# Towards a Generic Framework for Formal Verification and Performance Analysis of Real-time Scheduling Algorithms

#### Salwa Habbachi, Zhiwu Li, Mohamed khalgui

Macau University of Science and Technology, MUST Macau Institute of System Engineering, MISE

VECoS, September 2020

Salwa Habbachi (MUST/MISE)

Towards a Generic Framework

## General Context

- 2 Preliminaries: UPPAAL framework
- Proposed Formal Model
- 4 Experimental Results
- **5** Conclusion and Perspectives

## Summary

#### General Context

- 2 Preliminaries: UPPAAL framework
- Proposed Formal Model
- 4 Experimental Results
- 5 Conclusion and Perspectives

#### Motivation

- Real-time systems ⇒ Widespread distributed systems ⇒ Critical systems ⇒ Time requirements.
- Variety of daily life applications  $\Rightarrow$  Human safety.
- Multiple components  $\Rightarrow$  **Multi-tasking operations**.
- Set of tasks to be executed  $\Rightarrow$  Real-time tasks scheduling algorithms.
- Scheduling algorithm  $\Rightarrow$  System design (correctness, performance).



## Contribution



-

э

#### Model Checking

- Automatic verification technique of reactive systems.
- Algorithmic method to formally verify that a finite state system satisfies a logical property.



## Summary

#### 1 General Context

#### 2 Preliminaries: UPPAAL framework

- 3 Proposed Formal Model
- 4 Experimental Results
- 5 Conclusion and Perspectives

# **UPPAAL** Framework

#### UPPAAL framework

• A modeling and verification framework of real-time systems that can be represented as timed automaton.



# **UPPAAL** editor

#### Timed automata:

- Finite state machine with clocks.
- Clocks, x
- Invariant,  $(x \leq T)$

#### UPPAAL Model:

- Locations
  - Initial
  - Urgent
  - Committed
  - Normal (all the rest)



< □ > < 凸

∃ ▶ ∢ ∃

# **UPPAAL** editor

#### Timed automata:

- Finite state machine with clocks.
- Clocks. x
- Invariant,  $(x \leq T)$

#### **UPPAAL** Model:

- I ocations
  - Initial
  - Urgent
  - Committed
  - Normal (all the rest)



-

э

#### UPPAAL Model:

- Locations
  - Initial
  - Urgent
  - Committed
  - Normal (all the rest)
- Edges
  - Synchronizations (Channels)
    - Binary synchronization: chan c
    - Urgent synchronization: urgent chan c.
    - Broadcast synchronization: broadcast chan c.
  - Guards
  - Update



< □ > < /□ >

-

#### UPPAAL Model:

#### Locations

- Initial
- Urgent
- Committed
- Normal (all the rest)
- Edges
  - Synchronizations (Channels)
    - Binary synchronization: *chan c*.
    - Urgent synchronization: *urgent chan c*.
    - Broadcast synchronization: broadcast chan c.
  - Guards
  - Update



590

## **UPPAAL** simulator

• Syntactically correct model  $\Rightarrow$  Behavioral simulation  $\Rightarrow$  simulation traces.

| S LIPPAAL                           |           |
|-------------------------------------|-----------|
| File Edit Vew Icols Options Help    |           |
| L = 🗏 ۹ ۹ ۹ % Q 🛥                   | Ъ.        |
| Editor Smulator Verifier            |           |
| Drag out                            | Drag out  |
| gnoled transtons                    | start end |
| Simulation Trace                    |           |
| (start)                             | Process   |
| Process<br>(end)                    | sian      |
| Trace Mile:                         | enci      |
| Prov Host Paplay<br>Opm Save Randsn |           |

# UPPAAL model checker:

• Properties specification and verification.

- Green light (Property satisfied)
- Red light (Property not satisfied)

| UPPAAL<br>E Edit View Tools Options I:                                                        | He                              |                                            |
|-----------------------------------------------------------------------------------------------|---------------------------------|--------------------------------------------|
| te car yev joes goors (                                                                       |                                 |                                            |
| Overview                                                                                      | Verification in progress        |                                            |
| E⇔ Process.end                                                                                | Processing guerry<br>Please war | Check Clic<br>Incert<br>Remove<br>Comments |
| Query                                                                                         |                                 |                                            |
| E+> Process.end                                                                               |                                 |                                            |
| Connert                                                                                       |                                 |                                            |
|                                                                                               |                                 |                                            |
| Retus                                                                                         |                                 |                                            |
| E<> Process.and<br>Established direct connection to loca<br>UPPAAL version 1.0.6 (rev. 2986), |                                 |                                            |

Salwa Habbachi (MUST/MISE)

VECoS, September 2020 11 / 27

# Summary

#### 1 General Context

#### 2 Preliminaries: UPPAAL framework

#### Proposed Formal Model

#### 4 Experimental Results

#### 5 Conclusion and Perspectives

# Modeling and Formulation

- Centralized architecture ⇒ Formal model ⇒ Superposition of 3 layers:
  - Scheduling layer: Dispatcher.
  - Clusters layer: Set of distributed clusters.
  - Processors layer: Set of processors.



Salwa Habbachi (MUST/MISE)

Towards a Generic Framework

#### Modeling and formulation: Processors layer



590

э

## Modeling and formulation: Clusters layer.



Salwa Habbachi (MUST/MISE)

Towards a Generic Framework

VECoS, September 2020 15 / 27

э

## Modeling and formulation: Clusters layer.



Salwa Habbachi (MUST/MISE)

Towards a Generic Framework

VECoS, September 2020

э

15 / 27

## Instantiation: Scheduling layer

#### Scheduling layer $\Rightarrow$ Task assignment policy

The other layers are identical regardless of the scheduling algorithm.



Salwa Habbachi (MUST/MISE)

Towards a Generic Framework

16 / 27

## Instantiation: Scheduling Strategy



Salwa Habbachi (MUST/MISE)

Towards a Generic Framework

VECoS, September 2020

э

17 / 27

# Instantiation: Task-Splitting Strategy



Salwa Habbachi (MUST/MISE)

VECoS, September 2020 18 / 27

## Instantiation: Task-Splitting Strategy



VECoS, September 2020 18 / 27

590

э

# Summary

#### 1 General Context

- 2 Preliminaries: UPPAAL framework
- Proposed Formal Model
- 4 Experimental Results
  - 5 Conclusion and Perspectives

#### **Deadlock Freedom Verification**

#### • UPPAAL Model-Checker $\rightarrow$ Deadlock Freedom

#### A [] not deadlock

| Nbr of components | RR    | RR+Split | SP     | SP+Split |
|-------------------|-------|----------|--------|----------|
| 40                | 1.003 | 1.136    | 1.085  | 1.195    |
| 80                | 3.62  | 4.15     | 4.275  | 4.615    |
| 120               | 13.75 | 14.935   | 14.05  | 15.39    |
| 150               | 24.46 | 24.85    | 25.025 | 26.511   |
| 170               | 29.35 | 30.85    | 31.79  | 34.475   |

TABLE 1: Verification-time (second) of deadlock-freedom when increasing the number of clusters.

TABLE 2: Verification-time (second) of deadlock-freedom when increasing the number of processors.

| Nbr of components | RR     | RR+Split | SP     | SP+Split |
|-------------------|--------|----------|--------|----------|
| 100               | 0.153  | 0.298    | 0.274  | 0.319    |
| 400               | 1.98   | 2.503    | 2.479  | 2.652    |
| 800               | 12.973 | 13.78    | 13.345 | 14.6     |
| 1200              | 33.62  | 35.68    | 35.89  | 38.5     |
| 1400              | 42.94  | 43.65    | 43.29  | 46.576   |

#### Invariant Verification

# UPPAAL Model-Checker → Invariant A[] Pr(Tid, cid).Executing ⇒ (Pr(Tid, cid).x ≤ L[cid].T[Tid].c)



VECoS, September 2020 21 / 27

Image: Image:

## Timing constraints

# • UPPAAL Model-Checker $\rightarrow$ Timing constraints A[]not Pr(Tid, cid).Error

Salwa Habbachi (MUST/MISE)

Towards a Generic Framework

VECoS, September 2020 22 / 27

## Performance Analysis

• Analysis with UPPAAL simulator  $\Rightarrow$  Measure the time required to distribute a set of tasks.



Salwa Habbachi (MUST/MISE)

# Summary

#### 1 General Context

- 2 Preliminaries: UPPAAL framework
- Proposed Formal Model
- 4 Experimental Results
- **5** Conclusion and Perspectives

## Conclusion and Perspectives

#### Conclusion

- Generic framework based on a formal model of task scheduling algorithms.
- Analysis and verification of different properties: deadlock-free, invariant property, etc.

## Conclusion and Perspectives

#### Perspectives

- Propose distributed versions of our formal model.
- Model and analyze new task scheduling protocols based on the same architecture.

o . . .



Image: A matrix

SQC

æ