Automaten und Logiken zur Beschreibung zeitabhängiger Systeme

When speaking of a 'real-time system' we are interested in a system's evolution in time where time is viewed as linear and measured in terms of non-negative real numbers. The thesis deals with automata-theoretic models of real-time systems and their description in monadic second-order and temporal logics. A parametrized automaton model is introduced and for this model a logical description in terms of a family of existential monadic second-order logics is obtained. This characterization is used to give a logical description of the behaviour of well-known models of real-time systems: timed automata (Alur & Dill), timed automata with halting feature, and linear hybrid automata. The corresponding logics incorporate distance, duration, and integration formulas, respectively. For instance, timed automata are captured by the {\em monadic logic of relative distance.} Its signature contains for every relation symbol ~ such as =, , $=$, or and every natural number k a binary predicate d(.,.)~k taking a set of natural numbers and a single natural number as arguments. The atomic formula d(X,y)~k is true in a timed state sequence if X contains a position smaller than y and the distance (in time) between position y and the last position before y that belongs to X satisfies the condition ~k. The monadic logic of relative distance turns out to have two important properties. First, its satisfiability problem is decidable, for its equivalence to timed automata allows a reduction of the satisfiability problem to the emptiness problem for such automata and this, in turn, is decidable due to Alur and Dill. Second, the monadic logic of relative distance is a powerful logic. One evidence for this is given by showing that the logic is strictly more expressive than the most powerful logic (for the specification of real-time systems) previously known to be decidable, namely the logic MITL^P introduced by Alur and Henzinger. By effectively embedding the latter logic in the former an alternative proof of Alur's and Henzinger's decidability result concerning MITL^P is obtained. Using embedding techniques also the decidability of Manna's and Pnueli's logic TL_Gamma is proved. Timed automata and the languages recognised by them, the so-called timed regular languages, are analysed in more detail. Several aspects are considered. A pumping lemma for timed automata is given, resulting in a formal proof that timed regular languages are not closed under complementation. It is shown that the number of clocks used in timed automata gives rise to an infinite hierarchy of timed regular languages, that the minimal number of clocks required for the recognition of a timed regular language is not computable, and that the property of a two-way timed automaton (Alur & Henzinger) to be reversal bounded is undecidable. Furthermore, unambiguous timed automata are considered, and an inherently ambiguous language is presented. Finally, variations of the emptiness problem for the three types of automata aforementioned and different restrictions concerning the event duration (bounded variation, minimal duration, and unit duration) are discussed. In particular, it is shown that bounded variation leads to a decidable emptiness problem in the case of timed automata, which implies that the full monadic logic of distance is decidable when restricted to timed state sequences of bounded variation. The obtained undecidability results give evidence that the monadic logic of relative distance is a good choice with respect to expressiveness and the requirement of a decidable satisfiability problem

Hybrid I/O automata

We propose a new hybrid I/O automaton model that is capable of describing both continuous and discrete behavior. The model, which extends the timed I/O automaton model of Lynch et al and the phase transition system models of Manna et al, allows communication among components using both shared variables and shared actions. The main contributions of this paper are: (1) the definition of hybrid I/O automata and of an implementation relation based on hybrid traces, (2) the definition of a simulation between hybrid I/O automata and a proof that existence of a simulation implies the implementation relation, (3) a definition of composition of hybrid I/O automata and a proof that it respects the implementation relation, and (4) a definition of receptiveness for hybrid I/O automata and a proof that, assuming certain compatibility conditions, receptiveness is preserved by composition

On the decidability and complexity of Metric Temporal Logic over finite words

Metric Temporal Logic (MTL) is a prominent specification formalism for real-time systems. In this paper, we show that the satisfiability problem for MTL over finite timed words is decidable, with non-primitive recursive complexity. We also consider the model-checking problem for MTL: whether all words accepted by a given Alur-Dill timed automaton satisfy a given MTL formula. We show that this problem is decidable over finite words. Over infinite words, we show that model checking the safety fragment of MTL--which includes invariance and time-bounded response properties--is also decidable. These results are quite surprising in that they contradict various claims to the contrary that have appeared in the literature

Reachability of Communicating Timed Processes

We study the reachability problem for communicating timed processes, both in discrete and dense time. Our model comprises automata with local timing constraints communicating over unbounded FIFO channels. Each automaton can only access its set of local clocks; all clocks evolve at the same rate. Our main contribution is a complete characterization of decidable and undecidable communication topologies, for both discrete and dense time. We also obtain complexity results, by showing that communicating timed processes are at least as hard as Petri nets; in the discrete time, we also show equivalence with Petri nets. Our results follow from mutual topology-preserving reductions between timed automata and (untimed) counter automata.Comment: Extended versio

Analyzing Timed Systems Using Tree Automata

Timed systems, such as timed automata, are usually analyzed using their operational semantics on timed words. The classical region abstraction for timed automata reduces them to (untimed) finite state automata with the same time-abstract properties, such as state reachability. We propose a new technique to analyze such timed systems using finite tree automata instead of finite word automata. The main idea is to consider timed behaviors as graphs with matching edges capturing timing constraints. When a family of graphs has bounded tree-width, they can be interpreted in trees and MSO-definable properties of such graphs can be checked using tree automata. The technique is quite general and applies to many timed systems. In this paper, as an example, we develop the technique on timed pushdown systems, which have recently received considerable attention. Further, we also demonstrate how we can use it on timed automata and timed multi-stack pushdown systems (with boundedness restrictions)

The Complexity of Codiagnosability for Discrete Event and Timed Systems

In this paper we study the fault codiagnosis problem for discrete event systems given by finite automata (FA) and timed systems given by timed automata (TA). We provide a uniform characterization of codiagnosability for FA and TA which extends the necessary and sufficient condition that characterizes diagnosability. We also settle the complexity of the codiagnosability problems both for FA and TA and show that codiagnosability is PSPACE-complete in both cases. For FA this improves on the previously known bound (EXPTIME) and for TA it is a new result. Finally we address the codiagnosis problem for TA under bounded resources and show it is 2EXPTIME-complete.Comment: 24 pages

Model Checking One-clock Priced Timed Automata

We consider the model of priced (a.k.a. weighted) timed automata, an extension of timed automata with cost information on both locations and transitions, and we study various model-checking problems for that model based on extensions of classical temporal logics with cost constraints on modalities. We prove that, under the assumption that the model has only one clock, model-checking this class of models against the logic WCTL, CTL with cost-constrained modalities, is PSPACE-complete (while it has been shown undecidable as soon as the model has three clocks). We also prove that model-checking WMTL, LTL with cost-constrained modalities, is decidable only if there is a single clock in the model and a single stopwatch cost variable (i.e., whose slopes lie in {0,1}).Comment: 28 page

Interrupt Timed Automata: verification and expressiveness

We introduce the class of Interrupt Timed Automata (ITA), a subclass of hybrid automata well suited to the description of timed multi-task systems with interruptions in a single processor environment. While the reachability problem is undecidable for hybrid automata we show that it is decidable for ITA. More precisely we prove that the untimed language of an ITA is regular, by building a finite automaton as a generalized class graph. We then establish that the reachability problem for ITA is in NEXPTIME and in PTIME when the number of clocks is fixed. To prove the first result, we define a subclass ITA- of ITA, and show that (1) any ITA can be reduced to a language-equivalent automaton in ITA- and (2) the reachability problem in this subclass is in NEXPTIME (without any class graph). In the next step, we investigate the verification of real time properties over ITA. We prove that model checking SCL, a fragment of a timed linear time logic, is undecidable. On the other hand, we give model checking procedures for two fragments of timed branching time logic. We also compare the expressive power of classical timed automata and ITA and prove that the corresponding families of accepted languages are incomparable. The result also holds for languages accepted by controlled real-time automata (CRTA), that extend timed automata. We finally combine ITA with CRTA, in a model which encompasses both classes and show that the reachability problem is still decidable. Additionally we show that the languages of ITA are neither closed under complementation nor under intersection