Models for Efficient Timed Verification
|
|
- Grace Francis
- 6 years ago
- Views:
Transcription
1 Models for Efficient Timed Verification François Laroussinie LSV / ENS de Cachan CNRS UMR 8643 Monterey Workshop - Composition of embedded systems
2 Model checking System Properties Formalizing step? ϕ
3 Model checking We want... Expressive models: communication, variables, timing constraints, probabilities... Expressive specification languages: natural, powerful, intuitive...
4 Model checking We want... Expressive models: communication, variables, timing constraints, probabilities... Expressive specification languages: natural, powerful, intuitive... AND EFFICIENT ALGORITHM! Main limit of model checking = state explosion problem
5 State explosion problem An example: a protocol...
6 State explosion problem An example: a protocol a sender
7 State explosion problem An example: a protocol a buffer 4 a sender
8 State explosion problem An example: a protocol a buffer 4 a sender 1 2 a receiver
9 State explosion problem An example: a protocol a sender a buffer 1 a server 2 2 a receiver
10 State explosion problem An example: a protocol a sender a buffer 1 a server 2 2 a receiver
11 State explosion problem An example: a protocol a buffer 3 4 a sender 1 1 a server a receiver
12 State explosion problem
13 State explosion problem This has motivated symbolic methods heuristics: on-the-fly algorithms acceleration partial order... abstraction... Model checkers exist and they work rather nicely!
14 Verification of compositions of embedded systems Two difficulties: the composition... Usually we need to address verification of quantitative aspects: timing constraints (Real-time systems) probabilities costs data...
15 Verification of compositions of embedded systems Two difficulties: the composition... Usually we need to address verification of quantitative aspects: timing constraints (Real-time systems) probabilities costs data... Each one may induce a complexity blow-up. This can be measured by the structural complexity of verification problems: for ex. the composition and the state explosion problem.
16 State explosion problem This state explosion holds for synchronized systems, systems with boolean variables, 1-safe Petri nets etc. These are non-flat systems. In practice, a model S is described as a non-flat system (whose operational semantics is a flat transition system T)
17 State explosion problem This state explosion holds for synchronized systems, systems with boolean variables, 1-safe Petri nets etc. These are non-flat systems. In practice, a model S is described as a non-flat system (whose operational semantics is a flat transition system T) Complexity of model checking non-flat systems Model checking T = Φ non-flat syst. = Φ Reachability NLOGSPACE-C PSPACE-C CTL model checking P-C PSPACE-C AF µ-calculus P-C EXPTIME-C (Papadimitriou, Vardi, Kupferman, Wolper, Rabinovich,...)
18 Challenge Define new formalisms to model and verify the embedded systems, with... timing constraints probabilities costs, dynamic variables... extended specification languages
19 Challenge Define new formalisms to model and verify the embedded systems, with... timing constraints probabilities costs, dynamic variables... extended specification languages request AF grant request AF <200 grant request P >0.9 F <200 grant request Agt 1 P >0.9 F <200 grant
20 Challenge Define new formalisms to model and verify the embedded systems, with... timing constraints probabilities costs, dynamic variables... extended specification languages request AF grant request AF <200 grant request P >0.9 F <200 grant request Agt 1 P >0.9 F <200 grant without increasing (too much) the complexity!
21 Efficient timed model-checking obj: find timed models and timed specification languages for which verification can be done efficiently. To model simply timed systems To use to abstract complex timed systems To combine with other quantitative extensions
22 Outline 1 Timed specification languages 2 Timed models Discrete-time models Timed automata 3 Conclusion
23 Outline 1 Timed specification languages 2 Timed models Discrete-time models Timed automata 3 Conclusion
24 Classical verification problems Reachability of a control state S S? : (bi)simulation, etc. L(S) L(S)? : language inclusion (S A T ) + reachability : testing automata S = Φ with Φ a temporal logic formula : model checking
25 Timed properties Temporal properties: Any problem is followed by an alarm With CTL: ( ) AG problem AF alarm
26 Timed properties Temporal properties: Any problem is followed by an alarm With CTL: ( ) AG problem AF alarm Timed properties: Any problem is followed by an alarm in at most 10 time units
27 Timed properties Temporal properties: Any problem is followed by an alarm With CTL: ( ) AG problem AF alarm Timed properties: Any problem is followed by an alarm in at most 10 time units With TCTL: ( ) AG problem AF 10 alarm
28 Timed CTL We use TCTL whose formulae are built from: atomic propositions in Prop (For ex. Alarm, Problem,...) boolean combinators (,, ), and temporal operators tagged with timing constraints: E U c and A U c with {<,, =,, >} and c N. + all the standard abbreviations: AG c, AF c etc.
29 Timed CTL We use TCTL whose formulae are built from: atomic propositions in Prop (For ex. Alarm, Problem,...) boolean combinators (,, ), and temporal operators tagged with timing constraints: E U c and A U c with {<,, =,, >} and c N. + all the standard abbreviations: AG c, AF c etc. s = EϕU c ψ ρ = ρ ρ Exec(s) with s ρ s and Time(ρ ) c and s = ψ, and s = ϕ for all s < ρ s < ρ s
30 Outline 1 Timed specification languages 2 Timed models Discrete-time models Timed automata 3 Conclusion
31 Questions Studying timing constraints & complexity Two problems: 1 Are there simpler models with discrete time for which model checking can be efficient? 2 Are there classes of Timed Automata which allow efficient model checking?
32 Timed transition systems = a transition system + a notion of time used to define the semantics of real-time systems Let T be a time domain: N, R + or Q +. Timed transition system T = S, s 0,, l S is an (possibly infinite) set of states, s 0 S S T S l : S 2 Prop : assigns atomic propositions to states
33 Timed transition systems = a transition system + a notion of time used to define the semantics of real-time systems Let T be a time domain: N, R + or Q +. Timed transition system T = S, s 0,, l S is an (possibly infinite) set of states, s 0 S S T S l : S 2 Prop : assigns atomic propositions to states Every finite run σ in T has a finite duration Time(σ).
34 Outline 1 Timed specification languages 2 Timed models Discrete-time models Timed automata 3 Conclusion
35 Simple models for timed verification It is possible to use classical Kripke structures as timed models. There is no inherent concept of time: time elapsing is encoded by events. For example: each transition = one time unit (Emerson et al.) or: a tick proposition labels states where one t.u. elapses. Timed model checking can be efficient (polynomial-time)! Durational Transition Graphs extend these models without loosing efficiency.
36 Durational Transition Graph [0, ) Init state [7,45] New Card 0 Wait for Pincode. Read code [25,50] [25,50] 0 [0, ) [10;15] [0,366] Code OK Bad code Money+card [50,110] [0,7] Ask amount [5,10] Return card 10
37 Durational Transition Graph T = N A durational transition graph S is Q, R, l where Q is a (finite) set of states, R Q I Q is a total transition relation with duration l : Q 2 Prop labels every state with a subset of Prop. I = set of intervals [n, m] or [n, ) (with n, m N) q [n,m] q : moving from q to q takes some duration d in [n, m]. Two semantics are possible...
38 Two semantics for DTGs Consider the run: Init State 15 New Card 0 Wait for Pin C
39 Two semantics for DTGs Consider the run: Init State 15 New Card 0 Wait for Pin C Jump semantics: date: 0 Init State date: 15 New Card no intermediary states!... Simple semantics, no extra states. Not always natural. Difficult to synchronize two DTGs.
40 Two semantics for DTGs Consider the run: Init State 15 New Card 0 Wait for Pin C Jump semantics: date: 0 Init State date: 15 New Card no intermediary states!... Simple semantics, no extra states. Not always natural. Difficult to synchronize two DTGs. Continuous semantics: date: Init state date: 15 New card date: Wait for Pin C...
41 jump vs continuous semantics [2;4] r DTG S q [0;0] [3;3] s [1;2]
42 jump vs continuous semantics [2;4] r DTG S q [0;0] [3;3] s [1;2] jump sem. of S: 2 r 3 q s 1 2
43 jump vs continuous semantics [2;4] r DTG S q [0;0] [3;3] s [1;2] jump sem. of S: 2 r continuous sem. of S: 1 r, q 4 0 q, 0 1 q, 1 q, 2 q, s 1 s, 0 1 s, (q, i) : i time units have already been spent in q
44 Outline 1 Timed specification languages 2 Timed models Discrete-time models Timed automata 3 Conclusion
45 Timed Automata Example A = an automaton (locations and transitions) + clocks true, b, x := 0 x < 10, b, x := 0 OFF ON x 10 x = 10, i,
46 Timed automata - definition [Alur & Dill] A = an automaton (locations and transitions) + clocks Clocks progress synchronously with time (Time domain = R + ) Transitions: l g,a,r l T with: g is the guard, a is the label, r is the set of clocks to be reset to 0
47 Timed automata - definition [Alur & Dill] A = an automaton (locations and transitions) + clocks Clocks progress synchronously with time (Time domain = R + ) Transitions: l g,a,r l T with: g is the guard, a is the label, r is the set of clocks to be reset to 0 Semantics: States: (l, v) where v is a valuation for the clocks
48 Timed automata - definition [Alur & Dill] A = an automaton (locations and transitions) + clocks Clocks progress synchronously with time (Time domain = R + ) Transitions: l g,a,r l T with: g is the guard, a is the label, r is the set of clocks to be reset to 0 Semantics: States: (l, v) where v is a valuation for the clocks Action transition: { (l, v) 0 g,a,r a (l, v l l ) iff A, v = g, v = v[r 0]
49 Timed automata - definition [Alur & Dill] A = an automaton (locations and transitions) + clocks Clocks progress synchronously with time (Time domain = R + ) Transitions: l g,a,r l T with: g is the guard, a is the label, r is the set of clocks to be reset to 0 Semantics: States: (l, v) where v is a valuation for the clocks Action transition: { (l, v) 0 g,a,r a (l, v l ) iff l A, v = g, v = v[r 0] Delay transition: t R +, (l, v) t (l, v + t) iff 0 t t, v + t = Inv(l)
50 Model checking for TA A defines an infinite timed transition system. Decision procedures are based on the region graph technique (Alur, Courcoubetis, Dill) From A and Φ, one defines an equivalence A,Φ s.t.: ( ) v A,Φ v (l, v) = Φ iff (l, v ) = Φ R + X / A,Φ is finite A region = An equivalence class of A,Φ ) X We can reduce A = Φ to (A R + / A,Φ = Φ... and use a standard model checking algorithm.
51 Model checking for TA A defines an infinite timed transition system. Decision procedures are based on the region graph technique (Alur, Courcoubetis, Dill) From A and Φ, one defines an equivalence A,Φ s.t.: ( ) v A,Φ v (l, v) = Φ iff (l, v ) = Φ R + X / A,Φ is finite A region = An equivalence class of A,Φ ) X We can reduce A = Φ to (A R + / A,Φ = Φ... and use a standard model checking algorithm.! The size of R + X / A,Φ is in O( X! M X )!
52 The region abstraction y X = {x, y} M x = 3 and M y = x
53 The region abstraction y X = {x, y} M x = 3 and M y = x compatibility between regions and constraints x k and y k
54 The region abstraction y X = {x, y} M x = 3 and M y = x compatibility between regions and constraints x k and y k compatibility between regions and time elapsing
55 The region abstraction y X = {x, y} M x = 3 and M y = x compatibility between regions and constraints x k and y k compatibility between regions and time elapsing
56 The region abstraction y X = {x, y} M x = 3 and M y = x compatibility between regions and constraints x k and y k compatibility between regions and time elapsing
57 The region abstraction y X = {x,y} M x = 3 and M y = region defined by I x =]1;2[, I y =]0;1[ {x} < {y} x compatibility between regions and constraints x k and y k compatibility between regions and time elapsing
58 The region abstraction y X = {x,y} M x = 3 and M y = x region defined by I x =]1;2[, I y =]0;1[ {x} < {y} successor by delay transition: I x =]1;2[, I y = [2;2] compatibility between regions and constraints x k and y k compatibility between regions and time elapsing
59 An example [AD 90 s] y x
60 Complexity of timed verification Reachability in TA is PSPACE-C (Alur & Dill) Reachability in TA with three clocks is PSPACE-C (Courcoubetis & Yannakakis) Reachability in TA with constants in {0, 1} is PSPACE-C (Courcoubetis & Yannakakis) Model checking Timed CTL over TA is PSPACE-C (Alur, Courcoubetis & Dill) Model checking AF Timed µ-calculus over TA is EXPTIME-C (Aceto & Laroussinie) ( But tools (Kronos, UppAal) exist and have been applied ) successfully for verifying industrial case studies.
61 One/two clock timed automata [LMS2004] 1 Model checking TCTL on 1C-TA is PSPACE-complete. 2 Reachability in 1C-TA is NLOGSPACE-complete. 3 Model checking TCTL, on 1C-TA is P-complete. 1 Reachability in 2C-TA is NP-hard. 2 Model checking CTL on 2C-TA is PSPACE-complete.
62 Outline 1 Timed specification languages 2 Timed models Discrete-time models Timed automata 3 Conclusion
63 Conclusion discrete time dense time DTG 0/1 DTG [LMS06] 1C-TA 2C-TA TA [ACD93] [LST03] jump cont. [LMS04] [LMS04] [CY92] Reachability NLOGSPACE-C NP-hard PSPACE-C TCTL, P-complete PSPACE-C TCTL P-compl. p 2 PSPACE-complete TCTL c PSPACE-complete
64 Conclusion No efficient algorithm for TCTL+clocks. As soon as there are two clocks, a complexity blow-up occurs for any verification problem. For TCTL, model-checking may be efficient only for the simple DTGs with durations in {0, 1}. For TCTL,, it is possible to have efficient model-checking algorithm for any kind of DTG and 1C-TA. The previous result can be extended to probabilistic timed systems (Probabilistic DTG and 1-clock Probabilistic TA).
Recent results on Timed Systems
Recent results on Timed Systems Time Petri Nets and Timed Automata Béatrice Bérard LAMSADE Université Paris-Dauphine & CNRS berard@lamsade.dauphine.fr Based on joint work with F. Cassez, S. Haddad, D.
More informationTimed Automata VINO 2011
Timed Automata VINO 2011 VeriDis Group - LORIA July 18, 2011 Content 1 Introduction 2 Timed Automata 3 Networks of timed automata Motivation Formalism for modeling and verification of real-time systems.
More informationMODEL-CHECKING IN DENSE REAL-TIME SHANT HARUTUNIAN
MODEL-CHECKING IN DENSE REAL-TIME SHANT HARUTUNIAN 1. Introduction These slides are for a talk based on the paper Model-Checking in Dense Real- Time, by Rajeev Alur, Costas Courcoubetis, and David Dill.
More informationEfficient timed model checking for discrete-time systems
Efficient timed model checking for discrete-time systems F. Laroussinie, N. Markey and Ph. Schnoebelen Lab. Spécification & Vérification ENS de Cachan & CNRS UMR 8643 6, av. Pdt. Wilson, 94235 Cachan Cedex
More informationUnbounded, Fully Symbolic Model Checking of Timed Automata using Boolean Methods
Unbounded, Fully Symbolic Model Checking of Timed Automata using Boolean Methods Sanjit A. Seshia and Randal E. Bryant Computer Science Department Carnegie Mellon University Verifying Timed Embedded Systems
More informationParameterized model-checking problems
Parameterized model-checking problems Stéphane Demri Laboratoire Spécification et Vérification (LSV) CNRS UMR 8643 & ENS de Cachan Parameterized model-checking problems p. 1 Plan of the talk 1. State explosion
More informationState Explosion in Almost-Sure Probabilistic Reachability
State Explosion in Almost-Sure Probabilistic Reachability François Laroussinie Lab. Spécification & Vérification, ENS de Cachan & CNRS UMR 8643, 61, av. Pdt. Wilson, 94235 Cachan Cedex France Jeremy Sproston
More informationRobust Controller Synthesis in Timed Automata
Robust Controller Synthesis in Timed Automata Ocan Sankur LSV, ENS Cachan & CNRS Joint with Patricia Bouyer, Nicolas Markey, Pierre-Alain Reynier. Ocan Sankur (ENS Cachan) Robust Control in Timed Automata
More informationThe algorithmic analysis of hybrid system
The algorithmic analysis of hybrid system Authors: R.Alur, C. Courcoubetis etc. Course teacher: Prof. Ugo Buy Xin Li, Huiyong Xiao Nov. 13, 2002 Summary What s a hybrid system? Definition of Hybrid Automaton
More informationfor System Modeling, Analysis, and Optimization
Fundamental Algorithms for System Modeling, Analysis, and Optimization Stavros Tripakis UC Berkeley EECS 144/244 Fall 2013 Copyright 2013, E. A. Lee, J. Roydhowdhury, S. A. Seshia, S. Tripakis All rights
More informationBounded Model Checking with SAT/SMT. Edmund M. Clarke School of Computer Science Carnegie Mellon University 1/39
Bounded Model Checking with SAT/SMT Edmund M. Clarke School of Computer Science Carnegie Mellon University 1/39 Recap: Symbolic Model Checking with BDDs Method used by most industrial strength model checkers:
More informationOn the Expressiveness and Complexity of ATL
On the Expressiveness and Complexity of ATL François Laroussinie, Nicolas Markey, Ghassan Oreiby LSV, CNRS & ENS-Cachan Recherches en vérification automatique March 14, 2006 Overview of CTL CTL A Kripke
More informationTimed Automata. Chapter Clocks and clock constraints Clock variables and clock constraints
Chapter 10 Timed Automata In the previous chapter, we have discussed a temporal logic where time was a discrete entities. A time unit was one application of the transition relation of an LTS. We could
More informationParameter Synthesis for Timed Kripke Structures
Parameter Synthesis for Timed Kripke Structures Extended Abstract Micha l Knapik 1 and Wojciech Penczek 1,2 1 Institute of Computer Science, PAS, Warsaw, Poland 2 University of Natural Sciences and Humanities,
More informationVerification of Polynomial Interrupt Timed Automata
Verification of Polynomial Interrupt Timed Automata Béatrice Bérard 1, Serge Haddad 2, Claudine Picaronny 2, Mohab Safey El Din 1, Mathieu Sassolas 3 1 Université P. & M. Curie, LIP6 2 ENS Cachan, LSV
More informationComplexity Issues in Automated Addition of Time-Bounded Liveness Properties 1
Complexity Issues in Automated Addition of Time-Bounded Liveness Properties 1 Borzoo Bonakdarpour and Sandeep S. Kulkarni Software Engineering and Network Systems Laboratory, Department of Computer Science
More informationModel Checking Durational Probabilistic Systems
Model Checking Durational Probabilistic Systems (Extended abstract)? François Laroussinie 1 and Jeremy Sproston 2 1 Lab. Spécification & Verification, ENS Cachan CNRS UMR 8643, France 2 Dipartimento di
More informationMODEL CHECKING TIMED SAFETY INSTRUMENTED SYSTEMS
TKK Reports in Information and Computer Science Espoo 2008 TKK-ICS-R3 MODEL CHECKING TIMED SAFETY INSTRUMENTED SYSTEMS Jussi Lahtinen ABTEKNILLINEN KORKEAKOULU TEKNISKA HÖGSKOLAN HELSINKI UNIVERSITY OF
More informationTime and Timed Petri Nets
Time and Timed Petri Nets Serge Haddad LSV ENS Cachan & CNRS & INRIA haddad@lsv.ens-cachan.fr DISC 11, June 9th 2011 1 Time and Petri Nets 2 Timed Models 3 Expressiveness 4 Analysis 1/36 Outline 1 Time
More informationSerge Haddad Mathieu Sassolas. Verification on Interrupt Timed Automata. Research Report LSV-09-16
Béatrice Bérard Serge Haddad Mathieu Sassolas Verification on Interrupt Timed Automata Research Report LSV-09-16 July 2009 Verification on Interrupt Timed Automata Béatrice Bérard 1, Serge Haddad 2, Mathieu
More informationFrom Liveness to Promptness
From Liveness to Promptness Orna Kupferman Hebrew University Nir Piterman EPFL Moshe Y. Vardi Rice University Abstract Liveness temporal properties state that something good eventually happens, e.g., every
More informationTime(d) Petri Net. Serge Haddad. Petri Nets 2016, June 20th LSV ENS Cachan, Université Paris-Saclay & CNRS & INRIA
Time(d) Petri Net Serge Haddad LSV ENS Cachan, Université Paris-Saclay & CNRS & INRIA haddad@lsv.ens-cachan.fr Petri Nets 2016, June 20th 2016 1 Time and Petri Nets 2 Time Petri Net: Syntax and Semantic
More informationExperiments in the use of tau-simulations for the components-verification of real-time systems
Experiments in the use of tau-simulations for the components-verification of real-time systems Françoise Bellegarde, Jacques Julliand, Hassan Mountassir, Emilie Oudot To cite this version: Françoise Bellegarde,
More informationThe Verification of Real Time Systems using the TINA Tool
Proceedings of the 17th World Congress The International Federation of Automatic Control The Verification of Real Time Systems using the TINA Tool Pedro M. Gonzalez del Foyo Jose Reinaldo Silva Dept. Of
More informationTemporal logics and explicit-state model checking. Pierre Wolper Université de Liège
Temporal logics and explicit-state model checking Pierre Wolper Université de Liège 1 Topics to be covered Introducing explicit-state model checking Finite automata on infinite words Temporal Logics and
More informationHelsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66
Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66 Teknillisen korkeakoulun tietojenkäsittelyteorian laboratorion tutkimusraportti 66 Espoo 2000 HUT-TCS-A66
More informationLinear Temporal Logic and Büchi Automata
Linear Temporal Logic and Büchi Automata Yih-Kuen Tsay Department of Information Management National Taiwan University FLOLAC 2009 Yih-Kuen Tsay (SVVRL @ IM.NTU) Linear Temporal Logic and Büchi Automata
More informationModel Checking Real-Time Systems
Model Checking Real-Time Systems Patricia Bouyer, Uli Fahrenberg, Kim G. Larsen, Nicolas Markey, Joël Ouaknine, and James Worrell Abstract This chapter surveys timed automata as a formalism for model checking
More informationCS357: CTL Model Checking (two lectures worth) David Dill
CS357: CTL Model Checking (two lectures worth) David Dill 1 CTL CTL = Computation Tree Logic It is a propositional temporal logic temporal logic extended to properties of events over time. CTL is a branching
More informationSemantic Equivalences and the. Verification of Infinite-State Systems 1 c 2004 Richard Mayr
Semantic Equivalences and the Verification of Infinite-State Systems Richard Mayr Department of Computer Science Albert-Ludwigs-University Freiburg Germany Verification of Infinite-State Systems 1 c 2004
More informationComplexity Issues in Automated Addition of Time-Bounded Liveness Properties 1
Complexity Issues in Automated Addition of Time-Bounded Liveness Properties 1 Borzoo Bonakdarpour and Sandeep S. Kulkarni Software Engineering and Network Systems Laboratory, Department of Computer Science
More informationAutomata-based Verification - III
COMP30172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20: email: howard.barringer@manchester.ac.uk March 2009 Third Topic Infinite Word Automata Motivation Büchi Automata
More informationAlternating Time Temporal Logics*
Alternating Time Temporal Logics* Sophie Pinchinat Visiting Research Fellow at RSISE Marie Curie Outgoing International Fellowship * @article{alur2002, title={alternating-time Temporal Logic}, author={alur,
More informationTemporal Logic Model Checking
18 Feb, 2009 Thomas Wahl, Oxford University Temporal Logic Model Checking 1 Temporal Logic Model Checking Thomas Wahl Computing Laboratory, Oxford University 18 Feb, 2009 Thomas Wahl, Oxford University
More informationSpecification and Model Checking of Temporal Properties in Time Petri Nets and Timed Automata
Specification and Model Checking of Temporal Properties in Time Petri Nets and Timed Automata WOJCIECH PENCZEK ICS PAS, Warsaw, Poland joint work with Agata Półrola University of Lodz, Poland Many thanks
More informationFinite-State Model Checking
EECS 219C: Computer-Aided Verification Intro. to Model Checking: Models and Properties Sanjit A. Seshia EECS, UC Berkeley Finite-State Model Checking G(p X q) Temporal logic q p FSM Model Checker Yes,
More informationTCTL model-checking of Time Petri Nets
1 TCTL model-checking of Time Petri Nets Hanifa Boucheneb 1, Guillaume Gardey 2,3 and Olivier H. Roux 2 Affiliations : 1 : École polytechnique de Montréal, C.P. 6079, succ. Centre-ville Montréal H3C3A7
More informationTimed Automata with Observers under Energy Constraints
Timed Automata with Observers under Energy Constraints Patricia Bouyer-Decitre Uli Fahrenberg Kim G. Larsen Nicolas Markey LSV, CNRS & ENS Cachan, France Aalborg Universitet, Danmark /9 Introduction The
More informationOverview. Discrete Event Systems Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?
Computer Engineering and Networks Overview Discrete Event Systems Verification of Finite Automata Lothar Thiele Introduction Binary Decision Diagrams Representation of Boolean Functions Comparing two circuits
More informationUndecidability Results for Timed Automata with Silent Transitions
Fundamenta Informaticae XXI (2001) 1001 1025 1001 IOS Press Undecidability Results for Timed Automata with Silent Transitions Patricia Bouyer LSV, ENS Cachan, CNRS, France bouyer@lsv.ens-cachan.fr Serge
More informationModelling Real-Time Systems. Henrik Ejersbo Jensen Aalborg University
Modelling Real-Time Systems Henrik Ejersbo Jensen Aalborg University Hybrid & Real Time Systems Control Theory Plant Continuous sensors actuators Task TaskTask Controller Program Discrete Computer Science
More informationBasic Research in Computer Science BRICS RS Aceto & Laroussinie: Is your Model Checker on Time? Is your Model Checker on Time?
BRICS Basic Research in Computer Science BRICS RS-99-32 Aceto & Laroussinie: Is your Model Checker on Time? Is your Model Checker on Time? On the Complexity of Model Checking for Timed Modal Logics Luca
More informationModel checking the basic modalities of CTL with Description Logic
Model checking the basic modalities of CTL with Description Logic Shoham Ben-David Richard Trefler Grant Weddell David R. Cheriton School of Computer Science University of Waterloo Abstract. Model checking
More informationModel Checking with CTL. Presented by Jason Simas
Model Checking with CTL Presented by Jason Simas Model Checking with CTL Based Upon: Logic in Computer Science. Huth and Ryan. 2000. (148-215) Model Checking. Clarke, Grumberg and Peled. 1999. (1-26) Content
More informationAutomata-based Verification - III
CS3172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20/22: email: howard.barringer@manchester.ac.uk March 2005 Third Topic Infinite Word Automata Motivation Büchi Automata
More informationA Brief Introduction to Model Checking
A Brief Introduction to Model Checking Jan. 18, LIX Page 1 Model Checking A technique for verifying finite state concurrent systems; a benefit on this restriction: largely automatic; a problem to fight:
More informationModel Checking Probabilistic Timed Automata with One or Two Clocks
Model Checking Probabilistic Timed Automata with One or Two Clocks Marcin Jurdziński 1, François Laroussinie 2, and Jeremy Sproston 3 1 Department of Computer Science, University of Warwick, Coventry CV4
More informationAlternating-Time Temporal Logic
Alternating-Time Temporal Logic R.Alur, T.Henzinger, O.Kupferman Rafael H. Bordini School of Informatics PUCRS R.Bordini@pucrs.br Logic Club 5th of September, 2013 ATL All the material in this presentation
More informationTimed Automata. Semantics, Algorithms and Tools. Zhou Huaiyang
Timed Automata Semantics, Algorithms and Tools Zhou Huaiyang Agenda } Introduction } Timed Automata } Formal Syntax } Operational Semantics } Verification Problems } Symbolic Semantics & Verification }
More informationComputing Accumulated Delays in Real-time Systems
Computing Accumulated Delays in Real-time Systems P~jeev Alur 1, Costas Courcoubetis u *, Thomas A. Henzinger 3 ** i AT&T Bell Laboratories, Murray Hill 2 Department of Computer Science, University of
More informationLecture 11: Timed Automata
Real-Time Systems Lecture 11: Timed Automata 2014-07-01 11 2014-07-01 main Dr. Bernd Westphal Albert-Ludwigs-Universität Freiburg, Germany Contents & Goals Last Lecture: DC (un)decidability This Lecture:
More informationFormally Correct Monitors for Hybrid Automata. Verimag Research Report n o TR
Formally Correct Monitors for Hybrid Automata Goran Frehse, Nikolaos Kekatos, Dejan Nickovic Verimag Research Report n o TR-2017-5 September 20, 2017 Verimag, University of Grenoble Alpes, Grenoble, France.
More informationThe efficiency of identifying timed automata and the power of clocks
The efficiency of identifying timed automata and the power of clocks Sicco Verwer a,b,1,, Mathijs de Weerdt b, Cees Witteveen b a Eindhoven University of Technology, Department of Mathematics and Computer
More informationRepresenting Temporal System Properties Specified with CCTL formulas using Finite Automaton
University of Granada Investigation Group Sistemas Concurrentes SISTEMAS CONCURRENTES Technical Report UGR SC 2008 01 February 2008 Representing Temporal System Properties Specified with CCTL formulas
More informationMonitoring and Fault-Diagnosis with Digital Clocks
Author manuscript, published in "6th Int. Conf. on Application of Concurrency to System Design (ACSD'06) (2006)" Monitoring and Fault-Diagnosis with Digital Clocks Karine Altisen Verimag Laboratory Karine.Altisen@imag.fr
More informationReal-Time Systems. Lecture 10: Timed Automata Dr. Bernd Westphal. Albert-Ludwigs-Universität Freiburg, Germany main
Real-Time Systems Lecture 10: Timed Automata 2013-06-04 10 2013-06-04 main Dr. Bernd Westphal Albert-Ludwigs-Universität Freiburg, Germany Contents & Goals Last Lecture: PLC, PLC automata This Lecture:
More informationMonodic fragments of first-order temporal logics
Outline of talk Most propositional temporal logics are decidable. But the decision problem in predicate (first-order) temporal logics has seemed near-hopeless. Monodic fragments of first-order temporal
More informationRobust Reachability in Timed Automata: A Game-based Approach
Robust Reachability in Timed Automata: A Game-based Approach Patricia Bouyer, Nicolas Markey, and Ocan Sankur LSV, CNRS & ENS Cachan, France. {bouyer,markey,sankur}@lsv.ens-cachan.fr Abstract. Reachability
More informationLaboratoire Spécification & Vérification. Language Preservation Problems in Parametric Timed Automata. Étienne André and Nicolas Markey
Language Preservation Problems in Parametric Timed Automata Étienne André and Nicolas Markey June 2015 Research report LSV-15-05 (Version 1) Laboratoire Spécification & Vérification École Normale Supérieure
More informationFormal Verification Techniques. Riccardo Sisto, Politecnico di Torino
Formal Verification Techniques Riccardo Sisto, Politecnico di Torino State exploration State Exploration and Theorem Proving Exhaustive exploration => result is certain (correctness or noncorrectness proof)
More informationChapter 4: Computation tree logic
INFOF412 Formal verification of computer systems Chapter 4: Computation tree logic Mickael Randour Formal Methods and Verification group Computer Science Department, ULB March 2017 1 CTL: a specification
More informationModal and Temporal Logics
Modal and Temporal Logics Colin Stirling School of Informatics University of Edinburgh July 26, 2003 Computational Properties 1 Satisfiability Problem: Given a modal µ-calculus formula Φ, is Φ satisfiable?
More informationReasoning about Time and Reliability
Reasoning about Time and Reliability Probabilistic CTL model checking Daniel Bruns Institut für theoretische Informatik Universität Karlsruhe 13. Juli 2007 Seminar Theorie und Anwendung von Model Checking
More informationAn Introduction to Hybrid Systems Modeling
CS620, IIT BOMBAY An Introduction to Hybrid Systems Modeling Ashutosh Trivedi Department of Computer Science and Engineering, IIT Bombay CS620: New Trends in IT: Modeling and Verification of Cyber-Physical
More informationESE601: Hybrid Systems. Introduction to verification
ESE601: Hybrid Systems Introduction to verification Spring 2006 Suggested reading material Papers (R14) - (R16) on the website. The book Model checking by Clarke, Grumberg and Peled. What is verification?
More informationDiscrete abstractions of hybrid systems for verification
Discrete abstractions of hybrid systems for verification George J. Pappas Departments of ESE and CIS University of Pennsylvania pappasg@ee.upenn.edu http://www.seas.upenn.edu/~pappasg DISC Summer School
More informationCS256/Spring 2008 Lecture #11 Zohar Manna. Beyond Temporal Logics
CS256/Spring 2008 Lecture #11 Zohar Manna Beyond Temporal Logics Temporal logic expresses properties of infinite sequences of states, but there are interesting properties that cannot be expressed, e.g.,
More informationAn On-the-fly Tableau Construction for a Real-Time Temporal Logic
#! & F $ F ' F " F % An On-the-fly Tableau Construction for a Real-Time Temporal Logic Marc Geilen and Dennis Dams Faculty of Electrical Engineering, Eindhoven University of Technology P.O.Box 513, 5600
More informationModel Checking. Temporal Logic. Fifth International Symposium in Programming, volume. of concurrent systems in CESAR. In Proceedings of the
Sérgio Campos, Edmund Why? Advantages: No proofs Fast Counter-examples No problem with partial specifications can easily express many concurrency properties Main Disadvantage: State Explosion Problem Too
More informationProbabilistic Model Checking Michaelmas Term Dr. Dave Parker. Department of Computer Science University of Oxford
Probabilistic Model Checking Michaelmas Term 2011 Dr. Dave Parker Department of Computer Science University of Oxford Overview Temporal logic Non-probabilistic temporal logic CTL Probabilistic temporal
More informationTimed Automata: Semantics, Algorithms and Tools
Timed Automata: Semantics, Algorithms and Tools Johan Bengtsson and Wang Yi Uppsala University {johanb,yi}@it.uu.se Abstract. This chapter is to provide a tutorial and pointers to results and related work
More informationModel Checking: An Introduction
Model Checking: An Introduction Meeting 3, CSCI 5535, Spring 2013 Announcements Homework 0 ( Preliminaries ) out, due Friday Saturday This Week Dive into research motivating CSCI 5535 Next Week Begin foundations
More informationFrom Liveness to Promptness
From Liveness to Promptness Orna Kupferman 1, Nir Piterman 2, and Moshe Y. Vardi 3 1 Hebrew University 2 Ecole Polytechnique Fédéral de Lausanne (EPFL) 3 Rice University Abstract. Liveness temporal properties
More informationCTL Model checking. 1. finite number of processes, each having a finite number of finite-valued variables. Model-Checking
CTL Model checking Assumptions:. finite number of processes, each having a finite number of finite-valued variables.. finite length of CTL formula Problem:Determine whether formula f 0 is true in a finite
More informationAlan Bundy. Automated Reasoning LTL Model Checking
Automated Reasoning LTL Model Checking Alan Bundy Lecture 9, page 1 Introduction So far we have looked at theorem proving Powerful, especially where good sets of rewrite rules or decision procedures have
More informationDeclarative modelling for timing
Declarative modelling for timing The real-time logic: Duration Calculus Michael R. Hansen mrh@imm.dtu.dk Informatics and Mathematical Modelling Technical University of Denmark 02153 Declarative Modelling,
More informationState-Space Exploration. Stavros Tripakis University of California, Berkeley
EE 144/244: Fundamental Algorithms for System Modeling, Analysis, and Optimization Fall 2014 State-Space Exploration Stavros Tripakis University of California, Berkeley Stavros Tripakis (UC Berkeley) EE
More informationAutomata-Theoretic LTL Model-Checking
Automata-Theoretic LTL Model-Checking Arie Gurfinkel arie@cmu.edu SEI/CMU Automata-Theoretic LTL Model-Checking p.1 LTL - Linear Time Logic (Pn 77) Determines Patterns on Infinite Traces Atomic Propositions
More informationThe State Explosion Problem
The State Explosion Problem Martin Kot August 16, 2003 1 Introduction One from main approaches to checking correctness of a concurrent system are state space methods. They are suitable for automatic analysis
More informationModel Checking Restricted Sets of Timed Paths
Model Checking Restricted Sets of Timed Paths Nicolas Markey a Jean-François Raskin b a Lab. Spécification et Vérification ENS Cachan & CNRS UMR8643 61, avenue Président Wilson 94235 Cachan Cedex France
More informationAn Introduction to Timed Automata
An Introduction to Timed Automata Patricia Bouer LSV CNRS & ENS de Cachan 6, avenue du Président Wilson 943 Cachan France email: bouer@lsv.ens-cachan.fr Introduction Explicit timing constraints are naturall
More informationOverview. overview / 357
Overview overview6.1 Introduction Modelling parallel systems Linear Time Properties Regular Properties Linear Temporal Logic (LTL) Computation Tree Logic syntax and semantics of CTL expressiveness of CTL
More informationLecture Notes on Emptiness Checking, LTL Büchi Automata
15-414: Bug Catching: Automated Program Verification Lecture Notes on Emptiness Checking, LTL Büchi Automata Matt Fredrikson André Platzer Carnegie Mellon University Lecture 18 1 Introduction We ve seen
More informationmodels, languages, dynamics Eugene Asarin PIMS/EQINOCS Workshop on Automata Theory and Symbolic Dynamics LIAFA - University Paris Diderot and CNRS
models, s, LIAFA - University Paris Diderot and CNRS PIMS/EQINOCS Workshop on Automata Theory and Symbolic Dynamics Context A model for verification of real-time systems Invented by Alur and Dill in early
More informationTIMED automata, introduced by Alur and Dill in [3], have
1 Language Inclusion Checking of Timed Automata with Non-Zenoness Xinyu Wang, Jun Sun, Ting Wang, and Shengchao Qin Abstract Given a timed automaton P modeling an implementation and a timed automaton S
More informationStrategy Logic. 1 Introduction. Krishnendu Chatterjee 1, Thomas A. Henzinger 1,2, and Nir Piterman 2
Strategy Logic Krishnendu Chatterjee 1, Thomas A. Henzinger 1,2, and Nir Piterman 2 1 University of California, Berkeley, USA 2 EPFL, Switzerland c krish@eecs.berkeley.edu, {tah,nir.piterman}@epfl.ch Abstract.
More informationVerification of Linear Duration Invariants by Model Checking CTL Properties
UNU-IIST International Institute for Software Technology Verification of Linear Duration Invariants by Model Checking CTL Properties Miaomiao Zhang, Dang Van Hung and Zhiming Liu June 2008 UNU-IIST Report
More informationSymmetry Reductions. A. Prasad Sistla University Of Illinois at Chicago
Symmetry Reductions. A. Prasad Sistla University Of Illinois at Chicago Model-Checking Concurrent PGM Temporal SPEC Model Checker Yes/No Counter Example Approach Build the global state graph Algorithm
More informationControl Synthesis of Discrete Manufacturing Systems using Timed Finite Automata
Control Synthesis of Discrete Manufacturing Systems using Timed Finite utomata JROSLV FOGEL Institute of Informatics Slovak cademy of Sciences ratislav Dúbravská 9, SLOVK REPULIC bstract: - n application
More informationAlternating nonzero automata
Alternating nonzero automata Application to the satisfiability of CTL [,, P >0, P =1 ] Hugo Gimbert, joint work with Paulin Fournier LaBRI, Université de Bordeaux ANR Stoch-MC 06/07/2017 Control and verification
More informationAutomata-theoretic Decision of Timed Games
Automata-theoretic Decision of Timed Games Marco Faella a, Salvatore La Torre b, Aniello Murano a a Università degli Studi di Napoli Federico II, 80126 Napoli {faella, murano}@na.infn.it b Università degli
More informationNew Complexity Results for Some Linear Counting Problems Using Minimal Solutions to Linear Diophantine Equations
New Complexity Results for Some Linear Counting Problems Using Minimal Solutions to Linear Diophantine Equations (Extended Abstract) Gaoyan Xie, Cheng Li and Zhe Dang School of Electrical Engineering and
More informationReachability-Time Games on Timed Automata (Extended Abstract)
Reachability-Time Games on Timed Automata (Extended Abstract) Marcin Jurdziński and Ashutosh Trivedi Department of Computer Science, University of Warwick, UK Abstract. In a reachability-time game, players
More informationA Timed CTL Model Checker for Real-Time Maude
A Timed CTL Model Checker for Real-Time Maude Daniela Lepri 1, Erika Ábrahám 2, and Peter Csaba Ölveczky 1 1 University of Oslo and 2 RWTH Aachen Real-Time Maude Extends Maude to real-time systems Object-oriented
More information540 IEEE TRANSACTIONS ON AUTOMATIC CONTROL, VOL. 43, NO. 4, APRIL Algorithmic Analysis of Nonlinear Hybrid Systems
540 IEEE TRANSACTIONS ON AUTOMATIC CONTROL, VOL. 43, NO. 4, APRIL 1998 Algorithmic Analysis of Nonlinear Hybrid Systems Thomas A. Henzinger, Pei-Hsin Ho, Howard Wong-Toi Abstract Hybrid systems are digital
More informationLogic Model Checking
Logic Model Checking Lecture Notes 10:18 Caltech 101b.2 January-March 2004 Course Text: The Spin Model Checker: Primer and Reference Manual Addison-Wesley 2003, ISBN 0-321-22862-6, 608 pgs. the assignment
More informationSome Remarks on Alternating Temporal Epistemic Logic
Some Remarks on Alternating Temporal Epistemic Logic Corrected version: July 2003 Wojciech Jamroga Parlevink Group, University of Twente, Netherlands Institute of Mathematics, University of Gdansk, Poland
More informationDISTINGUING NON-DETERMINISTIC TIMED FINITE STATE MACHINES
DISTINGUING NON-DETERMINISTIC TIMED FINITE STATE MACHINES Maxim Gromov 1, Khaled El-Fakih 2, Natalia Shabaldina 1, Nina Yevtushenko 1 1 Tomsk State University, 36 Lenin Str.. Tomsk, 634050, Russia gromov@sibmail.com,
More informationModel Checking Algorithms
Model Checking Algorithms Bow-Yaw Wang Institute of Information Science Academia Sinica, Taiwan November 14, 2018 Bow-Yaw Wang (Academia Sinica) Model Checking Algorithms November 14, 2018 1 / 56 Outline
More informationChapter 6: Computation Tree Logic
Chapter 6: Computation Tree Logic Prof. Ali Movaghar Verification of Reactive Systems Outline We introduce Computation Tree Logic (CTL), a branching temporal logic for specifying system properties. A comparison
More information