Robustness and Implementability of Timed Automata Martin De Wulf Laurent Doyen Nicolas Markey Jean-François Raskin Centre Fédéré en Vérification FORMATS-FTRTFT.

Slides:



Advertisements
Similar presentations
Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.
Advertisements

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
The cardiac pacemaker – SystemJ versus Safety Critical Java Heejong Park, Avinash Malik, Muhammad Nadeem, and Zoran Salcic. University of Auckland, NZ.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Operational Resilience Theory and Experimentation Levi Lúcio.
Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
Timed Automata.
Energy and Mean-Payoff Parity Markov Decision Processes Laurent Doyen LSV, ENS Cachan & CNRS Krishnendu Chatterjee IST Austria MFCS 2011.
From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University.
Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.
Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.
Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.
Alpaga A Tool for Solving Parity Games with Imperfect Information Dietmar Berwanger 1 Krishnendu Chatterjee 2 Martin De Wulf 3 Laurent Doyen 3,4 Tom Henzinger.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Clocks, Dice and Processes PhD Promotion September 21, 2009 Taolue Chen Vrije Universiteit Amsterdam, The Netherlands.
Synchronizing Words for Probabilistic Automata Laurent Doyen LSV, ENS Cachan & CNRS Thierry Massart, Mahsa Shirmohammadi Université Libre de Bruxelles.
1 Simulator-Model Checker for Reactive Real-Time Abstract State Machines Anatol Slissenko University Paris 12 Pavel Vasilyev University Paris 12 University.
Predictable Design for Real-time Embedded Control A Case Study Jinfeng Huang & Jeroen Voeten Eindhoven University of Technology PROGRESS.
Verification of Parameterized Timed Systems Parosh Aziz Abdulla Uppsala University Johann Deneux Pritha Mahata Aletta Nylen.
Discrete Abstractions of Hybrid Systems Rajeev Alur, Thomas A. Henzinger, Gerardo Lafferriere and George J. Pappas.
Games, Times, and Probabilities: Value Iteration in Verification and Control Krishnendu Chatterjee Tom Henzinger.
ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
Automatic Rectangular Refinement of Affine Hybrid Automata Tom Henzinger EPFL Laurent Doyen ULB Jean-François Raskin ULB FORMATS 2005 – Sep 27 th - Uppsala.
On-the-fly Model Checking from Interval Logic Specifications Manuel I. Capel & Miguel J. Hornos Dept. Lenguajes y Sistemas Informáticos Universidad de.
Sanjit A. Seshia and Randal E. Bryant Computer Science Department
Modeling and the simulator of Digital Circuits in Object-Oriented Programming Stefan Senczyna Department of Fundamentals of Technical Systems The Silesian.
Specification Formalisms Book: Chapter 5. Properties of formalisms Formal. Unique interpretation. Intuitive. Simple to understand (visual). Succinct.
Chess Review November 21, 2005 Berkeley, CA Edited and presented by Advances in Hybrid System Theory: Overview Claire J. Tomlin UC Berkeley.
Chess Review November 18, 2004 Berkeley, CA Hybrid Systems Theory Edited and Presented by Thomas A. Henzinger, Co-PI UC Berkeley.
Model-based Analysis of Distributed Real-time Embedded System Composition Gabor Madl Sherif Abdelwahed
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
Real-Time Synchronised Petri Nets Giovanna Di Marzo Serugendo Dino Mandrioli, Didier Buchs, Nicolas Guelfi University of Geneva, Switzerland PN’02 / 24th.
NSF Foundations of Hybrid and Embedded Software Systems UC Berkeley: Chess Vanderbilt University: ISIS University of Memphis: MSI Program Review May 10,
Abstract Verification is traditionally done by determining the truth of a temporal formula (the specification) with respect to a timed transition system.
Quantitative Languages Krishnendu Chatterjee, UCSC Laurent Doyen, EPFL Tom Henzinger, EPFL CSL 2008.
1 Carnegie Mellon UniversitySPINFlavio Lerda Bug Catching SPIN An explicit state model checker.
Jun. Sun Singapore University of Technology and Design Songzheng Song and Yang Liu National University of Singapore.
Toward Safety-Assured Development of Real-Time Software November 5, 2011 Eunkyoung Jee, Oleg Sokolsky, Insup Lee PRECISE center, Department of Computer.
Energy Parity Games Laurent Doyen LSV, ENS Cachan & CNRS Krishnendu Chatterjee IST Austria.
CEFRIEL Consorzio per la Formazione e la Ricerca in Ingegneria dell’Informazione Politecnico di Milano Model Checking UML Specifications of Real Time Software.
Algorithmic Software Verification III. Finite state games and pushdown automata.
Dina Workshop Analysing Properties of Hybrid Systems Rafael Wisniewski Aalborg University.
A Static Approach to Consistency Verification of UML Models Andrea Baruzzo Department of Computer Science University of Udine MoDeV.
Semantics & Verification Research Group Department of Computer Science University of Malta FLACOS 2008 Detection of Conflicts in Electronic Contracts Stephen.
Lazy Abstraction Jinseong Jeon ARCS, KAIST CS750b, KAIST2/26 References Lazy Abstraction –Thomas A. Henzinger et al., POPL ’02 Software verification.
Lecture 81 Regional Automaton CS 5270 Lecture 8. Lecture 82 What We Need to Do Problem: –We need to analyze the timed behavior of a TTS. –The timed behavior.
Page 1 Analysis of Asynchronous Systems Steven P. Miller Michael W. Whalen {spmiller, Advanced Computing Systems Rockwell.
Expressiveness and Closure Properties for Quantitative Languages Krishnendu Chatterjee, IST Austria Laurent Doyen, ULB Belgium Tom Henzinger, EPFL Switzerland.
1 Black-box conformance testing for real-time systems Stavros Tripakis VERIMAG Joint work with Moez Krichen.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
ECE/CS 584: Hybrid Automaton Modeling Framework Invariance, Abstractions, Simulation Lecture 04 Sayan Mitra.
Towards Interoperability Test Generation of Time Dependent Protocols: a Case Study Zhiliang Wang, Jianping Wu, Xia Yin Department of Computer Science Tsinghua.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Copyright 2001, Matt Dwyer, John Hatcliff, and Radu Iosif. The syllabus and all lectures for this course are copyrighted materials and may not be used.
Properties as Processes : FORTE slide Properties as Processes: their Specification and Verification Joel Kelso and George Milne School of Computer.
1 CSEP590 – Model Checking and Automated Verification Lecture outline for July 9, 2003.
ECE/CS 584: Verification of Embedded Computing Systems Model Checking Timed Automata Sayan Mitra Lecture 09.
Model Checking Lecture 1. Model checking, narrowly interpreted: Decision procedures for checking if a given Kripke structure is a model for a given formula.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
MOPS: an Infrastructure for Examining Security Properties of Software Authors Hao Chen and David Wagner Appears in ACM Conference on Computer and Communications.
Model Checking Lecture 1: Specification Tom Henzinger.
ECE/CS 584: Verification of Embedded Computing Systems Timed to Hybrid Automata Sayan Mitra (edited by Yu Wang) Lecture 10.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Communicating Timed Automata Pavel Krčál Wang Yi Uppsala University [CAV’06]
Instructor: Rajeev Alur
Automatic Verification
Program Synthesis is a Game
Quantitative Modeling, Verification, and Synthesis
Robustness and Implementability of Timed Automata
Presentation transcript:

Robustness and Implementability of Timed Automata Martin De Wulf Laurent Doyen Nicolas Markey Jean-François Raskin Centre Fédéré en Vérification FORMATS-FTRTFT 2004 – Sep 24 th - Grenoble

Motivation Embedded Controllers … are difficult to develop (concurrency, real- time, continuous environment,...). … are safety critical. Use formal models + Verification: Timed Automata and Reachability Analysis

Timed Automata closed guardresetLocation Transition Clocks: {a,b}

Objectives From a verified model, generate (automatically) a correct implementation Using classical formalism (e.g. timed automata) …but interpreting the model in a way that guarantees the transfer of the properties from model to implementation

Robustness and Implentation Model Perfect continuous clocks Instantaneous synchronisations Reaction time = 0 Digital clocks Delayed synchronisations Reaction time > 0 Implementation vs. Correct model Correct implementation?

Timed Automata: Semantics Classical Perfect clocks Rate: Guard: Imprecise clocks Rate: Guard: Enlargedvs. Shortcut:

From Model to Implementation   >0 Reach([A´]  )  Bad =  Timed automaton A is implementable [DDR04] if Reach([A])  Bad =  Timed automaton A is correct if which is equivalent to   >0 Reach([A´]  )  Bad = 

Robustness No ! (see example) Is it always the case that ?   >0 Reach([A]  ) = Reach([A]) How to compute ?   >0 Reach([A]  ) [Pur98] gives an algorithm for   >0 Reach([A]  ) We show that   >0 Reach([A]  ) =   >0 Reach([A]  )

An example showing that Reach([A])    >0 Reach([A]  )

Example

Classical Semantics Example

Example

Example

Example

Example

Example

Example

Enlarged Semantics Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example

Example Reach([A]  )

Enlarged Semantics Example   >0 Reach([A]  ) When

Enlarged SemanticsClassical Semantics vs. Example   >0 Reach([A]  ) Reach([A])

Black cycles are reachable Blue cycles are not ! Classical semantics [A] Enlarged semantics One blue cycle is reachable By repeating this cycle with Δ>0, the entire regions are reachable ! Example [A] 

Cycles in Timed Automata Algortihm [Pur98] is based on this observation: It just adds the cycles to reachable states Until no more cycle is accessible Hence, the implementability problem is decidable ! (and PSPACE-complete) Given a timed automaton A, determine whether there exists Δ>0 such that Reach([A]  )  Bad = 

Open questions Maximize Δ such that Decide whether there exists Δ such that Find a practical algorithm for And many others… Reach([A]  )  Bad =    >0 Reach([A]  ) UntimedLang([A]  ) = UntimedLang([A])

References [DDR04] M. De Wulf, L. Doyen, J.-F. Raskin. Almost ASAP Semantics: From Timed Model to Timed Implementation. LNCS 2993, HSCC [Pur98] A. Puri. Dynamical Properties of Timed Automata. FTRTFT 1998.

Model-based development Make a model of the environment: Env Make clear the control objective: Bad Make a model of the control strategy: ControllerModel Verify: Does Env || ControllerModel avoid Bad ? Good, but after ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.