Test & Verification Verification Kim G. Larsen. TOV 2002Kim G. Larsen 2 Research Profile Distributed Systems & Semantics Unit Semantic Models concurrency,

Slides:



Advertisements
Similar presentations
System Integration and Performance
Advertisements

Real-Time Systems, DTU, Feb 15, 2000 Paul Pettersson, BRICS, Aalborg, Denmark. Timed Automata and Timed Computation Tree Logic Paul Pettersson
Real-Time Systems, DTU, Feb 29, 2000 Paul Pettersson, BRICS, Aalborg, Denmark. UPPAAL’s Modeling and Specification Language & Philips Bounded Retransmission.
UCb Symbolic Reachability and Beyound or how UPPAAL really works Kim Guldstrand Larsen
Dependable Embedded Software Systems Kim Guldstrand Larsen UCb.
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
UPPAAL Introduction Chien-Liang Chen.
Timed Automata.
Modelling and Analysis of Real Time Systems Kim Guldstrand Larsen UPPAAL2k using UPPAAL2k.
UPPAAL Andreas Hadiyono Arrummaisha Adrifina Harya Iswara Aditya Wibowo Juwita Utami Putri.
ComS 512 Project John Altidor Michelle Ruse Jonathan Schroeder.
CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ Dr. Yann-Hang Lee
Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.
Hybrid Approach to Model-Checking of Timed Automata DAT4 Project Proposal Supervisor: Alexandre David.
1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture 05.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
UCb Tools and Application of Timed Automata UPPAAL & Optimal Scheduling Kim G. Larsen
Course Summary. © Katz, 2003 Formal Specifications of Complex Systems-- Real-time 2 Topics (1) Families of specification methods, evaluation criteria.
VERTAF: An Application Framework for Design and Verification of Embedded Real-Time Software Pao-Ann Hsiung, Shang-Wei Lin, Chih-Hao Tseng, Trong-Yen Lee,
1 Modelling and Validation of Real Time Systems Kim Guldstrand Larsen Paul Pettersson
Verifikation af realtids systemer i UPPAAL
Formal Methods Automatic Validation and Verification Tools
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
CaV 2003 CbCb 1 Concurrency and Verification What? Why? How?
Programming Languages Structure
Course Summary. © Katz, 2007 Formal Specifications of Complex Systems-- Real-time 2 Topics (1) Families of specification methods, evaluation criteria.
CS533 - Concepts of Operating Systems
Timing analysis of an SDL subset in UPPAAL Anders Hessel Institution of Information Technology Department of Computer Systems Uppsala University M.Sc.
Formal verification Marco A. Peña Universitat Politècnica de Catalunya.
An Introduction to Rational Rose Real-Time
Advances in Language Design
02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.
Cheng/Dillon-Software Engineering: Formal Methods Model Checking.
OMNET++. Outline Introduction Overview The NED Language Simple Modules.
Timed UML State Machines Ognyana Hristova Tutor: Priv.-Doz. Dr. Thomas Noll June, 2007.
Safe Collaborative Driving Systems NSF and Nick Maxemchuk Columbia University Engineering is the Art of Managing Complexity Photograph.
UPPAAL Ghaith Haddad. Introduction UPPAAL is a tool for modeling, validation and verification of real-time systems. Appropriate for systems that can be.
Transformation of Timed Automata into Mixed Integer Linear Programs Sebastian Panek.
1 Timed and Hybrid Systems in UPPAAL2k Kim Guldstrand Larsen Paul Pettersson &
CEFRIEL Consorzio per la Formazione e la Ricerca in Ingegneria dell’Informazione Politecnico di Milano Model Checking UML Specifications of Real Time Software.
Software Engineering Research paper presentation Ali Ahmad Formal Approaches to Software Testing Hierarchal GUI Test Case Generation Using Automated Planning.
- 1 - Embedded Systems - SDL Some general properties of languages 1. Synchronous vs. asynchronous languages Description of several processes in many languages.
(Business) Process Centric Exchanges
Chapter 12 Transmission Control Protocol (TCP)
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Ch. 2. Specification and Modeling 2.1 Requirements Describe requirements and approaches for specifying and modeling embedded systems. Specification for.
Lecture51 Timed Automata II CS 5270 Lecture 5.
CS 453 Computer Networks Lecture 9 Layer 2 – Data Link Layer.
1 Computer-Aided Verification 電腦輔助驗證. Other names Formal methods Formal verification Automated verification.
Timed I/O Automata: A Mathematical Framework for Modeling and Analyzing Real-Time Systems Frits Vaandrager, University of Nijmegen joint work with Dilsun.
CS 453 Computer Networks Lecture 9 Layer 2 – Data Link Layer.
Communicating Real-Time State Machines (CRSM) State machines that communicate synchronously Unique unidirectional channels are used for the communication.
Conformance Test Experiments for Distributed Real-Time Systems Rachel Cardell-Oliver Complex Systems Group Department of Computer Science & Software Engineering.
1 Model Checking of of Timed Systems Rajeev Alur University of Pennsylvania.
Verification & Validation By: Amir Masoud Gharehbaghi
Predicate Abstraction. Abstract state space exploration Method: (1) start in the abstract initial state (2) use to compute reachable states (invariants)
CSCI1600: Embedded and Real Time Software Lecture 28: Verification I Steven Reiss, Fall 2015.
1 Networks of TA; Specification Logic; Case Studies CS5270, P.S. Thiagarajan.
ECE/CS 584: Verification of Embedded Computing Systems Model Checking Timed Automata Sayan Mitra Lecture 09.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Active-HDL Server Farm Course 11. All materials updated on: September 30, 2004 Outline 1.Introduction 2.Advantages 3.Requirements 4.Installation 5.Architecture.
Application architectures Advisor : Dr. Moneer Al_Mekhlafi By : Ahmed AbdAllah Al_Homaidi.
SOFTWARE TESTING LECTURE 9. OBSERVATIONS ABOUT TESTING “ Testing is the process of executing a program with the intention of finding errors. ” – Myers.
CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.
UPPAAL Real-Time Systems Lab. Seolyoung, Jeong.
Timed Automata II CS 5270 Lecture Lecture5.
Timed Automata Formal Systems Pallab Dasgupta Professor,
Presentation transcript:

Test & Verification Verification Kim G. Larsen

TOV 2002Kim G. Larsen 2 Research Profile Distributed Systems & Semantics Unit Semantic Models concurrency, mobility, objects real-time, hybrid systems Validation & Verification algorithms & tools Construction real-time & network systems

TOV 2002Kim G. Larsen 3 BRICS Machine Basic Research in Computer Science Millkr 100 Aalborg Aarhus Tools Other revelvant projects UPPAAL, VHS, VVS, WOODDES

TOV 2002Kim G. Larsen 4 Tools and BRICS Logic Temporal Logic Modal Logic MSOL Algorithmic (Timed) Automata Theory Graph Theory BDDs Polyhedra Manipulation Semantics Concurrency Theory Abstract Interpretation Compositionality Models for real-time & hybrid systems HOL TLP Applications PVS ALF SPIN visualSTATEUPPAAL

TOV 2002Kim G. Larsen 5 A very complex system Klaus Havelund, NASA

TOV 2002Kim G. Larsen 6 Rotterdam Storm Surge Barrier

TOV 2002Kim G. Larsen 7 Spectacular Bugs z ARIANE-5 z INTEL Pentium II floating-point division 470 Mill US $ z Baggage handling system, Denver 1.1 Mill US $/day for 9 months z Mars Pathfinder z Radiation theraphy, Therac-25 z ……. More in JPK, CW

TOV 2002Kim G. Larsen 8 Embedded Systems SyncMaster 17GLsi Telephone Tamagotchi Mobile Phone Digital Watch

TOV 2002Kim G. Larsen 9 A simple program Int x Process INC do :: x x:=x+1 od Process DEC do :: x>0 --> x:=x-1 od Process RESET do :: x=200 --> x:=0 od fork INC; fork DEC; fork RESET Int x Process INC do :: x x:=x+1 od Process DEC do :: x>0 --> x:=x-1 od Process RESET do :: x=200 --> x:=0 od fork INC; fork DEC; fork RESET Which values may x take ? Questions/Properties: E<>(x>1000) E<>(x>2000) A[](x<=2000) E<>(x<0) A[](x>=0) Possibly Always

TOV 2002Kim G. Larsen 10 Introducing, Detecting and Repairing Errors Liggesmeyer 98

TOV 2002Kim G. Larsen 11 Introducing, Detecting and Repairing Errors Liggesmeyer 98

TOV 2002Kim G. Larsen 12 Suggested Solution? Model based validation, verfication and testing of software and hardware

TOV 2002Kim G. Larsen 13 Verification & Validation Design ModelSpecification Analysis Implementation Testing

TOV 2002Kim G. Larsen 14 Verification & Validation Design ModelSpecification Verification & Refusal Analysis Validation Implementation Testing UML SDL

TOV 2002Kim G. Larsen 15 Verification & Validation Design ModelSpecification Verification & Refusal Analysis Validation Implementation Testing UML SDL Model Extraction Automatic Code generation

TOV 2002Kim G. Larsen 16 Verification & Validation Design ModelSpecification Verification & Refusal Analysis Validation Implementation Testing UML Automatic Code generation Automatic Test generation SDL Model Extraction

TOV 2002Kim G. Larsen 17 How? Unified Model = State Machine! a b x y a? b? x! y!b? Control states Input ports Output ports

TOV 2002Kim G. Larsen 18 Tamagotchi A C Health=0 or Age=2.000 B PassiveFeeding Light Clean PlayDisciplineMedicine Care Tick Health:=Health-1; Age:=Age+1 A A A A A A A A Meal Snack B B ALIVE DEAD Health:= Health-1

TOV 2002Kim G. Larsen 19 SYNCmaster

TOV 2002Kim G. Larsen 20 Digital Watch

TOV 2002Kim G. Larsen 21 The SDL Editor Process level

TOV 2002Kim G. Larsen 22 SPIN, Gerald Holzmann AT&T

TOV 2002Kim G. Larsen 23 visualSTATE zHierarchical state systems zFlat state systems zMultiple and inter- related state machines zSupports UML notation zDevice driver access VVS w Baan Visualstate, DTU (CIT project)

TOV 2002Kim G. Larsen 24 ESTEREL

TOV 2002Kim G. Larsen 25 UPPAAL

TOV 2002Kim G. Larsen 26 ‘State Explosion’ problem a cb ,a 4,a 3,a4,a 1,b2,b 3,b4,b 1,c2,c 3,c4,c All combinations = exponential in no. of components M1 M2 M1 x M2 Provably theoretical intractable

TOV 2002Kim G. Larsen 27 Train Simulator 1421 machines transitions 2981 inputs 2667 outputs 3204 local states Declare state sp.: 10^476 BUGS ? VVS visualSTATE Our techniuqes has reduced verification time with several orders of magnitude (ex 14 days to 6 sec)

TOV 2002Kim G. Larsen 28 Tool Support (model checking) System Description A Requirement F Yes, Prototypes Executable Code Test sequences No! Debugging Information Tools: UPPAAL, visualSTATE, ESTEREL, SPIN, Statemate, FormalCheck, VeriSoft, Java Pathfinder,… TOOL

VVS Verification and Validation of Large Systems DTU, Aalborg, Baan Visualstate URLs:// //

TOV 2002Kim G. Larsen 30 BAAN VisualSTATE Tidligere BEOLOGIC salesPLUS visualSTATE Beologic’s Products: salesPLUS visualSTATE : Independent division of B& : Independent company B&O, 2M Invest, Danish Municipal Pension Ins. Fund Customers: ABB B&O Daimler-Benz Ericson DIAX ESA/ESTEC FORD Grundfos LEGO PBS Siemens ……. (approx. 90) Verification Problems: components states Our techniques has reduced verification by an order of magnitude (from 14 days to 6 sec) Embedded Systems Simple Model Verification of Std. Checks Explicit Representation (STATEEXPLOSION) Code Generation

TOV 2002Kim G. Larsen 31 visualSTATE 4.0 Product Modules zNavigator zPrototyper yGraphical Simulation of human interface panels zPresenter yPrototyper for distribution zDesigner yDiagram Designer yMatrix Designer yText Editor zTester yValidator xSimulation xAnimation xAnalysis yVerificator xStatic verification xDynamic verification zGenerator yCoder yDocumentor

TOV 2002Kim G. Larsen 32 visualSTATE Prototyper A virtual prototype of a mobile telephone zGUI Builder zGUI Executer zPick’n place of symbols zNo manual coding zCustom designed objects yActiveX controls yGraphics libraries

TOV 2002Kim G. Larsen 33 visualSTATE Designer zHierarchical state systems zFlat state systems zMultiple and inter- related state machines zSupports UML notation zDevice driver access

TOV 2002Kim G. Larsen 34 zNo local nor global dead-ends zNo never interpreted events zNo fired actions zNo conflicting transactions zNo unreachable states zAll combinations are checked! visualSTATE Tester Verification 100% Tested! No bugs allowed!

TOV 2002Kim G. Larsen 35 Train Simulator 1421 machines transitions 2981 inputs 2667 outputs 3204 local states Declare state sp.: 10^476 BUGS ? VVS

TOV 2002Kim G. Larsen 36 Experimental Breakthroughs Machine: 166 MHz Pentium PC with 32 MB RAM ---: Out of memory, or did not terminate after 3 hours. VVS project BRICS/Aalborg, DTU, BAAN visualSTATE

TOV 2002Kim G. Larsen 37 Experimental Breakthroughs Patented Machine: 166 MHz Pentium PC with 32 MB RAM ---: Out of memory, or did not terminate after 3 hours. Our techniques have reduced verification time with several orders of magnitude (ex from 14 days to 6 sec)

UPPAAL Modelling and Verification of Real Time systems UPPAAL2k > 800 users > 35 countries UPPAAL2k > 800 users > 35 countries

TOV 2002Kim G. Larsen 39 yWang Yi yJohan Bengtsson yPaul Pettersson yFredrik Larsson yAlexandre David yTobias Amnell yOliver yKim G Larsen yArne Skou yPaul Pettersson yCarsten Weise yKåre J Kristoffersen yGerd Behrman yThomas Hune yOliver Möller yNicky Oliver Bodentien yLasse yDavid Griffioen, Ansgar Fehnker, Frits Vandraager, Klaus Havelund, Theo Ruys, Pedro D’Argenio, J-P Katoen, J. Tretmans, Judi Romijn, Ed Brinksma, Franck Cassez, Magnus Lindahl, Francois Laroussinie, Patricia Bouyer, Augusto Burgueno, H. Bowmann, D. Latella, M. Massink, G. Faconti, Kristina Lundqvist, Lars Asplund, Justin Pearson...

TOV 2002Kim G. Larsen 40 Dec’96Sep’98

TOV 2002Kim G. Larsen 41 Dec’96Sep’98 from 7.5 hrs / 527 MB on ONYX with 2GB (4Mill DKK) to sec / 2.1 MB on Pentium 150 MHz, 32 MB or Every 9 month 10 times better performance!

TOV 2002Kim G. Larsen 42 Hybrid & Real Time Systems Plant Continuous Controller Program Discrete Control Theory Computer Science Eg.: Pump Control Air Bags Robots Cruise Control ABS CD Players Production Lines Real Time System A system where correctness not only depends on the logical order of events but also on their timing Real Time System A system where correctness not only depends on the logical order of events but also on their timing sensors actuators Task

TOV 2002Kim G. Larsen 43 Construction of UPPAAL models Plant Continuous Controller Program Discrete sensors actuators Task a cb a cb a cb UPPAAL Model Model of environment (user-supplied) Model of tasks (automatic?)

TOV 2002Kim G. Larsen 44 Intelligent Light Control OffLightBright press? WANT: if press is issued twice quickly then the light will get brighter; otherwise the light is turned off.

TOV 2002Kim G. Larsen 45 Intelligent Light Control OffLightBright press? Solution: Add real-valued clock x X:=0 X<=3 X>3

TOV 2002Kim G. Larsen 46 Timed Automata n m a Alur & Dill 1990 Clocks: x, y x 3 x := 0 Guard Boolean combination of integer bounds on clocks and clock-differences. Reset Action perfomed on clocks Transitions ( n, x=2.4, y= ) ( n, x=3.5, y= ) e(1.1) ( n, x=2.4, y= ) ( m, x=0, y= ) a State ( location, x=v, y=u ) where v,u are in R Action used for synchronization

TOV 2002Kim G. Larsen 47 n m a Clocks: x, y x 3 x := 0 Transitions ( n, x=2.4, y= ) ( n, x=3.5, y= ) e(1.1) ( n, x=2.4, y= ) e(3.2) x<=5 y<=10 Location Invariants g1 g2 g3 g4 Timed Automata Invariants Invariants ensure progress!!

TOV 2002Kim G. Larsen 48 The UPPAAL Model = Networks of Timed Automata + Integer Variables +…. l1 l2 a! x>=2 i==3 x := 0 i:=i+4 m1 m2 a? y<=4 …………. Two-way synchronization on complementary actions. Closed Systems! Two-way synchronization on complementary actions. Closed Systems! (l1, m1,………, x=2, y=3.5, i=3,…..) (l2,m2,……..,x=0, y=3.5, i=7,…..) (l1,m1,………,x=2.2, y=3.7, I=3,…..) 0.2 tau Example transitions If a URGENT CHANNEL

TOV 2002Kim G. Larsen 49 LEGO Mindstorms/RCX  Sensors: temperature, light, rotation, pressure.  Actuators: motors, lamps, zVirtual machine: y10 tasks, 4 timers, 16 integers. zSeveral Programming Languages: yNotQuiteC, Mindstorm, Robotics, legOS, etc. 3 input ports 3 output ports 1 infra-red port

TOV 2002Kim G. Larsen 50 First UPPAAL model Sorting of Lego Boxes Conveyer Belt Exercise: Design Controller so that only black boxes are being pushed out Boxes Piston Black red Blck Rd remove eject Controller Ken Tindell MAINPUSH

TOV 2002Kim G. Larsen 51 NQC programs task PUSH{ while(true){ wait(Timer(1)>DELAY && active==1); active=0; Rev(OUT_C,1); Sleep(8); Fwd(OUT_C,1); Sleep(12); Off(OUT_C); } task PUSH{ while(true){ wait(Timer(1)>DELAY && active==1); active=0; Rev(OUT_C,1); Sleep(8); Fwd(OUT_C,1); Sleep(12); Off(OUT_C); } int active; int DELAY; int LIGHT_LEVEL; int active; int DELAY; int LIGHT_LEVEL; task MAIN{ DELAY=75; LIGHT_LEVEL=35; active=0; Sensor(IN_1, IN_LIGHT); Fwd(OUT_A,1); Display(1); start PUSH; while(true){ wait(IN_1<=LIGHT_LEVEL); ClearTimer(1); active=1; PlaySound(1); wait(IN_1>LIGHT_LEVEL); } task MAIN{ DELAY=75; LIGHT_LEVEL=35; active=0; Sensor(IN_1, IN_LIGHT); Fwd(OUT_A,1); Display(1); start PUSH; while(true){ wait(IN_1<=LIGHT_LEVEL); ClearTimer(1); active=1; PlaySound(1); wait(IN_1>LIGHT_LEVEL); }

UPPAAL Demo

TOV 2002Kim G. Larsen 53 From RCX to UPPAAL zModel includes Round-Robin Scheduler. zCompilation of RCX tasks into TA models. zPresented at ECRTS 2000 Task MAIN

TOV 2002Kim G. Larsen 54 The Production Cell Course at DTU, Copenhagen Production Cell

TOV 2002Kim G. Larsen 55 Train Crossing River Crossing Gate Stopable Area [10,20] [7,15] Queue [3,5]

TOV 2002Kim G. Larsen 56 Train Crossing River Crossing Gate Stopable Area [10,20] [7,15] Queue [3,5] appr, stop leave go empty nonempty hd, add,rem el Communication via channels and shared variable.

TOV 2002Kim G. Larsen 57 Case Studies: Protocols zPhilips Audio Protocol [HS’95, CAV’95, RTSS’95, CAV’96 ] zCollision-Avoidance Protocol [SPIN’95] zBounded Retransmission Protocol [TACAS’97] zBang & Olufsen Audio/Video Protocol [RTSS’97] zTDMA Protocol [PRFTS’97] zLip-Synchronization Protocol [FMICS’97] zMultimedia Streams [DSVIS’98] zATM ABR Protocol [CAV’99] zABB Fieldbus Protocol [ECRTS’2k] zIEEE 1394 Firewire Root Contention (2000)

TOV 2002Kim G. Larsen 58 Case-Studies: Controllers zGearbox Controller [TACAS’98] zBang & Olufsen Power Controller [RTPS’99,FTRTFT’2k] zSIDMAR Steel Production Plant [RTCSA’99, DSVV’2k] zReal-Time RCX Control-Programs [ECRTS’2k] zExperimental Batch Plant (2000) zRCX Production Cell (2000)

TOV 2002Kim G. Larsen 59 Timed Automata in U PPAAL zTimed (Safety) Automata + urgent actions + urgent locations + committed locations + data-variables (with bounded domains) + arrays of data-variables + constants + guards and assignments over data-variables and arrays… + templates with local clocks, data-variables, and constants.

TOV 2002Kim G. Larsen 60 Declarations in U PPAAL clock x 1, …, x n ; int i 1, …, i m ; chan a 1, …, a o ; const c 1 n 1, …, c p n p ; Examples: clock x, y; int i, J0; int[0,1] k[5]; const delay 5, true 1, false 0; Array k of five booleans.

TOV 2002Kim G. Larsen 61 Timed Automata in U PPAAL n m a x 3 x := 0 x<=5 y<=10 g1 g2 g3 g4 clock natural number and clock guards data guards clock assignments location invariants

TOV 2002Kim G. Larsen 62 Urgent Channels urgent chan hurry; Informal Semantics: There will be no delay if transition with urgent action can be taken. Restrictions: No clock guard allowed on transitions with urgent actions. Invariants and data-variable guards are allowed.

TOV 2002Kim G. Larsen 63 Urgent Locations Click “Urgent” in State Editor. Informal Semantics: No delay in urgent location. Note: the use of urgent locations reduces the number of clocks in a model, and thus the complexity of the analysis.

TOV 2002Kim G. Larsen 64 Committed Locations Click “Committed” in State Editor. Informal Semantics: No delay in committed location. Next transition must involve automata in committed location. Note: the use of committed locations reduces the number of clocks in a model, and allows for more space and time efficient analysis.

TOV 2002Kim G. Larsen 65 UPPAAL Specification Language A[] p (AG p) E<> p (EF p) p::= a.l | g d | g c | p and p | p or p | not p | p imply p | ( p ) clock guardsdata guardsprocess location

TOV 2002Kim G. Larsen 66 CSMA/CD protocol – MAC layer send - service provided by Mac which reacts by transmitting a message, rec - (receive) service provided by Mac, indicates that a message is ready to be received, b - (begin) Mac begins message transmission to M, e - (end) Mac terminates message transmission to M, br - (begin receive) M begins message delivery to Mac, er - (end receive) M terminates message delivery to Mac, b - (collision) Mac is notified that a collision has occurred on M. EVENTS

Philips Bounded Retransmission Protocol [D’Argenio et.al. 97]

TOV 2002Kim G. Larsen 68 Protocol Overview zProtocol developed by Philips. zTransfer data between Audio/Video components via infra-red communication. zData files sent in smaller chunks. zProblem: Unreliable communication medium. zSender retransmit if receiver respond too late. zReceiver abort if sender sends too late.

TOV 2002Kim G. Larsen 69 Overview of BRP SenderReceiver SR K L Input: file = p 1, …, p n lossy Output: p 1, …, p n BRP pipi ack

TOV 2002Kim G. Larsen 70 How It Works  Sender input: file = p 1, …, p n.  S sends (p 1, FST, 0 ), (p 2, INC, 1 ), …, (p n-1, INC, 1 ), (p n, OK, 0 ).  R sends: ack, …, ack.  S retransmits p i if timeout.  Receiver recives: p 1, …, p n.  Sender and Receiver receives NOK or OK. whole file OK more parts will follow first part of file

TOV 2002Kim G. Larsen 71 BRP Model Overview SenderReceiver SR K L Input: file = p 1, …, p n ack (p i,INDication,abit ) lossy ok, nok, dk IND, ok, nok Output: p 1, …, p n BRP

TOV 2002Kim G. Larsen 72 The Lossy Media value-passing lossy = may drop messages one-place capacity delay

TOV 2002Kim G. Larsen 73 Bounded Retransmission  S sends a chunk pi and waits for ack from R. zIf timeout the chunk is retransmitted.  If too many timeout the transmission fails ( NOK is sent to Sender ).  If whole file successfully sent OK is sent to Sender.  Receiver is similar.

TOV 2002Kim G. Larsen 74 Process S

TOV 2002Kim G. Larsen 75 Process R

TOV 2002Kim G. Larsen 76 The Sender and Receiver

TOV 2002Kim G. Larsen 77 “If you want to know more” zTest & Verification yhttp:// yhttp:// zUPPAAL yhttp:// zWOODDES, ATT (VHS): yhttp:// yhttp://www-verimag.imag.fr/VHS/main.html zStrategic Directions in Computing Research Formal Methods Working Group, ACM June 1996 yhttp://

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.