Copyr ig ht © IF AC SAFECOMP '88 Fuld a, FRG, 1988 sce-B AN ENVIRONMENT FOR REQUIREMENTS SPECIFICATION AND ANALYSIS OF REAL-TIME SOFTWARE BASED ON TIMED PETRI NETS S. Bologna*, F. Pisacane*, C. Ghezzi** and D. Mandrioli** *ENEA Cre-Casaccia, R oma, Italy ** Politecnico di Milano, Milano, Italy ABSTRACT BEPN (Erlea Bxteoted Petri Nets) is a prototyping environmeot for real-time process control system requirements specification. Its major components are : a specification model based on Extended Petri Nets, a graphical editor for net construction and a simulator with animation support. The environment, implemeoted in an object-oriented programming language, is available on mM-pc. KEYWORDS Petri Nets, specification, graphical editor, simulation, animation, object-oriented programming. INfRODUCfION For many computer applications, such as on-line process control, it is not sufficient for programs to be logically correct, In addition to being logically correct, the programs must satisfy certain timing constraints determined by the physical process being controlled to avoid possible catastrophic results. The conventiooa1 approach to real-time programming has been to write and to prove the program to be logically comet while ignoring real-time constraints. This paper discusses a language and associated tools designed and implemented for distributed real-time systems, or "time-driven" systems, supporting the specifications and analysis of timing constraints, By constructing a semantic model of the main critical functions, pointing out the time aspects, it is possible to verify the consistency of the requirements stated and to analyse the system behavior, under certain conditions, for estimating the response time and to prevent system failures such as deadlocks. Petri nets [1) are now used for requirements specification and analysis in a variety of applications, from real-time process control software to communication protocols. Among their strengths they are easy to use and modify, easy to comprehend withoui -il- strong mathematical background , One of the characteristics of real-time software is that it has to work correctly withina specific time period. The variable time is not part ofthe original definition of Petri Nets. A3 consequence, the use of Petri Nets for real-time applications requires an extension of the original definition by the introduction of the variable time; they are usually called Ttmed Petri Nets [2), [3]. They are derived from the classical definition of Petri Nets, by apecifying, for each transitions a minimum firing time lmin and a maximum firing time !mu. To be applicable to real projects, the formalism has to be supported automatically by a supporting environment. A tool for software development and analysis, based on Ttmed Petri Nets, is presented. It is constituted by a graphical editor wich can be used to create a system or a 7 subsystem model plus a simulator to verify the correctness of the representation. The tool is intended to be part of a complete environment and to be used for the specification and analysis of real-time software . It is implemented on a hardware configuration which makes use of a I1Y AX for model simulation and an mM-pc for net construction and man-machine interface. BEPN MODEL DEPINlTION The specification model used in the tool is an extension of the classical Petri Net model. This new model is based on the introduction of a specification language to describe, from semantic point of view, concurrent systems. In particular the introduction of the time allows designers to cover all the critical aspects, such dynamic behavior, of real-time systems, Describing the algorithmic aspects of a process is not allowed by the original definition of Petri Nets; this represents hard constraint when the sincronization among process depencb on the values produced during a computation. For example, by a "pure" Petri Net it is no possible to describe the following requirement : if a value read from a channel is even, then the messqe must be sent in the channel I, otherwise in the channel 2. In the Extended Petri Nets (EPN) [3), there are the following new features : • each token has an associated environment. The environment is list of pairs: <token identification,value>, The type of a value can be a string, a number or an array. For each place it is possible to define different tokens with different environments. For example : <8,43,. <x, 'alfa'> <y,[2,43,54»