From CRSM specification to a real-time multitasking execution model

This paper introduces elements allowing an easier crossing of the gap between analysis and design in the case of real-time applications relying on a multitasking operating system. The chosen specification method is based on the use of Shaw´s (1992) CRSM (Communicating Real-time States Machines) and our purpose is to put the basis of a method allowing an easier translation of a CRSM based modelling of a system into a real-time multitasking execution model. In order to do this, we present guidelines for translating the basic constructs of a CRSM model (communicating machines, channels, transitions) into programs involving the usual objects and primitives found in off-the-shelf real-time multitasking operating systems (tasks or threads, message passing, event signalling). The guidelines are illustrated with the classical specification example of the Martian Lander. The aim is to overcome the gap between a specification made with the CRSM and a multitasking execution model: there will then be good possibilities for verification. The specification can be executed, the design can be verified for correctness (liveliness, safety) and eventually a comparison between the behaviour of the specified model and that of the target program can be done