Verification of Weakly - Hard Re - quirements on Quasi - Synchronous Systems

The synchronous approach to reactive systems, where time evolves by globally synchronized discrete steps, has proven successful for the design of safetycritical embedded systems. Synchronous systems are often distributed over asynchronous architectures for reasons of performance or physical constraints of the application. Such distributions typically require communication and synchronization protocols to preserve the synchronous semantics. In practice, protocols often have a significant overhead that may conflict with design constraints such as maximum available buffer space, minimum reaction time, and robustness. The quasi-synchronous approach considers independently clocked, synchronous components that interact via communication-by-sampling or FIFO channels. In such systems we can move from total synchrony, where all clocks tick simultaneously, to global asynchrony by relaxing constraints on the clocks and without additional protocols. Relaxing the constraints adds different behaviors depending on the interleavings of clock ticks. In the case of data-flow systems, one behavior is different from another when the values and timing of items in a flow of one behavior differ from the values and timing of items in the same flow of the other behavior. In many systems, such as distributed control systems, the occasional difference is acceptable as long as the frequency of such differences is bounded. We suppose hard bounds on the frequency of deviating items in a flow with, what we call, weakly-hard requirements, e.g., the maximum number deviations out of a given number of consecutive items. We define relative drift bounds on pairs of recurring events such as clock ticks, the occurrence of a difference or the arrival of a message. Drift bounds express constraints on the stability of clocks, e.g., at least two ticks of one per three consecutive ticks of the other. Drift bounds also describe weakly-hard requirements. This thesis presents analyses to verify weakly-hard requirements and infer weakly-hard properties of basic synchronous data-flow programs with asynchronous communication-by-sampling when executed with clocks described by drift bounds. Moreover, we use drift bounds as an abstraction in a performance analysis of stream processing systems based on FIFO-channels. 2 te l-0 09 25 62 6, v er si on 1 8 Ja n 20 14