20 research outputs found
Path Checking for MTL and TPTL over Data Words
Metric temporal logic (MTL) and timed propositional temporal logic (TPTL) are
quantitative extensions of linear temporal logic, which are prominent and
widely used in the verification of real-timed systems. It was recently shown
that the path checking problem for MTL, when evaluated over finite timed words,
is in the parallel complexity class NC. In this paper, we derive precise
complexity results for the path-checking problem for MTL and TPTL when
evaluated over infinite data words over the non-negative integers. Such words
may be seen as the behaviours of one-counter machines. For this setting, we
give a complete analysis of the complexity of the path-checking problem
depending on the number of register variables and the encoding of constraint
numbers (unary or binary). As the two main results, we prove that the
path-checking problem for MTL is P-complete, whereas the path-checking problem
for TPTL is PSPACE-complete. The results yield the precise complexity of model
checking deterministic one-counter machines against formulae of MTL and TPTL
The Expressive Power, Satisfiability and Path Checking Problems of MTL and TPTL over Non-Monotonic Data Words
Recently, verification and analysis of data words have gained a lot of interest. Metric temporal logic (MTL) and timed propositional temporal logic (TPTL) are two extensions of Linear time temporal logic (LTL). In MTL, the temporal operator are indexed by a constraint interval. TPTL is a more powerful logic that is equipped with a freeze formalism. It uses register variables, which can be set to the current data value and later these register variables can be compared with the current data value. For monotonic data words, Alur and Henzinger proved that MTL and TPTL are equally expressive and the satisfiability problem is decidable. We study the expressive power, satisfiability problems and path checking problems for MLT and TPTL over all data words. We introduce Ehrenfeucht-Fraisse games for MTL and TPTL. Using the EF-game for MTL, we show that TPTL is strictly more expressive than MTL. Furthermore, we show that the MTL definability problem that whether a TPTL-formula is definable in MTL is not decidable. When restricting the number of register variables, we are able to show that TPTL with two register variables is strictly more expressive than TPTL with one register variable. For the satisfiability problem, we show that for MTL, the unary fragment of MTL and the pure fragment of MTL, SAT is not decidable. We prove the undecidability by reductions from the recurrent state problem and halting problem of two-counter machines. For the positive fragments of MTL and TPTL, we show that a positive formula is satisfiable if and only it is satisfied by a finite data word. Finitary SAT and infinitary SAT coincide for positive MTL and positive TPTL. Both of them are r.e.-complete. For existential TPTL and existential MTL, we show that SAT is NP-complete. We also investigate the complexity of path checking problems for TPTL and MTL over data words. These data words can be either finite or infinite periodic. For periodic words without data values, the complexity of LTL model checking belongs to the class AC^1(LogDCFL). For finite monotonic data words, the same complexity bound has been shown for MTL by Bundala and Ouaknine. We show that path checking for TPTL is PSPACE-complete, and for MTL is P-complete. If the number of register variables allowed is restricted, we obtain path checking for TPTL with only one register variable is P-complete over both infinite and finite data words; for TPTL with two register variables is PSPACE-complete over infinite data words. If the encoding of constraint numbers of the input TPTL-formula is in unary notation, we show that path checking for TPTL with a constant number of variables is P-complete over infinite unary encoded data words. Since the infinite data word produced by a deterministic one-counter machine is periodic, we can transfer all complexity results for the infinite periodic case to model checking over deterministic one-counter machines
On the Expressiveness of TPTL and MTL over \omega-Data Words
Metric Temporal Logic (MTL) and Timed Propositional Temporal Logic (TPTL) are
prominent extensions of Linear Temporal Logic to specify properties about data
languages. In this paper, we consider the class of data languages of
non-monotonic data words over the natural numbers. We prove that, in this
setting, TPTL is strictly more expressive than MTL. To this end, we introduce
Ehrenfeucht-Fraisse (EF) games for MTL. Using EF games for MTL, we also prove
that the MTL definability decision problem ("Given a TPTL-formula, is the
language defined by this formula definable in MTL?") is undecidable. We also
define EF games for TPTL, and we show the effect of various syntactic
restrictions on the expressiveness of MTL and TPTL.Comment: In Proceedings AFL 2014, arXiv:1405.527
From Formal Requirement Analysis to Testing and Monitoring of Cyber-Physical Systems
abstract: Cyber-Physical Systems (CPS) are being used in many safety-critical applications. Due to the important role in virtually every aspect of human life, it is crucial to make sure that a CPS works properly before its deployment. However, formal verification of CPS is a computationally hard problem. Therefore, lightweight verification methods such as testing and monitoring of the CPS are considered in the industry. The formal representation of the CPS requirements is a challenging task. In addition, checking the system outputs with respect to requirements is a computationally complex problem. In this dissertation, these problems for the verification of CPS are addressed. The first method provides a formal requirement analysis framework which can find logical issues in the requirements and help engineers to correct the requirements. Also, a method is provided to detect tests which vacuously satisfy the requirement because of the requirement structure. This method is used to improve the test generation framework for CPS. Finally, two runtime verification algorithms are developed for off-line/on-line monitoring with respect to real-time requirements. These monitoring algorithms are computationally efficient, and they can be used in practical applications for monitoring CPS with low runtime overhead.Dissertation/ThesisDoctoral Dissertation Computer Science 201
On the Satisfiability of Temporal Logics with Concrete Domains
Temporal logics are a very popular family of logical languages, used to specify properties of abstracted systems. In the last few years, many extensions of temporal logics have been proposed, in order to address the need to express more than just abstract properties.
In our work we study temporal logics extended by local constraints, which allow to express quantitative properties on data values from an arbitrary relational structure called the concrete domain.
An example of concrete domain can be (Z, <, =), where the integers are considered as a relational structure over the binary order relation and the equality relation.
Formulas of temporal logics with constraints are evaluated on data-words or data-trees, in which each node or position is labeled by a vector of data from the concrete domain. We call the constraints local because they can only compare values at a fixed distance inside such models.
Several positive results regarding the satisfiability of LTL (linear temporal logic) with constraints over the integers have been established in the past years, while the corresponding results for branching time logics were only partial.
In this work we prove that satisfiability of CTL* (computation tree logic) with
constraints over the integers is decidable and also lift this result to ECTL*, a proper extension of CTL*.
We also consider other classes of concrete domains, particularly ones that are \"tree-like\". We consider semi-linear orders, ordinal trees and trees of a fixed height, and prove decidability in this framework as well. At the same time we prove that our method cannot be applied in the case of the infinite binary tree or the infinitely branching infinite tree.
We also look into extending the expressiveness of our logic adding non-local constraints, and find that this leads to undecidability of the satisfiability problem, even on very simple domains like (Z, <, =). We then find a way to restrict the power of the non-local constraints to regain decidability
Runtime Verification of Temporal Properties over Out-of-order Data Streams
We present a monitoring approach for verifying systems at runtime. Our
approach targets systems whose components communicate with the monitors over
unreliable channels, where messages can be delayed or lost. In contrast to
prior works, whose property specification languages are limited to
propositional temporal logics, our approach handles an extension of the
real-time logic MTL with freeze quantifiers for reasoning about data values. We
present its underlying theory based on a new three-valued semantics that is
well suited to soundly and completely reason online about event streams in the
presence of message delay or loss. We also evaluate our approach
experimentally. Our prototype implementation processes hundreds of events per
second in settings where messages are received out of order.Comment: long version of the CAV 2017 pape
On the expressiveness and monitoring of metric temporal logic
It is known that Metric Temporal Logic (MTL) is strictly less expressive than the Monadic First-Order Logic of Order and Metric (FO[<, +1]) when interpreted over timed words; this remains true even when the time domain is bounded a priori. In this work, we present an extension of MTL with the same expressive power as FO[<, +1] over bounded timed words (and also, trivially, over time-bounded signals). We then show that expressive completeness also holds in the general (time-unbounded) case if we allow the use of rational constants q ∈ Q in formulas. This extended version of MTL therefore yields a definitive real-time analogue of Kamp’s theorem. As an application, we propose a trace-length independent monitoring procedure for our extension of MTL, the first such procedure in a dense real-time setting
Dynamic contracts for verification and enforcement of real-time systems properties
Programa de Doutoramento em Informática (MAP-i) das Universidades do Minho, de Aveiro e do PortoRuntime veri cation is an emerging discipline that investigates methods and tools to enable
the veri cation of program properties during the execution of the application. The goal is
to complement static analysis approaches, in particular when static veri cation leads to
the explosion of states. Non-functional properties, such as the ones present in real-time
systems are an ideal target for this kind of veri cation methodology, as are usually out of
the range of the power and expressiveness of classic static analyses.
Current real-time embedded systems development frameworks lack support for the veri -
cation of properties using explicit time where counting time (i.e., durations) may play an
important role in the development process. Temporal logics targeting real-time systems
are traditionally undecidable. Based on a restricted fragment of Metric temporal logic with
durations (MTL-R), we present the proposed synthesis mechanisms 1) for target systems
as runtime monitors and 2) for SMT solvers as a way to get, respectively, a verdict at
runtime and a schedulability problem to be solved before execution. The later is able to
solve partially the schedulability analysis for periodic resource models and xed priority
scheduler algorithms. A domain speci c language is also proposed in order to describe
such schedulability analysis problems in a more high level way.
Finally, we validate both approaches, the rst using empirical scheduling scenarios for unimulti-
processor settings, and the second using the use case of the lightweight autopilot
system Px4/Ardupilot widely used for industrial and entertainment purposes. The former
also shows that certain classes of real-time scheduling problems can be solved, even though
without scaling well. The later shows that for the cases where the former cannot be used,
the proposed synthesis technique for monitors is well applicable in a real world scenario
such as an embedded autopilot
ight stack.A verificação do tempo de execução e uma disciplina emergente que investiga métodos e ferramentas para permitir a verificação de propriedades do programa durante a execução da aplicação. O objetivo é complementar abordagens de analise estática, em particular quando a verificação estática se traduz em explosão de estados. As propriedades não funcionais, como as que estão presentes em sistemas em tempo real, são um alvo ideal para este tipo de metodologia de verificação, como geralmente estão fora do alcance do poder e expressividade das análises estáticas clássicas.
As atuais estruturas de desenvolvimento de sistemas embebidos para tempo real não possuem suporte para a verificação de propriedades usando o tempo explicito onde a contagem de tempo (ou seja, durações) pode desempenhar um papel importante no processo de desenvolvimento. As logicas temporais que visam sistemas de tempo real são tradicionalmente indecidÃveis. Com base num fragmento restrito de MTL-R (metric temporal logic with durations), apresentaremos os mecanismos de sÃntese 1) para sistemas alvo como monitores de tempo de execução e 2) para solvers SMT como forma de obter, respetivamente, um veredicto em tempo de execução e um problema de escalonamento para ser resolvido antes da execução. O ultimo é capaz de resolver parcialmente a analise de escalonamento para modelos de recursos periódicos e ainda para algoritmos de escalonamento de prioridade fixa. Propomos também uma linguagem especifica de domÃnio para descrever esses mesmos problemas de analise de escalonamento de forma mais geral e sucinta.
Finalmente, validamos ambas as abordagens, a primeira usando cenários de escalonamento empÃrico para sistemas uni- multi-processador e a segunda usando o caso de uso do sistema de piloto automático leve Px4/Ardupilot amplamente utilizado para fins industriais e de entretenimento. O primeiro mostra que certas classes de problemas de escalonamento em tempo real podem ser solucionadas, embora não seja escalável. O ultimo mostra que, para os casos em que a primeira opção não possa ser usada, a técnica de sÃntese proposta para monitores aplica-se num cenário real, como uma pilha de voo de um piloto automático embebido.This thesis was partially supported by National Funds through FCT/MEC (Portuguese
Foundation for Science and Technology) and co- nanced by ERDF (European Regional
Development Fund) under the PT2020 Partnership, within the CISTER Research Unit
(CEC/04234); FCOMP-01-0124-FEDER-015006 (VIPCORE) and FCOMP-01-0124-FEDER-
020486 (AVIACC); also by FCT and EU ARTEMIS JU, within project ARTEMIS/0003/2012,
JU grant nr. 333053 (CONCERTO); and by FCT/MEC and the EU ARTEMIS JU within
project ARTEMIS/0001/2013 - JU grant nr. 621429 (EMC2)