Modeling and formal verification of probabilistic reconfigurable systems

In this thesis, we propose a new approach for formal modeling and verification of adaptive probabilistic systems. Dynamic reconfigurable systems are the trend of all future technological systems, such as flight control systems, vehicle electronic systems, and manufacturing systems. In order to meet user and environmental requirements, such a dynamic reconfigurable system has to actively adjust its configuration at run-time by modifying its components and connections, while changes are detected in the internal/external execution environment. On the other hand, these changes may violate the memory usage, the required energy and the concerned real-time constraints since the behavior of the system is unpredictable. It might also make the system's functions unavailable for some time and make potential harm to human life or large financial investments. Thus, updating a system with any new configuration requires that the post reconfigurable system fully satisfies the related constraints. We introduce GR-TNCES formalism for the optimal functional and temporal specification of probabilistic reconfigurable systems under resource constraints. It enables the optimal specification of a probabilistic, energetic and memory constraints of such a system. To formally verify the correctness and the safety of such a probabilistic system specification, and the non-violation of its properties, an automatic transformation from GR-TNCES models into PRISM models is introduced. Moreover, a new approach XCTL is also proposed to formally verify reconfigurable systems. It enables the formal certification of uncompleted and reconfigurable systems. A new version of the software ZIZO is also proposed to model, simulate and verify such GR-TNCES model. To prove its relevance, the latter was applied to case studies; it was used to model and simulate the behavior of an IPV4 protocol to prevent the energy and memory resources violation. It was also used to optimize energy consumption of an automotive skid conveyor.In dieser Arbeit wird ein neuer Ansatz zur formalen Modellierung und Verifikation dynamisch rekonfigurierbarer Systeme vorgestellt. Dynamische rekonfigurierbare Systeme sind in vielen aktuellen und zukünftigen Anwendungen, wie beispielsweise Flugsteuerungssystemen, Fahrzeugelektronik und Fertigungssysteme zu finden. Diese Systeme weisen ein probabilistisches, adaptives Verhalten auf. Um die Benutzer- und Umgebungsbedingungen kontinuierlich zu erfüllen, muss ein solches System seine Konfiguration zur Laufzeit aktiv anpassen, indem es seine Komponenten, Verbindungen zwischen Komponenten und seine Daten modifiziert (adaptiv), sobald Änderungen in der internen oder externen Ausführungsumgebung erkannt werden (probabilistisch). Diese Anpassungen dürfen Beschränkungen bei der Speichernutzung, der erforderlichen Energie und bestehende Echtzeitbedingungen nicht verletzen. Eine nicht geprüfte Rekonfiguration könnte dazu führen, dass die Funktionen des Systems für einige Zeit nicht verfügbar wären und potenziell menschliches Leben gefährdet würde oder großer finanzieller Schaden entstünde. Somit erfordert das Aktualisieren eines Systems mit einer neuen Konfiguration, dass das rekonfigurierte System die zugehörigen Beschränkungen vollständig einhält. Um dies zu überprüfen, wird in dieser Arbeit der GR-TNCES-Formalismus, eine Erweiterung von Petrinetzen, für die optimale funktionale und zeitliche Spezifikation probabilistischer rekonfigurierbarer Systeme unter Ressourcenbeschränkungen vorgeschlagen. Die entstehenden Modelle sollen über probabilistische model checking verifiziert werden. Dazu eignet sich die etablierte Software PRISM. Um die Verifikation zu ermöglichen wird in dieser Arbeit ein Verfahren zur Transformation von GR-TNCES-Modellen in PRISM-Modelle beschrieben. Eine neu eingeführte Logik (XCTL) erlaubt zudem die einfache Beschreibung der zu prüfenden Eigenschaften. Die genannten Schritte wurden in einer Softwareumgebung für den automatisierten Entwurf, die Simulation und die formale Verifikation (durch eine automatische Transformation nach PRISM) umgesetzt. Eine Fallstudie zeigt die Anwendung des Verfahren

Supervisory Control Systems: Theory and Industrial Applications

Hybrid control system is an exciting field of research where it contains two distinct types of systems: one with continuous dynamics continuous variable dynamic system and the other with discrete dynamics discrete event dynamic system, that interact with each other. The research in the area of hybrid control can be categorized into two areas: one deals with the conventional control systems, and the other deals with the decision making systems. The former addresses the control functions at the low level (field level). The latter addresses the modeling, analysis, and design at the higher level found in the supervision, coordination and management levels. The study of hybrid systems is central in designing intelligent hybrid control systems with high degree of autonomy and it is essential in designing discrete event supervisory controllers for continuous systems

Analysis of security protocols using finite-state machines

This paper demonstrates a comprehensive analysis method using formal methods such as finite-state machine. First, we describe the modified version of our new protocol and briefly explain the encrypt-then-authenticate mechanism, which is regarded as more a secure mechanism than the one used in our protocol. Then, we use a finite-state verification to study the behaviour of each machine created for each phase of the protocol and examine their behaviour s together. Modelling with finite-state machines shows that the modified protocol can function correctly and behave properly even with invalid input or time delay

Intelligent Colored Token Petri Nets for Modeling, Control, and Validation of Dynamic Changes in Reconfigurable Manufacturing Systems

The invention of reconfigurable manufacturing systems (RMSs) has created a challenging problem: how to quickly and effectively modify an RMS to address dynamic changes in a manufacturing system, such as processing failures and rework, machine breakdowns, addition of new machines, addition of new products, removal of old machines, and changes in processing routes induced by the competitive global market. This paper proposes a new model, the intelligent colored token Petri net (ICTPN), to simulate dynamic changes or reconfigurations of a system. The main idea is that intelligent colored tokens denote part types that represent real-time knowledge about changes and status of a system. Thus, dynamic configurations of a system can be effectively modeled. The developed ICTPN can model dynamic changes of a system in a modular manner, resulting in the development of a very compact model. In addition, when configurations appear, only the changed colored token of the part type from the current model has to be modified. Based on the resultant ICTPN model, deadlock-free, conservative, and reversible behavioral properties, among others, are guaranteed. The developed ICTPN model was tested and validated using the GPenSIM tool and compared with existing methods from the literature.publishedVersio

Software Engineering and Petri Nets

This booklet contains the proceedings of the Workshop on Software Engineering and Petri Nets (SEPN), held on June 26, 2000. The workshop was held in conjunction with the 21st International Conference on Application and Theory of Petri Nets (ICATPN-2000), organised by the CPN group of the Department of Computer Science, University of Aarhus, Denmark. The SEPN workshop papers are available in electronic form via the web page:http://www.daimi.au.dk/pn2000/proceeding

Open and Extensible Business Process Simulator

Äriprotesesside haldamise üheks väga oluliseks osaks on protsesside simuleerimine. Simuleerimine annab hea võimaluse kontrollida protsesside toimimist ning leida muutmist vajavaid kitsaskohti. Käesolevas magistritöös vaatleme olemasolevaid protsesside simuleerimise keskkondi, mida peetakse hetkel selle valdkonna tippudeks (näiteks TIBCO, IBM WebSphere jt), ning uurime nendes esinevaid probleeme seoses funktsionaalsuse ja laiendatavuse puudumisega. Praktiliselt kõikidel uuritud vahenditel oli probleeme keerukama ülesehitusega protsesside simuleerimisel ning puudub võimalus töövahendit äridomeeni spetsiifikast lähtuvalt vajadusel muuta või täiendada. Magistritöö põhiosa on jagatud kaheks. Esimeses osas toome välja protsessielementide teisendused defacto standard modelleerimisnotatsioonist BPMN, madalama taseme modelleerimiselementideks CPN keeles. Teisenduse kasulikkus seisneb selles, et CPN keeles olev protsess on simuleeritav vahendiga CPN Tools, ning konverteerimist on võimalik kohendada vastavalt vajadustele. Näiteks on võimalus lisada ärispetsiifilisi simulatsiooniandmeid või kasutada mittestandardseid tööde jaotamise mustreid. Magistritöö teises osas töötame välja täiesti uue protsesside konverteerimise arhitektuuri, mis on kättesaadav avatud lähtekoodina, ning on kergesti laiendatav. Siinkohal tähendab laiendatavus seda, et välja töötatud arhitektuuri on võimalik kasutada erinevatest modelleerimiskeeltest protsesside konverteerimiseks CPN keelde. Näidisena oleme loonud ka prototüübi, mis on suuteline teisendama enamlevinud BPMN elemente simuleerimisvalmidusega CPN elementideks. Edasiste töödena näeme me võimalust laiendada olemasolevat prototüüpi toetamaks kõiki BPMN elemente ning keerulisi simulatsiooniandmeid. Prototüüpi on võimalik ka edasi arendada simuleerimise veebiteenuseks, mida saaksid edukalt kasutada erinevad modelleerimiskeskkonnad simulatsioonide läbiviimiseks.Existing business process simulation tools suffer from two limitations: (i) they allow one to simulate processes that are designed only in the same tool; and (ii) the simulation engine is built-in and it is not extensible. The aim of this thesis is to move towards overcoming these two limitations. The contribution of the thesis is twofold. First we provide some of the commonly used Business Process Notation (BPMN) mappings to Coloured Petri Net (CPN) modules while considering the need to use these converted models for simulation purposes. This means that the mappings have to be able to handle simulation data and can generate simulation output into log files. Secondly we provide a new process model converter architecture that is open and extensible and it is responsible for generating a ready to simulate CPN models

Supervisory control theory applied to swarm robotics

Currently, the control software of swarm robotics systems is created by ad hoc development. This makes it hard to deploy these systems in real-world scenarios. In particular, it is difficult to maintain, analyse, or verify the systems. Formal methods can contribute to overcome these problems. However, they usually do not guarantee that the implementation matches the specification, because the system’s control code is typically generated manually. Also, there is cultural resistance to apply formal methods; they may be perceived as an additional step that does not add value to the final product. To address these problems, we propose supervisory control theory for the domain of swarm robotics. The advantages of supervisory control theory, and its associated tools, are a reduction in the amount of ad hoc development, the automatic generation of control code from modelled specifications, proofs of properties over generated control code, and the reusability of formally designed controllers between different robotic platforms. These advantages are demonstrated in four case studies using the e-puck and Kilobot robot platforms. Experiments with up to 600 physical robots are reported, which show that supervisory control theory can be used to formally develop state-of-the-art solutions to a range of problems in swarm robotics