The precision of a worst case execution time (WCET) evaluation tool on a given program is highly ... more The precision of a worst case execution time (WCET) evaluation tool on a given program is highly dependent on how the tool is able to detect and discard semantically infeasible executions of the program. In this paper, we propose to use the classical abstract interpretation-based method of linear relation analysis to discover and exploit relations between execution paths. For this purpose, we add auxiliary variables (counters) to the program to trace its execution paths. The results are easily incorporated in the classical workflow of a WCET evaluator, when the evaluator is based on the popular implicit path enumeration technique. We use existing tools - a WCET evaluator and a linear relation analyzer - to build and experiment a prototype implementation of this idea.
This paper describes a method to verify safety properties of parameterized networks of processes ... more This paper describes a method to verify safety properties of parameterized networks of processes deÿned by network grammars. The method is based on the construction of a network invariant, deÿned as a ÿxpoint. We propose heuristics, based on Cousot's extrapolation techniques (widening), which often allow suitable invariants to be automatically constructed. We successively consider linear and binary tree networks. These techniques have been implemented in a veriÿcation tool, and several non-trivial examples are presented.
Programming and Verifying Critical Systems by Means of the Synchronous Data-Flow Programming Languag
Tse, 1991
We investigate the benefits of using a synchronous dataflow language for programming critical rea... more We investigate the benefits of using a synchronous dataflow language for programming critical real-time systems. These benefits concern ergonomy — since the dataflow approach meets traditional description tools used in this domain —, and ability to support formal design and verification methods. We show, on a simple example, how the language LUSTRE and its associated verification tool LESAR, can be
This paper presents the language Lutin and its operational semantics. This language specifically ... more This paper presents the language Lutin and its operational semantics. This language specifically targets the domain of reactive systems, where an execution is a (virtually) infinite sequence of input/output reactions. More precisely, it is dedicated to the description and the execution of constrained random scenarios. Its first use is for test sequence specification and generation. It can also be useful
Proceedings of the 14th International Conference on Embedded Software - EMSOFT '14, 2014
Static timing analysis aims at computing a guaranteed upper bound to the Worst-Case Execution Tim... more Static timing analysis aims at computing a guaranteed upper bound to the Worst-Case Execution Time (WCET) of a program. It requires both an accurate modeling of the hardware, and a precise analysis of the program in order to reject infeasible executions (in particular, all infinite ones). For the actual computation of the worst-case execution, most of the existing tools and methods are based on the Implicit Path Enumeration Technique (IPET), which consist in encoding this search into a numerical optimization problem (Integer Linear Programming, ILP). An interest of this approach is that it naturally integrates the loop bounds. It also allows to implicitly prune infeasible paths, as far as they can be expressed using linear constraints. Several works on the subject are using this ability in order to enhance the WCET estimation: they identify specific property patterns (e.g., implications, exclusions) and propose ad hoc translation into numerical constraints. The goal of this paper is to go further than ad hoc reasoning by proposing a general method for translating infeasibility in terms of numerical constraints. It does not address the problem of finding infeasible paths, only the one of characterizing them as precisely as possible. Moreover the paper aims at exploring the limits of the method, and thus, it does not try to enhance the result using additional methods (e.g., graph transformation).
This paper addresses the problem of building a Boolean dataflow network (sequential circuit) reco... more This paper addresses the problem of building a Boolean dataflow network (sequential circuit) recognizing the language described by a regular expression. The main result is that both the construction time and the size of the resulting network are linear with respect to the size of the regular expression.
Efficient compilation of a synchronous declarative language: LUSTRE-V 3 code generator(Compilation efficace d'un langage declaratif synchrone: Le generatuer de code LUSTRE-V 3)(Ph. D. Thesis)
V??rification de programmes synchrones avec Lustre/Lesar
... D ans les ann??es 90, des m ??thodes de preu ve par exploration de m odele (m odel-checking) ... more ... D ans les ann??es 90, des m ??thodes de preu ve par exploration de m odele (m odel-checking) ont ??t?? utilis??es avec succes dans des ... d'ex??cution, ce qui im-pliq ue: ??? la n??cessit?? d'un d'ex ??cutif complex e (OS temps-r??el, primitive de communica-tion/synch ronisation), ??? la diffi ...
Messieurs Nicolas Halbwachs, Directeur de Recherche au CNRS, et Pascal Raymond, Charg e de Recher... more Messieurs Nicolas Halbwachs, Directeur de Recherche au CNRS, et Pascal Raymond, Charg e de Recherche au CNRS, qui ont dirig e cette th ese et sans lesquels ce travail n'aurait pu aboutir. Je les remercie en particulier pour leur grande comp etence, leur disponibilit e, et le soutien qu'ils m'ont apport e durant ces trois ann ees.
Uploads
Papers by Pascal Raymond