Embed Size (px)
Citation preview
Mixing Discrete and Continuous-time with theSynchronous Language Zelus
Marc Pouzet
DI, Ecole normale [email protected]
Seminar OVSTRParis, April 26, 2017
Model Based Design
Write executable mathematical specifications in ahigh-level language so that a model is:
a reference semantics independent of any implementation
a base for simulation, testing, formal verification
then compiled into executable code, sequential and parallel
with semantics preservation all along the chain
A way to achieve correct-by-construction software
The early 80’s
The very first block diagrams (flight-by-wire command of Airbus A320)
Lustre: a dataflow programming language
Caspi, Pilaud, Halbwachs, and Plaice. Lustre: A Declarative Language for
Programming Synchronous Systems. POPL, 1987.
Programming with streams
constants 1 = 1 1 1 1 · · ·
operators x + y = x0 + y0 x1 + y1 x2 + y2 x3 + y3 · · ·
(z = x + y means that at every instant i : zi = xi + yi )
unit delay 0 fby (x + y) = 0 x0 + y0 x1 + x1 x2 + x2 · · ·pre (x + y) = nil x0 + y0 x1 + x1 x2 + x2 · · ·
0 -> pre (x + y) = 0 x0 + y0 x1 + x1 x2 + x2 · · ·
The beautiful idea of Lustre
“Program in the semantics” (Paul Caspi)
I Time is logical and discrete = first neglect actual execution timethen check the implementation is fast enough.
I Parallel composition preserves determinacy: very important inpractice for reproducibility
I Parallelism is compiled: programs are translated into seq. code.
I This code executes in bounded memory and bounded time.
I Invariant properties are expressed as Lustre programs.
I Formal verification and testing considered from the very begining.
I Numerous extensions have been proposed. E.g., programmingconstructs, mix of deterministic and non-deterministic programs.
SCADE:1(Safety Critical Application Development Env.)
I Pioneering work of Caspi and Halbwachs.
I Integrate original language extensions and compilation techniques.
1http://www.esterel-technologies.com/products/scade-suite/
What about hybrid systems which mix discrete-time andcontinous-time signals?
The Current Practice of Hybrid Systems Modeling
Embedded software interacts with physical devices
The whole system has to be modeled: the controller and the plant2
Mix of models: discrete time and continuous time (ODEs, DAEs)
2Image from ANSYS/Esterel-Technologies
The Current Practice of Hybrid Systems Modeling
A wide range of languages and tools:
I PL: Simulink/Stateflow/SimScape, Modelica, Scicos, Ptolemy,...
I Interconnect tools: Simulink + Modelica + SCADE + Simplorer
I Interchange format for co-simulation: S-functions, FMU/FMI
But:
I Simulink, Modelica used to model, less to implement critical soft.
I Software often reimplemented in imperative code.
Can we increase the confidence in what is simulated and executed?
Existing tools are not perfect: can we improve them?
The Simulation Engine of Hybrid Systems
Alternate discrete steps and integration steps
D Creaction
[reinitialize]
zero-crossing eventintegrate
σ′, y ′ = nextσ(t, y) upz = gσ(t, y) y = fσ(t, y)
Properties of the three functions
I nextσ gathers all discrete changes.
I gσ defines signals for zero-crossing detection.
I fσ is the function to integrate.
Compilation
The Compiler has to produce:
1. Inititialization function init to define y(0) and σ(0).
2. Functions f and g .
3. Function next.
The Runtime System
1. This compilation scheme is independent of the solver.
2. Either program the simulation loop, using a black-box solver (e.g.,SUNDIALS CVODE);
3. Or rely on an existing infrastructure (FMU/FMI, etc.).
f and g should be side effect free and, better, continuous.
Some models are fragile. . .
Typing issue 1: Mixing continuous & discrete components
Unit Delay
z
1
ScopeIntegrator
1
s
Constant
1
Add
cpt
time
Sine Wave Scope1
Basic model
0 0.5 1 1.5 2 2.5 30
10
20
30
40
50
60
70
80
90
100
Time
with Sine Wave
0 0.5 1 1.5 2 2.5 30
10
20
30
40
50
60
70
80
90
100
Time
I The shape of cpt depends on the steps chosen by the solver.I Putting another component in parallel can change the result.
Typing issue 1: Mixing continuous & discrete components
Unit Delay
z
1
ScopeIntegrator
1
s
Constant
1
Add
cpt
time
Sine Wave Scope1
Basic model
0 0.5 1 1.5 2 2.5 30
10
20
30
40
50
60
70
80
90
100
Time
with Sine Wave
0 0.5 1 1.5 2 2.5 30
10
20
30
40
50
60
70
80
90
100
Time
I The shape of cpt depends on the steps chosen by the solver.I Putting another component in parallel can change the result.
Typing issue 2: Boolean guards in continuous automata
Integrator
1s
54
DisplayConstant
1
Chart
t cpt
s1{cpt := 0}
[t<=42]{cpt := cpt + 1}
How long is a discrete step?
I Adding a parallel component changes the result.
I No warning by the compiler.
I The manual says: “A single transition is taken per major step”.
Discrete time is not logical: it is that of the simulation engine.
Causality issue: the Simulink state port
Scope
Integrator1
1
s
xo
Integrator0
1
s
xo
Gain1
−4
Gain0
−3
Constant
1
Bias
u−2.0x
y
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−6
−4
−2
0
2
x
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−20
−10
0
10
20
Time
y
The output of the state port is the same as the output of theblock’s standard output port except for the following case. Ifthe block is reset in the current time step, the output of thestate port is the value that would have appeared at the block’sstandard output if the block had not been reset.–Simulink Reference (2-685)
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−6
−4
−2
0
2
x
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−20
−10
0
10
20
Time
y
t < 2: x(t) = t, y(t) = t2
2
t = 2: x = −3 · last y = −6,
y = −4 · last x = −8
y = −4 · x = 24 !
ExpectedActual
Causality issue: the Simulink state port
Scope
Integrator1
1
s
xo
Integrator0
1
s
xo
Gain1
−4
Gain0
−3
Constant
1
Bias
u−2.0x
y
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−6
−4
−2
0
2
x
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−20
−10
0
10
20
Time
y
The output of the state port is the same as the output of theblock’s standard output port except for the following case. Ifthe block is reset in the current time step, the output of thestate port is the value that would have appeared at the block’sstandard output if the block had not been reset.–Simulink Reference (2-685)
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−6
−4
−2
0
2
x
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−20
−10
0
10
20
Time
y
t < 2: x(t) = t, y(t) = t2
2
t = 2: x = −3 · last y = −6,
y = −4 · last x = −8
y = −4 · x = 24 !
ExpectedActual
Causality issue: the Simulink state port
Scope
Integrator1
1
s
xo
Integrator0
1
s
xo
Gain1
−4
Gain0
−3
Constant
1
Bias
u−2.0x
y
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−6
−4
−2
0
2
x
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−20
−10
0
10
20
Time
yThe output of the state port is the same as the output of theblock’s standard output port except for the following case. Ifthe block is reset in the current time step, the output of thestate port is the value that would have appeared at the block’sstandard output if the block had not been reset.–Simulink Reference (2-685)
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−6
−4
−2
0
2
x
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−20
−10
0
10
20
Time
y
t < 2: x(t) = t, y(t) = t2
2
t = 2: x = −3 · last y = −6,
y = −4 · last x = −8
y = −4 · x = 24 !
Expected
Actual
Causality issue: the Simulink state port
Scope
Integrator1
1
s
xo
Integrator0
1
s
xo
Gain1
−4
Gain0
−3
Constant
1
Bias
u−2.0x
y
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−6
−4
−2
0
2
x
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−20
−10
0
10
20
Time
yThe output of the state port is the same as the output of theblock’s standard output port except for the following case. Ifthe block is reset in the current time step, the output of thestate port is the value that would have appeared at the block’sstandard output if the block had not been reset.–Simulink Reference (2-685)
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−6
−4
−2
0
2
x
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
−20
−10
0
10
20
Time
y
t < 2: x(t) = t, y(t) = t2
2
t = 2: x = −3 · last y = −6,
y = −4 · last x = −8
y = −4 · x = 24 !
ExpectedActual
Excerpt of C code produced by RTW (release R2009)
static void mdlOutputs(SimStruct * S, int_T tid)
{ _rtX = (ssGetContStates(S));
...
_rtB = (_ssGetBlockIO(S));
_rtB->B_0_0_0 = _rtX->Integrator1_CSTATE + _rtP->P_0;
_rtB->B_0_1_0 = _rtP->P_1 * _rtX->Integrator1_CSTATE;
if (ssIsMajorTimeStep (S))
{ ...
if (zcEvent || ...)
{ (ssGetContStates (S))->Integrator0_CSTATE =
_ssGetBlockIO (S))->B_0_1_0;
}
...
(_ssGetBlockIO (S))->B_0_2_0 =
(ssGetContStates (S))->Integrator0_CSTATE;
_rtB->B_0_3_0 = _rtP->P_2 * _rtX->Integrator0_CSTATE;
if (ssIsMajorTimeStep (S))
{ ...
if (zcEvent || ...)
{ (ssGetContStates (S))-> Integrator1_CSTATE =
(ssGetBlockIO (S))->B_0_3_0;
}
... } ... }
x = −3 · last y
Before assignment:integrator state con-tains ‘last’ value
After assignment: integratorstate contains the new value
y = −4 · xSo, y is updated with the new value of x
Causality: Modelica example
model schedulingReal x(start = 0);Real y(start = 0);
equation
der(x) = 1;der(y) = x;
when x >= 2 thenreinit(x, −3 ∗ y)
end when;when x >= 2 then
reinit(y, −4 ∗ x);end when;
end scheduling;
OpenModelica 1.9.2beta1 (r24372)Also in Dymola
-10
-5
0
5
10
15
20
25
0 1 2 3 4 5
time
x before y
xy
-10
0
10
20
30
40
50
60
70
0 1 2 3 4 5
time
y before x
xy
Causality: Modelica example
model schedulingReal x(start = 0);Real y(start = 0);
equation
der(x) = 1;der(y) = x;
when x >= 2 thenreinit(x, −3 ∗ y)
end when;when x >= 2 then
reinit(y, −4 ∗ x);end when;
end scheduling;
OpenModelica 1.9.2beta1 (r24372)Also in Dymola
-10
-5
0
5
10
15
20
25
0 1 2 3 4 5
time
x before y
xy
-10
0
10
20
30
40
50
60
70
0 1 2 3 4 5
time
y before x
xy
Causality: Modelica example
model schedulingReal x(start = 0);Real y(start = 0);
equation
der(x) = 1;der(y) = x;
when x >= 2 thenreinit(x, −3 ∗ y)
end when;when x >= 2 then
reinit(y, −4 ∗ x);end when;
end scheduling;
OpenModelica 1.9.2beta1 (r24372)Also in Dymola
-10
-5
0
5
10
15
20
25
0 1 2 3 4 5
time
x before y
xy
-10
0
10
20
30
40
50
60
70
0 1 2 3 4 5
time
y before x
xy
Integrating a discontinuous signal
Solver ResetResetting the solver at every zero-crossing event degrades performanceand precision.
Yet, integrating a discontinuous signal gives non faithfull results, e.g.:
der x = if floor(t mod 2.0) = 0.0
then 1.0 else 0.0 init 0.0
E.g., SUNDIALS CVODE, the ones provided by Simulink.
Can we impose a strong type discipline to either reject this program orindicate that the result of x is fragile?
Hybrid Systems from a Programming Language Perspective
Edward Lee and Haiyang Zheng (HSCC, 2005):
Hybrid modeling languages are best viewed as programminglanguages that happen to have a hybrid systems semantics
I Which compositions of discrete and continuous time make sense?
I Which programs should be statically rejected?
I How to ensure determinacy?
I How to compile programs faithfully and efficiently?
With A. Benveniste, B. Caillaud (Inria Rennes) since 2010.J.-L. Colaco, B. Pagano, C. Pasteur (ANSYS/Esterel-Tech), since 2013.
Build a Hybrid Modeler on Synch. Language Principles
Milestones
I An ideal semantics based on non standard analysis [JCSS’12]
I Lustre with ODEs [LCTES’11]
I Hierarchical automata, both discrete and hybrid [EMSOFT’11]
I Causality analysis [HSCC’14]
I Sequential code generation [CC’15]
Implemented in Zelus [HCSS’13]
http://zelus.di.ens.fr
Simulate with an off-the-shelf, variable-step numerical solver: SUNDIALSCVODE from LLNL (with OCaml binding)
Synchronous languages in a slide
I Compose stream functions; basic values are streams.
I Operation apply pointwise + unit delay (fby) + automata.
(∗ computes [x(n) + y(n) + 1] at every instant [n] ∗)fun add (x,y) = x + y + 1
(∗ returns [true] when the number of [t] has reached [bound] ∗)node after n (bound, t) = (c = bound) where
rec c = 0 fby (min(tick, bound))and tick = if t then c + 1 else c
The counter can be instantiated twice in a two state automaton,
node blink (n, m, t) = x whereautomaton| On → do x = true until (after(n, t)) then Off| Off → do x = false until (after(m, t)) then On
From it, a synchronous compiler produces sequential loop-free codethat compute a single step of the system.
A Simple Hybrid System
Yet, time was discrete. Now, a simple heat controller. 3
(∗ a model of the heater defined by an ODE with two modes ∗)hybrid heater(active) = temp where
rec der temp = if active then c −. k ∗. temp else −. k ∗. temp init temp0
(∗ an hysteresis controller for a heater ∗)hybrid hysteresis controller(temp) = active where
rec automaton| Idle → do active = false until (up(t min −. temp)) then Active| Active → do active = true until (up(temp −. t max)) then Idle
(∗ The controller and the plant are put parallel ∗)hybrid main() = temp where
rec active = hysteresis controller(temp)and temp = heater(active)
Three syntactic novelties: keyword hybrid, der and up.
3Hybrid version of N. Halbwachs’s example in Lustre at College de France, Jan.10.
From Discrete to Hybrid
The type language [LCTES’11]
bt ::= float | int | bool | zero | · · ·σ ::= bt × ...× bt
k−→ bt × ...× btk ::= D | C | A A
D C
Function Definition: fun f(x1,...) = (y1,...)
I Combinatorial functions (A); usable anywhere.
Node Definition: node f(x1,...) = (y1,...)
I Discrete-time constructs (D) of SCADE/Lustre: pre, ->, fby.
Hybrid Definition: hybrid f(x1,...) = (y1,...)
I Continuous-time constructs (C): der x = ..., up, down, etc.
Mixing continuous/discrete parts
Zero-crossing events
I They correspond to event indicators/state events in FMI
I Detected by the solver when a given signal crosses zero
Design choices
I A discrete computation can only be triggered by a zero-crossing
I Discrete state only changes at a zero-crossing event
I A continuous state can be reset at a zero-crossing event
Example
node counter() = cpt whererec cpt = 1 → pre cpt + 1
hybrid hybrid counter() = cpt whererec cpt = present up(z) → counter() init 0and z = sinus()
Output with SCADE Hybrid + Simplorer
Mix of synchronous code and a continuous model
E.g., implement the hysteresis controller by a synchronous function.
(∗ a discrete−time model of the controller; periodically sampled ∗)node hysteresis controller(temp) = active where
rec automaton| Idle → do active = false until (temp <= t min)) then Active| Active → do active = true until (temp >= t max) then Idle
(∗ The controller and the plant are put parallel ∗)hybrid main() = temp where
rec active = present (period (0.1)) → hysteresis controller(temp) init falseand temp = heater(active)
Continuous and discrete PI controller [demo]
hybrid integr(x, y0) = y whererec der y = x init y0
hybrid pi(kp, ki, i) = cmd whererec cmd = kp ∗. i +. ki ∗. integr(i, 0.0)
tel
let ts = 0.05
node disc integr(x, y0) = y whererec init y = y0 and y = last y + Ts ∗ x
node disc pi(kp, ki, i) = cmd whererec init cmd = Kp∗iand cmd = kp ∗. i +. ki ∗. disc integr(i, 0.0)
How to communicate between continuous and discretetime?
E.g., the bouncing ball
hybrid ball(y0) = y whererec der y = y v init y0and der y v = −. g init 0.0 reset z → 0.8 ∗. last y vand z = up(−. y)
I Replacing last y v by y v would lead to a deadlock.
I In SCADE and Zelus, last y v is the previous value of y v.
I It coincides with the left limit of y v when y v is left continuous.
Internals
Compiler Architecture
Two implementations: Zelus and KCG 6.4 (Release 2014) of SCADE.
KCG 6.4 of SCADE
I Generates FMI 1.0 model-exchange FMUs for Simplorer.I Only 5% of the compiler modified. Small changes in:
I static analysis (typing, causality).I automata translation; code generation.I FMU generation (XML description, wrapper).
I FMU integration loop: about 1000 LoC.
parsing typing causalitycontrol
encodingoptimization
schedulingSOL
generationslicingdeadcode
removal
C codegeneration
A SCADE-like Input Language
Essentially SCADE with three syntax extensions (in red).
d ::= const x = e | k f (pi) = pi whereE | d ; d
k ::= fun | node | hybrid
e ::= x | v | op(e, ..., e) | v fby e | last x | f (e, ..., e) | up(e)
p ::= x | (x , ..., x)
pi ::= xi | xi , ..., xi
xi ::= x | x last e | x default e
E ::= p = e | der x = e| if e thenE elseE| reset E every e| local pi in E | do E and . . .E done
A Clocked Data-flow Internal Language
The internal language is extended with three extra operations.Translation based on Colaco et al. [EMSOFT’05].
d ::= const x = c | k f (p) = a whereC | d ; d
k ::= fun | node | hybrid
C ::= (xi = ai )xi∈I with ∀i 6= j .xi 6= xj
a ::= eck
e ::= x | v | op(a, ..., a) | v fby a | pre(a)| f (a, ..., a)| merge(a, a, a) | a when a| integr(a, a) | up(a)
p ::= x | (x , ..., x)
ck ::= base | ck on a
Clocked Equations Put in Normal FormName the result of every stateful operation. Separate into syntacticcategories.
I se: strict expressions
I de: delayed expressions
I ce: controlled expressions.
Equation lx = integr(x ′, x) defines lx to be the continuous statevariable; possibly reset with x .
eq ::= x = ceck | x = f (sa, ..., sa)ck | x = deck
sa ::= seck
ca ::= ceck
se ::= x | v | op(sa, ..., sa) | sa when sa
ce ::= se | merge(sa, ca, ca) | ca when sa
de ::= pre(ca) | v fby ca | integr(ca, ca) | up(ca)
Well Scheduled Form
Equations are statically scheduled.
Read(a): set of variables read by a.
Given C = (xi = ai )xi∈I , a valid schedule is a one-to-one function
Schedule(.) : I → {1 . . . |I |}
such that, for all xi ∈ I , xj ∈ Read(ai ) ∩ I :
1. if ai is strict, Schedule(xj) < Schedule(xi ) and
2. if ai is delayed, Schedule(xi ) ≤ Schedule(xj).
From the data-dependence point-of-view, integr(ca1, ca2) and up(ca)break instantaneous loops.
A Sequential Object Language (SOL)I Translation into an intermediate imperative language [Colaco et al.,
LCTES’08]I Instead of producing two methods step and reset, produce more.I Mark memory variables with a kind m
md ::= | const x = c| const f = class〈M, I , (method i (pi ) = ei whereSi )i∈[1..n]〉
M ::= [x : m[= v ]; ...; x : m[= v ]]
I ::= [o : f ; ...; o : f ]
m ::= Discrete | Zero | Cont
e ::= v | lv | op(e, ..., e) | o.method(e, ..., e)
S ::= () | lv ← e | S ; S | var x , ..., x in S | if c thenS elseS
R, L ::= S ; ...; S
lv ::= x | lv .field | state (x)
State Variables
Discrete State Variables (sort Discrete)
I Read with state (x);
I modified with state (x)← c
Zero-crossing State Variables (sort Zero)
I A pair with two fields.
I The field state (x).zin is a boolean, true when a zero-crossing on xhas been detected, false otherwise.
I The field state (x).zout is the value for which a zero-crossing mustbe detected.
Continuous State Variables (sort Cont)
I state (x).der is its instantaneous derivative;
I state (x).pos its value
Example: translation of the bouncing ball
let bouncing = machine(continuous) {
memories disc init_25 : bool = true;
zero result_17 : bool = false;
cont y_v_15 : float = 0.; cont y_14 : float = 0.
method reset =
init_25 <- true; y_v_15.pos <- 0.
method step time_23 y0_9 =
(if init_25 then (y_14.pos <- y0_9; ()) else ());
init_25 <- false;
result_17.zout <- (~-.) y_14.pos;
if result_17.zin
then (y_v_15.pos <- ( *. ) 0.8 y_v_15.pos);
y_14.der <- y_v_15.pos;
y_v_15.der <- (~-.) g; y_14.pos }
Finally
1. Translate as usual to produce a function step.
2. For hybrid nodes, copy-and-paste the step method.
3. Either into a cont method activated during the continuous mode, ortwo extra methods derivatives and crossings.
4. Apply the following:I During the continuous mode (method cont), all zero-crossings
(variables of type zero, e.g., state (x).zin) are surely false. Allzero-crossing outputs (state (x).zout ← ...) are useless.
I During the discrete step (method step), all derivative changes(state (x).der ← ...) are useless.
I Remove dead-code by calling an existing pass.
5. That’s all!
Examples (both Zelus and SCADE) at: zelus.di.ens.fr/cc2015
Example: translation of the bouncing ball
let bouncing = machine(continuous) {
memories disc init_25 : bool = true;
zero result_17 : bool = false;
cont y_v_15 : float = 0.; cont y_14 : float = 0.
method reset =
init_25 <- true; y_v_15.pos <- 0.
method step time_23 y0_9 =
(if init_25 then (y_14.pos <- y0_9; ()) else ());
init_25 <- false;
if result_17.zin
then (y_v_15.pos <- ( *. ) 0.8 y_v_15.pos);
y_14.pos
method cont time_23 y0_9 =
result_17.zout <- (~-.) y_14.pos;
y_14.der <- y_v_15.pos;
y_v_15.der <- (~-.) g }
Some conclusion
Two experiments
I The Zelus academic langage and compiler.
I The industrial KCG 6.7 (Release 2016) code generator of SCADE.
I For KCG, less than 5% of extra LOC, in all.
I The extension is fully conservative w.r.t existing SCADE.
I The very same code is used both for simulation and embedded code.
Yet, is this type discipline too constraining for writting real applications?
Current Work
Can we define a standard library of control blocks, in both discrete andcontinuous-time so that the the code is the mathematical specification?
I E.g., delays and tapped-delays, FIR/IIR, transfert functions,integration (with limit, reset), PID, etc.
I Avoid explicit reference to the major step.
I Some continuous-time blocks are wrongly typed: memory block,derivative, rate limiter, backlash, transport delay.
I Replace SUNDIALS by a guaranted solver working with intervals?
Bibliography
Albert Benveniste, Timothy Bourke, Benoit Caillaud, Bruno Pagano, and Marc Pouzet.
A Type-based Analysis of Causality Loops in Hybrid Systems Modelers.In International Conference on Hybrid Systems: Computation and Control (HSCC), Berlin, Germany, April 15–172014. ACM.
Albert Benveniste, Timothy Bourke, Benoit Caillaud, and Marc Pouzet.
A Hybrid Synchronous Language with Hierarchical Automata: Static Typing and Translation to Synchronous Code.In ACM SIGPLAN/SIGBED Conference on Embedded Software (EMSOFT’11), Taipei, Taiwan, October 2011.
Albert Benveniste, Timothy Bourke, Benoit Caillaud, and Marc Pouzet.
Divide and recycle: types and compilation for a hybrid synchronous language.In ACM SIGPLAN/SIGBED Conference on Languages, Compilers, Tools and Theory for Embedded Systems(LCTES’11), Chicago, USA, April 2011.
Albert Benveniste, Timothy Bourke, Benoit Caillaud, and Marc Pouzet.
Non-Standard Semantics of Hybrid Systems Modelers.Journal of Computer and System Sciences (JCSS), 78(3):877–910, May 2012.Special issue in honor of Amir Pnueli.
Albert Benveniste, Benoit Caillaud, and Marc Pouzet.
The Fundamentals of Hybrid Systems Modelers.In 49th IEEE International Conference on Decision and Control (CDC), Atlanta, Georgia, USA, December 15-17 2010.
Timothy Bourke, Jean-Louis Colaco, Bruno Pagano, Cedric Pasteur, and Marc Pouzet.
A Synchronous-based Code Generator For Explicit Hybrid Systems Languages.In International Conference on Compiler Construction (CC), LNCS, London, UK, April 11-18 2015.
Timothy Bourke and Marc Pouzet.
Zelus, a Synchronous Language with ODEs.In International Conference on Hybrid Systems: Computation and Control (HSCC 2013), Philadelphia, USA, April8–11 2013. ACM.
