Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Time-abstracting Bisimulation Equivalence  on TA states: Preserve discrete state changes. Abstract exact time delays. s1s2 s3  a s4  a 11 s1s2.

Published byLeon Cummings Modified over 8 years ago

Similar presentations

Presentation on theme: "The Time-abstracting Bisimulation Equivalence  on TA states: Preserve discrete state changes. Abstract exact time delays. s1s2 s3  a s4  a 11 s1s2."— Presentation transcript:

1 The Time-abstracting Bisimulation Equivalence  on TA states: Preserve discrete state changes. Abstract exact time delays. s1s2 s3  a s4  a 11 s1s2 s3  22 s4   1,  2  R

2 The Time-abstracting Quotient Graph - Nodes = symbolic states (equivalence classes). - Edges = symbolic transitions (discrete and time). Finite symbolic graph: Basic property: pre-stability Q1Q2 s1s2   a Q1Q2 s1s2 a Q1  pre (Q2) = Q1 a time The quotient induced by the greatest time-abstracting bisimulation defined on the TA.

3 Verification on the Quotient graph: Linear-time Every cycle in the quotient graph contains an infinite run and vice versa. Q1Q4Q3Q2 s1s2s3s4 s5... Timed Büchi Automata model checking DFS for cycles or SCCs in the quotient graph

4 Verification on the Quotient graph: Branching-time If s1  s2, then for any TCTL formula , s1 satisfies  iff s2 satisfies . TCTL model checking CTL model checking in the quotient graph 11 s1s2 s3  22 s4  s5 s6  Due to determinism of time.

5 Regions – Alternativ Definition x y 123 1 2

6 Problem with regions  Number of regions over n clocks: Explosion in number of clocks Explosion in maximal constant  Reachability is PSPACE complete for a single TA

7 Zones From infinite to finite State (n, x=3.2, y=2.5 ) x y x y Symbolic state (set ) (n, ) Zone: conjunction of x-y n

8 Symbolic Transitions n m x>3 y:=0 x y delays to conjuncts to projects to x y 1<=x<=4 1<=y<=3 x y 1<=x, 1<=y -2<=x-y<=3 x y 3<x, 1<=y -2<=x-y<=3 3<x, y=0 Thus (n,1 (m,3<x, y=0) a

9 A1 B1 CS1 V:=1V=1 A2 B2 CS2 V:=2V=2 Init V=1 2 ´´ V Criticial Section Fischer’s Protocol analysis using zones Y<10 X:=0 Y:=0 X>10 Y>10 X<10

10 Fischers cont. B1 CS1 V:=1V=1 A2 B2 CS2 V:=2V=2 Y<10 X:=0 Y:=0 X>10 Y>10 X<10 A1,A2,v=1A1,B2,v=2A1,CS2,v=2B1,CS2,v=1CS1,CS2,v=1 Untimed case A1

11 Fischers cont. B1 CS1 V:=1V=1 A2 B2 CS2 V:=2V=2 Y<10 X:=0 Y:=0 X>10 Y>10 X<10 A1,A2,v=1A1,B2,v=2A1,CS2,v=2B1,CS2,v=1CS1,CS2,v=1 Untimed case Taking time into account X Y A1

12 Fischers cont. B1 CS1 V:=1V=1 A2 B2 CS2 V:=2V=2 Y<10 X:=0 Y:=0 X>10 Y>10 X<10 A1,A2,v=1A1,B2,v=2A1,CS2,v=2B1,CS2,v=1CS1,CS2,v=1 Untimed case Taking time into account X Y A1 10 X Y

13 Fischers cont. B1 CS1 V:=1V=1 A2 B2 CS2 V:=2V=2 Y<10 X:=0 Y:=0 X>10 Y>10 X<10 A1,A2,v=1A1,B2,v=2A1,CS2,v=2B1,CS2,v=1CS1,CS2,v=1 Untimed case Taking time into account A1 10 X Y X Y

14 Fischers cont. B1 CS1 V:=1V=1 A2 B2 CS2 V:=2V=2 Y<10 X:=0 Y:=0 X>10 Y>10 X<10 A1,A2,v=1A1,B2,v=2A1,CS2,v=2B1,CS2,v=1CS1,CS2,v=1 Untimed case Taking time into account A1 10 X Y X Y X Y

15 Fischers cont. B1 CS1 V:=1V=1 A2 B2 CS2 V:=2V=2 Y<10 X:=0 Y:=0 X>10 Y>10 X<10 A1,A2,v=1A1,B2,v=2A1,CS2,v=2B1,CS2,v=1CS1,CS2,v=1 Untimed case Taking time into account A1 10 X Y X Y X Y

16 Forward Rechability Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT - pick (n,Z) in Waiting - if for some Z’ Z (n,Z’) in Passed then STOP - else (explore) add { (m,U) : (n,Z) => (m,U) } to Waiting; Add (n,Z) to Passed UNTIL Waiting = Ø or Final is in Waiting Init -> Final ?

17 Forward Rechability Passed Waiting Final Init n,Z INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT - pick (n,Z) in Waiting - if for some Z’ Z (n,Z’) in Passed then STOP - else (explore) add { (m,U) : (n,Z) => (m,U) } to Waiting; Add (n,Z) to Passed UNTIL Waiting = Ø or Final is in Waiting n,Z’ Init -> Final ?

18 Forward Rechability Passed Waiting Final Init n,Z INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT - pick (n,Z) in Waiting - if for some Z’ Z (n,Z’) in Passed then STOP - else /explore/ add { (m,U) : (n,Z) => (m,U) } to Waiting; Add (n,Z) to Passed UNTIL Waiting = Ø or Final is in Waiting n,Z’ m,U Init -> Final ?

19 Forward Rechability Passed Waiting Final Init INITIAL Passed := Ø; Waiting := {(n0,Z0)} REPEAT - pick (n,Z) in Waiting - if for some Z’ Z (n,Z’) in Passed then STOP - else /explore/ add { (m,U) : (n,Z) => (m,U) } to Waiting; Add (n,Z) to Passed UNTIL Waiting = Ø or Final is in Waiting n,Z’ m,U n,Z Init -> Final ?

20 Canonical Dastructures for Zones Difference Bounded Matrices Bellman 1958, Dill 1989 x<=1 y-x<=2 z-y<=2 z<=9 x<=1 y-x<=2 z-y<=2 z<=9 x<=2 y-x<=3 y<=3 z-y<=3 z<=7 x<=2 y-x<=3 y<=3 z-y<=3 z<=7 D1 D2 Inclusion 0 x y z 12 2 9 0 x y z 23 3 7 3 ? ? Graph

21 Bellman 1958, Dill 1989 x<=1 y-x<=2 z-y<=2 z<=9 x<=1 y-x<=2 z-y<=2 z<=9 x<=2 y-x<=3 y<=3 z-y<=3 z<=7 x<=2 y-x<=3 y<=3 z-y<=3 z<=7 D1 D2 Inclusion 0 x y z 12 2 9 Shortest Path Closure Shortest Path Closure 0 x y z 12 2 5 0 x y z 23 3 7 0 x y z 23 3 6 3 3 3 Graph ? ? Canonical Dastructures for Zones Difference Bounded Matrices

22 Bellman 1958, Dill 1989 x<=1 y>=5 y-x<=3 x<=1 y>=5 y-x<=3 D Emptiness 0 y x 1 3 -5 Negative Cycle iff empty solution set Graph Canonical Dastructures for Zones Difference Bounded Matrices Compact

23 1<= x <=4 1<= y <=3 1<= x <=4 1<= y <=3 D Future x y x y Future D 0 y x 4 3 Shortest Path Closure Remove upper bounds on clocks 1<=x, 1<=y -2<=x-y<=3 1<=x, 1<=y -2<=x-y<=3 y x 3 2 0 y x 3 2 0 4 3 Canonical Dastructures for Zones Difference Bounded Matrices

24 x y D 1<=x, 1<=y -2<=x-y<=3 1<=x, 1<=y -2<=x-y<=3 y x 3 2 0 Remove all bounds involving y and set y to 0 x y {y}D y=0, 1<=x Reset y x 0 0 0

25 Improved Datastructures Compact Datastructure for Zones x1-x2<=4 x2-x1<=10 x3-x1<=2 x2-x3<=2 x0-x1<=3 x3-x0<=5 x1-x2<=4 x2-x1<=10 x3-x1<=2 x2-x3<=2 x0-x1<=3 x3-x0<=5 x1x2 x3x0 -4 10 2 2 5 3 x1x2 x3x0 -4 4 2 2 5 33 -2 1 Shortest Path Closure O(n^3) RTSS 1997

26 Improved Datastructures Compact Datastructure for Zones x1-x2<=4 x2-x1<=10 x3-x1<=2 x2-x3<=2 x0-x1<=3 x3-x0<=5 x1-x2<=4 x2-x1<=10 x3-x1<=2 x2-x3<=2 x0-x1<=3 x3-x0<=5 x1x2 x3x0 -4 10 2 2 5 3 x1x2 x3x0 -4 4 2 2 5 3 x1x2 x3x0 -4 2 2 3 3 -2 1 Shortest Path Closure O(n^3) Shortest Path Reduction O(n^3) 3 Canonical wrt = Space worst O(n^2) practice O(n) RTSS 1997

27 v and w are both redundant Removal of one depends on presence of other. v and w are both redundant Removal of one depends on presence of other. Shortest Path Reduction 1st attempt Idea Problem w <=w An edge is REDUNDANT if there exists an alternative path of no greater weight THUS Remove all redundant edges! An edge is REDUNDANT if there exists an alternative path of no greater weight THUS Remove all redundant edges! w v Observation: If no zero- or negative cycles then SAFE to remove all redundancies. Observation: If no zero- or negative cycles then SAFE to remove all redundancies.

28 Over-approximation Convex Hull x y Convex Hull 135 1 3 5

29 29 Hybrid Systems

30 Vending Machine 1 Timed Automata

31 Vending Machine 1 Timed Automata time x 10 20 30 cupdel-cof ord-cof Behaviour

32 Vending Machine 2 Hybrid Automata Maler, Manna, Pnueli’91 Clocks -> Continuous Variables

33 Vending Machine 2 Hybrid Automata t cupdel-coford-cof Behaviour 100 50 T,HT,H Maler, Manna, Pnueli’91 Clocks -> Continuous Variables

34 Vending Machine 3 Linear Hybrid Automata Alur, Courcouretis, Henzinger, Ho’93

35 Vending Machine 3 t cupdel-coford-cof Behaviour 100 50 T,HT,H Linear Hybrid Automata Alur, Courcouretis, Henzinger, Ho’93 HYTECH

36 Symbolic Analysis Polyhedra H T

37 H T

38 H T

39 H T The exploration may lead to generation of infinitely many polyhedra => No guarantee of termination Manipulation of polyhedra inefficient!  

40 TA’s versus LHA’s zTOOLS yUPPAAL, KRONOS,CMC,... zDecidable zEfficient Datastructure yDBM’s, NDD’s, CDD’s,.. zExpressiveness zTOOLS yHYTECH, POLLUX,.. zUndecidability zDatastructures yPlyhedra zExpressiveness    STOPWATCH AUTOMATA x’==0 or x’==1

41 STOPWATCH AUTOMATA zExtension of UPPAAL to SWA yReuse of efficient datastructures yOverapproximation zEvery LHA may be translated into a SWA zAPPLICATIONS yScheduler yGasburner yWater Level Control Cassez, Larsen, CONCUR’00

Download ppt "The Time-abstracting Bisimulation Equivalence  on TA states: Preserve discrete state changes. Abstract exact time delays. s1s2 s3  a s4  a 11 s1s2."

Similar presentations

Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.

Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.
Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.

Model Checking Lecture 3. Specification Automata Syntax, given a set A of atomic observations: Sfinite set of states S 0 Sset of initial states S S transition.
Clocked Mazurkiewicz Traces and Partial Order Reductions for Timed Automata D. Lugiez, P. Niebert, S. Zennou Laboratoire d Informatique Fondamentale de.

Clocked Mazurkiewicz Traces and Partial Order Reductions for Timed Automata D. Lugiez, P. Niebert, S. Zennou Laboratoire d Informatique Fondamentale de.
Timed Automata Rajeev Alur University of Pennsylvania www.cis.upenn.edu/~alur/ SFM-RT, Bertinoro, Sept 2004.

Timed Automata Rajeev Alur University of Pennsylvania SFM-RT, Bertinoro, Sept 2004.
nearly Formal Methods Automatic Validation and Verification Tools

nearly Formal Methods Automatic Validation and Verification Tools
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.

Planning based on Model Checking Dept. of Information Systems and Applied CS Bamberg University Seminar Paper Svetlana Balinova.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Regions Finite Partitioning of State Space x y An equivalence class (i.e. a region) in fact there is only a finite number of regions!!

Regions Finite Partitioning of State Space x y An equivalence class (i.e. a region) in fact there is only a finite number of regions!!
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.

Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
Timed Automata.

Timed Automata.
UPPAAL T-shirt to (identifiable)

UPPAAL T-shirt to (identifiable)
Introduction to Uppaal ITV Multiprogramming & Real-Time Systems Anders P. Ravn Aalborg University May 2009.

Introduction to Uppaal ITV Multiprogramming & Real-Time Systems Anders P. Ravn Aalborg University May 2009.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.
Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.

Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.
Hybrid Approach to Model-Checking of Timed Automata DAT4 Project Proposal Supervisor: Alexandre David.

Hybrid Approach to Model-Checking of Timed Automata DAT4 Project Proposal Supervisor: Alexandre David.
Regular Model Checking Parosh Aziz Abdulla Uppsala University Cooperation with B. Jonsson, M. Nilsson, J. d’Orso.

Regular Model Checking Parosh Aziz Abdulla Uppsala University Cooperation with B. Jonsson, M. Nilsson, J. d’Orso.

Similar presentations

Ads by Google