Difference between pages "D32 Code generation" and "D32 General Platform Maintenance"

From Event-B
(Difference between pages)
Jump to navigationJump to search
imported>Andy
 
imported>Tommy
 
Line 1: Line 1:
'''THIS DOCUMENT IS NOT YET COMPLETE !!!'''
+
= Overview =
 +
The main goal of the platform corrective and evolutive maintenance is to fix the listed known bugs, and implement some new requested features. As in the previous years of Deploy, these bugs and features are reported either by mail or through dedicated SourceForge trackers.
  
== General Overview ==
+
The terse list below gives an overwiew of the noteworthy features added in the main platform during the past year:
 +
* Proof replay of undischarged POs (releases 1.3 and upper)
 +
: It often happens, while modifying a model, that a set of previously manually discharged POs are slightly changed and need to be discharged again. However, replaying the proof for those POs could most of the time be enough to discharge it. Hence, a command was added to manually try replaying the proofs for a set of undischarged POs. This request was expressed by [https://sourceforge.net/tracker/?func=detail&aid=2949606&group_id=108850&atid=651672 end users]. See [http://wiki.event-b.org/index.php/Proof_Obligation_Commands].
 +
* Rule Details View (releases 2.0 and upper)
 +
: When doing an interactive proof, one is guided by the proof tree appearing on the proof tree view. However, it is sometimes needed to get more informations about the rules being involved in a proof, such as instantiation details, hidden hypotheses, etc. The [http://wiki.event-b.org/index.php/Rodin_Proving_Perspective#Rule_Details_View Rule Details View] displaying such details has been added.
 +
* Refactoring plug-in (releases 1.2 and upper)
 +
:
 +
* Documentation
 +
: Plug-in developers expressed their need to get a detailed documentation about Rodin extension ability. A dedicated [http://wiki.event-b.org/index.php/Plug-in_Tutorial tutorial] has been written accordingly, and was the support of a training session given at the [http://www.event-b.org/rodin10.html Rodin User and Developer Workshop] in Düsseldorf this year.
  
The code generation activity has been undertaken at the University of Southampton. This has been a new line of work for DEPLOY that was not identified in the original Description of Work for the project. The development of the approach, and the tools to support, it involved a number of team members at Southampton; and also at other institutions. This work draws on our recent experience with technologies such as ''Shared Event Decomposition'' <ref name = "SharedEventDecomp">http://wiki.event-b.org/index.php/Event_Model_Decomposition</ref>, and the ''EMF Framework for Event-B'' <ref name = "EMF4EventB">http://wiki.event-b.org/index.php/EMF_framework_for_Event-B</ref>. There was collaboration at an early stage with Newcastle University, where we explored the commonalities between their flow plug-in <ref name = "flow">http://wiki.event-b.org/index.php/Flows </ref> and the algorithmic structures used in our approach. Collaboration with the University of York was also established since we chose to use their ''Epsilon'' <ref name = "Epsilon"> http://www.eclipse.org/gmt/epsilon/</ref> model-to-model transformation technology.
+
See the [http://wiki.event-b.org/index.php/D23_General_Platform_Maintenance#Available_Documentation Release Notes] and the [http://wiki.event-b.org/index.php/D23_General_Platform_Maintenance#Available_Documentation SourceForge] databases (bugs and feature requests) for details about the previous and upcoming releases of the Rodin platform.
  
== Motivations ==
+
= Motivations =
 +
The evolutive maintenance (resp. corrective maintenance) has its origin in the Deploy project's description of work, and the various requests (resp. bug reports) listed by WP1-4 partners, developers and users. Since the Deploy project's birth, various streams can be used to express feature requests or track an encountered bug :
 +
: - [http://wiki.event-b.org/index.php/D23_General_Platform_Maintenance#Available_Documentation dedicated trackers],
 +
: - mail to the deploy user list, etc.
 +
During the WP9 meetings, maintenance tasks to perform are being given a priority and are assigned to an according WP9 partner (as mentionned in the D23). The higher priority is given to WP partners requests.
 +
The following table describes the tasks motivating the maintenance that has been done during the last Deploy project's year, as well as scheduled tasks :
  
The decision was taken in 2009 to include code generation as a project goal <ref name = "d23"> http://wiki.event-b.org/index.php/D23_Code_Generation </ref>. It had been recognised that support for generation of code from refined Event-B models would be an important factor in ensuring eventual deployment of the DEPLOY approach within their organisations. This was especially true for Bosch and Space Systems Finland (SSF). After receiving more detailed requirements from Bosch and SSF, it became clear we should focus our efforts on supporting the generation of code for typical real-time embedded control software.
+
{{SimpleHeader}}
 
 
== Choices / Decisions ==
 
=== Strategic Overview ===
 
During the last year we have focussed on supporting the generation of code for typical real-time embedded control software. To this end we have evolved a multi-tasking approach which is conceptually similar to that of the Ada tasking model. Individual tasks are treated as sequential programs; these tasks are modelled by an extension to Event-B, called ''Tasking Machines''.  Tasks have mutually exclusive access to state variables through the use of protected resources. The protected resources correspond to Event-B machines. For real-time control, periodic and one-shot activation is currently supported; and it is planned to support aperiodic tasks in the near future. Tasks have priorities to ensure appropriate responsiveness of the control software. For the DEPLOY project, it was regarded as sufficient to support construction of programs with a fixed number of tasks and a fixed number of shared variables – no dynamic creation of processes or objects has been accommodated.
 
 
 
Our main goal this year has been to devise an approach for, and provide tool support for, code generation. In accord with the resources available during the year it was decided to limit the provision of tool support to that of a demonstrator tool. The tool is a proof-of-concept only, and lacks the productivity enhancements expected in a more mature tool. Nevertheless much insight has been gained in undertaking this work; it lays a foundation for future research, and will be useful since it will allow interested parties to explore the approach.
 
 
 
=== The Tasking Extension for Event-B ===
 
 
 
The following text can be read in conjunction with the slides<ref name = "Zurich2010Slides">http://bscw.cs.ncl.ac.uk/bscw/bscw.cgi/d108734/Andy%20Edmunds%20-%20Code%20Generation%20Slides.pdf</ref> from the Deploy Plenary Meeting - Zurich 2010.
 
 
 
Tasking Event-B can be viewed as an extension of the existing Event-B language. We use the existing approaches of refinement and decomposition to structure a development that is suitable for construction of a Tasking Development. At some point during the modelling phase parameters may have to be introduced to facilitate decomposition. This constitutes a natural part of the refinement process as it moves towards decomposition and on to the implementation level. During decomposition parameters form part of the interface that enables event synchronization. We make use of this interface and add information (see [[#Events For Tasking]]) to facilitate code generation.
 
 
 
A Tasking Development is generated programmatically, at the direction of the user; the Tasking Development consists of a number of machines (and perhaps associated contexts). In our approach we make use of the Event-B EMF extension mechanism which allows addition of new constructs to a model. The tasking extension consists of the constructs in the following table.
 
 
 
<center>
 
{| border="1"
 
|Construct
 
|Options
 
|-
 
|Machine Type
 
|DeclaredTask, AutoTask, SharedMachine
 
|-
 
|Control
 
|Sequence, Loop, Branch, EventSynch
 
|-
 
|Task Type
 
|Periodic(n), Triggered, Repeating, OneShot
 
 
|-
 
|-
|Priority
+
! scope=col | Type || Origin || Maintenance Task || Done || Scheduled
| -
+
|-
 +
|Documentation || Plug-in developers  || Rodin Extension documentation || x ||  
 +
|-  
 +
| || end users || Meaning of Retry auto-provers / Recalculate auto-status || x ||
 
|-
 
|-
|Event Type
+
|Corrective Maintenance || || ||
|Branch, Loop, ProcedureDef, ProcedureSynch
+
|-
|-
+
|Evolutive Maintenance || || ||
|Parameter Type
+
|- || || ||
|ActualIn, ActualOut, FormalIn, FormalOut
+
|- || || ||  
 
|}
 
|}
</center>
 
 
The machines in the Tasking Development are extended with the constructs shown in the table, and may be viewed as keywords in a textual representation of the language. With extensions added, a Tasking Development can be translated to a common language model for mapping to implementation source code. There is also a translator that constructs new machines/contexts modelling the implementation, and these should refine/extend the existing elements of the Event-B project.
 
 
=== Tasking Machines ===
 
The following constructs relate only to Tasking Machines, and provide implementation details. Timing of periodic tasks is not modelled formally. Tasking Machines are related to the concept of an Ada task. These can be implemented in Ada using tasks, in C using the pthread library C, or in Java using threads.
 
 
* Tasking Machines may be characterised by the following types:
 
** AutoTasks - Singleton Tasks.
 
** Declared tasks - (Not currently used) A task template relating to an Ada ''tasktype'' declaration.
 
** TaskType - Defines the scheduling, cycle and lifetime of a task. i.e. one-shot periodic or triggered.
 
** Priority - An integer value is supplied, the task with the highest value priority takes precedence when being scheduled.
 
 
=== Shared Machines ===
 
A Shared Machine corresponds to the concept of a protected resource, such as a monitor. They may be implemented in Ada as a Protected Object, in C using mutex locking, or in Java as a monitor.
 
 
* Applied to the Shared Machine we have:
 
** A SharedMachine ''keyword'' that identifies a machine as a Shared Machine.
 
 
=== More Details ===
 
==== Control Constructs ====
 
Each Tasking Machine has a ''task body'' which contains the flow control, or algorithmic, constructs.
 
 
* We have the following constructs available in the Tasking Machine body:
 
** Sequence - for imposing an order on events.
 
** Branch - choice between a number of mutually exclusive events.
 
** Loop - event repetition while it's guard remains true.
 
** Event Synchronisation - synchronization between an event in a Tasking Machine and an event in a Shared Machine.
 
** Event wrappers - The event synchronization construct is contained in an event wrapper. The wrapper may also contain a single event (we re-use the synchronization construct, but do not use it for this purpose). The event may belong to the Tasking Machine, or to a Shared Machine that is visible to the task. Single events in a wrapper correspond to a subroutine call in an implementation.
 
 
==== Events In Tasking Developments ====
 
Event implementation. Branch, Loop, ProcedureSych, ProcedureDef
 
 
Event parameter types. FormalIn FormalOut, ActualIn, ActualOut
 
 
* In Shared Machines:
 
** events can only be designated as ProcedureDef or ProcedureSynch.
 
** parameters of ProcedureSynch can only be FormalIn or FormalOut
 
 
* In procedureDef
 
** parameters are not allowed.
 
 
=== Other Technical Issues ===
 
 
Meta-models: The use of Epsilon for translation.
 
 
=== The Deliverable ===
 
The demonstrator tool was released on 30 November 2010, and is available as an update site, or bundled Rodin package from:
 
https://sourceforge.net/projects/codegenerationd/files
 
 
Sources are available from:
 
https://codegenerationd.svn.sourceforge.net/svnroot/codegenerationd
 
 
The tool is based on a build of Rodin 1.3.1 (not Rodin 2.0.0 due to dependency conflicts).
 
 
* The Code Generation tool consists of,
 
** a Tasking Development Generator.
 
** a Tasking Development Editor (Based on an EMF Tree Editor).
 
** a translator, from Tasking Development to Common Language Model (IL1).
 
** a translator, from the Tasking Development to Event-B model of the implementation.
 
** a pretty-printer for the Tasking Development.
 
** a pretty-printer for Common Language Model, which generates Ada Source Code.
 
 
== Available Documentation ==
 
 
 
Much insight was gained during the work on code generation reported in the thesis ''Providing Concurrent Implementations for Event-B Developments'' <ref name="aeThesis">http://eprints.ecs.soton.ac.uk/20826/</ref>
 
 
Tooling issues were reported in a paper ''Tool Support for Event-B Code Generation''
 
<ref name = "toolSupport">http://eprints.ecs.soton.ac.uk/20824/</ref>
 
which was presented at ''Workshop on Tool Building in Formal Methods'',
 
http://abzconference.org/
 
 
There are technical notes available <ref name = "techNotes">http://wiki.event-b.org/images/Translation.pdf</ref>, that give more precise details of the approach and the mapping between Event-B and the common language meta-model, and its corresponding Event-B model.
 
 
=== For users ===
 
 
There is a wiki page at http://wiki.event-b.org/index.php/Code_Generation_Activity
 
  
There is a tutorial at http://wiki.event-b.org/index.php/Code_Generation_Tutorial
+
= Choices / Decisions =
  
== Planning ==
+
---MAC plat 3.6
  
This paragraph shall give a timeline and current status (as of 28 Jan 2011).
+
= Available Documentation =
 +
As in the previous D23 delivrable, the following pages give useful information about the Rodin platform releases:
 +
* Release notes.
 +
: See [http://wiki.event-b.org/index.php/Rodin_Platform_Releases Rodin Platform Releases].
 +
: More details are provided in the notes distributed with each release (eg. [http://sourceforge.net/project/shownotes.php?release_id=693928]).
 +
* Bugs.
 +
: See [http://sourceforge.net/tracker/?atid=651669&group_id=108850].
 +
* Feature requests.
 +
: See [http://sourceforge.net/tracker/?group_id=108850&atid=651672].
  
== References ==
+
= Planning =
 +
The [http://wiki.event-b.org/index.php/D23_General_Platform_Maintenance#Available_Documentation Rodin Platform Releases] wiki page lists in particular the upcoming releases and give the scheduled release dates.
  
<references/>
+
[[Category:D32 Deliverable]]

Revision as of 17:39, 4 November 2010

Overview

The main goal of the platform corrective and evolutive maintenance is to fix the listed known bugs, and implement some new requested features. As in the previous years of Deploy, these bugs and features are reported either by mail or through dedicated SourceForge trackers.

The terse list below gives an overwiew of the noteworthy features added in the main platform during the past year:

  • Proof replay of undischarged POs (releases 1.3 and upper)
It often happens, while modifying a model, that a set of previously manually discharged POs are slightly changed and need to be discharged again. However, replaying the proof for those POs could most of the time be enough to discharge it. Hence, a command was added to manually try replaying the proofs for a set of undischarged POs. This request was expressed by end users. See [1].
  • Rule Details View (releases 2.0 and upper)
When doing an interactive proof, one is guided by the proof tree appearing on the proof tree view. However, it is sometimes needed to get more informations about the rules being involved in a proof, such as instantiation details, hidden hypotheses, etc. The Rule Details View displaying such details has been added.
  • Refactoring plug-in (releases 1.2 and upper)
  • Documentation
Plug-in developers expressed their need to get a detailed documentation about Rodin extension ability. A dedicated tutorial has been written accordingly, and was the support of a training session given at the Rodin User and Developer Workshop in Düsseldorf this year.

See the Release Notes and the SourceForge databases (bugs and feature requests) for details about the previous and upcoming releases of the Rodin platform.

Motivations

The evolutive maintenance (resp. corrective maintenance) has its origin in the Deploy project's description of work, and the various requests (resp. bug reports) listed by WP1-4 partners, developers and users. Since the Deploy project's birth, various streams can be used to express feature requests or track an encountered bug :

- dedicated trackers,
- mail to the deploy user list, etc.

During the WP9 meetings, maintenance tasks to perform are being given a priority and are assigned to an according WP9 partner (as mentionned in the D23). The higher priority is given to WP partners requests. The following table describes the tasks motivating the maintenance that has been done during the last Deploy project's year, as well as scheduled tasks :


Type Origin Maintenance Task Done Scheduled
Documentation Plug-in developers Rodin Extension documentation x
end users Meaning of Retry auto-provers / Recalculate auto-status x
Corrective Maintenance
Evolutive Maintenance

Choices / Decisions

---MAC plat 3.6

Available Documentation

As in the previous D23 delivrable, the following pages give useful information about the Rodin platform releases:

  • Release notes.
See Rodin Platform Releases.
More details are provided in the notes distributed with each release (eg. [2]).
  • Bugs.
See [3].
  • Feature requests.
See [4].

Planning

The Rodin Platform Releases wiki page lists in particular the upcoming releases and give the scheduled release dates.

Retrieved from ‘https://wiki.event-b.org/index.php?title=D32_Code_generation&oldid=2358