Koord: Language Design and Overview

Ritwika Ghosh

University of Illinois at Urbana-Champaign

Motivation

  • Application programs for monitoring and control physical processes.
  • Platform specific programming models and languages for these systems.
  • Koord : a new programming model and language for CPS .
  •  Platform-independent decision
    and coordination tasks separated from  platform-dependent low-level sensing, communication, and control.

The overall Koord system

  • System consists of three planes :
    • program
    • control,
    • plant
  • Program Plane : Koord Program in runtime system. 
  • Plant plane :  hardware platforms of the participating agents.
  • Control plane :  actuator ports , hardware-dependent decisions , sensor ports.

Koord application

  • Overall system : Koord program + controller.
  • Program :
    •  reads sensor ports
    •  reads and writes to program variables
    •  sets actuator ports

​in zero Logical Time (?)

  • Controller :
    • reads actuator ports
    • drives physical plant for a δ time
    • writes to sensor ports.

Application Environment

  • Application environment : controller + plant
  • A black-box function: 
    • Input : actuator port values
    • Output : sensor ports values

over a δ time interval.

 

Koord Program

  • Koord : event-based language for distributed system of agents.
  • An agent’s program : events
  • Events :  preconditions + effects
  • Interaction with the environment : sensor and actuator ports.
  • Runtime system executes at most one event every δ time units.  

An Illustrative example

Waypoint(i) 

using Motion actuator target sensor pos, status

local
    Bool pick = true
    Position currentDest
    List<Position> dests =
         [(200,10,0);(100,100,0);(50,200;0)]
PickDest:
    pre pick
    eff if (¬ isEmpty(dests))
            currentDest = head(dests)
            Motion.target = currentDest
            pick = false


Remove:
	pre ¬ pick
	eff if(Motion.status == done)
                remove(dests,currentDest)
​		pick = true

waypoints

Another Illustrative example

Lineform(i) 

using Motion actuator target sensor pos, status 

import lineform.decls 

Update:
    eff x[pid] = Motion.pos
        if ¬ (pid == 1 or pid == 5)
        Motion.target = (x[pid + 1 ] + x[pid − 1 ])/2]]]




lineform.decls

allwrite: 
    

allread: 
    int x

lineform

Shared Variables

  • allwrite: Multi-writer, multi-reader.
  • allread(w) : Single-writer, multi - reader. 
  • allread(*) : declared for all agents.

Language Semantics

             Rewriting Based Semantics

  •  Interpreter for  language follows its operational semantics in principle.
  • In practice :  gap between the formal operational semantics of the language and its implementation.
  • Said gap is eliminated :  semantic definition of a language actually is its interpreter.
  • Execute the language definition on standard existing context-insensitive term rewrite engines 
  • Our choice : K semantic framework . 

Semantics Overview

  • Set of agent programs interacting with their environment.
  • System semantics :  nondeterministic, timed automaton  in terms of configurations.
  • Configurations :  individual agent state + pertinent global information. 
  • State evolution :
    •  Program transitions :  agent program events executing
    • Environment transitions :  δ amount of time elapsing 

K Semantic Framework

  • Language syntax defined using conventional BNF.
  • Semantics is given as a transition system : rewrite rules over  configurations.
  • For Koord , configuration =  code and + program state (all agents) + state of the physical environment.
  • Inherent support for non-determinism. 

Also, Formal Systems Laboratory, UIUC.

System Configuration

C : Set of Agent Configs

Global Context

 

Global Time

Evolution type

C = \{C_i \mid i \in \mathit{ID}\}
C={CiiID}C = \{C_i \mid i \in \mathit{ID}\}
\tau \in \mathbb{R}^+
τR+\tau \in \mathbb{R}^+
S: \mathit{Var}\mapsto\mathit{Val}
S:VarValS: \mathit{Var}\mapsto\mathit{Val}
\mathit{turn}\in \{\mathtt{prog,env}\}
turn{prog,env}\mathit{turn}\in \{\mathtt{prog,env}\}
C_\delta
CδC_\delta

Initial State 

  • Pre-processing : Initial Configuration. 
  • Copies of Global context are created in agents.
  • Function library to populate input.  
  • Current assumption : Concrete Initial state.

Initializing...

Waypoints to be visited

Initial values of program variables

Create local copies of shared variables

Agent Configuration

Program Code

Local Context

Write permissions

Controller Port Map

En , Ur

Evolution type

A high level description of event semantics 

  • Allowed three types of events:
    •  enabled
    •  disabled
    •  urgent 
  • Non-determinism :
    • event execution order
    • enabled event executed or not. 
pre  urgent (a == b)

An Illustrative example

The statement level semantics are given by rewrite rules of type :

Control flow rules :

  • Statement sequencing

 

 

  • Statement processing

 

 

\rightarrow_S\ \subseteq (\mathbb{S} \times \mathbb{C}_{i\in\mathit{ID}}\times \mathbb{S}\mathit{tmt}) \times \mathscr{P}(\mathbb{S}\times \mathbb{C}_{i\in \mathit{ID}}\times \mathbb{S}\mathit{tmt})
S (S×CiID×Stmt)×P(S×CiID×Stmt)\rightarrow_S\ \subseteq (\mathbb{S} \times \mathbb{C}_{i\in\mathit{ID}}\times \mathbb{S}\mathit{tmt}) \times \mathscr{P}(\mathbb{S}\times \mathbb{C}_{i\in \mathit{ID}}\times \mathbb{S}\mathit{tmt})

For every syntactic construct

Formal analysis and verification

  • Explicit state bounded model checking
  • Combining K rewriting system with a sensitivity analysis approach.  
  • Compute the reachable set of each program , check invariants. 
q_0
q0q_0

environment transition

program transition

  • Non determinism in program transitions : State space expands.
  • Assume deterministic environment transition : Blackbox execution of internal states.

Executable 

Semantics

Property

Program

discrete set of reachable states

  Traces of sensor readings

K framework

BlackBox

Safe/Unsafe

BMC

DryVR

Connecting to the StarL framework and Physical Platforms

Koord 

Application

Parser

Included in model, but now iRL. 

Traffic application in Koord

Traffic(i) 

using Motion actuator target sensor pos, status 

import traffic.decls 

local
Position next
List<Int> required 

Ready:
    pre stage == pick
    eff required = getRequired(next)
        for j in required enqueue(request[j ],pid)
        stage = entry 

Enter:
    pre stage == entry    
    eff if for j in required head(request[j ]) = pid
        Motion.target = next
        stage = cs

Traverse:
    pre stage == cs
    eff if (Motion.status == done)
            for j in required
            dequeue(request[j ],pid)

~ 450 lines in Java, using StarL, which still provides a huge number of abstractions. 

From theory to implementation

  • Implement shared memory through message passing.
  • Make assumptions come true : absolute positioning, number of agents in system. 
  • Modular and reusable interfaces (Nontrivial!) 

To summarize

  • Event driven language for coordination and control, 
  • Formal executable semantics.
  • Debugging approach for programming applications
  • Step forward to help users without programming expertise in controller theory, robotics motion control, or network protocols
  • Safely program distributed applications interacting with physical world. 

What next?

  • Ensure faithful implementation with hardware platforms. 
  • Sophisticated debugger with error considerations. 
  • Pushing verification , synthesis . 
  • More and diverse applications.