Reachability analysis for timed automata using max-plus algebra

International audienceWe show that max-plus polyhedra are usable as a data structure in reachability analysis of timed automata. Drawing inspiration from the extensive work that has been done on difference bound matrices, as well as previous work on max-plus polyhedra in other areas, we develop the algorithms needed to perform forward and backward reachability analysis using max-plus polyhedra. To show that the approach works in practice and theory alike, we have created a proof-of-concept implementation on top of the model checker opaal

An Implementation of Three Algorithms for Timing Verification Based on Automata Emptiness

This papers describes modifications to and the implementation of algorithms previously described in [1, 11]. We first describe three generic (untimed) algorithms for constructing graphs of the reachable states of a system, and how these graphs can be used for verification. They all have as input an implicit description of a transition system. We then apply these algorithms to real-time systems. The first algorithm performs a straightforward reachability analysis on sets of states of the system, rather than on individual states. This corresponds to stepping symbolically through the system many states at a time. In the case of a real-time system this procedure constructs a graph where each node is the union of some regions of the regions graph. There is therefore no need for an a priori partitioning of the state space into individual regions; however, this approach potentially leads to exponentially worse complexity since its potential state space is the power set of regions [1]. The other two algorithms we consider are minimization algorithms [12, 13, 11]. These simultaneously perform reachability analysis and minimization from an implicit system description. These can lead to great savings when the minimized graph is much smaller than the explicit reachable graph. Our paradigm for verification is to test for the emptiness of the set of all timed system executions that violate a requirements specification. One way to specify and verify non-terminating processes is to model them as languages of !-sequences of events [14, 15, 16, 1, 17, 18]. Modular processes can be constructed via composition operations involving language intersection. Specifications are also given as languages: they contain all acceptable event sequences. Program correctness is then just language contain..

Étude et implémentation d'une méthode de transformation des automates temporisés en automates à états finis

Les systèmes à événements discrets (SED) sont des systèmes dont le fonctionnement se traduit par des séquences d'interactions.Les SED peuvent être décrits par leurs séquences possibles d'interactions ou événements. Un SED temps-réel est un SED dont le bon fonctionnement dépend non seulement de comment il interagit avec son environnement mais aussi à quels moments ces interactions se produisent. Le modèle automate temporisé (AT) permet de modéliser convenablement les SED temps-réel.Les ATs, qui utilisent un modèle continu du temps, induisent un espace d'états infini pour le système modélisé. Le modèle d'automates à états finis (AEF) par contre permet de représenter de manière finie l'espace des états d'un SED.Les AEFs se prêtent mieux à l'étude (analyse, test, conception, contrôle...) par des méthodes formelles des SED. Une approche standard pour l'étude des SED temps-réel consiste alors à transformer l'AT modélisant le SED en un AEF équivalent sur lequel on réalise l'étude. Dans ce projet, il s'agissait pour nous d'apporter notre contribution à l'élaboration d'une nouvelle méthode de transformation d'un AT en un AEF équivalent.--Résumé abrégé par UMI