A Proposal for Verified Code Generation from Modelica

Similar documents
Clock-directed Modular Code-generation for Synchronous Data-flow Languages

State Machines in OpenModelica

A Synchronous-based Code Generator For Explicit Hybrid Systems Languages

Synchronous Kahn Networks (ten years later)

Lecture 2. The SCADE Language Data Flow Kernel. Daniel Kästner AbsInt GmbH 2012

Synchronous Specification

Programming Embedded Systems

Synchronous Control and State Machines in Modelica

An Introduction to Lustre

Modeling Kernel Language (MKL)

Modelica Change Proposal MCP-0019 Flattening (In Development) Proposed Changes to the Modelica Language Specification Version 3.

Type-based Initialization Analysis of a Synchronous Data-flow Language

Extensible Modeling Languages

System Verilog Tagged Unions and Pattern Matching

INTEGRATING SYSTEM AND SOFTWARE ENGINEERING FOR CERTIFIABLE AVIONICS APPLICATIONS

Processadors de Llenguatge II. Functional Paradigm. Pratt A.7 Robert Harper s SML tutorial (Sec II)

The PCAT Programming Language Reference Manual

Program Abstractions, Language Paradigms. CS152. Chris Pollett. Aug. 27, 2008.

Using SCADE to Develop Mission-critical High-quality Radar Application Software

Compiler Theory. (Semantic Analysis and Run-Time Environments)

Reasoning About Imperative Programs. COS 441 Slides 10

Mutable References. Chapter 1

Tutorial and Reference Manual

Featherweight Java (FJ)

Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.

System-On-Chip Architecture Modeling Style Guide

SCADE System, a comprehensive toolset for smooth transition from Model-Based System Engineering to certified embedded control and display software

CS205: Scalable Software Systems

SCADE S E M I N A R I N S O F T W A R E E N G I N E E R I N G P R E S E N T E R A V N E R B A R R

A Formally Verified Compiler for Lustre

Computing Fundamentals 2 Introduction to CafeOBJ

Begin at the beginning

A Model-Based Reference Workflow for the Development of Safety-Related Software

Verifying a Lustre Compiler Part 2

CHAPTER 8. Copyright Cengage Learning. All rights reserved.

Testing. Lydie du Bousquet, Ioannis Parissis. TAROT Summer School July (TAROT 2009)

CIM-Compliant Model-to-Model Transformation

CSCE 314 TAMU Fall CSCE 314: Programming Languages Dr. Flemming Andersen. Haskell Functions

Z Notation. June 21, 2018

DATABASE AUTOMATION USING VBA (ADVANCED MICROSOFT ACCESS, X405.6)

Variables and Bindings

Meta-Programming with Modelica. Model Transformations

G Programming Languages - Fall 2012

A Conservative Extension of Synchronous Data-flow with State Machines

The Lustre Language Synchronous Programming Pascal Raymond, Nicolas Halbwachs Verimag-CNRS

A Library for Synchronous Control Systems in Modelica

Certification Authorities Software Team (CAST) Position Paper CAST-25

JavaScript. Training Offer for JavaScript Introduction JavaScript. JavaScript Objects

Semantic Analysis. Lecture 9. February 7, 2018

EECS 4313 Software Engineering Testing. Topic 05: Equivalence Class Testing Zhen Ming (Jack) Jiang

Programming Language Concepts, cs2104 Lecture 04 ( )

Lexical Considerations

Lecture 3. The SCADE Language Data Flow Kernel. Daniel Kästner AbsInt GmbH 2012

EXPRESSING REQUIREMENTS IN MODELICA

Programming Languages

The Substitution Model

Programming the Simulink Standard Library with Zélus: experience report 1

Programming Languages Lecture 14: Sum, Product, Recursive Types

On Meaning Preservation of a Calculus of Records

Side note: Tail Recursion. Begin at the beginning. Side note: Tail Recursion. Base Types. Base Type: int. Base Type: int

Informal Semantics of Data. semantic specification names (identifiers) attributes binding declarations scope rules visibility

Type Checking. Outline. General properties of type systems. Types in programming languages. Notation for type rules.

Tail Recursion: Factorial. Begin at the beginning. How does it execute? Tail recursion. Tail recursive factorial. Tail recursive factorial

COMP Parallel Computing. CC-NUMA (2) Memory Consistency

Zélus, a Synchronous Language with ODEs 1

The Synchronous Languages 12 Years Later

Outline. General properties of type systems. Types in programming languages. Notation for type rules. Common type rules. Logical rules of inference

CSI33 Data Structures

Simulation and Verification of Timed and Hybrid Systems

The SPL Programming Language Reference Manual

Types. Type checking. Why Do We Need Type Systems? Types and Operations. What is a type? Consensus

Material: Specification and Reasoning. Book: Logic in Computer Science, M.Huth, M.Ryan, Cambridge University Press. Lectures mondays here,

Programming Languages

CIS 341 Final Examination 4 May 2017

CS558 Programming Languages

Axiomatic Specification. Al-Said, Apcar, Jerejian

Generation of Functional Mock-up Units from Causal Block Diagrams

Pattern-Oriented Development with Rational Rose

CMSC 330: Organization of Programming Languages. Operational Semantics

System Verilog Tagged Unions and Pattern Matching

Recap: Functions as first-class values

MATVEC: MATRIX-VECTOR COMPUTATION LANGUAGE REFERENCE MANUAL. John C. Murphy jcm2105 Programming Languages and Translators Professor Stephen Edwards

Garbage In/Garbage SIGPLAN Out

An Evolution of Mathematical Tools

SMURF Language Reference Manual Serial MUsic Represented as Functions

The essence of dataflow programming

An Approach to the Generation of High-Assurance Java Card Applets

Operational Semantics. One-Slide Summary. Lecture Outline

Functions in C C Programming and Software Tools

Introduction to Scientific Computing Languages

11/6/17. Functional programming. FP Foundations, Scheme (2) LISP Data Types. LISP Data Types. LISP Data Types. Scheme. LISP: John McCarthy 1958 MIT

INSTITUTE OF AERONAUTICAL ENGINEERING

Software Testing. 1. Testing is the process of demonstrating that errors are not present.

Operational Semantics of Cool

02157 Functional Programming Lecture 2: Functions, Basic Types and Tuples

CSc 520 Principles of Programming Languages

Formal semantics of loosely typed languages. Joep Verkoelen Vincent Driessen

Tool Qualification Plan for Testwell CTC++

Programming in C. main. Level 2. Level 2 Level 2. Level 3 Level 3

Verification by Static Analysis

Transcription:

A Proposal for Verified Code Generation from Modelica Bernhard Thiele PELAB Linköping University 04. February 2015-9th MODPROD Workshop on Model-Based Product Development 1 / 22

Goals of this presentation Explain motivation for verified code generation. Introduce ACG-Modelica a proposal for a restricted Modelica subset for high-integrity code generation. Present a mapping of an ACG-Modelica subset to a synchronous data-flow kernel language for safety-related applications. 2 / 22

Safety-Related Model-Based Software Development Safety-related: Software failure may damage the environment, injure or kill people. = The risk stemming from such software needs to be reduced to a reasonable level. Consequences for development tools: Requirement to provide use-case dependent evidence for software tool suitability (Tool Qualification, see e.g., ISO 26262). = Particularly, validation of code generation from models. 3 / 22

Safety-Related Model-Based Software Development Safety-related: Software failure may damage the environment, injure or kill people. = The risk stemming from such software needs to be reduced to a reasonable level. Consequences for development tools: Requirement to provide use-case dependent evidence for software tool suitability (Tool Qualification, see e.g., ISO 26262). = Particularly, validation of code generation from models. 3 / 22

How to safeguard generated code? Two basic approaches: 1 Use generated code as if it was hand-generated: = Code is passed into the usual assurance process, i.e., code needs to be well-structured and obey reasonable guidelines for hand-generated code, code reviews on generated code. + No need for costly code generator qualification. Requires costly V&V efforts on generated code. 2 Use a certified/qualified code generator: = Need to provide evidence about tool suitability for the respective use-case. + Eliminates (some) V&V efforts on generated code, e.g., code reviews are done solely on model level rather than on embedded C source code level. Requires code generator qualification. 4 / 22

How to safeguard generated code? Two basic approaches: 1 Use generated code as if it was hand-generated: = Code is passed into the usual assurance process, i.e., code needs to be well-structured and obey reasonable guidelines for hand-generated code, code reviews on generated code. + No need for costly code generator qualification. Requires costly V&V efforts on generated code. 2 Use a certified/qualified code generator: = Need to provide evidence about tool suitability for the respective use-case. + Eliminates (some) V&V efforts on generated code, e.g., code reviews are done solely on model level rather than on embedded C source code level. Requires code generator qualification. 4 / 22

Consequences for Modelica Code Generation Generate readable code, particularly for support of 1 approach. Restrict language to ease qualification efforts, particularly for support of 2 approach. Bernhard Thiele, Stefan-Alexander Schneider, Pierre R. Mai. A Modelica Sub- and Superset for Safety-Relevant Control Applications. In 9 th Int. Modelica Conference, Munich, Germany, September 2012. Modelica Language High-Level Application Model Environment Model Specification Model sample(..) Plant Reference Qualifiable Modelica Subset Enrichment with implementation details hold(..) Code Generation Model Following presentation extends that previous work. 5 / 22

Consequences for Modelica Code Generation Generate readable code, particularly for support of 1 approach. Restrict language to ease qualification efforts, particularly for support of 2 approach. Bernhard Thiele, Stefan-Alexander Schneider, Pierre R. Mai. A Modelica Sub- and Superset for Safety-Relevant Control Applications. In 9 th Int. Modelica Conference, Munich, Germany, September 2012. Modelica Language High-Level Application Model Environment Model Specification Model sample(..) Plant Reference Qualifiable Modelica Subset Enrichment with implementation details hold(..) Code Generation Model Following presentation extends that previous work. 5 / 22

ACG-Modelica Proposal for a restricted language subset for high-integrity automatic code generation Restrict the valid language elements, e.g.: Clocked Variables Exclusivity: Only discrete-time clocked partitions as introduced in Modelica 3.3, Chapter Synchronous Language Elements are allowed. Restricted set of allowed keywords, operators and built-in functions (e.g., Only about 50% of the Modelica keywords are maintained). 6 / 22

ACG-Modelica Proposal for a restricted language subset for high-integrity automatic code generation Restrict the valid language elements, e.g.: Clocked Variables Exclusivity: Only discrete-time clocked partitions as introduced in Modelica 3.3, Chapter Synchronous Language Elements are allowed. Restricted set of allowed keywords, operators and built-in functions (e.g., Only about 50% of the Modelica keywords are maintained). 6 / 22

ACG-Modelica Proposal for a restricted language subset for high-integrity automatic code generation Simplified Modifications: Only one level of nesting supported (e.g., b(c=2) is OK, a(b(c=2)) is NOK). Causal data-flow semantics: Single variable (the unknown) is at the left-hand side and a flow expression is at the right-hand side (e.g., a = b c is valid while a + b = 0 or a 2 = b is invalid). Additional rules for the graphical representation to achieve semantical unambiguousness at the graphical layer. 7 / 22

ACG-Modelica Proposal for a restricted language subset for high-integrity automatic code generation Simplified Modifications: Only one level of nesting supported (e.g., b(c=2) is OK, a(b(c=2)) is NOK). Causal data-flow semantics: Single variable (the unknown) is at the left-hand side and a flow expression is at the right-hand side (e.g., a = b c is valid while a + b = 0 or a 2 = b is invalid). Additional rules for the graphical representation to achieve semantical unambiguousness at the graphical layer. 7 / 22

ACG-Modelica Proposal for a restricted language subset for high-integrity automatic code generation Simplified Modifications: Only one level of nesting supported (e.g., b(c=2) is OK, a(b(c=2)) is NOK). Causal data-flow semantics: Single variable (the unknown) is at the left-hand side and a flow expression is at the right-hand side (e.g., a = b c is valid while a + b = 0 or a 2 = b is invalid). Additional rules for the graphical representation to achieve semantical unambiguousness at the graphical layer. 7 / 22

Why Modular Code Generation Should be Supported Modular Code Generation: Preserve modularity of a block instance at source code level. Improves traceability between model and generated code. Facilitates to generate code that is is well-structured and obeys similar guidelines as hand-generated code. Allows straight forward separate compilation (advantage in respect to scalability and protection of intellectual property). Potentially decreased size of code footprint (block reusable function). 8 / 22

Why Modular Code Generation Should be Supported Modular Code Generation: Preserve modularity of a block instance at source code level. Improves traceability between model and generated code. Facilitates to generate code that is is well-structured and obeys similar guidelines as hand-generated code. Allows straight forward separate compilation (advantage in respect to scalability and protection of intellectual property). Potentially decreased size of code footprint (block reusable function). 8 / 22

Why Modular Code Generation Should be Supported Modular Code Generation: Preserve modularity of a block instance at source code level. Improves traceability between model and generated code. Facilitates to generate code that is is well-structured and obeys similar guidelines as hand-generated code. Allows straight forward separate compilation (advantage in respect to scalability and protection of intellectual property). Potentially decreased size of code footprint (block reusable function). 8 / 22

Why Modular Code Generation Should be Supported Modular Code Generation: Preserve modularity of a block instance at source code level. Improves traceability between model and generated code. Facilitates to generate code that is is well-structured and obeys similar guidelines as hand-generated code. Allows straight forward separate compilation (advantage in respect to scalability and protection of intellectual property). Potentially decreased size of code footprint (block reusable function). 8 / 22

Why Modular Code Generation Should be Supported Modular Code Generation: Preserve modularity of a block instance at source code level. Improves traceability between model and generated code. Facilitates to generate code that is is well-structured and obeys similar guidelines as hand-generated code. Allows straight forward separate compilation (advantage in respect to scalability and protection of intellectual property). Potentially decreased size of code footprint (block reusable function). 8 / 22

Translation to a Synchronous Data-Flow Kernel (SDFK) Goal Mapping of ACG-Modelica to a synchronous data-flow kernel language for which compilation techniques are known that are well-understood and accepted by certification authorities. Approach: 1 Define a representative language kernel for ACG-Modelica (further denoted as macg-modelica). 2 Define a set of formal translation equations from macg-modelica to SDFK. Argue that the semantics of macg-modelica are defined in terms of that translation (translational semantics). Reasoning If translation exists it opens up a path to a qualifiable compiler for ACG-Modelica. 9 / 22

Translation to a Synchronous Data-Flow Kernel (SDFK) Goal Mapping of ACG-Modelica to a synchronous data-flow kernel language for which compilation techniques are known that are well-understood and accepted by certification authorities. Approach: 1 Define a representative language kernel for ACG-Modelica (further denoted as macg-modelica). 2 Define a set of formal translation equations from macg-modelica to SDFK. Argue that the semantics of macg-modelica are defined in terms of that translation (translational semantics). Reasoning If translation exists it opens up a path to a qualifiable compiler for ACG-Modelica. 9 / 22

Translation to a Synchronous Data-Flow Kernel (SDFK) Goal Mapping of ACG-Modelica to a synchronous data-flow kernel language for which compilation techniques are known that are well-understood and accepted by certification authorities. Approach: 1 Define a representative language kernel for ACG-Modelica (further denoted as macg-modelica). 2 Define a set of formal translation equations from macg-modelica to SDFK. Argue that the semantics of macg-modelica are defined in terms of that translation (translational semantics). Reasoning If translation exists it opens up a path to a qualifiable compiler for ACG-Modelica. 9 / 22

Translation to a Synchronous Data-Flow Kernel (SDFK) Goal Mapping of ACG-Modelica to a synchronous data-flow kernel language for which compilation techniques are known that are well-understood and accepted by certification authorities. Approach: 1 Define a representative language kernel for ACG-Modelica (further denoted as macg-modelica). 2 Define a set of formal translation equations from macg-modelica to SDFK. Argue that the semantics of macg-modelica are defined in terms of that translation (translational semantics). Reasoning If translation exists it opens up a path to a qualifiable compiler for ACG-Modelica. 9 / 22

The SDFK target language The synchronous data-flow kernel is presented in: D. Biernacki, J.-L. Colaço, G. Hamon, and M. Pouzet. Clock-directed modular code generation for synchronous data-flow languages. SIGPLAN Not., 43(7):121 130, June 2008. That article: Describes modular code generation from that kernel into imperative code. basic calculus that is powerful enough to express any Lustre program. The principles presented in this article are implemented in the RELUC compiler of SCADE/LUSTRE and experimented on industrial real-size examples. The commercial Lustre-based Scade tool provides a code generator, KCG, that already has been successfully qualified for safety-critical applications. 10 / 22

The SDFK target language The synchronous data-flow kernel is presented in: D. Biernacki, J.-L. Colaço, G. Hamon, and M. Pouzet. Clock-directed modular code generation for synchronous data-flow languages. SIGPLAN Not., 43(7):121 130, June 2008. That article: Describes modular code generation from that kernel into imperative code. basic calculus that is powerful enough to express any Lustre program. The principles presented in this article are implemented in the RELUC compiler of SCADE/LUSTRE and experimented on industrial real-size examples. The commercial Lustre-based Scade tool provides a code generator, KCG, that already has been successfully qualified for safety-critical applications. 10 / 22

The SDFK target language The synchronous data-flow kernel is presented in: D. Biernacki, J.-L. Colaço, G. Hamon, and M. Pouzet. Clock-directed modular code generation for synchronous data-flow languages. SIGPLAN Not., 43(7):121 130, June 2008. That article: Describes modular code generation from that kernel into imperative code. basic calculus that is powerful enough to express any Lustre program. The principles presented in this article are implemented in the RELUC compiler of SCADE/LUSTRE and experimented on industrial real-size examples. The commercial Lustre-based Scade tool provides a code generator, KCG, that already has been successfully qualified for safety-critical applications. 10 / 22

The SDFK target language The synchronous data-flow kernel is presented in: D. Biernacki, J.-L. Colaço, G. Hamon, and M. Pouzet. Clock-directed modular code generation for synchronous data-flow languages. SIGPLAN Not., 43(7):121 130, June 2008. That article: Describes modular code generation from that kernel into imperative code. basic calculus that is powerful enough to express any Lustre program. The principles presented in this article are implemented in the RELUC compiler of SCADE/LUSTRE and experimented on industrial real-size examples. The commercial Lustre-based Scade tool provides a code generator, KCG, that already has been successfully qualified for safety-critical applications. 10 / 22

The SDFK target language The synchronous data-flow kernel is presented in: D. Biernacki, J.-L. Colaço, G. Hamon, and M. Pouzet. Clock-directed modular code generation for synchronous data-flow languages. SIGPLAN Not., 43(7):121 130, June 2008. That article: Describes modular code generation from that kernel into imperative code. basic calculus that is powerful enough to express any Lustre program. The principles presented in this article are implemented in the RELUC compiler of SCADE/LUSTRE and experimented on industrial real-size examples. The commercial Lustre-based Scade tool provides a code generator, KCG, that already has been successfully qualified for safety-critical applications. 10 / 22

Multi-Level Translation Approach Translation to SDFK is achieved in two steps: 1 Normalization of macg-modelica (source-to-source transformation) 1 Generation of connection equations. (will omit that) 2 Strip parameter modifications, normalize component modifications and extract component dot accesses appearing in expressions. 3 Create a fresh block that instantiates the top-level block as a component with normalized component modifications. (will omit that) 2 Translation to SDFK Normalization and translation are defined as a set of mutually recursive functions. This talk: No formal equations, just the basic ideas. 11 / 22

Multi-Level Translation Approach Translation to SDFK is achieved in two steps: 1 Normalization of macg-modelica (source-to-source transformation) 1 Generation of connection equations. (will omit that) 2 Strip parameter modifications, normalize component modifications and extract component dot accesses appearing in expressions. 3 Create a fresh block that instantiates the top-level block as a component with normalized component modifications. (will omit that) 2 Translation to SDFK Normalization and translation are defined as a set of mutually recursive functions. This talk: No formal equations, just the basic ideas. 11 / 22

Multi-Level Translation Approach Translation to SDFK is achieved in two steps: 1 Normalization of macg-modelica (source-to-source transformation) 1 Generation of connection equations. (will omit that) 2 Strip parameter modifications, normalize component modifications and extract component dot accesses appearing in expressions. 3 Create a fresh block that instantiates the top-level block as a component with normalized component modifications. (will omit that) 2 Translation to SDFK Normalization and translation are defined as a set of mutually recursive functions. This talk: No formal equations, just the basic ideas. 11 / 22

Multi-Level Translation Approach Translation to SDFK is achieved in two steps: 1 Normalization of macg-modelica (source-to-source transformation) 1 Generation of connection equations. (will omit that) 2 Strip parameter modifications, normalize component modifications and extract component dot accesses appearing in expressions. 3 Create a fresh block that instantiates the top-level block as a component with normalized component modifications. (will omit that) 2 Translation to SDFK Normalization and translation are defined as a set of mutually recursive functions. This talk: No formal equations, just the basic ideas. 11 / 22

Multi-Level Translation Approach Translation to SDFK is achieved in two steps: 1 Normalization of macg-modelica (source-to-source transformation) 1 Generation of connection equations. (will omit that) 2 Strip parameter modifications, normalize component modifications and extract component dot accesses appearing in expressions. 3 Create a fresh block that instantiates the top-level block as a component with normalized component modifications. (will omit that) 2 Translation to SDFK Normalization and translation are defined as a set of mutually recursive functions. This talk: No formal equations, just the basic ideas. 11 / 22

Normalization Parameter and Component Modifications Parameter modifications in a class are stripped away: block PI parameter Real kd = Td * 2 ; parameter Real Td = 0. 1 ; end PI ; block PI parameter Real kd ; parameter Real Td ; end PI ; All parameters of an instantiated class are extracted, merged with applicable instance modifications and introduced as new parameters with a modification expression: block A parameter Real k ; parameter Real Td=0. 2 ; PI p i ( Td=Td ) ; end A ; block A parameter Real k ; parameter Real Td ; parameter Real _pi_kd=_pi_td * 2 ; parameter Real _pi_td=td ; PI p i ( kd=_pi_kd, Td=_pi_Td ) ; end A ; 12 / 22

Normalization Parameter and Component Modifications Parameter modifications in a class are stripped away: block PI parameter Real kd = Td * 2 ; parameter Real Td = 0. 1 ; end PI ; block PI parameter Real kd ; parameter Real Td ; end PI ; All parameters of an instantiated class are extracted, merged with applicable instance modifications and introduced as new parameters with a modification expression: block A parameter Real k ; parameter Real Td=0. 2 ; PI p i ( Td=Td ) ; end A ; block A parameter Real k ; parameter Real Td ; parameter Real _pi_kd=_pi_td * 2 ; parameter Real _pi_td=td ; PI p i ( kd=_pi_kd, Td=_pi_Td ) ; end A ; 12 / 22

Normalization Extract Component Dot Accesses Component dot accesses in RHS equations are extracted: block PI input Real u ; output Real y ; equation y = u ; end PI ; block A output Real y ; PI p i ; equation p i. u = 3; y = pi.y + 2; end A ; block PI input Real u ; output Real y ; equation y = u ; end PI ; block A output Real y ; PI p i ; Real _t1; equation p i. u = 3; _t1 = pi.y; y = _t1 + 2; end A ; 13 / 22

Translation of Normalized PI to SDFK Inputs + Parameters without mod. node input arguments Outputs node return values Delays + start values initialized delay (0 fby x) block PI input Real u ; output Real y ; parameter Real kd ; parameter Real Td ; Real x ( s t a r t = 0 ) ; equation x = previous ( x ) + u / Td ; y = kd * ( x + u ) ; end PI ; node PI ( Td : real, kd : real, u : r e a l ) = y : r e a l with var x : r e a l in x = 0 fby x + u / Td and y = kd * ( x + u ) 14 / 22

Translation of Normalized A to SDFK Parameters with mod. Local var + equation Instance mod. + dot-access Function like node instance call block A input Real ua ; output Real ya ; parameter Real k ; parameter Real Td ; parameter Real _pi_kd=_pi_td*2; parameter Real _pi_td=td; PI pi(kd=_pi_kd, Td=_pi_Td); Real _t1 ; equation pi.u = ua * k ; _t1 = pi.y ; ya = _t1 ; end A ; node A ( Td : real, k : real, ua : r e a l ) = ( ya : r e a l ) with var _pi_kd:real, _pi_td:real, _t1 : r e a l in _pi_kd = _pi_td*2 and _pi_td = Td and ya = _t1 and _t1 = PI(_pi_Td, _pi_kd, ua*k) 15 / 22

Implementation Formal translation equations have been implemented in a proof-of-concept translator using the Scala language. Implementation includes an emitter from SDFK to Lustre. The freely available academic LUSTRE V4 TOOLBOX 1 can be used to generate C-code from Lustre. The C-code can be interfaced back to Modelica for convenient back-to-back testing. 1 http://www-verimag.imag.fr/the-lustre-toolbox.html 16 / 22

Implementation Formal translation equations have been implemented in a proof-of-concept translator using the Scala language. Implementation includes an emitter from SDFK to Lustre. The freely available academic LUSTRE V4 TOOLBOX 1 can be used to generate C-code from Lustre. The C-code can be interfaced back to Modelica for convenient back-to-back testing. Back-to-back testing of Block A parameter k = 1.0 parameter T_d = 0.2 input ua = unit step at tick 3 1 http://www-verimag.imag.fr/the-lustre-toolbox.html 16 / 22

Questions? 17 / 22

Other PI Example SDFK Grammar td ::= type bt type bt = C +... + C d ::= node f(p) = p with var p in D p ::= x : bt;...;x : bt D ::= pat = a D and D pat ::= x (pat,...,pat) a ::= e ck e ::= v x (a,...,a) v fby a op(a,...,a) f(a,...,a) every a a when C(x) merge x (C a)...(c a) if x then a else a v ::= C i ct ::= ck ct... ct ck ::= base ck on C(x) if x then e 2 else e 3 = merge x (True e 2 when True(x)) (False e 3 when False(x)) 18 / 22

Other PI Example macg-modelica Grammar td ::= Boolean Integer Real d ::= block id p equation D end; tm ::= input parameter output p ::= p p t x; t x mo; tm t x; tm t x mo; mo ::= (ar,..., ar) = e ar ::= id = v D ::= D D eq; e ::= x op(e,...,e) previous(x) if e then e else e eq ::= x = e connect(x,x) x ::= c id id denotes a variable c ::= id. No deep nesting allowed! v = value id = identifier Only one level of modification nesting supported. (No elseif) 19 / 22

Other PI Example PI Controller Example Connector declarations: connector In = input Real ; connector Out = output Real ; PI-block: block PI In u ; Out y ; parameter Real kd = Td * 2 ; parameter Real Td = 0. 1 ; Real x ( s t a r t = 0 ) ; equation x = previous ( x ) + u / Td ; y = kd * ( x + u ) ; end PI ; Block A instantiating PI: block A In ua ; Out ya ; parameter Real k ; parameter Real Td=0. 2 ; PI p i ( Td=Td ) ; equation p i. u = ua * k ; connect ( ya, p i. y ) ; end A ; 20 / 22

Other PI Example Instantiation of Block A Block A: block A In ua ; Out ya ; parameter Real k ; parameter Real Td=0. 2 ; PI p i ( Td=Td ) ; equation p i. u = ua * k ; connect ( ya, p i. y ) ; end A ; Normalized instance block of A: block _Inst_A input Real ua ; output Real ya ; parameter Real _a_k ; parameter Real _a_td=0. 2 ; A a ( k=_a_k, Td=_a_Td ) ; equation a.ua = ua ; ya = a.ya ; end _Inst_A ; 21 / 22

Other PI Example Translation of Instantiated Block A to SDFK Remember Normalization Step 3: Create a fresh block that instantiates the top-level block as a component with normalized component modifications. Instantiate block A: block _Inst_A input Real ua ; output Real ya ; parameter Real _a_k ; parameter Real _a_td=0. 2 ; A a(k=_a_k, Td=_a_Td) ; equation a.ua = ua ; ya = a.ya ; end _Inst_A ; SDFK node of _Inst_A: node _Inst_A ( _a_k : f l o a t, ua : f l o a t ) = ya : f l o a t with var _a_td : f l o a t in ya = A( _a_k, _a_td, ua ) and _a_td = 0.2 22 / 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback