HAL Id: hal-00542167
https://hal.archives-ouvertes.fr/hal-00542167
Submitted on 1 Dec 2010
HAL is a multi-disciplinary open access archive for the deposit and dissemination of sci- entific research documents, whether they are pub- lished or not. The documents may come from teaching and research institutions in France or
L’archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d’enseignement et de recherche français ou étrangers, des laboratoires
Polychrony for refinement-based design
Jean-Pierre Talpin, Paul Le Guernic, Sandeep Shukla, R.K. Gupta, Frédéric Doucet
To cite this version:
Jean-Pierre Talpin, Paul Le Guernic, Sandeep Shukla, R.K. Gupta, Frédéric Doucet. Polychrony for refinement-based design. Design, Automation and Test in Europe Conference and Exposition (DATE 2003), Mar 2003, Munich, Germany. pp.11172-11173, �10.1109/DATE.2003.1253786�. �hal-00542167�
Jean-Pierre Talpin 1
,PaulLe Guerni 1
, Sandeep Kumar Shukla 2
,Rajesh Gupta 3
, Frederi Douet 3
1
Inria/Irisa, 2
VirginaTeh, 3
UC San Diego, 4
UC Irvine
Abstrat
The polyhronous (i.e. multi-loked) model of the
Signal design language oers formal support for the
apture of behavioral abstrations for both very high-
levelsystemdesriptions (e.g. SystemC/SpeC)and
behavioral-level Ip omponents (e.g. Vhdl). Its plat-
form, Polyhrony, provides models andmethodsfor
a rapid, renement-based, integration and a formal
onformane-heking of Gals hardware/software ar-
hitetures. Its ompanion desynhronization teh-
niques allow to model high-level, funtional, speia-
tionsandformallyverify suessivedesign renements
yieldingadistributedimplementation. The presentar-
tile demonstratesthe eetivenessofthis approah in
renement-based design by the experimental, ompar-
ative, ase study of an even-parity heker design in
SpeC.It highlights thebenetsof the formalmodels,
methods and tools provided in Polyhrony, in rep-
resentingfuntional,arhitetural,ommuniationand
implementationabstrationsofthedesign,andthesu-
essive renements.
1 Introdution
Risingomplexities andperformanesofintegrated
iruits and systems, shortening time-to-market de-
mands for eletroni equipments, growing installed
bases ofintelletual property,requirementsforadapt-
ingexisting Ipswithnewservies,allstresshigh-level
designasaprominentresearhtopis andallfor the
development of appropriate methodologial solutions.
Inthisaim,systemdesignbasedontheso-alled\syn-
hronoushypothesis" onsists of abstrating thenon-
funtionalimplementationdetailsofasystemawayand
letonebenet from afoused reasoningonthe logis
behind the instants at whih the system funtionali-
tiesshould be seured. From this point of view,syn-
hronousdesign models [9℄ and languages[3℄ provide
intuitive models for integrated iruits. This aÆn-
ity explains the ease of generating synhronous ir-
uits and verify their funtionalities using ompilers
and related toolsthat implement this approah. The
relational model of the Signal/Polyhrony design
language/plateform [9, 12℄ goes beyond the domain
of purelysynhronousiruitstoembraetheontext
of arhiteturesonsisting ofsynhronousiruitsand
desynhronizationprotools: Galsarhitetures. The
uniquefeaturesofthismodelaretoprovidethenotion
ofpolyhrony: theapabilitytodesribemulti-loked
(orpartiallyloked)iruitsandsystems;andtosup-
portformaldesignrenement,fromtheearlystagesof
requirementsspeiation, to the later stages of syn-
thesisanddeployment,andbyusingformalveriation
tehniques. Inpratie,amulti-lokedsystemdesrip-
tion is often the representation or the abstration of
anasynhronoussystemorofaGalsarhiteture. In
system-leveldesign,theasynhronousimplementation
ofasystemisobtainedthroughtherenementofitsde-
sription towardshardware-software o-design. How-
ever,loksareoftenleftunspeiedat thefuntional
level,andnohoie onamasterlokmadeat thear-
hiteturallevel. Asommuniationand implementa-
tionlayersarereahed,however,multipleloksmight
beawayoflife. Inthepolyhronousdesignparadigm,
one an atually design a system with partially or-
deredloksandreneittoobtainmaster-lokedom-
ponentsintegratedwithin amultiply-lokedarhite-
tures,whilepreservingthefuntionalpropertiesofthe
original high-level design, thanks to the formal ver-
iation methodology provided by the formal theory
(model andtheorems) ofpolyhronoussignals. Inthe
presentartile, weput thepriniples of polyhronous
design to work in the ontext of the emerging high-
level languages suh as SystemC/SpeC [7, 13, 14℄
by studying the renement of a high-level speia-
tion,theeven-parityheker(Ep)towardsitsimple-
mentation. Ourgoal is to derive onditionson spei-
ations under whih our design priniples works. In
otherwords,weseektowardstoolsandmethodologies
toallowtotakeahigh-levelSystemC/SpeCspei-
ationandtoreneitinasemanti-preservingmanner
into a Gals implementation. We fous on a simple
howthespeiationoftheEp inSpeC anbere-
nedtowardsaGalsimplementationwiththehelpof
Polyhrony.
2 An informal introdution to Signal
In Signal (gure 1), a proess P onsists of the
omposition of simultaneous equations over signals.
A signal x 2 X desribes a possibly innite ow of
disretely-timed values v 2 V. An equation x = fy
denotes arelation between asequene of operands y
and asequeneofresults xbyaproessf 2F. Syn-
hronousomposition P jjQ onsists of onsidering a
simultaneous solution of the equations P and Q at
any time. Signal requires three primitive proesses:
pre,toreferenethepreviousvalueofasignalintime;
when, to sample a signal; and default, to determin-
istially merge two signals (and provides, e.g. nega-
tion not,equality eq,identity id,et). Theequation
x= prevyinitiallydenesxbyvandthenbythepre-
viousvalueofyintime(tagst
1
;t
2
;t
3
denoteinstants).
The equation x =y whenz denes x by y when z is
true. Theequationx=y defaultzdenesxbyywhen
y is present and by z otherwise. We exemplify the
equational/relationaldesign model ofSignal byon-
sideringthedenitionofaountingproess: Count. It
aepts an input event reset and delivers the integer
outputval. Aloalounter, initializedto0,storesthe
previousvalueofval(equationounter:=val$1init0).
When the event resetours, val is resetto 0(i.e. (0
when reset). Otherwise, ounter is inremented (i.e.
(ounter + 1)). TheativityofCountisgovernedby
the lok of its output val,whih diers from that of
itsinputreset: Countismulti-loked.
proess Count = (? event reset ! integer val)
(| ounter := val$1 init 0
| val := (0 when reset)
default (ounter + 1)
|) where integer ounter;
end;
3 A model of polyhronous signals
Starting fromthemodel oftaggedsignalsofLeeet
al. [8, 4℄, we give the tagged model of polyhronous
signals[9℄forthe formalstudy ofprotool properties.
Weonsider aset ofbooleanandintegervaluesv 2V
to represent the operands and results of a omputa-
tions. A tag t 2 T, denotes an instant. The dense
set is equipped with a partial order relation to de-
note synhronization and ausal relations. The sub-
set T T of a given proess is hosen to be asemi-
lattie (T;;0). A hain C 2 C is atotally ordered
and a value. A signal s 2 S = T * V is a par-
tial funtion relating a hain of tags to a set of val-
ues. Wewrite tags(s)forthedomainofs. Abehavior
b2B=X *S isapartialfuntionfromsignalnames
x 2 X to signals s 2 S. We write vars(b) for the
domain of b and tags(b) =[
x2vars(b)
tags(b(x)) for its
tags. Hene,theinformalsentene\xispresentattin
b"is formallydened byt2tags(b(x)). Wewrite bj
X
for the projetion of abehaviorb on aset X X of
names(i.e.vars(bj
X
)=X and 8x2X;bj
X
(x)=b(x))
andb
=X
foritsomplementaryofbj
vars(b)nX
. Aproess
p2P =P(B)isasetofbehaviorsthathavethesame
domainX (writtenvars(p)). Synhronousomposition
pjjq is dened by the set of behaviors that extend a
behaviorb2pbytherestrition
=vars(p)
ofabehavior
2q iftheprojetionsofb and onvars(p)\vars(q)
areequal.
pjjq=
b℄
=vars (p)
j(b;)2pq;
bj
vars(p)\vars (q)
=j
vars (p)\vars(q)
Salability isakeyoneptforengineeringsystems
and reusing omponents in a smooth design proess.
A formal support for allowing time salability in de-
sign is given in our model by the so-alled streth-
losure property. Theintuitionbehind thisrelation is
to onsider a signalas an elasti with ordered marks
on it (tags). If it is streth, marks remain in the
sameorder but havemorespae (time) betweeneah
other. Ifit is un-strethed, marks appear loserfrom
eah other and some are no longer observable. The
same holds for a set of elastis: a behavior. If elas-
tis are equally strethed, the partial order between
marks is unhanged. A behavior is a strething of
b, written b , i vars(b) = vars() and there ex-
ists a funtion f : T ! T that - 1/ is stritly in-
reasing - 2/ is monotoni along all hains - 3 sat-
ises tags((x)) = f(tags(b(x))) for all x 2 vars(b),
and b(x)(t) = (x)(f(t)) for all x 2 vars(b) and all
t 2 tags(b(x)). Strething is a partial-order relation.
It givesrisetoanequivalenerelationbetweenbehav-
iors. Thebehaviorsbandarestreth-equivalent,writ-
ten b 7, i there exists abehaviord s.t. db and
d. Bothrelationsextendtoproesses. Aproessp
isstreth-losediforallb2p,7b)2p. A non-
empty, streth-losed proess p admits a set of strit
behaviors, written (p)
7
, s.t. (p)
7
p (for all b 2 p,
thereis aunique2(p)
7
s.t.7b).
Distributed design Tomodel asynhrony, weon-
sideraweakerrelationwhihdisardssynhronization
relationsandallowsforomparingbehaviorsw.r.t.the
y:(t
1
;v
1 )(t
2
;v
2 )(t
3
;v
3 ):::
prevy:(t1;v) (t2;v1)(t3;v2):::
y:(t
1
;v
1 )(t
2
;v
2 )(t
3
;v
3
) :::
z: (t2;tt) (t3;ff)(t4;tt):::
ywhenz: (t
2
;v
2
) :::
y: (t
2
;v
2 )(t
3
;v
3 ) :::
z:(t1;v1) (t3;w3):::
ydefaultz:(t
1
;v
1 )(t
2
;v
2 )(t
3
;v
3 ) :::
Figure 1. Core-Signal
sequenes of values signals hold. The relaxation re-
lation allows to individually streth the signals of a
behavior. A behavior is a relaxation of b, written
b v , i vars(b) = vars() and for all x 2 vars(b),
b
jx
jx
. Relaxation is a partial-order relation that
denes the ow-equivalene relation. Two behaviors
are ow-equivalent itheirsignalshold the sameval-
uesinthesameorder. Thebehaviorsbandareow-
equivalent, written b ,i there exists abehaviord
s.t.dvbanddv. Theequivalenelassofabehav-
iorbisasemi-lattie: itadmitsastritbehavior,writ-
ten (b)
. We userelaxationto dene the meaningof
asynhronousompositionpkq(wenoteX =vars(P),
Y =vars(Q) andI =X\Y).
pkq=
d
9b2p;d
jXnY 7b
jXnY
; bj
I vdj
I
92q;d
jYnX 7
jYnX
; j
I vdj
I
Polyhronous design properties The model of
polyhronous signals allows to dene formal proper-
ties that are essential for the omponent-based de-
sign of Gals arhitetures. Endohrony is a key de-
sign property design. A proess is endohronous i,
givenanexternal(asynhronous)stimulationofitsin-
puts I, it reonstruts a unique synhronous behav-
ior (up to streth-equivalene). Endohrony denotes
the lass of proesses that are insensitiveto (internal
and) external propagation delays. A proess pis en-
dohronousonitsinputsignalsI i8b;2p;(bj
I )
=
(j
I )
)b
7
. Flow-equivalene oersthe right met-
ri for heking the renement of a high-level system
speiationwithdistributedommuniationprotools
orret. For instane, it is onsidered in [2℄ for the
renement-baseddesign of theLtta protool in Sig-
nal. Flow-invarianeisthepropertythatensuresthat
the renementof afuntional speiation pjjq by an
asynhronous implementation p k q preserves ow-
equivalene. Formally, p and q are ow-invariant i,
forallb2pjjq,forall2pkq,(bj
I )
=(j
I )
implies
b forI theinputsofpjjq. InSignal, Galsarhi-
teturesare modeled asendo-isohronously ommuni-
atingendohronousomponents. Wesaythattwoen-
dohronousproessespandqare endo-isohronousi
(pj
I )jj(qj
I
)isendohronous(withI =vars(p) \ vars(q)).
Endo-isohronyimpliesow-invariane.
Capturing high-level design with polyhrony
In the polyhronousdesign paradigm, one angivea
funtional-levelspeiationofasystemintermsofre-
lations and partially-orderedloks. A renement,at
thearhiteture-level,onsistsof isolatingthemaster-
lokof omponentsandofintegrating themwithin a
multi-lokedarhitetures,whilepreservingthefun-
tional properties of theoriginal design, thanks to the
formal veriation of ow-invariane. The main ben-
et of onsidering the model of polyhronous signals
for high-level C-like design languages lies in the for-
malsemantisbakbone/platformitprovides,onwhih
veriation and optimization tehniques an then be
plugged in. There are several ways to envisage ap-
plyingthePolyhronymodeltohigh-levelGalsar-
hitetures modeling in C-like design languages. A
validation-basedapproahonsistsofassoiatingevery
omponentto adesriptionofits invariants(a behav-
ioral type) and thento automatetest-ase generation
to validatethem. Byontrast,aprogramanalysisap-
proah onsists of automatially synthesizing this be-
havioral type and of representing it in an algebra in
whih deiding properties about these types (equiva-
lene, bisimulation, et) is deidable. Hene, our ap-
proah: abstrat aomponent byatemporal formula
oraSignalproess.
4 Aasestudy: the evenparityheker
The polyhronous model of the Signal de-
sign language oers formal support for the ap-
ture of behavioral abstrations for both very high-
levelsystemdesriptions(e.g.SystemC/SpeC) and
behavioral-levelIp omponents (e.g.Vhdl). Its plat-
form, Polyhrony, provides formal methods for
a rapid, renement-based, integration and a formal
onformane-hekingof Gals hardware/softwarear-
hitetures. The model of polyhrony being quite
elaborate, we fous on a ase study that illus-
trate our methodology by showing how the spe-
iation of the Ep in SpeC an be rened
towards a Gals implementation with the help
of the tool Polyhrony, showing in what re-
spets and at whih ritial design stages formal
behavioral
desription
SpeC/SystemC
design
interfae interfae
Polyhrony
-
-
6
6 analysis
abstration
transformation
distribution
ode
generation ontrol
synthesis
veriation
simulation
Figure 2. A polychronous component-based design platform
methods matter for engineering suh arhitetures.
ones even
IO
-
-
-
-
data oount
istart idone
Inport Outport start done
The Ep onsists of three funtional units: an
IO interfae proess, an even test proess and a
main ones ounting proess. The behavior ones
determines theparityof an inputdata reeived along
Inport. Upon reeipt of the start notiation, it
repeatedly shifts thedata until it is0ed. The output
ountoount is sentalong Outport and donenotied.
behavior ones(...) f
void main(void) f
unsigned int data, oount, mask, temp;
while (1) f wait(start);
data = Inport;
oount = 0;
mask = 1;
while(data != 0)ftemp = data & mask;
oount += temp;
data >>= 1;
g
Outport = oount;
notify(done);
gg
g;
ThetranslationofthebehavioronesinSignalonsist,
rst, of deomposing the syntati struture of the
SpeC program into an intermediate representation
that renders the imperative struture of the original
programtogetherwith itsmostharateristifeatures
(use of loks, interrupts, et). In this struture,
eah thread onsists of a sequene of bloks (ritial
setions)delimited bywait andnotifysynhronization
statements. Within suh bloks, basi ontrol stru-
tures are then enoded. A method all or a basi
operation, e.g. x =y+1, is enoded by anequation,
e.g. either x = y$1+1when (when y referenes a
value omputedduring theprevious transitionin this
blok) or x = y +1when (if it has already been
omputed in the same transition), onditioned by
an ativation lok . A onditional statement, e.g.
ifxthenPelseQ, is enoded by onstrainingthe lok
of P by x and that of Q by notx. Internal while
loops are enoded by over-sampling. Interrupts are
rendered by boolean signals that tell whether or not
they are raised during a omputation. An interrupt
onditionstheativationlokofsubsequentequations
in theontrolowgraph;ifitesapesthesopeofthe
method in whih it is raised, it beomes an output
signaloftheproessthatenodesthemethodin order
to propagate in the ontext of use of that method.
The enoding of the behavior ones in Signal yields
a proess in whih the lok of input/output signals
are synhronized to input/output notiation events.
The proess onesonsists of oneritial setion. The
internal while loop is enoded by an over-sampling
sub-proess.
proess ones = (? integer Inport; event start
! integer Outport; event done)
(| start ^=Inport
| Outport :=oountwhendata=0
| data :=Inportdefaultrshift(data$1init0xffff)
| oount :=(oount$1init0)+xand(data,1)
| done ^=Outport
|) where integer data, oount end;
Arhiteture layer design renement The en-
odingoftheevent-parityhekerdemonstratesthea-
pabilityofSignaltogiveasynhronousmodelofom-
ponents for speiation-level SpeC designs. This
levelof abstration (synhrony) allowsfor deoupling
thespeiationofthesystemunderdesignfrom(too)
early arhiteturemappinghoies. Itadditionallyal-
lowsforanoptimizedreombinationofbehaviors(e.g.
the Signal ompiler ould for instane be used to
merge the other IO and even behaviors into a single
SpeC fsm, using lok hierarhization tehniques[1℄
