Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 476 2009-10-2 476 Model-Based Design for Embedded Systems domain model as the input and produces a corresponding TASU model as output. A transformation in GReAT is formed by a sequence of rules, each of which contains a pattern graph [26]. The pattern graph is constructed from the objects defined in the TDL and TASU metamodels. Each pattern graph object is assigned an action to perform on matched objects upon execution of the transformation: bind, createnew,ordelete. The execution of a transformation rule proceeds by finding matches between the pattern graph objects annotated with the bind or delete action and instances in the input and output domain models. Upon the initial dis- covery of a nonempty set of matches, a boolean expression called a Guard can be included in the pattern graph to compare the attributes of the returned matches. Any matches that do not satisfy the Guard condition will not be included in the returned matches. Finally, the remaining matched objects marked as delete are removed and objects marked with the createnew action are created in their respective domain models. Before completion of the rule, the attribute fields of objects in the updated graph can be modified using an AttributeMapping object, for example, to correctly instantiate fields of new objects. The model transformation between the TDL and TASU metamodels pro- vides the mapping from the TDL objects that characterize the temporal behavior of the system to the corresponding TASU structures. The transfor- mation steps are described using the following syntax: TDLo 1 ; o 2 ; ; o n → TASUo 1 ; o 2 ; ; o m (14.48) Each matched set of n objects from the TDL domain found in the input graph is mapped to newly created instances of a set of m objects from the TASU domain. TASU object types in bold font are newly created in the cur- rent step. Each object can also be appended with relevant attribute values, for example, clock.id()= “clock1.” The line following the step number gives a brief description of the object types involved in the transformation step, and parentheses following an object type indicate their respective container object. We shorten TimedAutomaton to TA for brevity. 1. Systems: (Top-Level Objects, only one per model): {System} → {System; clock.id()=" t";} event.id()="time_ev"; constant.id()="epsilon" 2. Modules (System) to TA (System): {Module} → {TA} 3. Modes (Modules) to Locations (TA): {Mode} → {Location; clock.id()=Mode.id() +"_clk"} where the clock created is local to the automaton of the location. The value of this clock is used in all transitions concerning the activities of Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 477 2009-10-2 Semantics of Domain-Specific Modeling Languages 477 the mode, and it will be reset by a transition once its counts up to the mode period value. 4. Transitions and Initial Configuration: (a) Start Mode (Module) to Initial Location (TA): {Mode.StartMode()==true} → {initial.reference() = Location.id()} {Where Location.id() == Mode.id()} (b) Mode Period (Mode) to Transition (TA): {Mode} → {Transition.time_guard() = Mode.ModePeriod(), resets() = self.id()+"_clk"} (c) Mode Switch (Mode) to Transitions (TA): {ModeSwitch} → {Transition.time_guard() = 0, src() = Mode.id(), dst() = ModeSwitch.reference(), resets() = ModeSwitch.reference() + "_clk"} (d) Task (Mode) to Transitions (TA): {Task} n * {Transition.id()="R", time_guard() =n * dur; Transition.id() = "F", time_guard() = (n+1) * dur} Where dur =Mode.ModePeriod/Task.Frequency() and n=Task. Frequency(). The transition with id =“R” denotes a task release for execution, and the other transition with id=“F” denotes a task fin- ishing execution. Notice that we create 2n transitions for each task. A unique transition for release and finish must be created for each execution cycle in a given mode period. (e) Task Reference(Mode) to Transitions (TA): Repeat step 4.d but use TaskReference. Figure 14.21 shows the GReAT transformation responsible for anchoring TDL to the TASU. The first three rules, steps 1–3 above, must be performed in sequence; however, the remaining steps, creating all of the transitions assign- ing the initial locations for each automaton are performed in parallel. Figure 14.22 shows the GReAT transformation rule responsible for creat- ing the mode switch transitions in the TASU. It is an individual element of the overall transformation, shown to illustrate the form of individual rules. The two port objects on the left side of the diagram are bound to Mode and TimedAutomaton objects indicating these are the input context for the rule. Bound objects in a GReAT transformation are black and only contain the small arrow icon in the lower left-hand corner. Objects designated to be newly created are colored in blue and contain a check mark in the lower right-hand corner, the Transition object in the diagram. The rule execution proceeds according to the pseudo-code description in Figure 14.23. An example TDL model and its corresponding TASU ASML data model and execution trace are given in Figures 14.24 through 14.26. The TDL model Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 478 2009-10-2 478 Model-Based Design for Embedded Systems TDL In In In In In In In In In In In In In In In In In In In Out Out Out Out Out Out Out TAML Create_System Module->TA Mode–>Location Mode_Switches StartMode->Initial Mode_Clock_Resets Task_Events_Constants Task_Transitions TaskRef_TransitionsTaskRef_Events_Constants Out Out Out Out FIGURE 14.21 GReAT Transformation from TDL to TASU (top-level rules). Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 479 2009-10-2 Semantics of Domain-Specific Modeling Languages 479 trigger : String String String String String output : resets : time_guard : Loc_src : Location Loc_dst : Location TA : TimedAutomaton In In MS_Tran : Transition AttributeMapping Guard DstTransition SrcTransition 0 x 0 x MS : ModeSwitch Mode_src : Mode MS_reference : Mode StartMode : Boolean= false ModePeriod : Integer StartMode : Boolean= false ModePeriod : Integer Ref Attribute Attribute Old : string New : string Priority : referedbyModeswitch FIGURE 14.22 GReAT Transformation from TDL to TASU (rule for creating mode switch transitions). (Figure 14.24) contains one module, “Count,” two modes, “Up” and “Down,” with period 4, two tasks per mode, “inc” and “dec,” with a frequency given by the field “f,” and each mode contains a Mode Switch specified as the dia- mond shape labeled with the target mode of the switch. The tasks “inc” and “dec” increment and decrement some system datum by 1 during each exe- cution cycle. The mode “Up” will execute the task “inc” more often than “dec”; therefore, the datum will be increasing over time. The converse is true in mode “Down.” The ASML data model representation (Figure 14.25) is generated by an XML parser that traverses the TASU model created by the semantic anchoring transformation. Simulation of this data model using the behavioral code previously described and the ASML interpreter yields an execution trace (Figure 14.26). In the ASML data model code, the transition instantiations are not given to save space; however, their identifiers are included in the TimedAu- tomaton constructor, (e.g., "TUp_inc_r_0", "TUp_Down_sw",etc ).The format of the transition identifier indicates what activity the transition corre- sponds to: "TUp_inc_r_0" means in mode “Up,” the release of task “inc” at mode time 0, "TDown_dec_f_2" means in mode “Down,” the finishing of execution of task “dec” at mode time 2, and "TUp_Down_sw" means the Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 480 2009-10-2 480 Model-Based Design for Embedded Systems 1. Mode_Switches(Mode_src as Mode, TA as TimedAutomaton) 2. // Find TDL matches 3. let match_TDL = {(Mode_src, MS, MS.reference()) | MS in Mode_src.children() 4. where MS.type() == ModeSwitch} 5. // Find TASU matches 6. let match_TASU = {(TA, Loc_src, Loc_dst) | Loc_src, Loc_dst in TA.children() 7. where Loc_src.type() == Location 8. and Loc_dst.type() == Location} 9. // Apply Guard to reduce matches 10. let match_Total = {(m_TDL, m_TASU) | m_TDL in match_TDL and m_TASU in match_TASU 11. where m_TDL.First.id() == m_TASU.Second.id() 12. and m_TDL.Third.id() == m_TASU.Third.id() 13. // Create new transitions and perform attribute mapping 14. forall m in match_Total 15. let MS_Tran = new Transition() 16. MS_Tran.id() = “T” + m.Second.Second.id() + “_” + m.Second.Third.id() 17. MS_Tran.src() = m.Second.Second 18. MS_Tran.dst() = m.Second.Third 19. MS_Tran.time_guard() = m.First.Second.id() + “_clk” == 0 FIGURE 14.23 Pseudo-code for mode switch rule. Off Task T1 p=4 p=4 f=2 f=2 Out Out Out Inp Inp Inp OutInp f=1 f=1 dec inc_mem inc dec_mem dec inc_mem inc dec_mem Up Count Down MS_UpMS_Down T1 Task SwitchInput SwitchrInput Task Task On Off On FIGURE 14.24 TDL sample model. Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 481 2009-10-2 Semantics of Domain-Specific Modeling Languages 481 1. enum Clocks 2. t 3. Up_clk 4. Down_clk 6. global_clocks as Set of Clocks = {t} 7. var g_v as Map of Clocks to Integer = 8. {clki −> 0 | clki in global_clocks} 10. Up = new Location(“Up”) 11. Down = new Location(“Down”) 12. Count = new TimedAutomaton(“Count”, {Up, Down}, Up, 13. {TUp_inc_r_0, TUp_inc_r_2, TUp_inc_f_2, TUp_inc_f_4, 14. TUp_dec_r_0, TUp_dec_f_4, TUp_Down_sw, TUp_clk, 15. TDown_inc_r_0, TDown_inc_f_4, TDown_dec_r_0, 16. TDown_dec_r_2, TDown_dec_f_2, TDown_dec_f_4, 17. TDown_Up_sw, TDown_clk}, {Up_clk, Down_clk}} 18. my_sys = new Comp_System({Count}) FIGURE 14.25 TDL sample code. FIGURE 14.26 TDL sample execution trace. mode switch transition from mode “Up” to mode “Down.” The execution trace shows the simulation output for the following event trace: 1. g_v(t), v(m1_clk, m2_clk) = 3 → {} 2. g_v(t), v(m1_clk, m2_clk) = 4 → {Finish "inc"} 3. g_v(t), v(m1_clk, m2_clk) = 4 → {Finish "dec"} 4. g_v(t), v(m1_clk, m2_clk) = 4 → {Reset "m1_clk"} 5. g_v(t), v(m2_clk) = 4; v(m1_clk) = 0 → {Switch to mode "Down"} Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 482 2009-10-2 482 Model-Based Design for Embedded Systems 14.4.3 Conclusion The effective application of DSMLs for embedded software design requires developers to have an unambiguous specification of the semantics of mod- eling languages. Two key aspects of this problem, specification of structural and behavioral semantics have been explored in this chapter. Our first con- clusion is that structural semantics is a deep and hugely important concept that is frequently neglected. Formal investigations of structural semantics are the foundation for composing modeling languages, investigating struc- turally dynamic adaptive systems, and developing model transformations as well as methods for constructive modeling. In our proposed semantic anchoring framework, behavioral semantics are defined using model transformations. Much of the ongoing work con- cerning the semantic anchoring framework involves topics encountered here and throughout our previous work: the concrete specification of more funda- mental models of computation for behavior and interaction, the construction and derivation of more complex behavioral models through the composi- tion of multiple semantic units, investigation of mechanisms to model vari- ous categories of execution semantics of concurrent systems, and integration of the formalisms throughout the MIC tools to capture the end-to-end pro- cess of specifying and using domain-specific modeling. Concurrently, we are investigating approaches to determine the behavioral equivalences between the “reference traces” generated from an ASML data model of a semantic unit and the implementation generated from instance models of a DSML previously anchored to the semantic unit. Our preliminary investigations have led us to consider integrating a framework for constructing concur- rency models and their corresponding event traces using POMSETs without knowledge of the initial state of the system. The observed traces are formed from an interleaving of the time intervals between observed events and the event labels. Coupling methods derived from such an approach with the event structures of POMSETs may produce novel techniques for determin- ing correct behavior of concurrent system components in deployed real-time embedded systems. Acknowledgments This work is sponsored in part by the National Science Foundation (grants NSF-CCR-0225610 and NSF-CCF-0820088) and by the Air Force Office of Scientific Research, USAF (grants/contract numbers FA9550-06-0312 and FA9550-06-1-0267). The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the Air Force Office of Scientific Research or the U.S. Government. Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 483 2009-10-2 Semantics of Domain-Specific Modeling Languages 483 References 1. H. Aït-Kaci. Warren’s Abstract Machine: A Tutorial Reconstruction.MIT Press, Cambridge, MA, 1991. 2. R. Alur. Timed automata. In N. Halbwachs and D. Peled, editors, Pro- ceedings of the 11th International Conference on Computer Aided Verification, London, LNCS 1633, pp. 8–22, 1999. Springer-Verlag. 3. R. Alur and D. Dill. A theory of timed automata. Theoretical Computer Science, 126(2):183–235, April 1994. 4. Basic Research in Computer Science (Aalborg Univ.) / Dept. of Informa- tion Technology (Uppsala Univ.). Uppaal. http://www.uppaal.com/. Integrated tool environment for modeling, validation and verification of real-time systems. 5. A. Basu, M. Bozga, and J. Sifakis. Modeling heterogeneous real-time com- ponents in BIP. In SEFM ’06: Proceedings of the 4th IEEE International Conference on Software Engineering and Formal Methods, Washington, DC, pp. 3–12, 2006. IEEE Computer Society. 6. Marc V. Benveniste. Writing operational semantics in z: A structural approach. Springer LNCS v. 551: Proceedings of the 4th International Sympo- sium of VDM Europe on Formal Software Development, 1:164–188, 1991. 7. E. Börger and R. Stärk. Abstract State Machines: A Method for High-Level System Design and Analysis. Springer-Verlag, Berlin, 2003. 8. L. P. Carloni, F. De Bernardinis, C. Pinello, A. L. Sangiovanni- Vincentelli, and M. Sgroi. Platform-based design for embedded systems. In R. Zurawski, editor, The Embedded Systems Handbook. CRC Press, Boca Raton, FL, 2005. 9. K. Chen, J. Sztipanovits, and S. Abdelwahed. A semantic unit for timed automata based modeling languages. In Proceedings of RTAS’06,SanJose, CA, pp. 347–360, 2006. 10. K. Chen, J. Sztipanovits, S. Abdelwahed, and E. Jackson. Semantic anchoring with model transformations. In Proceedings of European Confer- ence on Model Driven Architecture-Foundations and Applications (ECMDA- FA), Nuremberg, Germany, 3748 LNCS, pp. 115–129, November 2005. Springer-Verlag. 11. K. Chen, J. Sztipanovits, and S. Neema. Compositional specification of behavioral semantics. In Design, Automation, and Test in Europe: The Most Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 484 2009-10-2 484 Model-Based Design for Embedded Systems Influential Papers of 10 Years DATE, part III, the Netherlands, pp. 253–265, 2008. Springer. 12. K. Chen, J. Sztipanovits, S. Neema, M. Emerson, and S. Abdelwahed. Toward a semantic anchoring infrastructure for domain-specific model- ing languages. In Proceedings of the Fifth ACM International Conference on Embedded Software (EMSOFT’05), Jersey City, NJ, pp. 35–44, September 2005. 13. E. Dantsin, T. Eiter, G. Gottlob, and A. Voronkov. Complexity and expressive power of logic programming. ACM Computing, 33(3):374–425, 2001. 14. C. Daws, A. Olivero, S. Tripakis, and S. Yovine. The tool kronos. In Proceedings of “Hybrid Systems III, Verification and Control”. LNCS 1066, pp. 208–219. Springer-Verlag, New York, 1996. 15. M. Emerson, S. Neema, and J. Sztipanovits. Metamodeling languages and metaprogrammable tools. In I. Lee, J. Leung, and S. H. Son, editors, Handbook of Real-Time and Embedded Systems. CRC Press, Boca Raton, FL, 2006. 16. E. Farcas, C. Farcas, W. Pree, and J. Templ. Transparent distribution of real-time components based on logical execution time. In Proceedings of the 2005 ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES ’05), New York, pp. 31–39, June 2005. ACM Press. 17. Y. Gurevich. Evolving algebra 1993: Lipari guide. In Specification and Val- idation Methods, pp. 9–36. Oxford University Press, New York, 1995. 18. Y. Gurevich, W. Schulte, and M. Veanes. Toward industrial strength abstract state machines. Technical Report MSR-TR-2001-98, Microsoft Research, October 2001. Tools available: http://www.codeplex. com/AsmL. 19. D. Harel and B. Rumpe. Meaningful modeling: What’s the semantics of “semantics”? IEEE Computer, 37(10):64–72, 2004. 20. T. A. Henzinger, C. M. Kirsch, M. A. A. Sanvido, and W. Pree. From control models to real-time code using giotto. Control Systems Magazine, 2(1):50–64, 2003. 21. The MathWorks Inc. Simulink/Stateflow Tools. http://www.math- works.com. 22. Vanderbilt University ISIS. Generic Modeling Environment. http:// www.isis.vanderbilt.edu/projects/gme. Nicolescu/Model-Based Design for Embedded Systems 67842_C014 Finals Page 485 2009-10-2 Semantics of Domain-Specific Modeling Languages 485 23. E. Jackson and J. Sztipanovits. Formalizing the structural semantics of domain-specific modeling languages. Journal of Software and Systems Mod- eling, 4:1–28, 2009. 24. E. K. Jackson and J. Sztipanovits. Towards a formal foundation for domain specific modeling languages. Proceedings of the Sixth ACM Inter- national Conference on Embedded Software (EMSOFT’06), Seoul, South Korea, pp. 53–62, October 2006. 25. E. Jackson, W. Schulte, and J. Sztipanovits. The power of rich syn- tax for model-based development. Technical Report MSR-TR-2008-86, Microsoft Research, June 2008. 26. G. Karsai, A. Agrawal, and F. Shi. On the use of graph transformations for the formal specification of model interpreters. Journal of Universal Computer Science, 9(11):1296–1321, November 2003. 27. G. Karsai, A. Ledeczi, S. Neema, and J. Sztipanovits. The model- integrated computing toolsuite: Metaprogrammable tools for embedded control system design. In Proceedings of the IEEE Joint Conference CCA, ISIC and CACSD, Munich, Germany, September 2006. 28. G. Karsai, J. Sztipanovits, A. Ledeczi, and T. Bapty. Model-integrated development of embedded software. Proceedings of the IEEE, 91(1):145– 164, January 2003. 29. Edward A. Lee and Alberto L. Sangiovanni-Vincentelli. A denota- tional framework for comparing models of computation. Technical Report UCB/ERL M97/11, EECS Department, University of California, Berkeley, CA, 1997. 30. S. McConnell. Rapid Development: Taming Wild Software Schedules. Microsoft Press, Redmond, WA, 1996. 31. Object Management Group. Mda guide version 1.0.1. Technical Report omg/2003-06-01, 2003. 32. Object Management Group. Unified modeling language: Superstructure version 2.0, 3rd revised submission to omg rfp. Technical report, 2003. 33. Object Management Group. Object constraint language v2.0. Technical report, 2006. 34. K. Ogata. Modern Control Engineering. Prentice-Hall, Inc., Englewood Cliffs, NJ, 1970. 35. D. S. Scott. Outline of a mathematical theory of computation. Technical Report Technical Monograph PRG ˝ U2, Programming Research Group, Oxford University, 1970. . "Down"} Nicolescu /Model-Based Design for Embedded Systems 67842_C014 Finals Page 482 2009-10-2 482 Model-Based Design for Embedded Systems 14.4.3 Conclusion The effective application of DSMLs for embedded. semantics. In Design, Automation, and Test in Europe: The Most Nicolescu /Model-Based Design for Embedded Systems 67842_C014 Finals Page 484 2009-10-2 484 Model-Based Design for Embedded Systems Influential. "TUp_Down_sw" means the Nicolescu /Model-Based Design for Embedded Systems 67842_C014 Finals Page 480 2009-10-2 480 Model-Based Design for Embedded Systems 1. Mode_Switches(Mode_src as