# Finite State Machines Functional decomposition into states of operation Typical domains of application: control functions protocols (telecom, computers, ...) Different communication mechanisms: synchronous (classical FSMs, Moore '64, Kurshan '90) asynchronous (CCS, Milner '80; CSP, Hoare '85) ### ### **Modeling Concurrency** - Need to compose parts described by FSMs - Describe the system using a number of FSMs and interconnect them - How do the interconnected FSMs talk to each other? 11 EE249Fall07 ### **FSM Composition** - Bridle complexity via hierarchy: FSM product yields an FSM - Fundamental hypothesis: - all the FSMs change state together (synchronicity) - System state = Cartesian product of component states - (state explosion may be a problem...) - E.g. seat belt control + timer ### **FSM Composition** - Unconditional product M' = (I', O', S', r', $\delta'$ , $\lambda'$ ) - $-I' = I_1 I_2$ - $O' = O_1 \cdot O_2$ - $S' = S_1 \times S_2$ - $-\mathbf{r}'=\mathbf{r}_1\times\mathbf{r}_2$ $$\delta' = \{ \; (\; A_1, \, A_2, \, s_1, \, s_2, \, t_1, \, t_2 \; ) \; : \qquad (\; A_1, \, s_1, \, t_1 \; ) \; \epsilon \; \delta_1 \quad \text{ and } \\ (\; A_2, \, s_2, \, t_2 \; ) \; \epsilon \; \delta_2 \; \}$$ $$\lambda' = \{ \; (\; A_1, \, A_2, \, s_1, \, s_2, \, B_1, \, B_2 \;) \; : \; (\; A_1, \, s_1, \, B_1 \;) \; \epsilon \; \lambda_1 \quad \text{ and } \quad (\; A_2, \, s_2, \, B_2 \;) \; \epsilon \; \lambda_2 \; \}$$ - Note: - $\ A_1 \subseteq I_1, \ A_2 \subseteq I_2, \ B_1 \subseteq O_1, \ B_2 \subseteq O_2$ - $-2^{XUY} = 2^{X} \times 2^{Y}$ 15 EE249Fall07 ### **FSM Composition** - Constraint application - $\lambda = \{ (A_1, A_2, s_1, s_2, B_1, B_2) \in \lambda' : \text{for all } (o, i_1, \dots, i_n) \in C \quad o \in B_1 \ B_2 \quad \text{if and only if} \quad i_j \in A_1 \ A_2 \text{ for all } j \}$ - The application of the constraint rules out the cases where the connected input and output have different values (present/absent). 16 # Moore vs. Mealy • Theoretically, same computational power (almost) • In practice, different characteristics • Moore machines: - non-reactive (response delayed by 1 cycle) - easy to compose (always well-defined) - good for implementation - software is always "slow" - hardware is better when I/O is latched ### **Hierarchical FSM models** - Problem: how to reduce the size of the representation? - Harel's classical papers on StateCharts (language) and bounded concurrency (model): 3 orthogonal exponential reductions - · Hierarchy: - state a "encloses" an FSM - being in a means FSM in a is active - states of a are called OR states - used to model pre-emption and exceptions - Concurrency: - two or more FSMs are simultaneously active - states are called AND states - Non-determinism: - used to abstract behavior EE249Fall07 ### **Models Of Computation for reactive systems** - Main MOCs: - Communicating Finite State Machines - Dataflow Process Networks - Petri Nets - Discrete Event - Codesign Finite State Machines - · Main languages: - StateCharts - Esterel - Dataflow networks ### **StateCharts** - An extension of conventional FSMs - Conventional FSMs are inappropriate for the behavioral description of complex control - flat and unstructured - inherently sequential in nature - StateCharts supports repeated decomposition of states into sub-states in an AND/OR fashion, combined with a synchronous (instantaneous broadcast) communication mechanism . EE249Fall07 ### **State Decomposition** - OR-States have sub-states that are related to each other by exclusive-or - AND-States have orthogonal state components (synchronous FSM composition) - AND-decomposition can be carried out on any level of states (more convenient than allowing only one level of communicating FSMs) - Basic States have no sub-states (bottom of hierarchy) - Root State : no parent states (top of hierarchy) 24 ### StateCharts Syntax - The general syntax of an expression labeling a transition in a StateChart is e[c]/a, where - e is the event that triggers the transition - c is the condition that guards the transition (cannot be taken unless c is true when e occurs) - a is the action that is carried out if and when the transition is taken - For each transition label: - event condition and action are optional - an event can be the changing of a value - standard comparisons are allowed as conditions and assignment statements as actions 27 EE249Fall07 ### StateCharts Actions and Events - An action a on the edge leaving a state may also appear as an event triggering a transition going into an orthogonal state: - a state transition broadcasts an event visible immediately to all other FSMs, that can make transitions immediately and so on - executing the first transition will immediately cause the second transition to be taken <u>simultaneously</u> - Actions and events may be associated to the execution of orthogonal components: start(A), stopped(B) 28 ### **Graphical Hierarchical FSM Languages** - Multitude of commercial and non-commercial variants: - StateCharts, UML, StateFlow, ... - Easy to use for control-dominated systems - Simulation (animated), SW and HW synthesis - Original StateCharts have problems with causality loops and instantaneous events: - circular dependencies can lead to paradoxes - behavior is implementation-dependent - not a truly synchronous language - Hierarchical states necessary for complex reactive system specification EE249Fall07 ### Synchronous vs. Asynchronous FSMs - Synchronous (Esterel, StateCharts): - communication by shared variables that are read and written in zero time - communication and computation happens instantaneously at discrete time instants - all FSMs make a transition simultaneously (lock-step) - may be difficult to implement - multi-rate specifications - distributed/heterogeneous architectures 30 # Asynchronous communication Buffers used to adapt when sender and receiver have different rate - what size? Lossless vs. lossy - events/tokens may be lost - bounded memory: overflow or overwriting - need to block the sender Single vs. multiple read - result of each write can be read at most once or several times ### **Discrete Event** - Explicit notion of time (global order...) - Events can happen at any time asynchronously - As soon as an input appears at a block, it may be executed - The execution may take non zero time, the output is marked with a time that is the sum of the arrival time plus the execution time - Time determines the order with which events are processed - DE simulator maintains a global event queue (Verilog and VHDL) - Drawbacks - global event queue => tight coordination between parts - Simultaneous events => non-deterministic behavior - Some simulators use delta delay to prevent non-determinacy ### • Underlying MOC of Polis and VCC • Combine aspects from several other MOCs • Preserve formality and efficiency in implementation • Mix - synchronicity - zero and infinite time - asynchronicity - non-zero, finite, and bounded time • Embedded systems often contain both aspects # Synchrony: Basic Operation (2) Practical implementation of synchrony Impossible to get zero or infinite delay Require: computation time <<< clock period</li> Computation time = 0, w.r.t. reaction time of environment Feature of synchrony Functional behavior independent of timing Simplify verification Cyclic dependencies may cause problem Among (simultaneous) synchronous events ### System Solution System solution Output reaction to a set of inputs Well-designed system: Is completely specified and functional Has an unique solution at each clock tick Is equivalent to a single FSM Allows efficient analysis and verification Well-designed-ness May need to be checked for each design (Esterel) Cyclic dependency among simultaneous events # Asynchrony: System Solution • Solution strongly dependent on input timing • At implementation — Events may "appear" simultaneous — Difficult/expensive to maintain total ordering — Ordering at implementation decides behavior — Becomes DE, with the same pitfalls ### Asynchrony vs. Synchrony in System Design - They are different at least at - Event buffering - Timing of event read/write - Asynchrony - Explicit buffering of events for each module - Vary and unknown at start-time - Synchrony - One global copy of event - Same start time for all modules EE249Fall07 ### **Combining Synchrony and Asynchrony** - Wants to combine - Flexibility of asynchrony - Verifiability of synchrony - Asynchrony - Globally, a timing independent style of thinking - Synchrony - Local portion of design are often tightly synchronized - Globally asynchronous, locally synchronous - CFSM networks # • CFSM is FSM extended with - Support for data handling - Asynchronous communication • CFSM has - FSM part - Inputs, outputs, states, transition and output relation - Data computation part - External, instantaneous functions # • Signals - Carry information in the form of events and/or values - Event signals: present/absence - Data signals: arbitrary values - Event, data may be paired - Communicate between two CFSMs - 1 input buffer / signal / receiver - Emitted by a sender CFSM - Consumed by a receiver CFSM by setting buffer to 0 - "Present" if emitted but not consumed ### • At the specification level - Should be as abstract as possible to allow optimization - Not fixed in any way by CFSM MOC • May be implemented as - RTOS for single processor - Concurrent execution for HW - Set of RTOSs for multi-processor - Set of scheduling FSMs for HW ### Timing Behavior: Mathematical Model Transition Point Point in time a CFSM starts executing For each execution Input signals are read and cleared Partial order between input and output Event is read before data Data is written before event emission ### • Transition and output relations - input, present\_state, next\_state, output • At each execution, a CFSM - Reads a captured input assignment - If there is a match in transition relation - consume inputs, transition to next\_state, write outputs - Otherwise - consume no inputs, no transition, no outputs ### • Assume parallel execution (HW, 1 CFSM/processor) • Equivalent classes of behaviors are: - Zero Delay - nr= 0 - Input buffer overwrite - ni<nr - Time critical operation - ni/2<nr≤ni - Normal operation - nr<ni/2 # Equivalent Classes of CFSM Behavior (3) Time critical operation: ni/2<nr≤ni <ul> Normal operation results in no loss of event Error operation may cause lost input Normal operation: nr<ni/2 <ul> No events are lost May be expensive to implement If error is infrequent Designer may accept also time critical operation Can result in lower-cost implementation ### Some Possibility of Equivalent Classes - Given 2 arbitrary implementations, 1 input stream: - Dataflow equivalence - Output streams are the same ordering - Petri net equivalence - Output streams satisfy some partial order - Golden model equivalence - Output streams have the same ordering - Except reordering of concurrent events - One of the implementations is a reference specification - Filtered equivalence - Output streams are the same after filtered by observer EE249Fall07 ### Conclusion CFSM - Extension: ACFSM: Initially unbounded FIFO buffers - Bounds on buffers are imposed by refinement to yield ECFSM - Delay is also refined by implementation - Local synchrony - Relatively large atomic synchronous entities - Global asynchrony - Break synchrony, no compositional problem - Allow efficient mapping to heterogeneous architectures