61,602 research outputs found
Runtime Verification Based on Executable Models: On-the-Fly Matching of Timed Traces
Runtime verification is checking whether a system execution satisfies or
violates a given correctness property. A procedure that automatically, and
typically on the fly, verifies conformance of the system's behavior to the
specified property is called a monitor. Nowadays, a variety of formalisms are
used to express properties on observed behavior of computer systems, and a lot
of methods have been proposed to construct monitors. However, it is a frequent
situation when advanced formalisms and methods are not needed, because an
executable model of the system is available. The original purpose and structure
of the model are out of importance; rather what is required is that the system
and its model have similar sets of interfaces. In this case, monitoring is
carried out as follows. Two "black boxes", the system and its reference model,
are executed in parallel and stimulated with the same input sequences; the
monitor dynamically captures their output traces and tries to match them. The
main problem is that a model is usually more abstract than the real system,
both in terms of functionality and timing. Therefore, trace-to-trace matching
is not straightforward and allows the system to produce events in different
order or even miss some of them. The paper studies on-the-fly conformance
relations for timed systems (i.e., systems whose inputs and outputs are
distributed along the time axis). It also suggests a practice-oriented
methodology for creating and configuring monitors for timed systems based on
executable models. The methodology has been successfully applied to a number of
industrial projects of simulation-based hardware verification.Comment: In Proceedings MBT 2013, arXiv:1303.037
Cyber-Virtual Systems: Simulation, Validation & Visualization
We describe our ongoing work and view on simulation, validation and
visualization of cyber-physical systems in industrial automation during
development, operation and maintenance. System models may represent an existing
physical part - for example an existing robot installation - and a software
simulated part - for example a possible future extension. We call such systems
cyber-virtual systems.
In this paper, we present the existing VITELab infrastructure for
visualization tasks in industrial automation. The new methodology for
simulation and validation motivated in this paper integrates this
infrastructure. We are targeting scenarios, where industrial sites which may be
in remote locations are modeled and visualized from different sites anywhere in
the world.
Complementing the visualization work, here, we are also concentrating on
software modeling challenges related to cyber-virtual systems and simulation,
testing, validation and verification techniques for them. Software models of
industrial sites require behavioural models of the components of the industrial
sites such as models for tools, robots, workpieces and other machinery as well
as communication and sensor facilities. Furthermore, collaboration between
sites is an important goal of our work.Comment: Preprint, 9th International Conference on Evaluation of Novel
Approaches to Software Engineering (ENASE 2014
Virtual Communication Stack: Towards Building Integrated Simulator of Mobile Ad Hoc Network-based Infrastructure for Disaster Response Scenarios
Responses to disastrous events are a challenging problem, because of possible
damages on communication infrastructures. For instance, after a natural
disaster, infrastructures might be entirely destroyed. Different network
paradigms were proposed in the literature in order to deploy adhoc network, and
allow dealing with the lack of communications. However, all these solutions
focus only on the performance of the network itself, without taking into
account the specificities and heterogeneity of the components which use it.
This comes from the difficulty to integrate models with different levels of
abstraction. Consequently, verification and validation of adhoc protocols
cannot guarantee that the different systems will work as expected in
operational conditions. However, the DEVS theory provides some mechanisms to
allow integration of models with different natures. This paper proposes an
integrated simulation architecture based on DEVS which improves the accuracy of
ad hoc infrastructure simulators in the case of disaster response scenarios.Comment: Preprint. Unpublishe
Modelling and Refinement in CODA
This paper provides an overview of the CODA framework for modelling and
refinement of component-based embedded systems. CODA is an extension of Event-B
and UML-B and is supported by a plug-in for the Rodin toolset. CODA augments
Event-B with constructs for component-based modelling including components,
communications ports, port connectors, timed communications and timing
triggers. Component behaviour is specified through a combination of UML-B state
machines and Event-B. CODA communications and timing are given an Event-B
semantics through translation rules. Refinement is based on Event-B refinement
and allows layered construction of CODA models in a consistent way.Comment: In Proceedings Refine 2013, arXiv:1305.563
Formal Verification of a MESI-based Cache Implementation
Cache coherency is crucial to multi-core systems with a shared memory programming model. Coherency protocols have been formally verified at the architectural level with relative ease. However, several subtle issues creep into the hardware realization of cache in a multi-processor environment. The assumption, made in the abstract model, that state transitions are atomic, is invalid for the HDL implementation. Each transition is composed of many concurrent multi-core operations. As a result, even with a blocking bus, several transient states come into existence. Most modern processors optimize communication with a split-transaction bus, this results in further transient states and race conditions. Therefore, the design and verification of cache coherency is increasingly complex and challenging.
Simulation techniques are insufficient to ensure memory consistency and the absence of deadlock, livelock, and starvation. At best, it is tediously complex and time consuming to reach confidence in functionality with simulation. Formal methods are ideally suited to identify the numerous race conditions and subtle failures. In this study, we perform formal property verification on the RTL of a multi-core level-1 cache design based on snooping MESI protocol. We demonstrate full-proof verification of the coherence module in JasperGold using complexity reduction techniques through parameterization. We verify that the assumptions needed to constrain inputs of the stand-alone cache coherence module are satisfied as valid assertions in the instantiation environment. We compare results obtained from formal property verification against a state-of-the-art UVM environment. We highlight the benefits of a synergistic collaboration between simulation and formal techniques. We present formal analysis as a generic toolkit with numerous usage models in the digital design process
On minimising the maximum expected verification time
Cyber Physical Systems (CPSs) consist of hardware and software components. To verify that the whole (i.e., software + hardware) system meets the given specifications, exhaustive simulation-based approaches (Hardware In the Loop Simulation, HILS) can be effectively used by first generating all relevant simulation scenarios (i.e., sequences of disturbances) and then actually simulating all of them (verification phase). When considering the whole verification activity, we see that the above mentioned verification phase is repeated until no error is found. Accordingly, in order to minimise the time taken by the whole verification activity, in each verification phase we should, ideally, start by simulating scenarios witnessing errors (counterexamples). Of course, to know beforehand the set of such scenarios is not feasible. In this paper we show how to select scenarios so as to minimise the Worst Case Expected Verification Tim
Anytime system level verification via parallel random exhaustive hardware in the loop simulation
System level verification of cyber-physical systems has the goal of verifying that the whole (i.e., software + hardware) system meets the given specifications. Model checkers for hybrid systems cannot handle system level verification of actual systems. Thus, Hardware In the Loop Simulation (HILS) is currently the main workhorse for system level verification. By using model checking driven exhaustive HILS, System Level Formal Verification (SLFV) can be effectively carried out for actual systems.
We present a parallel random exhaustive HILS based model checker for hybrid systems that, by simulating all operational scenarios exactly once in a uniform random order, is able to provide, at any time during the verification process, an upper bound to the probability that the System Under Verification exhibits an error in a yet-to-be-simulated scenario (Omission Probability).
We show effectiveness of the proposed approach by presenting experimental results on SLFV of the Inverted Pendulum on a Cart and the Fuel Control System examples in the Simulink distribution. To the best of our knowledge, no previously published model checker can exhaustively verify hybrid systems of such a size and provide at any time an upper bound to the Omission Probability
- …