single super state

Forum for discussing and asking questions about the MISRA document MISRA AC SLSF "Modelling design and style guidelines for the application of Simulink and Stateflow"

Moderators: david ward, GeoffFrost

Post Reply
ggentile
Posts: 16
Joined: Wed Nov 25, 2009 8:04 pm
Company: UTC UTRC

single super state

Post by ggentile » Tue Oct 05, 2010 10:07 pm

Following MAAB 2.1 rule db_0137 a chart with single superstate is forbidden.
INstead MISRA SLSF rule #39 require 0 to N superstate.

We are close to the MISRA rule 39 in fovour of MAAB db_0137,

I'd like to have some comment on the decision (we agree to MISRA) not include db_0137.

Giacomo

MISRA Reply
Posts: 52
Joined: Mon Dec 06, 2004 12:24 pm

Re: single super state

Post by MISRA Reply » Fri Oct 15, 2010 12:21 pm

Just to clarify, MISRA AC SLSF 039A specifies that "a state must have either zero or more than one sub-state." This is effectively equivalent to the MAAB db_0137 rule "A state cannot have only one substate." A single superstate is disallowed in both cases.

ggentile
Posts: 16
Joined: Wed Nov 25, 2009 8:04 pm
Company: UTC UTRC

Re: single super state

Post by ggentile » Sat Oct 16, 2010 9:15 pm

May you clarify the rationale of this rule?
Is common to have one super state and more than one state inside.

The only matter is in haveing state that contain one state that contain one state and so on....

Giacomo

MISRA Reply
Posts: 52
Joined: Mon Dec 06, 2004 12:24 pm

Re: single super state

Post by MISRA Reply » Tue Oct 19, 2010 2:18 pm

The rationale of this rule is to maximize the efficiency of a chart. Any actions within a single state (without any siblings at the same chart level) could be executed by the parent state without recourse to a state scheduler to manage the single state, i.e. the single state is generally unnecessary.

A single state at any level of a chart, particularly the root level of a statechart, is often seen to be indicative of an incomplete or erroneous design or implementation.

The single instance where we have seen a single state legitimately used is at the root level of a chart to enable the implementation of reset functionality in the chart, which strictly would then require a deviation from MISRA AC SLSF 039A. In this case the single super-state contains all logic for normal operation. A default transition into the state will handle normal entry into the superstate at first execution. A loop-back "reset" transition is placed on the super-state boundary to cause execution flow to exit the super-state and re-enter the super-state upon a reset event occuring. This re-entry causes reset/initialisation logic present via default transitions internal to the super-state to execute. As they say a picture is worth a thousand words, so hopefully the following example will illustrate the thinking behind the above exception.

Image

Post Reply

Return to “MISRA AC SLSF discussions”