7,969 research outputs found
Incremental Verification of Component-Based Timed Systems
International audienceWe are interested in the incremental development, by integration of components, of component-based timed systems, and in particular, in the preservation of their properties during such a development process. We model timed components with timed automata. Their composition is achieved with the classic parallel composition operator for timed automata. The specifications of these timed systems are expressed with the timed linear logic Mitl (Metric Interval Temporal Logic). To guarantee the preservation of properties during an incremental development process, we propose to use ? -simulation relations, adapted for timed systems. First, we extend the classic notion of ? -simulation with timed aspects. As in the untimed case, this relation, called timed ? -simulation, preserves safety properties. To preserve more properties, in particular liveness ones, we present another relation, called divergencesensitive and stability-respecting (DS) timed ? -simulation. This last relation preserves all Mitl properties (and thus liveness ones), but also strong non-zenoness and deadlockfreedom. Moreover, as we put ourselves in a component-based framework, we study if the relations are appropriate to the use of the composition operator that we consider. For this purpose, we study if the relations are compatible with this operator, and if composability and compositionality hold. These three properties are a way to reduce the cost of the verification of the preservation, or even to get it for free. It results that the timed ? -simulation is appropriate with the classic operator since the properties hold without any assumption. However, this is not the case for the DS timed ? - simulation. We implemented the algorithmic verification of the simulations in a tool called Vesta (Verification of Simulation for Timed Automata). The structure of the tool was inspired from the one of the Open-Kronos tool. This allows, as additionnal feature, to connect the models considered in Vesta to the modules of the verification platform Open-Caesar. We show the interest of our method by applying it on a case study, concerning a production cell example
Recommended from our members
Software integration testing based on communication coverage criteria and partial model generation
This paper considers the problem of integration testing the components of a timed distributed software system. We assume that communication between the components is specified using timed interface automata and use computational tree logic (CTL) to define communication-based coverage criteria that refer to send- and receive-statements and communication paths. The proposed method enables testers to focus during component integration on such parts of the specification, e.g. behaviour specifications or Markovian usage models, that are involved in the communication between components to be integrated. A more specific application area of this approach is the integration of test-models, e.g. a transmission gear can be tested based on separated models for the driver behaviour, the engine condition, and the mechanical and hydraulical transmission states. Given such a state-based specification of a distributed system and a concrete coverage goal, a model checker is used in order to determine the coverage or generate test sequences that achieve the goal. Given the generated test sequences we derive a partial test-model of the components from which the test sequences are derived. The partial model can be used to drive further testing and can also be used as the basis for producing additional partial models in incremental integration testing. While the process of deriving the test sequences could suffer from a combinatorial explosion, the effort required to generate the partial model is polynomial in the number of test sequences and their length. Thus, where it is not feasible to produce test sequences that achieve a given type of coverage it is still possible to produce a partial model on the basis of test sequences generated to achieve some other criterion. As a result, the process of generating a partial model has the potential to scale to large industrial software systems. While a particular model checker, UPPAAL, was used, it should be relatively straightforward to adapt the approach for use with other CTL based model checkers. A potential additional benefit of the approach is that it provides a visual description of the state-based testing of distributed systems, which may be beneficial in other contexts such as education and comprehension
Mapping RT-LOTOS specifications into Time Petri Nets
RT-LOTOS is a timed process algebra which enables compact
and abstract specification of real-time systems. This paper proposes and illustrates a structural translation of RT-LOTOS terms into behaviorally equivalent (timed bisimilar) finite Time Petri nets. It is therefore possible to apply Time Petri nets verification techniques to the profit of RT-LOTOS. Our approach has been implemented in RTL2TPN, a prototype tool which takes as input an RT-LOTOS specification and outputs a TPN. The latter is verified using TINA, a TPN analyzer developed by LAAS-CNRS. The toolkit made of RTL2TPN and TINA has been positively benchmarked against previously developed RT-LOTOS verification tool
Combining SysML and AADL for the design, validation and implementation of critical systems
The realization of critical systems goes through multiple phases of specification, design, integration, validation, and testing. It starts from high-level sketches down to the final product. Model-Based Design has been acknowledged as a good conveyor to capture these steps. Yet, there is no universal solution to represent all activities. Two candidates are the OMG-based SysML to perform high-level modeling tasks, and the SAE AADL to perform lower-level ones, down to the implementation. The paper shares an experience on the seamless use of SysML and the AADL to model, validate/verify and implement a flight management system
Effective representation of RT-LOTOS terms by finite time petri nets
The paper describes a transformational approach for the
specification and formal verification of concurrent and real-time systems. At upper level, one system is specified using the timed process algebra RT-LOTOS. The output of the proposed transformation is a Time Petri net (TPN). The paper particularly shows how a TPN can be automatically constructed from an RT-LOTOS specification using a compositionally defined mapping. The proof of the translation consistency is sketched in the paper and developed in [1]. The RT-LOTOS to TPN translation patterns formalized in the paper are being implemented. in a prototype tool. This enables reusing TPNs verification techniques and tools for the profit of RT-LOTOS
Bridging the Gap Between Requirements and Model Analysis : Evaluation on Ten Cyber-Physical Challenge Problems
Formal verfication and simulation are powerful tools to validate requirements against complex systems. [Problem] Requirements are developed in early stages of the software lifecycle and are typically written in ambiguous natural language. There is a gap between such requirements and formal notations that can be used by verification tools, and lack of support for proper association of requirements with software artifacts for verification. [Principal idea] We propose to write requirements in an intuitive, structured natural language with formal semantics, and to support formalization and model/code verification as a smooth, well-integrated process. [Contribution] We have developed an end-to-end, open source requirements analysis framework that checks Simulink models against requirements written in structured natural language. Our framework is built in the Formal Requirements Elicitation Tool (fret); we use fret's requirements language named fretish, and formalization of fretish requirements in temporal logics. Our proposed framework contributes the following features: 1) automatic extraction of Simulink model information and association of fretish requirements with target model signals and components; 2) translation of temporal logic formulas into synchronous dataflow cocospec specifications as well as Simulink monitors, to be used by verification tools; we establish correctness of our translation through extensive automated testing; 3) interpretation of counterexamples produced by verification tools back at requirements level. These features support a tight integration and feedback loop between high level requirements and their analysis. We demonstrate our approach on a major case study: the Ten Lockheed Martin Cyber-Physical, aerospace-inspired challenge problems
{VeSTA} : a Tool to Verify the Correct Integration of a Component in a Composite Timed System
International audienceVesta is a push-button tool for checking the correct integration of a component in an environment, for component-based timed systems. By correct integration, we mean that the local properties of the component are preserved when this component is merged into an environment. This correctness is checked by means of a so-called divergencesensitive and stability-respecting timed tau-simulation, ensuring the preservation of all linear timed properties expressed in the logical formalism Mitl (Metric Interval Temporal Logic), as well as strong non-zenoness and deadlock-freedom. The development of the tool was guided by the architecture of the Open-Kronos tool. This allows, as additional feature, an easy connection of the models considered in Vesta to the Open- Caesar verification platform, and to the Open-Kronos tool
On Zone-Based Analysis of Duration Probabilistic Automata
We propose an extension of the zone-based algorithmics for analyzing timed
automata to handle systems where timing uncertainty is considered as
probabilistic rather than set-theoretic. We study duration probabilistic
automata (DPA), expressing multiple parallel processes admitting memoryfull
continuously-distributed durations. For this model we develop an extension of
the zone-based forward reachability algorithm whose successor operator is a
density transformer, thus providing a solution to verification and performance
evaluation problems concerning acyclic DPA (or the bounded-horizon behavior of
cyclic DPA).Comment: In Proceedings INFINITY 2010, arXiv:1010.611
Pushing the envelope of Optimization Modulo Theories with Linear-Arithmetic Cost Functions
In the last decade we have witnessed an impressive progress in the
expressiveness and efficiency of Satisfiability Modulo Theories (SMT) solving
techniques. This has brought previously-intractable problems at the reach of
state-of-the-art SMT solvers, in particular in the domain of SW and HW
verification. Many SMT-encodable problems of interest, however, require also
the capability of finding models that are optimal wrt. some cost functions. In
previous work, namely "Optimization Modulo Theory with Linear Rational Cost
Functions -- OMT(LAR U T )", we have leveraged SMT solving to handle the
minimization of cost functions on linear arithmetic over the rationals, by
means of a combination of SMT and LP minimization techniques. In this paper we
push the envelope of our OMT approach along three directions: first, we extend
it to work also with linear arithmetic on the mixed integer/rational domain, by
means of a combination of SMT, LP and ILP minimization techniques; second, we
develop a multi-objective version of OMT, so that to handle many cost functions
simultaneously; third, we develop an incremental version of OMT, so that to
exploit the incrementality of some OMT-encodable problems. An empirical
evaluation performed on OMT-encoded verification problems demonstrates the
usefulness and efficiency of these extensions.Comment: A slightly-shorter version of this paper is published at TACAS 2015
conferenc
- …