Lecture 10

Nikolaus Huber

Going beyond C

Outline

  • Languages for ESP
  • Synchronous Languages
  • Lustre

Background

  • Most ES software is written in low-level languages
    • C/C++
    • Assembly
  • Gives good control over hardware
  • Easier to reason about timing
  • Good tooling support
    • Compilers
    • Analysis tools
    • ...

Background

  • C has many problems as well
    • Memory has to be managed explicitly
    • Type system is relatively weak
    • There is no formal specification
      • Only informal standard
      • Some things are up to the implementation
      • Many competing standards/legacy versions
  • Why does C persist?

Alternatives

  • Programming language popularity (IEEE Spectrum, 2023)
    1. Python
    2. Java
    3. C++
    4. C
    5. JavaScript
    6. C#
  • How viable are these for ES programming?

Python

  • MicroPython
    • Python3 runtime for microcontrollers
    • Initial release 2014
    • Can run on baremetal or (RT)OS
      • E.g. there is a port running on top of Zephyr
  • Python code gets compiled to bytecode
  • Virtual machine interprets bytecode
  • Native code emitter also exists

Python

Java

  • Many competing implementations for ES
    • Android
    • Java SE Embedded
    • Java ME
    • Real-Time Specification for Java (RTSJ)
      • JamaicaVM
    • Java Card
    • Even HW implementations exist(ed)
      • picoJava (Sun Microsystems)
      • aJile (most commercially successful)
      • Jazelle (ARM + Java)

JavaScript

  • Currently no serious implementation
  • Possibly in the future: WebAssembly (WASM)
    • Portable bytecode format
    • Open standard
    • Focus on security and isolation
    • WebAssembly System Interface (WASI)
    • Also lots of academic research with WASM focus

C#

  • Two implementations
  • .NET Micro Framework
    • In theory still part of .NET foundation
    • Development not very active anymore
  • TinyCLR OS
    • By GHI Electronics

Synchronous Languages

Background

  • Languages with built-in timing semantics
  • Allow reasoning about real-time behaviour
  • Determinism even with concurrency
  • Can use the same language for
    • Specification
    • Prototyping
    • Implementation
  • Lustre, Esterel, Signal

Synchronous Hypothesis

  • Originates from circuit design
  • Electronic circuits are often designed without timing in mind
  • We assume that output changes instantaneous with inputs
  • Works if circuit reacts faster than input signal changes

Synchronous Hypothesis

  • We can do the same for programs
  • Assume there is a global clock with a periodic tick
  • If computation time is << than the tick interval length
    • Computation starts and ends within the same tick
    • Tick length is smallest unit of time
    • => All computation in "zero" time

History of Lustre

  • Invented in the 80s at Verimag (France)
  • Continuously developed since then
  • Currently two implementations
    • Academic compiler (V4, V6)
    • Commercial version (SCADE)

Early applications

  • Saga (tool based on Lustre)
    • Monitoring and emergency stop system of nuclear power plant
  • SAO (other tool based on Lustre)
    • Flight control system of Airbus A320
  • Both tools were later combined by a company (Verilog)

History of Lustre/SCADE

  • Nowadays one of the standard languages for safety-critical systems
  • Avionics, automotive, ...
  • Certified tools exists (SCADE compiler was one of the first certified compilers)
  • Significant portion of A380 code is written in SCADE

Ideas behind Lustre

  • Most embedded software is not written by computer scientists
  • Usually by control engineers, domain experts, ...
  • They are used to think in terms of (differential) equations
  • Often expressed as block-diagrams
  • Simulink follows a similar concept

Lustre paradigms

  • Dataflow language
    • Similar to Simulink
    • Changes in input force changes in output
  • Synchronous language
    • "zero-time" semantics
    • Concurrency inbuilt + deterministic

Lustre paradigms

  • Declarative language
    • Similar to functional programming
    • Program in terms of definitions, not statements
  • Overall, Lustre is a very minimal language

Tool chains

  • Different backends
    • C
    • VHDL
    • ...
  • Good V&V support
    • Automatic testing
    • Static verification, model checking

Main concepts

  • Programs are a collection of nodes
  • Each node has a set of inputs, and a set of outputs
  • By default, every node runs on the same clock
  • Nodes build a network
  • On every tick, every node takes every input and calculates every output

Main concepts

  • Variables inside nodes are not just values
  • They represent flows or streams
    • Infinite streams of values
  • A node is a collection of equations about streams

Basic Syntax


		node ADD (a : int; b : int) returns (sum : int); 
		let 
			sum = a + b; 
		tel

Operators

  • Standard arithmetic and boolean operators
  • If-then-else is an expression, not a statement!
  • Temporal operators
    • pre (previous value)
    • -> (followed by)

Temporal operators


		node EDGE (in : bool) returns (out : bool); 
		let 
			out = false -> in and not pre (in); 
		tel

Temporal operators

  • pre and -> usually come in pairs
  • First element of stream shifted by pre is otherwise not defined
  • Compiler has initialization analysis inbuilt

Other features

  • Multiple clocks
    • Clocks other than the base clock can be defined
    • Compiler uses clock-calculus to check program

Rest of this course

  • No lecture tomorrow!
  • 3 more labs
  • When you have presented lab 3 ...
    • if you do the project course -> keep Lab Kit
    • otherwise return it to one of the TAs
  • Next week: Exam preparation

Thanks for today!