Modelling and Simulation of Asynchronous Real-Time Systems using Timed Rebeca

In this paper we propose an extension of the Rebeca language that can be used to model distributed and asynchronous systems with timing constraints. We provide the formal semantics of the language using Structural Operational Semantics, and show its expressiveness by means of examples. We developed a tool for automated translation from timed Rebeca to the Erlang language, which provides a first implementation of timed Rebeca. We can use the tool to set the parameters of timed Rebeca models, which represent the environment and component variables, and use McErlang to run multiple simulations for different settings. Timed Rebeca restricts the modeller to a pure asynchronous actor-based paradigm, where the structure of the model represents the service oriented architecture, while the computational model matches the network infrastructure. Simulation is shown to be an effective analysis support, specially where model checking faces almost immediate state explosion in an asynchronous setting.

💡 Research Summary

The paper introduces Timed Rebeca, an extension of the Rebeca actor‑based modeling language that incorporates real‑time constraints while preserving its asynchronous, message‑driven semantics. The authors first motivate the need for timing constructs in distributed systems, identifying four essential timing aspects: computation time, message delivery latency, message expiration, and periodic event occurrence. To address these, Timed Rebeca adds four primitives to the original syntax:

1. delay(t) – advances the local clock of the executing rebec by t time units, modeling the duration of a computation.
2. now() – returns the current value of the rebec’s local clock, enabling time‑dependent logic inside methods.
3. after(t) – attached to a message send, it specifies the earliest time the message may be taken from the message bag, thus representing minimum delivery delay or periodic activation.
4. deadline(t) – also attached to a send, it defines a hard expiration time after which the message is discarded, modeling time‑outs.

Instead of a FIFO queue, each rebec maintains a message bag where messages are stored together with absolute time tags (computed from the sender’s now plus any after offset) and optional deadlines. The scheduler always selects the message with the smallest time tag; before executing the corresponding method, the receiver’s local clock is raised to the maximum of its current value and the message’s time tag. This mechanism naturally captures network latency, computation delays, and periodic behavior while preserving the atomic execution of methods.

The formal semantics are presented using Structural Operational Semantics (SOS), providing precise transition rules for each new construct and for the overall scheduling policy. This rigorous foundation guarantees that the subsequent automatic translation to Erlang preserves the intended timing behavior.

A tool chain has been implemented that parses Timed Rebeca models, generates equivalent Erlang processes, and allows the user to parameterize environment and component variables. The generated Erlang code can be executed with McErlang, a model‑checking and simulation framework for Erlang. By varying the timing parameters across multiple simulation runs, designers can explore different scenarios, detect deadline violations, and identify unstable states that would be difficult to uncover through exhaustive model checking due to the notorious state‑space explosion in asynchronous systems.

The paper includes a running ticket‑service example that demonstrates how to model two reactive classes (an agent and a ticket service), specify computation times, network delays, and message expirations, and then use the simulation tool to uncover timing bugs such as missed deadlines.

In the related work section, Timed Rebeca is compared with classic timed formalisms (Timed Automata, TCCS, Real‑time Maude) and with other timed actor languages. Unlike those formalisms, Timed Rebeca offers an actor‑centric syntax familiar to software engineers (Java‑like) and enforces a pure asynchronous paradigm, avoiding the need for a central synchronizer. The authors argue that this makes the language more usable for service‑oriented and distributed architectures where the model structure mirrors the actual deployment topology.

Finally, the authors discuss future directions: integrating Timed Rebeca with existing timed‑automata‑based verification pipelines, refining models directly into production‑grade Erlang code, and extending the language with richer scheduling policies or clock‑synchronization mechanisms. Overall, the work contributes a practical, formally grounded modeling language for real‑time asynchronous systems, complemented by a simulation environment that mitigates the scalability limitations of exhaustive model checking.