rick@cs.arizona.edu (Rick Schlichting) (02/05/91)
--------------------------------------------------------------------------
Trip Report -- Toshiba Software Laboratory (June 4, 1990)
Richard D. Schlichting (rick@cs.arizona.edu)
Associate Professor
Department of Computer Science
The University of Arizona
Tucson, AZ 86721, USA
[This report represents the personal opinion of the author, who was on
sabbatical in Japan from Dec. 1989 through July 1990. The sabbatical
was supported in part by grant INT-8910818 from the NSF U.S.-Japan
Cooperative Science Program.]
---------------------------------------------------------------------------
Monday was the day I was scheduled to visit the Toshiba Software
Laboratory, which is located a 10-minute walk from the JR Kawasaki
station. I arrived a little before my appointed time of 1130,
and was met at the gate by Ms. Akamine, a secretary for my host
Dr. Honiden. The lab is in a new building located on the grounds of
a big, post-war Toshiba factory, which, I later found out, manufactures
primarily optical scanners for ATMs and the postal service. Upon
arriving, I was immediate met by Dr Honiden and escorted for a
meeting room, where I met by Yasukuni Okataku, who is involved with
a project for building fault-tolerant distributed systems, and Takeshi
Kohno, who is the senior manager. They first gave me an overview
of the lab. Basically, it was established a couple of years ago at a
very high level in the company hierarchy. The space it occupies is on
the 5th floor of the building, and is high quality space organized around
an open plan with cubicles in a manner similar to US companies I have
visited. It employs approximately 160 people, of which 120 or so are
researchers, about evenly divided between BS and MS levels. Their research
charter is broad, encompassing the three general areas of systems
engineering, AI, and Software Engineering. Their research horizon is
supposed to be >5 years, as opposed to the 3-5 yr. horizons for other
Labs in the company. Their brochure outlines a number of projects,
of which they had chosen two--the IDPS fault-tolerant DOS, and the
Mendel Zone concurrent program synthesis system--for later description
and demonstration.
Following lunch, I was given lectures and demos on the two systems
mentioned above. Both were very relevant to my own areas of interests,
perhaps moreso than any other projects I had seen in Japan. IDPS
is a project to build fault-tolerant distributed systems for applications
such as railroad signalling, factory automation, etc. There are three
layers: the bottom layer is the DOS, which supports a "fail-stop"
broadcast function and "fail-stop" objects, the next contains
a distributed file system, databased and production system, and
the top layer is the application written in an object-orient
fashion. The basic programming paradigm involves replicated objects
that interact using the reliable broadcast. Among the unique
features they claim are an interesting first-CN-first-serve method
for dealing with replicated broadcasts (versus a majority method);
among the advantages of this are the fact that you needn't know
how many copies there are, which makes it easier to dynamically
add and delete members. (Indeed, when I asked them whether they
use a membership protocol to agree on failures, they seemed to
indicate that they don't need it. Whether this is a by-product of
the application or this particular scheme of replication, I don't
know.)
The second lecture was a presentation by Naoshi Uchihira on a
system that they call Mendels Zone. The purpose of the system
is to synthesize concurrent programs from a combination of temporal
logic and Petri net specifications. In particular, the temporal
logic is used to specify the synchronizing part of the processes,
while the Petri nets are used to specify the remainder. These
specs are translated by the system into Buchi automaton and
a reachability graph, respectively, which are then essentially
"intersected" to get the result. The use of the two specification
methods is in keeping with the goals of improving both correctness
and software productivity; the improvement in correctness is
achieved by the synthesis of the difficult part of a concurrent
program, the synchronization part, while the improvement in
productivity results from the reuse of software facilitated
by the petri net formalism. This work is supported financially by
ICOT. I was given papers later on both of the lecture topics.
Demonstrations of the systems followed the lectures. They have
set of the ICDP demo as a fairly fancy railroad control system,
with an LED panel representing trains and everything. Each object
was replicated on each of three processors. To demonstrate
its adaptability, they dynamically added a new station to the system
without shutting anything else down. They also illustrated the features
for fault-tolerance and recoverability by shutting down one of the processors
and then restarting it without affecting the running application. I
found it all most impressive.
Across the room was the ICOT area, where I was given the demonstration
of the Mendels Zone system by Uchihara. It consisted basically of the
development of a solution to the Dinining Philosophers problem. I again
found the demo impressive and convincing, with a fairly sophisticated
graphical interface that they said was actually easy to construct using the
standard window package. I asked about their view of the feasibility of
using temporal logic in real life, and they indicated that their experience
had been positive so far. However, Uchihara did say that he thought that
verification rather than synthesis was probably a more practical approach
to the problem of developing correct software.
---------------------------------------------------------
Dr. Shinichi Honiden
Research Scientist, AI Technology Group
Systems and Software Engineering Laboratory
Toshiba Corporation
70 Yanagi-cho, Saiwai-ku
Kawasaki-shi 210, JAPAN
Yasukuni Okataku
Senior Research Scientist
Systems and Software Engineering Laboratory
Toshiba Corporation
70 Yanagi-cho, Saiwai-ku
Kawasaki-shi 210, JAPAN
Naoshi Uchihira
Research Scientist, AI Technology Group
Systems and Software Engineering Laboratory
Toshiba Corporation
70 Yanagi-cho, Saiwai-ku
Kawasaki-shi 210, JAPAN