## Formal simulation and analysis of the CASH scheduling algorithm in Real-Time Maude (2006)

### Cached

### Download Links

- [pertsserver.cs.uiuc.edu]
- [www.ifi.uio.no]
- [heim.ifi.uio.no]
- [heim.ifi.uio.no]
- [heim.ifi.uio.no]
- [heim.ifi.uio.no]
- DBLP

### Other Repositories/Bibliography

Venue: | Fundamental Approaches to Software Engineering (FASE’06), volume 3922 of Lecture Notes in Computer Science |

Citations: | 11 - 9 self |

### BibTeX

@INPROCEEDINGS{Ölveczky06formalsimulation,

author = {Peter Csaba Ölveczky and Marco Caccamo},

title = {Formal simulation and analysis of the CASH scheduling algorithm in Real-Time Maude},

booktitle = {Fundamental Approaches to Software Engineering (FASE’06), volume 3922 of Lecture Notes in Computer Science},

year = {2006},

pages = {357--372},

publisher = {Springer}

}

### OpenURL

### Abstract

Abstract. This paper describes the application of the Real-Time Maude tool to the formal specification and analysis of the CASH scheduling algorithm and its suggested modifications. The CASH algorithm is a sophisticated state-of-the-art scheduling algorithm with advanced capacity sharing features for reusing unused execution budgets. Because the number of elements in the queue of unused resources can grow beyond any bound, the CASH algorithm poses challenges to its formal specification and analysis. Real-Time Maude extends the rewriting logic tool Maude to support formal specification and analysis of object-based real-time systems. It emphasizes generality of specification and supports a spectrum of analysis methods, including symbolic simulation and (unbounded and time-bounded) reachability analysis and LTL model checking. We show how we have used Real-Time Maude to experiment with different design modifications of the CASH algorithm using both Monte Carlo simulation and reachability analysis. We could quickly and easily specify and analyze these modifications using Real-Time Maude, and discovered subtle behaviors in the modifications that lead to missed deadlines. 1

### Citations

392 | Hytech: a model checker for hybrid systems. Software Tools for Technology Transfer
- Henzinger, Ho, et al.
- 1997
(Show Context)
Citation Context ...and time-bounded and unbounded search for reachability analysis. Real-Time Maude differs from formal real-time tools such as the timed/hybrid automaton-based tools Uppaal [1], Kronos [19], and Hytech =-=[7]-=- by having a more expressive specification formalism which supports well the specification of “infinite-control” systems which cannot be specified by such automata. Real-Time Maude has proved useful f... |

271 |
The Art of Computer Programming – Seminumerical Algorithms, volume 2
- Knuth
- 1981
(Show Context)
Citation Context ... with pseudo-random timeToJob and leftOfJob values. To generate pseudo-random arrival and execution times, we use a function random which satisfies Knuth’s criteria for “good” pseudo-random functions =-=[8]-=-. The state must also contain the ever-changing “seed,” modeled as a term [Seed: n], to this function. Our specification of the CASH algorithms for Monte Carlo simulation is given in [11]. We present ... |

223 |
Kronos: a verification tool for real-time systems
- Yovine
- 1997
(Show Context)
Citation Context ... model checking, and time-bounded and unbounded search for reachability analysis. Real-Time Maude differs from formal real-time tools such as the timed/hybrid automaton-based tools Uppaal [1], Kronos =-=[19]-=-, and Hytech [7] by having a more expressive specification formalism which supports well the specification of “infinite-control” systems which cannot be specified by such automata. Real-Time Maude has... |

211 | A Tutorial on UPPAAL
- Behrmann, David, et al.
- 2004
(Show Context)
Citation Context ...mporal logic model checking, and time-bounded and unbounded search for reachability analysis. Real-Time Maude differs from formal real-time tools such as the timed/hybrid automaton-based tools Uppaal =-=[1]-=-, Kronos [19], and Hytech [7] by having a more expressive specification formalism which supports well the specification of “infinite-control” systems which cannot be specified by such automata. Real-T... |

194 | Maude: specification and programming in rewriting logic
- Clavel, Durán, et al.
(Show Context)
Citation Context ...del checking are decision procedures for the corresponding time-bounded properties, while unbounded search is a semi-decision procedure for the (unbounded) reachability problem. Using methods (3) and =-=(4)-=- we easily discovered that the modified algorithm could not guarantee that deadlines were not missed. However, the scenarios leading to the missed deadlines were subtle and were not discovered during ... |

159 | Membership algebra as a logical framework for equational specification
- Meseguer
- 1997
(Show Context)
Citation Context ...lt to find during traditional testing. 2 Real-Time Maude A Real-Time Maude timed module specifies a real-time rewrite theory [13] of the form (Σ,E,IR,TR), where: – (Σ,E)isamembership equational logic =-=[10]-=- theory with Σ asignature 1 and E a set of conditional equations. The theory (Σ,E) specifies the system’s state space as an algebraic data type. (Σ,E)mustcontainaspecificationof asortTime modeling the... |

61 | Capacity sharing for overrun control
- Caccamo, Buttazzo, et al.
- 2000
(Show Context)
Citation Context ...reless sensor network algorithms [18]. This paper describes the application of Real-Time Maude to the formal specification and analysis of the sophisticated state-of-the-art CASH scheduling algorithm =-=[3]-=- developed by the second author in joint work with Buttazzo and Sha. L. Baresi and R. Heckel (Eds.): FASE 2006, LNCS 3922, pp. 357–372, 2006. c○ Springer-Verlag Berlin Heidelberg 2006s358 P.C. Ölveczk... |

48 |
A new kernel approach for modular real-time systems development
- Gai, Giorgio, et al.
- 2001
(Show Context)
Citation Context ...lability is proved in [3]: Each capacity generated during the scheduling is exhausted before its deadline if and only if � n Qi i=1 Ti ≤ 1. The CASH algorithm has been implemented in the SHARK kernel =-=[6]-=- to measure the performance gain and to validate the results predicted by the theory. 3.1 A Proposed Modification of the CASH Algorithm The second author wanted to investigate if it is possible to let... |

41 | Specification of real-time and hybrid systems in rewriting logic. Manuscript, submitted for publication, SRI
- Ölveczky, Meseguer
- 1999
(Show Context)
Citation Context ...rlo simulation indicates that the critical missed deadline would be difficult to find during traditional testing. 2 Real-Time Maude A Real-Time Maude timed module specifies a real-time rewrite theory =-=[13]-=- of the form (Σ,E,IR,TR), where: – (Σ,E)isamembership equational logic [10] theory with Σ asignature 1 and E a set of conditional equations. The theory (Σ,E) specifies the system’s state space as an a... |

30 |
Semantics and pragmatics of Real-Time Maude
- Ölveczky, Meseguer
- 2007
(Show Context)
Citation Context ...ld quickly and easily specify and analyze these modifications using Real-Time Maude, and discovered subtle behaviors in the modifications that lead to missed deadlines. 1 Introduction Real-Time Maude =-=[14, 15, 16]-=- is a high-performance tool that extends the rewriting logic-based Maude system [4, 5] to support the formal specification and analysis of object-based real-time systems. Real-Time Maude emphasizes ea... |

25 | Specification and analysis of the AER/NCA active network protocol suite in Real-Time Maude - Ölveczky, Keaton, et al. |

23 |
Soft Real-Time Systems: Predictability vs. Efficiency
- Buttazzo, Lipari, et al.
- 2005
(Show Context)
Citation Context ...e guaranteed off-line. A general technique for guaranteeing deadlines of hard activities in the presence of soft tasks with unpredictable execution times is based on the resource reservation approach =-=[2]-=-. Each task τi is served by a constant bandwidth server Si that is characterized by its maximum budget Qi (i.e., its allocated execution time) and its period Ti; hence, τi has a CPU reservation Qi/Ti.... |

21 | Specification and analysis of real-time systems using Real-Time Maude
- Ölveczky, Meseguer
- 2004
(Show Context)
Citation Context ...ld quickly and easily specify and analyze these modifications using Real-Time Maude, and discovered subtle behaviors in the modifications that lead to missed deadlines. 1 Introduction Real-Time Maude =-=[14, 15, 16]-=- is a high-performance tool that extends the rewriting logic-based Maude system [4, 5] to support the formal specification and analysis of object-based real-time systems. Real-Time Maude emphasizes ea... |

15 | Formal modeling and analysis of the OGDC wireless sensor network algorithm in Real-Time Maude,” October 2005, manuscript. http://www.ifi.uio.no/RealTimeMaude/OGDC
- Thorvaldsen, ¨Olveczky
(Show Context)
Citation Context ...infinite-control” systems which cannot be specified by such automata. Real-Time Maude has proved useful for analyzing advanced communication protocols [9,12,17] and wireless sensor network algorithms =-=[18]-=-. This paper describes the application of Real-Time Maude to the formal specification and analysis of the sophisticated state-of-the-art CASH scheduling algorithm [3] developed by the second author in... |

11 | Formal Modelling and Analysis of the NORM Multicast Protocol Using Real-Time Maude
- Lien
- 2004
(Show Context)
Citation Context ...malism which supports well the specification of “infinite-control” systems which cannot be specified by such automata. Real-Time Maude has proved useful for analyzing advanced communication protocols =-=[9,12,17]-=- and wireless sensor network algorithms [18]. This paper describes the application of Real-Time Maude to the formal specification and analysis of the sophisticated state-of-the-art CASH scheduling alg... |

10 |
Real-Time Maude 2.1
- Olveczky, Meseguer
- 2004
(Show Context)
Citation Context ...ld quickly and easily specify and analyze these modifications using Real-Time Maude, and discovered subtle behaviors in the modifications that lead to missed deadlines. 1 Introduction Real-Time Maude =-=[14, 15, 16]-=- is a high-performance tool that extends the rewriting logic-based Maude system [4, 5] to support the formal specification and analysis of object-based real-time systems. Real-Time Maude emphasizes ea... |