13 research outputs found
IMITATOR II: A Tool for Solving the Good Parameters Problem in Timed Automata
We present here Imitator II, a new version of Imitator, a tool implementing
the "inverse method" for parametric timed automata: given a reference valuation
of the parameters, it synthesizes a constraint such that, for any valuation
satisfying this constraint, the system behaves the same as under the reference
valuation in terms of traces, i.e., alternating sequences of locations and
actions. Imitator II also implements the "behavioral cartography algorithm",
allowing us to solve the following good parameters problem: find a set of
valuations within a given bounded parametric domain for which the system
behaves well. We present new features and optimizations of the tool, and give
results of applications to various examples of asynchronous circuits and
communication protocols.Comment: In Proceedings INFINITY 2010, arXiv:1010.611
Model Checking Classes of Metric LTL Properties of Object-Oriented Real-Time Maude Specifications
This paper presents a transformational approach for model checking two
important classes of metric temporal logic (MTL) properties, namely, bounded
response and minimum separation, for nonhierarchical object-oriented Real-Time
Maude specifications. We prove the correctness of our model checking
algorithms, which terminate under reasonable non-Zeno-ness assumptions when the
reachable state space is finite. These new model checking features have been
integrated into Real-Time Maude, and are used to analyze a network of medical
devices and a 4-way traffic intersection system.Comment: In Proceedings RTRTS 2010, arXiv:1009.398
Compositional Invariant Generation for Timed Systems
International audienceIn this paper we address the state space explosion problem inherent to model-checking timed systems with a large number of components. The main challenge is to obtain pertinent global timing constraints from the timings in the components alone. To this end, we make use of auxiliary clocks to automatically generate new invariants which capture the constraints induced by the synchronisations between components. The method has been implemented as an extension of the D-Finder tool and successfully experimented on several benchmarks
The Power of Proofs: New Algorithms for Timed Automata Model Checking (with Appendix)
This paper presents the first model-checking algorithm for an expressive
modal mu-calculus over timed automata, , and reports performance results for an implementation.
This mu-calculus contains extended time-modality operators and can express all
of TCTL. Our algorithmic approach uses an "on-the-fly" strategy based on proof
search as a means of ensuring high performance for both positive and negative
answers to model-checking questions. In particular, a set of proof rules for
solving model-checking problems are given and proved sound and complete; we
encode our algorithm in these proof rules and model-check a property by
constructing a proof (or showing none exists) using these rules. One noteworthy
aspect of our technique is that we show that verification performance can be
improved with \emph{derived rules}, whose correctness can be inferred from the
more primitive rules on which they are based. In this paper, we give the basic
proof rules underlying our method, describe derived proof rules to improve
performance, and compare our implementation of this model checker to the UPPAAL
tool.Comment: This is the preprint of the FORMATS 2014 paper, but this is the full
version, containing the Appendix. The final publication is published from
Springer, and is available at
http://link.springer.com/chapter/10.1007%2F978-3-319-10512-3_9 on the
Springer webpag
Compositional Verification for Timed Systems Based on Automatic Invariant Generation
We propose a method for compositional verification to address the state space
explosion problem inherent to model-checking timed systems with a large number
of components. The main challenge is to obtain pertinent global timing
constraints from the timings in the components alone. To this end, we make use
of auxiliary clocks to automatically generate new invariants which capture the
constraints induced by the synchronisations between components. The method has
been implemented in the RTD-Finder tool and successfully experimented on
several benchmarks
Simulations for Event-Clock Automata
Event-clock automata are a well-known subclass of timed automata which enjoy admirable theoretical properties, e.g., determinizability, and are practically useful to capture timed specifications. However, unlike for timed automata, there exist no implementations for event-clock automata. A main reason for this is the difficulty in adapting zone-based algorithms, critical in the timed automata setting, to the event-clock automata setting. This difficulty was studied in [Gilles Geeraerts et al., 2011; Gilles Geeraerts et al., 2014], where the authors also proposed a solution using zone extrapolations.
In this paper, we propose an alternative zone-based algorithm, using simulations for finiteness, to solve the reachability problem for event-clock automata. Our algorithm exploits the ?-simulation framework, which is the coarsest known simulation relation for reachability, and has been recently used for advances in other extensions of timed automata
Zone-based verification of timed automata: extrapolations, simulations and what next?
Timed automata have been introduced by Rajeev Alur and David Dill in the
early 90's. In the last decades, timed automata have become the de facto model
for the verification of real-time systems. Algorithms for timed automata are
based on the traversal of their state-space using zones as a symbolic
representation. Since the state-space is infinite, termination relies on finite
abstractions that yield a finite representation of the reachable states.
The first solution to get finite abstractions was based on extrapolations of
zones, and has been implemented in the industry-strength tool Uppaal. A
different approach based on simulations between zones has emerged in the last
ten years, and has been implemented in the fully open source tool TChecker. The
simulation-based approach has led to new efficient algorithms for reachability
and liveness in timed automata, and has also been extended to richer models
like weighted timed automata, and timed automata with diagonal constraints and
updates.
In this article, we survey the extrapolation and simulation techniques, and
discuss some open challenges for the future.Comment: Invited contribution at FORMATS'2
Coarse abstractions make Zeno behaviours difficult to detect
An infinite run of a timed automaton is Zeno if it spans only a finite amount
of time. Such runs are considered unfeasible and hence it is important to
detect them, or dually, find runs that are non-Zeno. Over the years important
improvements have been obtained in checking reachability properties for timed
automata. We show that some of these very efficient optimizations make testing
for Zeno runs costly. In particular we show NP-completeness for the
LU-extrapolation of Behrmann et al. We analyze the source of this complexity in
detail and give general conditions on extrapolation operators that guarantee a
(low) polynomial complexity of Zenoness checking. We propose a slight weakening
of the LU-extrapolation that satisfies these conditions
Comprobación de modelos en sistemas concurrentes a partir de su semántica en Maude
La comprobación de modelos (model checking) es una técnica automática para verificar si una propiedad se cumple en un sistema concurrente. Maude es un marco lógico de alto rendimiento donde se puede especificar, modelar, ejecutar y analizar —de forma sencilla— otros sistemas. Además, este entorno incluye un comprobador de modelos para verificar propiedades expresadas en lógica temporal lineal. Sin embargo, cuando una propiedad aplicada a un programa —escrito en un lenguaje de programación modelado para Maude— no se cumple, el contraejemplo —generado por el propio sistema— está basado en la semántica del propio Maude, dificultando la tarea de poder seguirlo a la hora de entender el resultado.
En esta memoria presentamos la herramienta Selene, un marco genérico que maneja sistemas concurrentes asíncronos de modo que el usuario pueda obtener una versión simplificada de los contraejemplos generados por el comprobador de modelos en Maude tras la realización del análisis sobre programas escritos en otros lenguajes. Para lograrlo se ofrece un kernel para manejar la memoria y los mensajes, elementos que se emplearán en el “informe” final obtenido del contraejemplo. Sobre dicha arquitectura el usuario podrá especificar los detalles de la semántica del lenguaje a manejar. Por último, se analizará cuáles fueron los objetivos iniciales, los resultados obtenidos, los problemas encontrados durante el desarrollo, así como las propuestas y líneas futuras de trabajo que serían deseables para la mejora del proyecto
On the analysis of stochastic timed systems
The formal methods approach to develop reliable and efficient safety- or performance-critical systems is to construct mathematically precise models of such systems on which properties of interest, such as safety guarantees or performance requirements, can be verified automatically. In this thesis, we present techniques that extend the reach of exhaustive and statistical model checking to verify reachability and reward-based properties of compositional behavioural models that support quantitative aspects such as real time and randomised decisions.
We present two techniques that allow sound statistical model checking for the nondeterministic-randomised model of Markov decision processes. We investigate the relationship between two different definitions of the model of probabilistic timed automata, as well as potential ways to apply statistical model checking. Stochastic timed automata allow nondeterministic choices as well as nondeterministic and stochastic delays, and we present the first exhaustive model checking algorithm that allows their analysis. All the approaches introduced in this thesis are implemented as part of the Modest Toolset, which supports the construction and verification of models specified in the formal modelling language Modest. We conclude by applying this language and toolset to study novel distributed control strategies for photovoltaic microgenerators