69 research outputs found
Formalization and Correctness of the PALS Architectural Pattern for Distributed Real-Time Systems
Many Distributed Real-Time Systems (DRTS), such as integrated modular avionics systems and distributed control systems in
motor vehicles, are made up of a collection of components communicating asynchronously among themselves and with their environment
that must change their state and respond to environment inputs within
hard real-time bounds. Such systems are often safety-critical and need
to be certi???ed; but their certi???cation is currently very hard due to their
distributed nature. The Physically Asynchronous Logically Synchronous
(PALS) architectural pattern can greatly reduce the design and veri???cation complexities of achieving virtual synchrony in a DTRS. This work
presents a formal speci???cation of PALS as a formal model transformation that maps a synchronous design, together with a set of performance
bounds of the underlying infrastructure, to a formal DRTS speci???cation
that is semantically equivalent to the synchronous design. This semantic
equivalence is proved, showing that the formal veri???cation of temporal
logic properties of the DRTS can be reduced to their veri???cation on the
much simpler synchronous design. An avionics system case study is used
to illustrate the usefulness of PALS for formal verification purposes.unpublishednot peer reviewe
Using the PALS Architecture to Verify a Distributed Topology Control Protocol for Wireless Multi-Hop Networks in the Presence of Node Failures
The PALS architecture reduces distributed, real-time asynchronous system
design to the design of a synchronous system under reasonable requirements.
Assuming logical synchrony leads to fewer system behaviors and provides a
conceptually simpler paradigm for engineering purposes. One of the current
limitations of the framework is that from a set of independent "synchronous
machines", one must compose the entire synchronous system by hand, which is
tedious and error-prone. We use Maude's meta-level to automatically generate a
synchronous composition from user-provided component machines and a description
of how the machines communicate with each other. We then use the new
capabilities to verify the correctness of a distributed topology control
protocol for wireless networks in the presence of nodes that may fail.Comment: In Proceedings RTRTS 2010, arXiv:1009.398
PALS-Based Analysis of an Airplane Multirate Control System in Real-Time Maude
Distributed cyber-physical systems (DCPS) are pervasive in areas such as
aeronautics and ground transportation systems, including the case of
distributed hybrid systems. DCPS design and verification is quite challenging
because of asynchronous communication, network delays, and clock skews.
Furthermore, their model checking verification typically becomes unfeasible due
to the huge state space explosion caused by the system's concurrency. The PALS
("physically asynchronous, logically synchronous") methodology has been
proposed to reduce the design and verification of a DCPS to the much simpler
task of designing and verifying its underlying synchronous version. The
original PALS methodology assumes a single logical period, but Multirate PALS
extends it to deal with multirate DCPS in which components may operate with
different logical periods. This paper shows how Multirate PALS can be applied
to formally verify a nontrivial multirate DCPS. We use Real-Time Maude to
formally specify a multirate distributed hybrid system consisting of an
airplane maneuvered by a pilot who turns the airplane according to a specified
angle through a distributed control system. Our formal analysis revealed that
the original design was ineffective in achieving a smooth turning maneuver, and
led to a redesign of the system that satisfies the desired correctness
properties. This shows that the Multirate PALS methodology is not only
effective for formal DCPS verification, but can also be used effectively in the
DCPS design process, even before properties are verified.Comment: In Proceedings FTSCS 2012, arXiv:1212.657
Formal Model Engineering for Embedded Systems Using Real-Time Maude
This paper motivates why Real-Time Maude should be well suited to provide a
formal semantics and formal analysis capabilities to modeling languages for
embedded systems. One can then use the code generation facilities of the tools
for the modeling languages to automatically synthesize Real-Time Maude
verification models from design models, enabling a formal model engineering
process that combines the convenience of modeling using an informal but
intuitive modeling language with formal verification. We give a brief overview
six fairly different modeling formalisms for which Real-Time Maude has provided
the formal semantics and (possibly) formal analysis. These models include
behavioral subsets of the avionics modeling standard AADL, Ptolemy II
discrete-event models, two EMF-based timed model transformation systems, and a
modeling language for handset software.Comment: In Proceedings AMMSE 2011, arXiv:1106.596
Specification and Verification of Distributed Embedded Systems: A Traffic Intersection Product Family
Distributed embedded systems (DESs) are no longer the exception; they are the
rule in many application areas such as avionics, the automotive industry,
traffic systems, sensor networks, and medical devices. Formal DES specification
and verification is challenging due to state space explosion and the need to
support real-time features. This paper reports on an extensive industry-based
case study involving a DES product family for a pedestrian and car 4-way
traffic intersection in which autonomous devices communicate by asynchronous
message passing without a centralized controller. All the safety requirements
and a liveness requirement informally specified in the requirements document
have been formally verified using Real-Time Maude and its model checking
features.Comment: In Proceedings RTRTS 2010, arXiv:1009.398
์ฌ์ด๋ฒ ๋ฌผ๋ฆฌ ์์คํ ์ ์ํ PALSware ์์คํ ์๋ฐ ๊ฒ์ฆ ํ๋ ์์ํฌ
ํ์๋
ผ๋ฌธ(๋ฐ์ฌ) -- ์์ธ๋ํ๊ต๋ํ์ : ๊ณต๊ณผ๋ํ ์ ๊ธฐยท์ปดํจํฐ๊ณตํ๋ถ, 2021.8. ๊น์ค์น.Achieving high-level safety guarantees for cyber-physical systems has always been
a key challenge, since many of those systems are safety-critical so that their failures
in the actual operation may bring catastrophic results. Many cyber-physical systems
have real-time and distributed features, which increase the complexity of the system
an order of magnitude higher.
In order to tame the complexity, a middleware called PALSware has been pro-
posed. It provides a logically synchronous environment to the application layer on
top of physically asynchronous underlying network and operating systems. The com-
plexity of a system can be significantly reduced in a synchronous environment.
However, a bug in PALSware may have destructive effects since it exposes every
application system to runtime failures. Moreover, finding bugs in PALSware can be
very challenging in some cases, for various reasons.
To solve this problem, we present VeriPALS, a formally verified C implementation
of PALSware together with a verification framework for application systems. Espe-
cially, the framework provides an executable model as an efficient random testing
tool. As case studies, we developed two application systems, and applied VeriPALS
to demonstrate effectiveness of the framework in both testing and formal verification.์ฌ์ด๋ฒ ๋ฌผ๋ฆฌ ์์คํ
์ ์์ ์ฑ์ ๋์ด๋ ์ผ์ ํญ์ ์ค์ํ ์ฐ๊ตฌ ์ฃผ์ ๊ฐ ๋์ด์๋ค. ๊ทธ ์ด์
๋ ๋ง์ ์ฌ์ด๋ฒ ๋ฌผ๋ฆฌ ์์คํ
์ด ์์ ์ฐ์ ์์คํ
์ด๊ธฐ ๋๋ฌธ์ธ๋ฐ, ์ด๋ ์ค์ ์์คํ
๊ตฌ๋
์ค์ ์ค๋ฅ๊ฐ ๋ฐ์ํ ๊ฒฝ์ฐ ํฐ ์ฌ๊ณ ๋ก ์ง๊ฒฐ๋ ์ ์์์ ์๋ฏธํ๋ค. ๋์ฑ์ด, ์ฌ์ด๋ฒ ๋ฌผ๋ฆฌ
์์คํ
์ด ๊ฐ์ง๋ ์ค์๊ฐ์ฑ, ๋ถ์ฐ์ฑ์ด ์์คํ
์ ๋ณต์ก๋๋ฅผ ๋์ฌ ์ํ์ฑ์ ์ฆ๊ฐ์ํค๋ฏ๋ก
์์ ์ฑ์ ๋์ด๋ ์ผ์ ๋งค์ฐ ์ค์ํ๋ค.
์์คํ
์ ๋ณต์ก๋ ๋ฌธ์ ๋ฅผ ํด๊ฒฐํ๊ธฐ ์ํด, PALSware๋ผ๋ ๋ฏธ๋ค์จ์ด๊ฐ ๊ณ ์๋์๋ค. ์ด
๋ฏธ๋ค์จ์ด๋ ๋น๋๊ธฐ์์ผ๋ก ๋์ํ๋ ๋คํธ์ํฌ์ ์ด์์ฒด์ ํ๊ฒฝ ์์์ ๊ฐ์์ ๋๊ธฐ์ ํ
๊ฒฝ์ ์ ํ๋ฆฌ์ผ์ด์
์ธต์ ์ ๊ณตํ๋ ์ญํ ์ ํ๋ค. PALSware๋ฅผ ์ฌ์ฉํ๋ฉด ์์คํ
์ ๋๊ธฐ์
ํ๊ฒฝ์์ ๋์์ธํ ์ ์๊ฒ ๋์ด, ์์คํ
์ ๋ณต์ก๋๋ฅผ ํฌ๊ฒ ๋ฎ์ถ๋ ๊ฒ์ด ๊ฐ๋ฅํด์ง๋ค.
ํ์ง๋ง, PALSware์ ๋ฒ๊ทธ๊ฐ ์์ ๊ฒฝ์ฐ ๊ทธ ์
์ํฅ์ด ๋งค์ฐ ํฌ๊ฒ ๋ํ๋ ์ ์๋ค. ์ฐ์
์ด ๋ฏธ๋ค์จ์ด๋ฅผ ์ฌ์ฉํ๋ ๋ชจ๋ ์ ํ๋ฆฌ์ผ์ด์
์์คํ
์ ๋ฒ๊ทธ๊ฐ ์กด์ฌํ๊ฒ ๋๋ค. ๋ํ, ๋ฏธ๋ค
์จ์ด์ ๋ฒ๊ทธ๋ฅผ ์ฐพ๋ ์ผ์ ์ผ๋ฐ ํ๋ก๊ทธ๋จ์ ๋ฒ๊ทธ๋ฅผ ์ฐพ๋ ๊ฒ๋ณด๋ค ๋งค์ฐ ์ด๋ ค์ด ๋ฌธ์ ๊ฐ ๋
์ ์๋ค.
์ด ๋ฌธ์ ๋ฅผ ํด๊ฒฐํ๊ธฐ ์ํด, ์ฐ๋ฆฌ๋ VeriPALS๋ผ๋ ํ๋ ์์ํฌ๋ฅผ ๊ฐ๋ฐํ์๋ค. ์ด ํ๋
์์ํฌ๋ ์ํ์ ์ผ๋ก ์๋ฐํ๊ฒ ๊ฒ์ฆํ PALSware์ C ๊ตฌํ์ฒด๋ฅผ ํฌํจํ๊ณ ์์ด ์์ ํ
์์คํ
๊ตฌํ์ ๋๋๋ค. ๋ํ, ์ ํ๋ฆฌ์ผ์ด์
์์คํ
์ Coq ์์์ ์ํ์ ์ผ๋ก ์๋ฐํ
๊ฒ์ฆํ ์ ์๋ ๊ธฐ๋ฅ์ ์ง์ํ๋ค. ๋ ๋์๊ฐ์, ์ด ํ๋ ์์ํฌ๋ ์คํ ๊ฐ๋ฅํ ๋ชจ๋ธ์
ํจ์จ์ ์ธ ๋๋ค ํ
์คํ
ํด๋ก์ ์ ๊ณตํ๋ค. ์ฐ๋ฆฌ๋ ์ด ํ๋ ์์ํฌ ์์์ ๋ ์ข
๋ฅ์ ์ ํ๋ฆฌ
์ผ์ด์
์์คํ
์ ๊ฐ๋ฐํ๊ณ ํ
์คํ
๋ฐ ์๋ฐ ๊ฒ์ฆํ์ฌ ์ด ํ๋ ์์ํฌ์ ์ ์ฉ์ฑ์ ๋ณด์๋ค.Chapter 1 Introduction 1
Chapter 2 Preliminaries 8
2.1 PALSware 8
2.1.1 PALSware in A Distributed System 9
2.1.2 Correctness of Synchronization on Reliable Network 10
2.1.3 Implementation of PALSware 11
2.2 Interaction Trees 14
Chapter 3 Overview 16
3.1 Framework 16
3.2 Key Ideas 21
3.2.1 Concurrent Executions of Nodes 21
3.2.2 Global Clock vs. Local Clock 22
3.2.3 Real-time Local Executions of Node Model 23
3.2.4 Time Constraint on Network Transmission Times 24
3.2.5 Time Constraint on Program Executions 25
3.2.6 Observable Behaviors of a Real-Time Distributed System 26
Chapter 4 Formalization 28
4.1 General Definitions 28
4.2 Application System of the Framework 31
4.3 Real-World Model 34
4.3.1 Network Model 34
4.3.2 Generic System Model On Network 35
4.3.3 Operating System Model 37
4.4 Executable Abstract Synchrous Model 41
4.5 Result 42
Chapter 5 Refinement Proof using Intermediate Models 44
5.1 Refinement 1: Abstraction of C programs 44
5.2 Refinement 2: Abstract PALSware 47
5.3 Refinement 3: Abstraction of Network 48
5.4 Refinement 4: Synchronous Execution 51
5.5 Refinement 5: Making It Executable 54
Chapter 6 Case Study 1: Active-Standby Resource Scheduling System 55
6.1 High-Level Description 56
6.2 Implementation 59
6.3 Formally Verified Properties 62
6.3.1 Correctness of Implementation 62
6.3.2 Abstraction To Single-Controller System 63
Chapter 7 Case Study 2: Synchronous Work Assignment System 68
7.1 High-Level Description 69
7.2 Implementation 70
Chapter 8 Results 75
8.1 Development 75
8.2 Experimental Results 77
Chapter 9 Related Work 80
9.1 PALS Pattern and PALSware Verification 80
9.2 Verification Frameworks for Distributed Systems 81
9.3 Verifying C Programs 83
Chapter 10 Conclusion and Future Work 85
Bibliography 88
์ด๋ก 92
Acknowledgements 93๋ฐ
PALS/PRISM Software Design Description (SDD): Ver. 0.51
This Software Design Description (SDD) provides detailed information on the architecture and coding for the PRISM C++ library (version 0.51). The PRISM C++ library supports consistent information sharing and in- teractions between distributed components of networked embedded systems, e.g. avionics. It is designed to reduce the complexity of the networked sys- tem by employing synchronous semantics provided by the architectural pat- tern called a Physically-Asynchronous Logically-Synchronous (PALS) system.unpublishednot peer reviewe
Integrated formal verification of safety-critical software
This work presents a formal verification process based on the Systerel Smart Solver (S3) toolset for the development of safety-critical embedded software. In order to guarantee the correctness of the implementation of a set of textual requirements, the process integrates different verification techniques (inductive proof, bounded model checking, test case generation and equivalence proof) to handle different types of properties at their best capacities. It is aimed at the verification of properties at system, design, and code levels. To handle the floating-point arithmetic (FPA) in both the design and the code, an FPA library is designed and implemented in S3. This work is illustrated on an Automatic Rover Protection (ARP) system implemented on-board a robot. Focus is placed on the verification of safety and functional properties and on the equivalence proof between the design model and the generated code
Twenty years of rewriting logic
AbstractRewriting logic is a simple computational logic that can naturally express both concurrent computation and logical deduction with great generality. This paper provides a gentle, intuitive introduction to its main ideas, as well as a survey of the work that many researchers have carried out over the last twenty years in advancing: (i) its foundations; (ii) its semantic framework and logical framework uses; (iii) its language implementations and its formal tools; and (iv) its many applications to automated deduction, software and hardware specification and verification, security, real-time and cyber-physical systems, probabilistic systems, bioinformatics and chemical systems
- โฆ