Est2
pos2
Robot1
Monitor
pos1
r2Est1
r2Est2
Robot2
pos2
Behavioral Hierarchy
pos = target
local diff analog timer
awTarget arrive atTarget
r2Est1
r2Est2
r1Est1
Robot1
dPlan
iAway
dTimer
timer = 1
.
pos.x = v * cos(phi)
.
pos.y
= v * sin(phi) = 0
timer/updateFreq
r1Est2
.
dStop
iAt
pos
moving
dSteer
aOmega
iFreq
omega = k * (theta – phi)
sense
move
sensing
dStop
iConst
arrive
Related Work
Hybrid automata [ACH+95]
• Analysis, model checkers HyTech [AHH96, HHW95]
• No compositional models, no hierarchy
I/O automata [LSVW96] and Hybrid Modules [AH97]
Charon
is a models
modeling language for hybrid systems
• Compositional
reflecting
the
current state of the art both in
• No behavioral
hierarchy
formal
object
methods (UML)
SHIFT and
[DGS97]
and oriented
HyCharts [GSB98]
• Allow hierarchic specification of hybrid behavior
• No concern for modular simulation
UML [BJR97]and (hybrid) Statecharts [Har87]
• Hierarchical but not modular
Stateflow
• Hierchic specification but only for dynamic behavior
Modular Simulation
• Goal
– Simulation is efficient and accurate
– Integration of modes at different time scales
– Integration of agents at different time scales
• Modes are simulated using local information
– Submodes are regarded as black-boxes
– Submodes are simulated independently of other ones
• Agents are simulated using local information
– Agents are regarded as black-boxes
– Agents are simulated independently of other ones
The Simulator
1. Pick up the agents with minimum
and second minimum reached time.
time
2. Compute the time round interval d
for the minimum agent, such that its
absolute time may exceed with at most
dt the time reached by the second one
t+dt
d
e
t
Agents
A1 A2 A3
3. The agent executes a time round.
This ends before d if the invariants of
the agent were violated. Then, an
actual time increment would be e.
4. The agent executes an update round
to synchronize the discrete variables
with the analog ones.
5. The state of the agent get visible
to other agents
Time Round of a Mode (Agent)
.
x
.
y
d, xInv
dt, yInv
.
1. Get integration time d and invariants
from the supermode (or the scheduler).
2. While (time t = 0; t <= d) do:
- Simplify all invariants.
- Predict integration step dt based on d
and the invariants.
z
- Execute time round of the active submode
and get state s and time elapsed e.
e, sz
t+e, sy
- Integrate for time e and get new state s.
- Return s and t+e if invariants were violated.
- Increment t = t+e.
3. Return s and d
Update Round of a Mode (Agent)
• Innermost transitions
have higher priority
awTarget
moving
sense
move
sensing
arrive
atTarget
• Default transitions are
taken if all other
transitions are disabled
• Group transitions start
at the default exit points
• Transitions to history
are transitions to the
default entry point
Hysteresis Example
.y = 2u
x1 < a
x2 = -1
.
Env
x1 = u
u
inc
Hyst
up
dec
-1
-(a+2)
a+2
inc
1
dec
dX1
a
dY
iStrM
aStrM
s2u
dX1
-a
strMinus
dY
iUp
aUp
u2p
strPlus
dY
iStrP
aStrP
# of integrations
Global vs Modular Simulation
45000
40000
35000
30000
25000
20000
15000
10000
5000
0
Modular
Global
0.0005
0.001
0.0015
Integration Step
0.002
Modular Simulation Error
Maximum Error
0.035
0.03
0.025
0.02
0.015
0.01
0.005
0
0
0.001
0.002
0.003
Sampling Rate
0.004
0.005
Current Implementation Status
CHARON Specification
• Work to date
CHARON Parser
Syntax Tree
Type
Checker
– CHARON semantics
– Parser for CHARON
– Internal representation
• Current work
Internal Representation Generator
Internal Representation
Control Code
Generator
Simulator
Generator
– Type checker
– Modular simulation scheme
– Internal representation
generator
Model Checker
Ongoing Research
• Distributed simulation
• Accurate event detection
• And modes and And/Or hierarchies
• Exploiting the hierarchy in model checking
Wrap-Up
• Charon is a language for embedded systems
reflecting the current state of the art both
in formal and object oriented methods (UML)
• Its explicit support for a mixed visual/textual
notation should improve communication among
the various communities involved in an embedded
system project.