Presentation is loading. Please wait.

Presentation is loading. Please wait.

Robustness and Implementability of Timed Automata Martin De Wulf Laurent Doyen Nicolas Markey Jean-François Raskin Centre Fédéré en Vérification FORMATS-FTRTFT.

Published bySydney Williamson Modified over 9 years ago

Similar presentations

Presentation on theme: "Robustness and Implementability of Timed Automata Martin De Wulf Laurent Doyen Nicolas Markey Jean-François Raskin Centre Fédéré en Vérification FORMATS-FTRTFT."— Presentation transcript:

1 Robustness and Implementability of Timed Automata Martin De Wulf Laurent Doyen Nicolas Markey Jean-François Raskin Centre Fédéré en Vérification FORMATS-FTRTFT 2004 – Sep 24 th - Grenoble

2 Motivation Embedded Controllers … are difficult to develop (concurrency, real- time, continuous environment,...). … are safety critical. Use formal models + Verification: Timed Automata and Reachability Analysis

3 Timed Automata closed guardresetLocation Transition Clocks: {a,b}

4 Objectives From a verified model, generate (automatically) a correct implementation Using classical formalism (e.g. timed automata) …but interpreting the model in a way that guarantees the transfer of the properties from model to implementation

5 Robustness and Implentation Model Perfect continuous clocks Instantaneous synchronisations Reaction time = 0 Digital clocks Delayed synchronisations Reaction time > 0 Implementation vs. Correct model Correct implementation?

6 Timed Automata: Semantics Classical Perfect clocks Rate: Guard: Imprecise clocks Rate: Guard: Enlargedvs. Shortcut:

7 From Model to Implementation   >0 Reach([A´]  )  Bad =  Timed automaton A is implementable [DDR04] if Reach([A])  Bad =  Timed automaton A is correct if which is equivalent to   >0 Reach([A´]  )  Bad = 

8 Robustness No ! (see example) Is it always the case that ?   >0 Reach([A]  ) = Reach([A]) How to compute ?   >0 Reach([A]  ) [Pur98] gives an algorithm for   >0 Reach([A]  ) We show that   >0 Reach([A]  ) =   >0 Reach([A]  )

9 An example showing that Reach([A])    >0 Reach([A]  )

10 Example

11 Classical Semantics Example

12 Example

13 Example

14 Example

15 Example

16 Example

17 Example

18 Enlarged Semantics Example

19 Example

20 Example

21 Example

22 Example

23 Example

24 Example

25 Example

26 Example

27 Example

28 Example

29 Example

30 Example

31 Example

32 Example

33 Example

34 Example

35 Example

36 Example

37 Example

38 Example Reach([A]  )

39 Enlarged Semantics Example   >0 Reach([A]  ) When

40 Enlarged SemanticsClassical Semantics vs. Example   >0 Reach([A]  ) Reach([A])

41 Black cycles are reachable Blue cycles are not ! Classical semantics [A] Enlarged semantics One blue cycle is reachable By repeating this cycle with Δ>0, the entire regions are reachable ! Example [A] 

42 Cycles in Timed Automata Algortihm [Pur98] is based on this observation: It just adds the cycles to reachable states Until no more cycle is accessible Hence, the implementability problem is decidable ! (and PSPACE-complete) Given a timed automaton A, determine whether there exists Δ>0 such that Reach([A]  )  Bad = 

43 Open questions Maximize Δ such that Decide whether there exists Δ such that Find a practical algorithm for And many others… Reach([A]  )  Bad =    >0 Reach([A]  ) UntimedLang([A]  ) = UntimedLang([A])

44 References [DDR04] M. De Wulf, L. Doyen, J.-F. Raskin. Almost ASAP Semantics: From Timed Model to Timed Implementation. LNCS 2993, HSCC 2004. [Pur98] A. Puri. Dynamical Properties of Timed Automata. FTRTFT 1998.

45 Model-based development Make a model of the environment: Env Make clear the control objective: Bad Make a model of the control strategy: ControllerModel Verify: Does Env || ControllerModel avoid Bad ? Good, but after ?

Download ppt "Robustness and Implementability of Timed Automata Martin De Wulf Laurent Doyen Nicolas Markey Jean-François Raskin Centre Fédéré en Vérification FORMATS-FTRTFT."

Similar presentations

Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.

Automatic Verification Book: Chapter 6. How can we check the model? The model is a graph. The specification should refer the the graph representation.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
The cardiac pacemaker – SystemJ versus Safety Critical Java Heejong Park, Avinash Malik, Muhammad Nadeem, and Zoran Salcic. University of Auckland, NZ.

The cardiac pacemaker – SystemJ versus Safety Critical Java Heejong Park, Avinash Malik, Muhammad Nadeem, and Zoran Salcic. University of Auckland, NZ.
Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.

Temporal Logic and the NuSMV Model Checker CS 680 Formal Methods Jeremy Johnson.
Operational Resilience Theory and Experimentation Levi Lúcio.

Operational Resilience Theory and Experimentation Levi Lúcio.
Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.

Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
Timed Automata.

Timed Automata.
Energy and Mean-Payoff Parity Markov Decision Processes Laurent Doyen LSV, ENS Cachan & CNRS Krishnendu Chatterjee IST Austria MFCS 2011.

Energy and Mean-Payoff Parity Markov Decision Processes Laurent Doyen LSV, ENS Cachan & CNRS Krishnendu Chatterjee IST Austria MFCS 2011.
From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University.

From Monotonic Transition Systems to Monotonic Games Parosh Aziz Abdulla Uppsala University.
Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.
Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.
Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.

Compatibility between shared variable valuations in timed automaton network model- checking Zhao Jianhua, Zhou Xiuyi, Li Xuandong, Zheng Guoliang Presented.
Alpaga A Tool for Solving Parity Games with Imperfect Information Dietmar Berwanger 1 Krishnendu Chatterjee 2 Martin De Wulf 3 Laurent Doyen 3,4 Tom Henzinger.

Alpaga A Tool for Solving Parity Games with Imperfect Information Dietmar Berwanger 1 Krishnendu Chatterjee 2 Martin De Wulf 3 Laurent Doyen 3,4 Tom Henzinger.
CIS 540 Principles of Embedded Computation Spring 2015 Instructor: Rajeev Alur

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Clocks, Dice and Processes PhD Promotion September 21, 2009 Taolue Chen Vrije Universiteit Amsterdam, The Netherlands.

Clocks, Dice and Processes PhD Promotion September 21, 2009 Taolue Chen Vrije Universiteit Amsterdam, The Netherlands.
Synchronizing Words for Probabilistic Automata Laurent Doyen LSV, ENS Cachan & CNRS Thierry Massart, Mahsa Shirmohammadi Université Libre de Bruxelles.

Synchronizing Words for Probabilistic Automata Laurent Doyen LSV, ENS Cachan & CNRS Thierry Massart, Mahsa Shirmohammadi Université Libre de Bruxelles.
1 Simulator-Model Checker for Reactive Real-Time Abstract State Machines Anatol Slissenko University Paris 12 Pavel Vasilyev University Paris 12 University.

1 Simulator-Model Checker for Reactive Real-Time Abstract State Machines Anatol Slissenko University Paris 12 Pavel Vasilyev University Paris 12 University.
Predictable Design for Real-time Embedded Control A Case Study Jinfeng Huang & Jeroen Voeten Eindhoven University of Technology PROGRESS.

Predictable Design for Real-time Embedded Control A Case Study Jinfeng Huang & Jeroen Voeten Eindhoven University of Technology PROGRESS.
Verification of Parameterized Timed Systems Parosh Aziz Abdulla Uppsala University Johann Deneux Pritha Mahata Aletta Nylen.

Verification of Parameterized Timed Systems Parosh Aziz Abdulla Uppsala University Johann Deneux Pritha Mahata Aletta Nylen.

Similar presentations

Ads by Google