Reliable Scripting Using Push Logic David Greaves Daniel

Зарегистрируйтесь, чтобы просмотреть полный документ!

Reliable Scripting Using Push Logic David Greaves, Daniel Gordon University of Cambridge Computer Laboratory Djg@cl. cam. ac. uk

Push Logic – Scripting Language A declarative bytecode with runtime system. Various compilers envisaged, one developed so far. Specifies timed automata using idempotent executable rules. Controls streams, sensors and actuators. Supports a dynamic population of devices and scripts. Automated formal checking (CTL) - At compile time - At load time - (Optionally) at run time Source code looks like C++/Java.

Mechanism View of Push Logic • All variables can have safe values defined for them. • Controlled devices can fail or self-reset to a safe value. • Controlling scripts are reversible, so that a failure feeds back to the control source in a defined way. • Feedback form is intrinsic or explicit. • System behaves like a ‘mechanism’: both the controller and the controlled can push on each other.

$Restrictions • All integrators must be inside differentiators: if (x != x_last) { sum$

Restrictions • All integrators must be inside differentiators: if (x != x_last) { sum : = sum + 1; x_last : = x } • All pointer, arithmetic and time calculations must be compile-time decidable. • Dynamic allocation only performed at bundle load time. • All assertions are in CTL.

Compilation Method • Parse input file(s). • Break threads into arcs at blocking primitives. • Guard each arc by a runtime program counter being set to a label constant and create rules to update the program counters. • Repeated symbolic evaluation of arc set until fixed point reached. • Perform bundle checks using internal model checker. • Generate declarative bytecode bundle, containing a mix of – Executable rules (v: = e, …) – CTL assertions (always, live, until, …).

Push Logic Compile/bind/ execute Flow diagram Source Form 1 Compile Time Checker Bundle Checker Device bindings Semantic Web Load Time Checker (Run Time Checker) Source Form 1 Source Form 2 Compiler 1 Object bundle Re. Hydration Bound bundle Execution Platform Source Form 2 Compiler 2 Object bundle Re. Hydration Bound bundle Execution Platform Object bundle Re. Hydration Bound bundle Domain of participation Execution Platform network

Compile-Time Checks • Safe Value Check – There exists a setting of the variables where each is in a safe state and all executable rules hold. • Rule Consistency – No two rules will try to set the same variable to different values at any one time. • Idempotency Check – No ring of rules exists that causes an observable output to oscillate when rules are obeyed more than once with the same input settings. • Push Back Check – For any unilateral change in any output, to any safe value of that output, internal variables or inputs to the bundle can be changed, again to safe values, so that all rules hold • User’s Embedded and Imported CTL Expressions – Safety, liveness and until assertions may be embedded in the source. These are checked against a Herbrand-style interpretation of the bundle, so that any number of concurrently loaded bundles are sure to be consistent.

Current Status • Implemented on top of a distributed tuple space paradigm for distributed computing. • Compiler built (10 K lines of SML and C++). • Runtime system runs on Linux, raw PC motherboards and our Molly cards. • Various applications and embedded devices constructed. • GUI for interactive monitoring/debugging.

Future Work (Sept 05) • Re-hydration stage not implemented. • Domain checker not implemented. • Compilation of bytecode to ROM-able machine code (new Ph. D student). • Some larger examples need exploration. • Find industrial collaborator who might use it ? Thankyou David Greaves.

Скачать презентацию Reliable Scripting Using Push Logic David Greaves Daniel

23d0ee30a2218db528133f261c181d68.ppt

Количество слайдов: 9