TCTL model checking of Time Petri Nets

International audienceIn this paper, we consider \emph{subscript} TCTL for Time Petri Nets (TPN-TCTL) for which temporal operators are extended with a time interval, specifying a time constraint on the firing sequences. We prove that the model-checking of a TPN-TCTL formula on a bounded TPN is decidable and is a PSPACE-complete problem. We propose a zone based state space abstraction that preserves marking reachability and traces of the TPN. As for Timed Automata (TA), the abstraction may use an over-approximation operator on zones to enforce the termination. A coarser (and efficient) abstraction is then provided and proved exact w.r.t. marking reachability and traces (LTL properties). Finally, we consider a subset of TPN-TCTL properties for which it is possible to propose efficient on-the-fly model-checking algorithms. Our approach consists in computing and exploring the zone based state space abstractio

Structural translation from time petri nets to timed automata

International audienceIn this paper, we consider Time Petri Nets (TPN) where time is associated with transitions. We give a formal semantics for TPNs in terms of Timed Transition Systems. Then, we propose a translation from TPNs to Timed Automata (TA) that preserves the behavioral semantics (timed bisimilarity) of the TPNs. For the theory of TPNs this result is two-fold: i) reachability problems and more generally TCTL model-checking are decidable for bounded TPNs; ii) allowing strict time constraints on transitions for TPNs preserves the results described in i). The practical appli- cations of the translation are: i) one can specify a system using both TPNs and Timed Automata and a precise semantics is given to the composition; ii) one can use existing tools for analyzing timed automata (like Kronos, Uppaal or Cmc) to analyze TPNs. In this paper we describe the new feature of the tool Romeo that implements our translation of TPNs in the Uppaal input format. We also report on experiments carried out on various examples and compare the result of our method to state-of-the-art tool for analyzing TPNs

Zone-based formal specification and timing analysis of real-time self-adaptive systems

Self-adaptive software systems are able to autonomously adapt their behavior at run-time to react to internal dynamics and to uncertain and changing environment conditions. Formal specification and verification of self-adaptive systems are tasks generally very difficult to carry out, especially when involving time constraints. In this case, in fact, the system correctness depends also on the time associated with events. This article introduces the Zone-based Time Basic Petri nets specification formalism. The formalism adopts timed adaptation models to specify self-adaptive behavior with temporal constraints, and relies on a zone-based modeling approach to support separation of concerns. Zones identified during the modeling phase can be then used as modules either in isolation, to verify intra-zone properties, or all together, to verify inter-zone properties over the entire system. In addition, the framework allows the verification of (timed) robustness properties to guarantee self-healing capabilities when higher levels of reliability and availability are required to the system, especially when dealing with time-critical systems. This article presents also the ZAFETY tool, a Java software implementation of the proposed framework, and the validation and experimental results obtained in modeling and verifying two time-critical self-adaptive systems: the Gas Burner system and the Unmanned Aerial Vehicle system

A Forward Reachability Algorithm for Bounded Timed-Arc Petri Nets

Timed-arc Petri nets (TAPN) are a well-known time extension of the Petri net model and several translations to networks of timed automata have been proposed for this model. We present a direct, DBM-based algorithm for forward reachability analysis of bounded TAPNs extended with transport arcs, inhibitor arcs and age invariants. We also give a complete proof of its correctness, including reduction techniques based on symmetries and extrapolation. Finally, we augment the algorithm with a novel state-space reduction technique introducing a monotonic ordering on markings and prove its soundness even in the presence of monotonicity-breaking features like age invariants and inhibitor arcs. We implement the algorithm within the model-checker TAPAAL and the experimental results document an encouraging performance compared to verification approaches that translate TAPN models to UPPAAL timed automata.Comment: In Proceedings SSV 2012, arXiv:1211.587

A Forward On-The-Fly Approach for Safety and Reachability Controller Synthesis of Timed Systems

RÉSUMÉ Cette thèse s’intéresse à la synthèse de contrôleurs pour des systèmes temps réel (systèmes temporisés). Partant d’un système temps réel modélisé par un réseau de Petri temporel composé de transitions contrôlables et non contrôlables (TPN), le contrôle vise à forcer, en restreignant les intervalles de franchissement des transitions contrôlables, le système à satisfaire les propriétés souhaitées. Nous proposons, dans cette thèse, un algorithme pour synthétiser de tels contrôleurs pour des propriétés de sûreté et d’accessibilité. Cet algorithme, basé sur la méthode de graphe de classes d’états, calcule à la volée les classes d’états atteignables du TPN tout en collectant progressivement les sous-intervalles de tir à éviter, afin de satisfaire les propriétés souhaitées. Avec cet algorithme, il n’est plus nécessaire de calculer les prédécesseurs contrôlables et de partitionner récursivement les classes d’états jusqu’à atteindre un point fixe, comme c’est le cas dans les autres approches basées sur l’exploration, en avant et en arrière, de l’espace des états du système. Nous prouvons formellement la correction de l’algorithme, puis nous montrons que dans la catégorie des contrôleurs basés sur la restriction des intervalles de tir, l’algorithme, proposé dans cette thèse, synthétise un contrôleur optimal (le plus permissif possible). Afin d’atténuer davantage le problème d’explosion combinatoire, nous montrons comment combiner cette approche avec une abstraction par l’inclusion, par union-convexe ou par enveloppe-convexe. Nous montrons également comment exploiter cet algorithme pour générer des contrôleurs décentralisés. Enfin, nous proposons d’appliquer cet algorithme pour contrôler des TPN par des chronomètres. Notre algorithme permet de partitionner les intervalles des transitions en “bons” et “mauvais” sous-intervalles (à éviter). L’idée est d’utiliser des chronomètres pour suspendre les tâches (transitions) durant leurs mauvais sous-intervalles et les activer dans leurs “bons sous-intervalles”. Il s’agit donc de contrôler les réseaux de Petri temporels en associant des chronomètres aux transitions contrôlables, pour obtenir ainsi des réseaux de Petri temporels contrôlés.----------ABSTRACT This thesis deals with controller synthesis for real time systems (timed systems). Given a real time system modeled as a Time Petri Net (TPN) with controllable and uncontrollable transitions, the control aims at forcing the system to satisfy properties of interest, by limiting the firing intervals of controllable transitions. We propose, in this thesis, an algorithm to synthesize such controllers for safety / reachability properties. This algorithm, based on the state class graph method, computes on-the-fly the reachable state classes of the TPN while collecting progressively firing subintervals to be avoided so that the property is satisfied. It does not need to compute controllable predecessors and then split state classes until reaching a fixpoint, as it is the case for other approaches based on backward and forward exploration of state space of the system. We prove formally the correctness of the algorithm and show that, in the category of state dependent controllers based on the restriction of firing intervals, the algorithm proposed in this thesis, synthesizes maximally permissive controllers. In order to attenuate the state explosion problem, we show how to combine efficiently this approach with an abstraction by inclusion, convex union or convex hull. Afterwards, we discuss the compatibility of this method with distributed systems and decentralized controllers. Finally, we apply this algorithm to control TPN with controllable and uncontrollable transitions by stopwatch. In this approach, we find the subintervals violating the given properties and our objective is to suspend the tasks (transitions) during their bad subintervals and to resume them later. The controller is synthesized through the same algorithm already introduced. In this approach, we suggest to control time Petri nets by associating stopwatches to controllable transitions and to achieve a controlled time Petri nets