
Ralf Münzenberger¹, Matthias Dörfel¹, Frank Slomka², Richard Hofmann¹

¹ University of Erlangen-Nuremberg, Computer Science 7, D-91058 Erlangen
² University of Paderborn, Computer Engineering Lab, D-33098 Paderborn
Contact: rfmuenze@informatik.uni-erlangen.de

Abstract

An essential characteristic of embedded systems is real-time, but the commonly used specification techniques do not consider temporal aspects in general like fulfilment of high level timing requirements or dynamic reactions on timing violations. We show a new formal time model that fills this gap: Timing requirements specify the timing behaviour of real-time systems. Different models allow the specification of clock properties and the relations between clocks. With this time model, timing requirements as well as the desired properties of the involved clocks can be specified within a formal description technique.

1 Timing Requirements

Real-time systems contain assertions on their temporal behaviour, resulting in timing requirements that the implementation has to fulfil. Two types of timing requirements need to be specified: reactions within a certain amount of time (deadline) and actions at a determined point in time.

Such timing requirements consist of two parts: 1) a timing condition for specifying the deadline or the start time of an action. 2) a logical condition that states if this timing condition is relevant in the current state of the system. Both parts can be expressed by relations on events recorded during simulation or prototype execution, with the relation on events being a comparison of occurrence time of the respective events. For further information about the formal specification of timing requirements see [1].

2 Real-Time and Clocks

A timing requirement specifies time as a physical property that has a tolerance. This tolerance can be used to derive an adequate clock during the synthesis of the system. However, in the area of mobile communications, the tolerances of the clocks and not of the timing requirements are given. In this case, it is preferable to specify the behaviour of the clocks directly at specification level instead of deriving the tolerance of the timing requirements from this information. A second advantage of using clocks at specification level is to consider different models during system evaluation and optimization, which will result in the optimal clock(s) for the system, i.e. the clock with the minimum cost fulfilling all the requirements will be chosen.

We developed different formal models for the specification of the physical behaviour of clocks. The models do not consider the behaviour in detail. Instead, they are adequate for the abstraction level of a specification technique. A discrete real clock has a drift, a granularity and a range of values. Typically, this model is used in an electronic system, where decisions based on time have to be made. A derived counter is often needed in communication systems, e.g. to handle interlocking slot schemes. Here, a bit counter, a slot counter, and a frame counter are derived from a basic clock.

3 Case Study: DECT MAC Layer

The time model was used to specify, synthesize, validate, and implement the time critical parts of the MAC Layer of the mobile communication protocol DECT. A discrete real clock and derived counters have been used for specifying the TDMA mechanism. Timing requirements characterize the maximum offset a single slot (measured with local time) is allowed to be „off“ its time (measured with the clock of the base station). Tools can use this specification to derive fine-grained values for timing-driven synthesis. For specifying the timing behaviour, the specification technique SDL (Specification and Description language) has been extended [1]. The resulting approach allows the elegant and self-explanatory specification even of complex timing requirements and is currently discussed by the ITU-T study group 10 for future integration into SDL-2004.