performance. The paper presents a modeling language for embedded control system development, called ECSML, and a corresponding automatic code ...
From Models to Code: Automatic Development Process for Embedded Control System Zhaogang SHU, Di LI, Yueming HU, Feng YE, Suhua XIAO and Jiafu WAN Abstract - Current development method for embedded control system is mainly based on manual programming, so it is very time-consuming and is difficult to guarantee system performance. The paper presents a modeling language for embedded control system development, called ECSML, and a corresponding automatic code generation framework. ECSML satisfies the modeling requirements, including functionality and real-time performance, for control system. Based on ECSML, a graphical modeling environment has been created. The code generation framework takes advantage of the reusability of component-based development (CBD) method. A well-defined code structure, in which function code and non-function code are separated completely, makes it possible to generate all system code from models. This development method can promote development efficiency, reduce development cost and shorten the time to market of embedded control products. Index Terms - embedded control system; modeling, code generation; model interpreter I. INTRODUCTION
Embedded control systems are a kind of software system used to control operation process of equipments or machine automatically. They are applied widely in many areas, such as automotive control, computerized numerical control, and avionic control. These applications are safety critical, that is to say, any failure of these systems may result in massive material loss or endanger human safety, so most embedded control systems consider not only function requirements, but also many non-function requirements, such as real-time performance and fault toleration. Compared to the conventional software, embedded system is a part of a physical environment and interact with hardware tightly, the design and implementation of embedded software system is difficult. During the stage of design, if some issues can not be considered, and they are not discovered until at later design stage, they will be difficult to be corrected. Independent development of hardware and software, system is difficult to guarantee real-time performance. Current development method for these systems is mainly based on manual programming, which is error-prone and time-consuming, and Manuscript received October 1, 2007. This work was supported in part by Chinese National Natural Science Foundation under Grant 50575075 and Guangdong Province Natural Science Foundation under Grant 05103543 Zhaogang SHU and Yueming HU are with College of Automation, South China University of Technology, Guangzhou, Guangdong Province, 510641, China. (e-mail: zgshu2004 0163.com). Di LI, Feng YE, Suhua XIAO and Jiafu WAN are with College of Mechanical Engineering, South China University of Technology, Guangzhou, Guangdong Province, 510641, China. (e-mail: itdili d,scut.edu.cn)
can't follow the requirement of market. To improve development efficiency, model-based development method is the mainstream trend. However, in many model-based development methods, models appear just as the communication documents between engineers, the true development work still mainly depends on programming manually. Generally, the development of embedded software includes two phases: first modeling and then implementation. Modeling plays an important role in modem software engineering, whose goal is to reduce the complexity of software design and manage the design process effectively. Some popular modeling tools, such as Matlab/Simulink and Rhapsody, can support modeling embedded control applications. Though these modeling tools can generate some useful code snippet, it's not enough for producing the entire system. There is requirement to generate all the system code automatically according to models, which will greatly shorten development time and reduce development cost. Ptolemy [1] is a research project, studies modeling, simulation, and design of concurrent, real-time, embedded systems, at the University of California at Berkeley. Ptolemy facilitates functional description by providing various models of computations, and key underlying principle in the project is the use of well-defined models of computation that govern the interaction between components, but it lacks useful tool to generate effective code automatically. Based on the actor-oriented models in Ptolemy II [1], a code generation framework [2] has been presented. The framework uses partial evaluation and helper-based mechanism to generate efficient code. Giotto [3] is a domain-specific high-level programming language for control applications. Giotto program defines software architecture of the implementation that specifies its functionality and timing. The Giotto compiler automatically generates timing code that ensures the specified behavior on a given platform. However, a virtual machine [4] on this platform must be developed to support the execution of the generated timing code. Different platform should have different virtual machines and the development of virtual machine is not an easy thing. Model Integrated Computing (MIC) [5] is a modeling framework for embedded system, which is based on models and generation. In MIC, models can be divided into three-level structure, they are meta-meta model, meta model for specific domain and implementation model respectively. GME (Generic Modeling Environment) [6], a configurable modeling toolkit to support MIC development method, is an extensible and flexible software architecture. Third-part developers can integrate their own model interpreters into GME. This paper presents a
660
language for object-oriented software development, but it is not suitable for modeling embedded control system, because it can't be described non-function characters of embedded software system, such as real-time. Domain-Specific Modeling (DSM) [6] is considered next-generation modeling method for executable models, that is to say, models can be validated, transformed and generate executable code.
modeling language and a code-generation framework for embedded control system. A code generation framework consist of three important aspects: modeling specification, code specification and the mapping between them. A component-based domain-specific modeling method is discussed and an modeling language for embedded control system are described in detail. A well-structured code specification, with the feature of the separation of function code and real-time code, is presented. Finally, model interpreter establishes the mapping between of modeling specification and code specification, which will support code generation completely. Using this development framework, two different computerized numerical control systems have been developed.
~~~ ~-
=
copoenitgII
IF~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I='4 1111I111 -. I1I
II. CONTROL SYSTEM MODELING AND CODE GENERATION
A. Component-Based Domain-Specific Modeling Component-Based Development (CBD) is an important software development method in software engineering. Reusability is a key factor that contributes to its success [7]. Compared to the development of building the entire application from the scratch, building systems from existing components is easier and faster. It's clear that component-based software development will shorten the development cycles and save development costs. Component technology has become a research hotspot. Currently, there exist several widely-used component standards, such as CORBA of OMG, COM+ of Microsoft, Enterprise JavaBeans (EJB) of Sun Microsystems. However, these component specifications can't used to develop real-time control software system, because they do not address issues of timeliness and predictability of service, which are basic characteristics for real-time embedded control systems. Some real-time component specifications appear, such as real-time CORBA [8]. Most embedded control system has restricted hardware resources, the implementation of component infrastructure will lead to the overload that can't ignored by system performance. Thereby, current real-time component specifications are not mature for embedded control applications. Because reusability is the core characteristic of component technology, a reusable Function Block (FB) can also be called component. The component discussed in this paper will prefer to this kind of component in the generalized sense. Model-Based Development (MBD) is another important software development method in software engineering. Models are used to analyze a system before implementation. System models can help us to communicate each other to understand, predict and possibly control the behavior of the system. In the large-scale complex system development process, modeling is an indispensable task. There are many modeling language and corresponding tools to support model-based software development. A modeling language must have specific syntax and semantics to capture system requirements, static functionality and dynamic behavior. UML is a very popular general-purpose modeling
code generation framework Figl. CBDSM and code generation
CBD and MBD are different development approaches, they both reduce the development complexity. MBD targets the analysis, validation and optimization of system functionality or quality in the early stage. In contrast, CBD emphasizes reuse of exiting code. A detailed comparison of them can be found in [9]. In order to benefit from the advantages of both of them, the combination of them is necessary. This paper calls the new modeling process
Component-Based Domain-Specific Modeling (CBDSM), Fig. 1 shows the modeling process. When the concept of component is added to models, models become more simple and clear, because the inner logic of component is hidden in models. The mapping relationship between CBDSM and existing code library has been established. Code generation Framework gets the information of CDBSM and generate bone code, which will invoke the existing code library under suitable condition. Using the existing code that component describes, the process of automatic code generation from models can be simplified greatly. B. Embedded Control System Modeling Language (ECSML) A typical embedded control system can be divided many individual Function Blocks (FB), and these FBs interact with each other to form an executable control system. A FB can be considered a component, which must have been validated and may be reused. In order to guarantee the performance of control system, just considering the logic correctness of FB is not enough, the execution time of FB is important in the same way. The execution time of FB on specific platform is the base of task scheduling for control system. For most control system, the failure of task scheduling is not allowed. In Real-time Operation System (RTOS), task is the basic execution entity, two or more tasks will share CPU time in a certain system state. A task can be blocked or waked up when a specific condition
661
Fig2. The meta-model for ECSML
is satisfied. The system run-time life-cycle consists of finite numbers of system states. In each system state, there are fixed numbers of tasks that are scheduled concurrently. The transition from one system state to another can be triggered by user operation or external interruption event. The models of control system should have the capability of describe both the static structure and dynamic behavior of system. Components, data, trigger event, task and system states are the basic elements for modeling control system. A modeling language must provide these modeling facilities for modelers. A kind of modeling language, called Embedded Control System Modeling Language (ECSML), is discussed in the flowing. A meta-model in GME has been created to describe the modeling language specification, which is expressed in the graphical form. Fig. 2 shows the meta-model. This meta-model can be registered into GME and generate a graphical modeling environment for embedded control systems automatically [6]. From this meta-model, we can see all modeling elements and their interaction specification mentioned above. A triangle denotes the inheritance syntax for modeling elements. For example, DataPort is inherited by two elements: InDataPort and OutDataPort. A black solid dot denotes the association between modeling elements. For example, An InDataPort can be linked to OutDataPort by DataPortLink. A line with diamond denotes that an element can contain other elements. For example, SysState can contain Task. In order to express more precise syntax, Object Control Language (OCL) [10] can be integrated into this meta-model. It's clear that an InDataPort and an OutDataPort with the same owner can't be linked together. The following OCL expression may be bound with DataPortLink to achieve this goal.
not self.ConnectionPoint("InDataPort").parent() equals self.ConnectionPoint("OutDataPort").parent() C. Formal syntax and semanticsfor ECSML
Formally, a modeling language consists of five factors, which can be expressed by the following formulator. L= L, C, A, and S stands for Language (L), Concrete syntax (C), Abstract syntax (A ) and Semantic domain(S) respectively. Ms and Mc stands for semantic and syntactic mappings. In order to explain the syntax and semantics of ECSML effectively, BNF (Backus Normal Form) is used. First, control system contains finite quantities of sensors and actuators and tasks and system states. ::= CtrlSystem {} :: = ::=Sensors:
[,]+; ::=Actuators: [,]+; :: = ::= ::= []+; ::= []+; Each Task contains some components that finish specific computing function. These components interact with each other by data ports. ::= Task:{TaskSpec} :: = :: =InDataPorts:
662
[,]+; ::=OutDataPorts:
[,]+;
::= : ::= [,]+; :: =Component:
{3
:: =DataPortLinks: [,]+; ::= > Each system state has DataPorts, EventPorts, and Tasks that will be scheduled according to the scheduled mechanism of RTOS. the transition between them can represent the dynamic behavior of system. System starts to run from an initial state, then change to other possible work states. The state transition is triggered by event ports. ::= SysState:{ StateSpec} :: = :: =InDataPorts: [,]+; ::=OutDataPorts:
structure of the non-functional pseudo-code generated from models looks like: State 1: //task1 and task2 will be scheduled Task Create(taskl); Task Create(task2); Task Delete(task3); Task Delete(task4); While (TRUE)
If Sensorl=Valuel Then goto State2; If Sensorl=Value3 Then goto State3; State2: 1Itask3 and task4 will be scheduled Task Create(taskl); Task Create(task2); Task Delete(task3); Task Delete(task4); While (TRUE)
If Sensorl=Value2 Then goto Statel; If Sensorl=Value3 Then goto State3; State3: //system will be terminated Task Delete(taskl); Task Delete(task2); Task Delete(task3); Task Delete(task4); While (TRUE)
[,]+;
::=InEventPorts:
[,]+;
:: =OutEventPorts :
If Sensorl=Valuel Then goto State2; If Sensorl=Value3 Then goto State3;
[,]+;
::=: ::=TaskSchedule: [,] +; ::=EventPortLinks:
This simple code fragment shows a control system that has four possible tasks and three possible execution states.
[,]+; ::= > ::=SensorLinks:< SensorLinkSpec> [,]+; < SensorLinkSpec>::= > ::=ActuatorLinks:< ActuatortlinSpec> [,]+; ::= < DataPortName e> >
D. Code Generation Frameworkfor ECSML ECSML difines a modeling specification for embedded control applications. In order to generate code from ECSML models, the well-defined code structure is nessary. Because the most component code can be reused completely, So the central focus of code generation is how to glue this component function code according to the application logic that system models expressed. The code structure should comply with a programming discipline, the complete
separation of functional code and non-functional code. The non-functional code charges the task Scheduling and guarantee the real-time performance of system. A typical
I
I
compile and link
Fig. 3 code generation framework for ECSML
The transition between system states is triggered by the value of Sensori . In the process of modeling, this Sensor will be linked to the EventPort of all SysState. Note that
663
component codes are hidden in the task, each task may invoke component code according to the InvokeName attribute of Component in the models. Since models have strict specification and target code has well-defined structure, the automatic mapping between the models and target code is possible. The automatic mapping process can be completed by model interpreters. Fig. 3 shows the code generation framework for ECSML.
of DSP/BIOS by the same model interpreter. Fig. 5 shows the modeling environment for ECSML. Development experience shows that development lifetime can be shortened greatly and development cost can be saved. The development time of a two-axis CNC system in our new method can be saved 700O than in the traditional method. The development cost can be saved 50°O than before. The fast reconfiguration for control systems is very easy, especially for those products that belong to the same product family.
E. The Implementation ofmodel interpreter A model interpreter acts like a compiler of programming language. For example, c++ compiler can translate any c++ source code into target binary code of specific platform, as long as the c++ code complies with the c++ language specification. In the same way, a model interpreter is to create translation rules between models, which is represented in graphical form, and desired outputs. In general, the translation process has the following steps: 1) Traversing the objects in the implementation models and generating related data structure. 2) According to the data structure, analyzing and capturing the interaction relationship among the objects and
attributes of the objects. 3) Translating the captured information into code of programming language, such as C.
Fig. 5 The modeling environment for ECSML
~~~~~~~~~~~~Output
1 COM interfaeOtu
domain-specific class Library
M1
prces
Fig. 4 Structure of model interpreter
Acquiring data structure of models is an important step for the development of model interpreter. GME provides extended development interface based on COM technology of Microsoft. Fig. 4 shows the structure of model interpreter. The domain-specific library hide inside communication details of COM interface, and it can help developers ofmodel interpreter focus on the translation process between models and code. III. DEVELOPMENT EXAMPLE FOR CNC SYSTEM
Computerized Numerical Control (CNC) system is a kind of complex embedded real-time control system. Using ECSML and the code generation framework, two different embedded CNC systems have been developed. Two CNC system models have been created in the same modeling environment and generate C code for the hardware platform
IV. CONCLUSION CBD and MBD are both important methods for software
development and they both have advantages and disadvantages of their own. Combination of the two development methods may produce more excellent methodology. This paper tries to absorb the merits of them and presents a new modeling language, ECSML, for embedded control system. This modeling language has good tool support. Another important characteristic is that all code can be generated from models, which will greatly shorten development time and reduce development cost. The future work will be focus in the application and validation of ECSML and its code generation framework on different execution platform, including different RTOS and different hardware platform. REFERENCES [1] Ptolemy Project. http://ptolemy.eecs.berkeley.edu. [2] Gang Zhou, Man-Kit Leung, and Edward A. Lee. "A Code Generation Framework for Actor-Oriented Models with Partial Evaluation". in Proceedings of International Conference on Embedded Software and Systems 2007, LNCS 4523, pp. 786-799, Daegu, South Korea, May 14-16, 2007.
[3] Thomas A. Henzinger and Christoph M. Kirsch. "The Embedded Machine: Predictable, portable real-time code". Proceedings of the
664
International Conference on Programming Language Design and Implementation (PLDI), ACM Press, 2002, pp. 315-326. [4] Thomas A. Henzinger, Benjamin Horowitz, and Christoph M. Kirsch. "Embedded control systems development with Giotto". Proceedings of the International Conference on Languages, Compilers, and Tools for Embedded Systems (LCTES), ACM Press, 2001, pp. 64-72. [5] J. Sztipanovits, G. Karsai. "Model-Integrated Computing". IEEE Computer, pp. 110-112, April, 1997. [6] Karsai G., Sztipanovits J., Ledeczi A., Bapty T., "Model-Integrated Development of Embedded Software", Proceedings of the IEEE, Vol. 91, Number 1, pp. 145-164, January, 2003. [7] C. Szyperski, D. Gruntz, and S. Murer. "Component Software: Beyond Object-Oriented Programming", 2nd Edition. Addison-Wesley / ACM Press, New York, 2002. [8] D. C. Schmidt and F. Kuhns. "An overview of the real-time CORBA specification". Computer, 33(6), pp.56-63, 2000. [9] Torngren, M., DeJiu Chen, Crnkovic, I. "Component-based vs. model-based development: a comparison in the context of vehicular embedded systems". 31st EUROMICRO Conference on software Engineering and Advanced Applications. pp.432 - 440, 2005. [10]OMG. Object Control Language Specification. V2.0. 2003.10. http;//www.omg.org
665
