Presentation is loading. Please wait.

Presentation is loading. Please wait.

UPPAAL The Long Road from Theory to Industrial Impact

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "UPPAAL The Long Road from Theory to Industrial Impact"— Presentation transcript:

1 UPPAAL The Long Road from Theory to Industrial Impact
Frits Vaandrager

2 Overview What is Model Checking? History & Impact Early Days Engine
Scheduling & Planning Current Projects Conclusions

3 Turing Award 2007 for Model Checking!!!
Ed Clarke Allen Emerson Joseph Sifakis

4 What is Model Checking? System Description Automata A Yes!
Model Checker A sat F No! Diagnostic Information Requirement Specification F 89 90 93 94 95 97 98 99

5 Example: Gossiping Girls Problem
Six girls all have a gossip of their own. They call each other over the phone. Whenever two girls talk they exchange all gossips they know. How many calls are needed before every girl knows every gossip?

6 Transition System

7 Temporal Logic

8 Solution Model Checker

9 Hybrid & Real Time Systems
Control Theory Computer Science sensors Task Task Task Task actuators Controller Program Discrete Plant Continuous Eg.: Pump Control Air Bags Robots Cruise Control ABS CD Players Production Lines Real Time System A system where correctness not only depends on the logical order of events but also on their timing!!

10 History of UPPAAL TAU UPPPAAL EPSILON CCS & Modal Transition Systems
Refinements Modal Mu-Calculus Explicit State Representation Prolog 1989 1993 1995 UPPPAAL Timed Automata TCTL Zones C & Java EPSILON TCCS Timed Refinements Timed Mu-Calculus Regions Prolog

11 Contributors @UPPsala @AALborg @Elsewhere Wang Yi Kim G Larsen
Paul Pettersson John Håkansson Anders Hessel Pavel Krcal Leonid Mokrushin Shi Xiaochun @AALborg Kim G Larsen Gerd Behrman Arne Skou Brian Nielsen Alexandre David Jacob I. Rasmussen Marius Mikucionis Thomas Chatain @Elsewhere Emmanuel Fleury, Didier Lime, Johan Bengtsson, Fredrik Larsson, Kåre J Kristoffersen, Tobias Amnell, Thomas Hune, Oliver Möller, Elena Fersman, Carsten Weise, David Griffioen, Ansgar Fehnker, Frits Vaandrager, Theo Ruys, Pedro D’Argenio, J-P Katoen, Jan Tretmans, Judi Romijn, Ed Brinksma, Martijn Hendriks, Klaus Havelund, Franck Cassez, Magnus Lindahl, Francois Laroussinie, Patricia Bouyer, Augusto Burgueno, H. Bowman, D. Latella, M. Massink, G. Faconti, Kristina Lundqvist, Lars Asplund, Justin Pearson... Here you see all the contributers over the years.

12 UPPAAL 4.0 Language User defined functions (C-like)
GUI Unlimited undo and redo Syntax and bracket highlighting Rectangular selection Customization of colors Tooltip Hiding of information Improved help menu with search component Language User defined functions (C-like) New types (records, type declarations, meta variables, scalars) Partial instantiation of templates Select clauses on edges Forall and exist quantifiers

13 UPPAAL 4.0 inexpensive fault detection inspection of error traces
Graphical Simulator visualization and recording inexpensive fault detection inspection of error traces Message Sequence Charts (Gannt Charts)

14 UPPAAL 4.0 Verifier Exhaustive & automatic checking of requirements
.. including validating, safety, liveness, bounded liveness and response properties .. generation of debugging information for visualisation in simulator. Optimal scheduling for cost models

15 Impact Google: UPPAAL: 134.000 SPIN Verifier: 242.000 nuSMV: 57.700
> Google Scholar Citations (Rhapsody/Esterel < 3.500)

16 Impact Company Downloads Mecel Jet Symantec SRI Relogic Realwork NASA
Verified Systems Microsoft ABB Airbus PSA Saab Siemens Volvo Lucent Technologies Ved CISS arbejder vi med udvikling af to fuldautomatiske design-, test- og verifikationsværktøjer henholdsvis visualSTATE og UPPAAL. visualSTATE er et kommercielt værktøj der oprindeligt blev udviklet I begyndelsen af 80’erne ved B&o for så I 1995 at blive udskilt som en selvstændig virksomhed, BeoLogic, og nu er på svenske hænder ejet af virksomheden IAR Systems. UPPAAL på den anden side er et universitetsbaseret værktøj udviklet siden 95 I et samarbejde mellem Aalborg Universitet og Uppsala Universitet og er det mest avancerede eksisterende værktøj der tilbyder såkaldt realtidsanalyse registrerede brugere på verdensplan fordelt på 50 lande og med mere end 20 daglige downloads. 0.40 // Ud over at vi arbejde på udvikling og udbredelse af disse to værktøjer // anvender vi dem I vid udstrækning I CISS’ forskellige // samarbejdsprojekter.

17 “Impact” Google: UPPAAL: 134.000 SPIN: 103.000.000 SMV: 4.790.000
More Google: SPIN Verifier: nuSMV: Even More Google: SPIN, UPPAAL: SPIN, SMV: UPPAAL, SMV: All 3:

18 UPPAAL Branches CORA CLASSIC TIGA TRON Controller synthesis
Optimal scheduling CORA Testing TRON Verification CLASSIC

19 Verification & The Early Days
CLASSIC Verification & The Early Days A good beginning is useful …

20 First official UPPAAL presentation
Wang Yi, TACAS, Aarhus, April 1995 Johan Bengtsson Kim Larsen Fredrik Larsson Paul Pettersson Wang Yi

21 Application The Philips Audio Protocol with collision
David Griffioen and some Scandinavian friends.

22 Application Bounded Retransmission Protocol Pedro D’Argenio
Joost-Pieter Katoen Theo Ruys Jan Tretmans

23 Application Scheduling wafer production at ASML Martijn Hendriks
in Cyprus

24 Some UPPAAL Groupies Jan Friso Groote Leslie Lamport Frits Vaandrager

25 The Engine

26 Datastructures for Zones
DBM package Minimal Constraint Form [RTSS97] Clock Difference Diagrams [CAV99] PW List [SPIN03] x1 x2 x3 x0 -4 4 2 5 3 -2 1 Elegant RUBY bindings for easy implementations Alexandre David + Johan Bengtsson, Fredrik Larsson

27 Behrmann, Larsen, Pelanek 2003
To Store or Not To Store Behrmann, Larsen, Pelanek 2003 117 statestotal ! 81 statesentrypoint 9 states Time OH less than 10% Audio Protocol

28 Symmetry Reduction Exploitation of full symmetry may give factorial reduction Computation of canonical state representative [Formats 2003] Martijn Hendriks

29 D-UPPAAL Gerd Behrmann, Thomas Hune, Frits Vaandrager
Distributed implementation of UPPAAL on PC-cluster [CAV'00, PDMC'02, STTT'03]. Applications Synthesis of Dynamic Voltage Scaling strategies (CISS). Ad-hoc mobile real-time protocol (Leslie Lamport) - 25GB in 3 min! Running on NorduGrid. Local cluster: 50 CPUs and 50GB of RAM To be used as inspiration for verification GRID platform within ARTIST2 NoE.

30 D-UPPAAL Gerd Behrmann, Thomas Hune, Frits Vaandrager
Distributed implementation of UPPAAL on PC-cluster [CAV'00, PDMC'02, STTT'03]. Applications Synthesis of Dynamic Voltage Scaling strategies (CISS). Ad-hoc mobile real-time protocol (Leslie Lamport) - 25GB in 3 min! Running on NorduGrid. Local cluster: 50 CPUs and 50GB of RAM To be used as inspiration for verification GRID platform within ARTIST2 NoE.

31 UPPAAL 1995 - 2001 Every 9 month 10 times better performance! 3.x
Dec’96 Sep’98 3.x

32 CORA Optimal Scheduling

33 SIDMAR Steel Production Plant
Crane A Machine 1 Machine 2 Machine 3 A. Fehnker [RTCSA99], T. Hune, K. G. Larsen, P. Pettersson [DSV00] Case study of Esprit-LTR project VHS Physical plant of SIDMAR located in Gent, Belgium Part between blast furnace and hot rolling mill Objective: model the plant, obtain schedule and control program for plant Lane 1 Machine 4 Machine 5 Lane 2 Buffer Crane B Storage Place Continuos Casting Machine

34 Ametist

35 Priced Timed Automata Behrmann, Brinksma, Fehnker, Hune, Larsen, Pettersson, Romijn, Vaandrager … Rasmussen .. Bouyer, Cassez, Nicolas …

36 Example: Aircraft Landing
cost t E L T E earliest landing time T target time L latest time e cost rate for being early l cost rate for being late d fixed cost for being late e*(T-t) d+l*(t-T) Planes have to keep separation distance to avoid turbulences caused by preceding planes

37 Example: Aircraft Landing
4 earliest landing time 5 target time 9 latest time 3 cost rate for being early 1 cost rate for being late 2 fixed cost for being late x=5 land! cost+=2 x <= 5 x <= 9 cost’=3 cost’=1 x=5 land! Planes have to keep separation distance to avoid turbulences caused by preceding planes

38 Try to schedule planes in the order of their preferred landing times
Using Heuristics Try to schedule planes in the order of their preferred landing times

39 Aircraft Landing Problem
runways Benchmark by Beasley et al 2000

40 Behrmann, Brinksma, Hendriks, Mader
AXXOM Case study Laquer Production Scheduling 3 types of recipes for uni/metallic/bronce use of resources, processing times, timing 29 (73, 219) orders: start time, due date, recipe extensions: delay cost, storage cost, setup cost weekend, nights Behrmann, Brinksma, Hendriks, Mader 16th IFAC World Congress

41 Resources 2 mixing vessels for uni lacquers
Axxom 2 mixing vessels for uni lacquers 3 mixing vessels for metallic/bronce 2 dose spinners 1 dose spinner bronce 1 disperging line 1 predisperser 1 bronce mixer 2 filling lines lab (unlimitted)

42 Recipes UPPAAL template for metal Axxom

43 Instantiated Model State Space Explosion Heuristics !! Axxom
Guiding & Pruning

44 Heuristics Nice heuristics Cut-and-Pray heuristics non-overtaking
Axxom Nice heuristics non-overtaking orders of the same recipe cannot overtake each other non-laziness a process that needs an available resource will not waste time if its is not claimed by others (a.k.a. active scheduling) Cut-and-Pray heuristics greediness a process that needs an available resource will claim this resource immediately reducing active orders the number of concurrent orders is restricted (number of critical resources can give an indication)

45 Results Extended Case storage, delay and setup costs, working hours
Axxom storage, delay and setup costs, working hours Order of magnitude faster than MILP, GAMS/CPLEX Competitive with Orion-pi results #jobs work hrs heuristic max. orders min. cost found in 60 s 29 - es, no, nl 530,771 es, no, g 647,410 avail. 1,714,875 2,263,496 expl. no 4 192,881,129

46 Towards industrial use …
Current Projects Towards industrial use …

47 Compositional Abstraction
Jasper Berendsen, Biniam Gebremichael, Miaomiao Zhang, FV

48 Compositional Abstraction
weakening guards & invariants chaos abstraction x≤3 Host 1 Host 2 Host 3 Host n

49 Compositional Abstraction
weakening guards & invariants chaos abstraction x≤3 Chaos Host 1 Host 2 Host 3 Host n

50 Use of Uppaal in the Classroom
Roelof Hamberg, FV c+10.l upperbound on waiting time for entering critical section in Peterson's mutual exclusion algorithm with 2 processes strengthening of c+O(l) bound of Lynch

51 Use of Uppaal in the Classroom
Roelof Hamberg, FV c+10.l upperbound on waiting time for entering critical section in Peterson's mutual exclusion algorithm with 2 processes strengthening of c+O(l) bound of Lynch

52 ESI Octopus Project with Oce
Georgeta Igna, FV Design of adaptive data Path in Copiers/Printers Challenges: problem size, hybrid phenomena, timed games,..

53 Analysis of Wireless Sensor Networks of Chess
FP7 Quasimodo Project Analysis of Wireless Sensor Networks of Chess David Jansen, Faranek Heydarian, Julien Schmaltz, FV Challenges: probabilities, hundreds of nodes, dynamic network,..

54 Abstraction Refinement for Timed Systems
NWO Project ARTS Faranek Heydarian, FV Abstraction Refinement for Timed Systems Challenge: Counterexample guided abstraction refinement

55 Gerd Behrmann

56 Centers of Competence for :
Conclusion Process Algebra Industry Tools indispensable for transfer Tools are only first steps Tools must fit industrial tool chain and development process (UML, Matlab/Simulink, Rhapsody, visualSTATE, Scade) Involve several academic teams! Collaborate with end-users! State space explosion remains major challenge Collaborate with researchers closer to end-users than you: Control Theory Hardware Expand scope of technology: Verification  Testing Verification  Optimization Centers of Competence for : CISS, ESI, .. :

Download ppt "UPPAAL The Long Road from Theory to Industrial Impact"

Similar presentations

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.

The Quest for Correctness Joseph Sifakis VERIMAG Laboratory 2nd Sogeti Testing Academy April 29th 2009.
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Hybrid BDD and All-SAT Method for Model Checking Orna Grumberg Joint work with Assaf Schuster and Avi Yadgar Technion – Israel Institute of Technology.

Hybrid BDD and All-SAT Method for Model Checking Orna Grumberg Joint work with Assaf Schuster and Avi Yadgar Technion – Israel Institute of Technology.
Dependable Embedded Software Systems Kim Guldstrand Larsen UCb.

Dependable Embedded Software Systems Kim Guldstrand Larsen UCb.
Axxom: What happened so far. Basic case study  lacquer production scheduling  3 recipes for lacquers,  specifying processing steps,  resources used.

Axxom: What happened so far. Basic case study  lacquer production scheduling  3 recipes for lacquers,  specifying processing steps,  resources used.
Formal methods & Tools UCb CUPPAAL CUPPAAL Efficient Minimum-Cost Reachability for Linearly Priced Timed Automata Gerd Behrman, Ed Brinksma, Ansgar Fehnker,

Formal methods & Tools UCb CUPPAAL CUPPAAL Efficient Minimum-Cost Reachability for Linearly Priced Timed Automata Gerd Behrman, Ed Brinksma, Ansgar Fehnker,
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Solving Timed Games with Variable Observations: Proof of Concept Peter Bulychev Franck Cassez Alexandre David Kim G. Larsen Jean-François Raskin Pierre-Alain.

Solving Timed Games with Variable Observations: Proof of Concept Peter Bulychev Franck Cassez Alexandre David Kim G. Larsen Jean-François Raskin Pierre-Alain.
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Timed Automata.

Timed Automata.
Modelling and Analysis of Real Time Systems Kim Guldstrand Larsen UPPAAL2k using UPPAAL2k.

Modelling and Analysis of Real Time Systems Kim Guldstrand Larsen UPPAAL2k using UPPAAL2k.
UPPAAL Andreas Hadiyono Arrummaisha Adrifina Harya Iswara Aditya Wibowo Juwita Utami Putri.

UPPAAL Andreas Hadiyono Arrummaisha Adrifina Harya Iswara Aditya Wibowo Juwita Utami Putri.
ComS 512 Project John Altidor Michelle Ruse Jonathan Schroeder.

ComS 512 Project John Altidor Michelle Ruse Jonathan Schroeder.
Hybrid Approach to Model-Checking of Timed Automata DAT4 Project Proposal Supervisor: Alexandre David.

Hybrid Approach to Model-Checking of Timed Automata DAT4 Project Proposal Supervisor: Alexandre David.
Demonstration Of SPIN By Mitra Purandare

Demonstration Of SPIN By Mitra Purandare
CIS 540 Principles of Embedded Computation Spring 2015 Instructor: Rajeev Alur

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
UCb Tools and Application of Timed Automata UPPAAL & Optimal Scheduling Kim G. Larsen

UCb Tools and Application of Timed Automata UPPAAL & Optimal Scheduling Kim G. Larsen
CSEP590 – Model Checking and Software Verification University of Washington Department of Computer Science and Engineering Summer 2003.

CSEP590 – Model Checking and Software Verification University of Washington Department of Computer Science and Engineering Summer 2003.
Reachability, Schedulability and Optimality

Reachability, Schedulability and Optimality

Similar presentations

Ads by Google