Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming
description
Transcript of Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming
![Page 1: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/1.jpg)
Component Composition for Embedded Systems Using Semantic
Aspect-Oriented Programming
Martin RinardLaboratory for Computer Science
Massachusetts Institute of TechnologyF33615-00-C-1692
![Page 2: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/2.jpg)
Problem Description
How can we improve flexibility, reliability, and predictability of software for embedded and real-time systems?
• Need for better support for distributed computations• Need to easily compose components on different
platforms• Need for implementations that survive partial failures
• Need for better understanding of distributed implementations• Understand communication patterns and their
implications• Support for fault propagation analysis• Exploit information to transform software
• Lack of real-time support in standard languages and systems• Lack of real-time memory management support in Java• Lack of real-time scheduling support in Java
![Page 3: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/3.jpg)
Support for Distributed Real-Time Systems
Role Analysis•Capture changing roles objects play in computation
•Points-to relationships determine roles
•Role Specifications•Programmer supplied•Dynamically discovered
•Statically verified
Interaction Analysis• Match role changes
with component movements
• Match publishers and subscribers
• Compute failure propagation information
Transformations• Specialized
communication• Point-to-point• Targeted multicast• Request/response
• Preemptively move or replicate objects to close windows of vulnerability
Distributed
Interaction System
Event Notification• Publish/Subscribe
Primitives
Shared Object Communication
• Shared reference system
• Thread-based failure model
Real Time Java
Predictable Memory Management
• Region-Based allocation primitives
• Pointer and escape analysis• Validates correct region
use• Eliminates dynamic
checks• Role analysis enables safe
explicit memory deallocation
Real-Time Scheduling• Compiler-controlled
scheduling• Preemptive thread
scheduling• Asynchronous event
dispatch
Objective Technical Approach
![Page 4: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/4.jpg)
System Architecture
Shared ObjectSpace
Shared EventSpace
DistributedRTJ
Components
PublishSubscribe
![Page 5: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/5.jpg)
Objectives for Distributed Components
• Understand how components interact• Event notification relationships• Communication patterns• Failure propagation
• Replace pub/sub with specialized mechanisms• Point-to-point communication• Multicast communication• Request/response communication
• Preemptively move or replicate objects to close windows of vulnerability to failures
![Page 6: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/6.jpg)
Technical Approach
Observations• Objects play different roles in computation• Role is conceptually similar to type
• Capture important differences between objects
• Useful constraints associated with roles (can’t apply stop operation to
stationary tank)Stationary
TankMoving
TankDisabled
TankRoles
![Page 7: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/7.jpg)
Technical Approach
Observations• Role of object may change during
computation• Even though identity stays the same
StationaryTank
Moving Tank
Disabled Tank
Roles
Role Transitions
![Page 8: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/8.jpg)
Technical Approach
Observations• In a standard type system
• Object’s type corresponds to its class• Object’s class does not change• Type system does not capture object’s
rolesTank Class
StationaryTank
Moving Tank
Disabled Tank
Roles
Role Transitions
![Page 9: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/9.jpg)
Technical Approach
Goal• Develop a formalism (role types) to
capture changing roles that objects play in computation
• Statically verify role constraints and transitions
Tank Class
StationaryTank
Moving Tank
Disabled Tank
Roles
Role Transitions
![Page 10: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/10.jpg)
Role Transitions
StationaryTankList
MovingTankList
DisabledTankList
![Page 11: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/11.jpg)
Role Transitions
StationaryTankList
MovingTankList
DisabledTankList
![Page 12: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/12.jpg)
Role Transitions
StationaryTankList
MovingTankList
DisabledTankList
![Page 13: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/13.jpg)
Role Classification
• Relative Classification• Role determined by data structure membership• Role changes correspond to movements
between data structures• Role depends on points-to relationships
• Content-based Classification• Role determined by values of object’s fields• Role changes correspond to field assignments
• History-based Classification• Role determined by operations applied to
object• Role changes correspond to method executions
![Page 14: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/14.jpg)
For Each Role• Set of incoming slots• Reference that fills
each slot (role.field)
Moving Tank Role•One incoming slot•Filled by Moving Tank
List Node.item Reference
Stationary Tank Role•One incoming slot•Filled by Stationary
Tank List Node.item Reference
Relative Role View of Objects
Stationary Tank
String
Integernext
item
Tank Model
Stationary Tank List
Node
Moving Tank String
Integernext
item
Tank Model
Top Speed
Moving Tank List Node
Current Speed
Integer
Top Speed
Current Speed
![Page 15: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/15.jpg)
Role Analysis
• Role information at method boundaries• Programmer provided or• Dynamically discovered• Statically verified using generalized
interprocedural shape analysis
![Page 16: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/16.jpg)
Applications of Roles
• Roles provide object referencing relationships • Object referencing determines interaction
patterns• Interaction analysis leverages roles to statically
extract interaction patterns• Match publishers with subscribers• Match role changes with movements of
objects between components• Compute failure propagation information
• Move or replicate objects to eliminate windows of failure vulnerability
![Page 17: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/17.jpg)
More Benefits of Roles
• Software Engineering Benefits• Enhanced implementation
transparency • Role constraints = safety checks that
take application semantics into account
• Safe explicit memory deallocation
![Page 18: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/18.jpg)
Real-Time Java
![Page 19: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/19.jpg)
Real-Time Java Memory Management
• Scoped Memories for Real-Time Memory Management
• Implementation in MIT Flex System• Pointer and Escape Analysis
• Verifies correct use of scoped memories• Eliminates dynamic scoped memory checks
• Analysis of Multithreaded Programs (PPoPP ’01)• Computes interactions between threads• Capture objects accessed by multiple threads
• Incrementalized Analysis (PLDI ’01)
![Page 20: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/20.jpg)
Real-Time Java SchedulingCompiler-controlled scheduling
• Start with lightweight user-level threads package• Compile scheduling checks into generated code• Check for:
• Asynchronous event dispatch• Preemptive thread switch
• Result:• Scheduler part of Java Run-Time (at user level)• Can be partially generated by compiler• Minimal demands on OS• Maximum flexibility in implementation
![Page 21: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/21.jpg)
Contribution to PCES GoalsWhat we provide: Automated understanding of distributed,
embedded, and real-time software• Analyses
• Pointer and escape analysis• Role analysis• Interaction analysis
• Some envisioned uses:• Safe memory management alternatives for Real-Time Java
•Verification of safe use of region-based allocation•Roles enable explicit deallocation instead of garbage
collection• Interaction analysis
•Understanding and validation of synchronization interactions•Understanding of communication patterns•Understanding of how failures propagate•Validations of ABSENCE of interactions
• Transformations•Specialized, efficient communication implementations •Close windows of failure vulnerability
![Page 22: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/22.jpg)
Contribution to Military Applications
Basic Contribution: More Flexible, Reliable, Predictable Real-Time, Distributed, and
Embedded Systems• Implementation technology to enable use of standard,
widely used language (Java) in military applications• Compiler-controlled event and thread management• Memory management algorithms for real-time
systems• Analyses and transformations for understanding and
improving military software systems• Potential application areas
• Real-time monitoring and control• Information collection and presentation• Integrating (distributed) systems of systems
![Page 23: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/23.jpg)
Project Tasks and Schedule
• Real-Time Java Implementation• Scoped Memories (Year 1)• Thread and Event Scheduling (Year 3)
• Publish/Subscribe Implementation• Initial prototype (Year 2)• Final version (Year 4)
• Pointer and Escape Analysis (Year 1)• Role Analysis
• Initial design and implementation (Year 2.5)• Final design and implementation (Year 4)
• Interaction Analysis and Transformations• Failure propagation analysis (Year 3)• Transformations to close windows of failure
vulnerability (Year 4)
![Page 24: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/24.jpg)
Technical Progress/Accomplishments
• Implementation of Real-Time Java Scoped Memories• Scoped memory allocation primitives• Pointer and escape analysis for multithreaded programs
(PPoPP ’01)• Verify correct use of scoped allocation• Eliminate dynamic checks
• Incrementalized pointer and escape analysis (PLDI ’01)
• Initial phases of distributed surveillance application• Initial JavaCar prototype – 1/6 scale car with
• 233 MHz StrongARM, 32 Mbytes, running Java on Linux • Camera, wireless ethernet, USB, various sensors• Speed and steering control
• Initial role design, specification language, analysis
![Page 25: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/25.jpg)
Next Milestones
Progress in Following Areas• Publish/Subscribe Design and
Implementation• Realization in Java (Event class)• Event distribution mechanism• Shared object space mechanism
• Real-Time Java Threads and Events• Role Design, Specification, and Analysis• JavaCar and Surveillance Applications
![Page 26: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/26.jpg)
Collaborations
• Washington University• Real-Time Java Memory Management• Dynamic Scope Generation (Washington)• Static Scope Verification (MIT)• Real-Time Event Service
• Stanford, Kansas State University (Model Extraction)
• Purdue, SUNY Oswego, Maryland (RT Java)• Utah (Analysis for Component Constraints)• Anyone else with Real-Time Java needs
• We provide prototype open implementation• We provide analysis prototypes
![Page 27: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/27.jpg)
Technology Transfer• Illustrations of Implementation Techniques for Real-Time Java
• Implementation available under GNU GPL• Anyone can download it, use it, improve it• http://www.cag.lcs.mit.edu/~rinard/pces
• Real-Time Java as Infection Vector• Integrated pointer and escape analysis
• Correctness tool for region allocation• Enables stack allocation (reduces memory footprint)
• Integrated role discovery and analysis• Dynamic discovery leads to easy initial experience• Roles become central abstraction for developer
• Roles + publish/subscribe system = easy, effective distribution• Communication and failure propagation analysis• Useful transformations• Dynamic deployment
• Our system serves as prototype• Illustrates key implementation techniques• Helps others evaluate suitability for their application
![Page 28: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/28.jpg)
Program Issues
![Page 29: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/29.jpg)
Current Speed
Example Roles
Tank ObjectString
Integernext
item
Tank Model
Top Speed
Stationary Tank List Node
![Page 30: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/30.jpg)
Tank ObjectString
Integernext
item
Tank Model
Top Speed
Moving Tank List Node
Current SpeedInteger
![Page 31: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/31.jpg)
Standard View of Object
Fields
OutgoingReferences
•
•
•
IncomingReferences
Tank ObjectString
Integer
Integer
Tank Model
Top Speed
Current Speed
![Page 32: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/32.jpg)
Incrementalized AnalysisBig Program
![Page 33: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/33.jpg)
Incrementalized AnalysisObject Allocation Sites to Capture
![Page 34: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/34.jpg)
Incrementalized AnalysisStandard Approach: Analyze Entire Program
![Page 35: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/35.jpg)
Incrementalized AnalysisOur Approach: Incrementally Analyze Region
Surrounding Each Allocation Site
![Page 36: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/36.jpg)
Incrementalized AnalysisOur Approach: Incrementally Analyze Region
Surrounding Each Allocation Site
![Page 37: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/37.jpg)
Incrementalized AnalysisOur Approach: Incrementally Analyze Region
Surrounding Each Allocation Site
![Page 38: Component Composition for Embedded Systems Using Semantic Aspect-Oriented Programming](https://reader035.fdocuments.us/reader035/viewer/2022070418/5681585d550346895dc5b85f/html5/thumbnails/38.jpg)
Incrementalized Analysis
• Key Question: Where to invest analysis resources?
• Obtain estimates of• Payoff of capturing allocation site• Likelihood of capturing site• If can capture site, cost of the capture
• As invest resources in site, improve estimates• Invest resources in site with (current) best
estimated return on invested resources• Results show can obtain almost all benefit of
whole-program analysis at fraction of cost (PLDI ’01)