1,159 research outputs found
Interrupt Timed Automata: verification and expressiveness
We introduce the class of Interrupt Timed Automata (ITA), a subclass of
hybrid automata well suited to the description of timed multi-task systems with
interruptions in a single processor environment. While the reachability problem
is undecidable for hybrid automata we show that it is decidable for ITA. More
precisely we prove that the untimed language of an ITA is regular, by building
a finite automaton as a generalized class graph. We then establish that the
reachability problem for ITA is in NEXPTIME and in PTIME when the number of
clocks is fixed. To prove the first result, we define a subclass ITA- of ITA,
and show that (1) any ITA can be reduced to a language-equivalent automaton in
ITA- and (2) the reachability problem in this subclass is in NEXPTIME (without
any class graph). In the next step, we investigate the verification of real
time properties over ITA. We prove that model checking SCL, a fragment of a
timed linear time logic, is undecidable. On the other hand, we give model
checking procedures for two fragments of timed branching time logic. We also
compare the expressive power of classical timed automata and ITA and prove that
the corresponding families of accepted languages are incomparable. The result
also holds for languages accepted by controlled real-time automata (CRTA), that
extend timed automata. We finally combine ITA with CRTA, in a model which
encompasses both classes and show that the reachability problem is still
decidable. Additionally we show that the languages of ITA are neither closed
under complementation nor under intersection
Polynomial Interrupt Timed Automata
Interrupt Timed Automata (ITA) form a subclass of stopwatch automata where
reachability and some variants of timed model checking are decidable even in
presence of parameters. They are well suited to model and analyze real-time
operating systems. Here we extend ITA with polynomial guards and updates,
leading to the class of polynomial ITA (PolITA). We prove the decidability of
the reachability and model checking of a timed version of CTL by an adaptation
of the cylindrical decomposition method for the first-order theory of reals.
Compared to previous approaches, our procedure handles parameters and clocks in
a unified way. Moreover, we show that PolITA are incomparable with stopwatch
automata. Finally additional features are introduced while preserving
decidability
Schedulability analysis of timed CSP models using the PAT model checker
Timed CSP can be used to model and analyse real-time and concurrent behaviour of embedded control systems. Practical CSP implementations combine the CSP model of a real-time control system with prioritized scheduling to achieve efficient and orderly use of limited resources. Schedulability analysis of a timed CSP model of a system with respect to a scheduling scheme and a particular execution platform is important to ensure that the system design satisfies its timing requirements. In this paper, we propose a framework to analyse schedulability of CSP-based designs for non-preemptive fixed-priority multiprocessor scheduling. The framework is based on the PAT model checker and the analysis is done with dense-time model checking on timed CSP models. We also provide a schedulability analysis workflow to construct and analyse, using the proposed framework, a timed CSP model with scheduling from an initial untimed CSP model without scheduling. We demonstrate our schedulability analysis workflow on a case study of control software design for a mobile robot. The proposed approach provides non-pessimistic schedulability results
Aspects of Availability Enforcing timed properties to prevent denial of service
We propose a domain-specific aspect language to prevent denial of service caused by resource management. Our aspects specify availability policies by enforcing time limits in the allocation of resources. In our language, aspects can be seen as formal timed properties on execution traces. Programs and aspects are specified as timed automata and the weaving process as an automata product. The benefit of this formal approach is two-fold: the user keeps the semantic impact of weaving under control and (s)he can use a model-checker to optimize the woven program and verify availability properties
Timed Runtime Monitoring for Multiparty Conversations
We propose a dynamic verification framework for protocols in real-time distributed systems. The framework is based on Scribble, a tool-chain for design and verification of choreographies based on multiparty session types, developed with our industrial partners. Drawing from recent work on multiparty session types for real-time interactions, we extend Scribble with clocks, resets, and clock predicates constraining the times in which interactions should occur. We present a timed API for Python to program distributed implementations of Scribble specifications. A dynamic verification framework ensures the safe execution of applications written with our timed API: we have implemented dedicated runtime monitors that check that each interaction occurs at a correct timing with respect to the corresponding Scribble specification. The performance of our implementation and its practicability are analysed via benchmarking
Model checking control communication of a FACTS device
This thesis concerns the design and verification of a real-time communication protocol for sensor data collection and processing between an embedded computer and a DSP. In such systems, a certain amount of data loss without recovery may be tolerated. The key issue is to design and verify the correctness in the presence of these lost data frames under real-time constraints. This thesis describes a temporal verification that if the end processes do not detect that too many frames are lost, defined by comparison of error counters against given threshold values, then there will be a bounded delay between transmission of data frames and reception of control frames. This verification and others presented herein were performed with the model checkers SPIN and RT-SPIN --Abstract, page iii
- …