VERIFICATION OF N-M SWITCHING CONTROL SYSTEM: A CASE STUDY IN TEMPORAL LOGIC MODEL CHECKING

Abstract Production factories in which stable voltage is critical, e.g., electro-plating factory, require constantly stable voltage to minimize loss by adjusting incoming voltage in real time even if low-quality electricity is supplied from outside. To solve such problem often being raised from the factories located in the area with unstable electricity supply, we designed N-M switching control system and verified its correctness using LTL model checking. Mathematics Subject Classification 2010 : 03B44, 68Q6

On regular temporal logics with past

The IEEE standardized Property Specification Language, PSL for short, extends the well-known linear-time temporal logic LTL with so-called semi-extended regular expressions. PSL and the closely related SystemVerilog Assertions, SVA for short, are increasingly used in many phases of the hardware design cycle, from specification to verification. In this article, we extend the common core of these specification languages with past operators. We name this extension PPSL. Although all ω-regular properties are expressible in PSL, SVA, and PPSL, past operators often allow one to specify properties more naturally and concisely. In fact, we show that PPSL is exponentially more succinct than the cores of PSL and SVA. On the star-free properties, PPSL is double exponentially more succinct than LTL. Furthermore, we present a translation of PPSL into language-equivalent nondeterministic Büchi automata, which is based on novel constructions for 2-way alternating automata. The upper bound on the size of the resulting nondeterministic Büchi automata obtained by our translation is almost the same as the upper bound for the nondeterministic Büchi automata obtained from existing translations for PSL and SVA. Consequently, the satisfiability problem and the model-checking problem for PPSL fall into the same complexity classes as the corresponding problems for PSL and SV

Test model coverage analysis under uncertainty: extended version

In model-based testing, we may have to deal with a non-deterministic model, e.g. because abstraction was applied, or because the software under test itself is non-deterministic. The same test case may then trigger multiple possible execution paths, depending on some internal decisions made by the software. Consequently, performing precise test analyses, e.g. to calculate the test coverage, are not possible. This can be mitigated if developers can annotate the model with estimated probabilities for taking each transition. A probabilistic model checking algorithm can subsequently be used to do simple probabilistic coverage analysis. However, in practice developers often want to know what the achieved aggregate coverage is, which unfortunately cannot be re-expressed as a standard model checking problem. This paper presents an extension to allow efficient calculation of probabilistic aggregate coverage, and also of probabilistic aggregate coverage in combination with k-wise coverage

Volare Mobile Context-aware Adaptation for the Cloud

As the explosive growth in the proliferation and use of mobile devices accelerates, more web service providers move their premises on the Cloud under the Software as a Service (SaaS) service model. Mobile environments present new challenges that Service Discovery methods developed for non-mobile environments cannot address. The requirements a mobile client device will have from internet services may change, even at runtime, due to variable context, which may include hardware resources, environmental variables (like network availability) and user preferences. Binding to a discovered service having QoS levels different from the ones imposed by current context and policy requirements may lead to low application performance, excessive consumption of mobile resources such as battery life and service disruption, especially for long lasting foreground applications like media-streaming, navigation etc. This thesis presents the Volare approach for performing parameter adaptation for service requests to Cloud services, in SaaS architecture. For this purpose, we introduce an adaptive mobile middleware solution that performs context-aware QoS parameter adaptation. When service discovery is initiated, the middleware calculates the optimal service requests QoS levels under the current context, policy requirements and goals and adapts the service request accordingly. At runtime, it can trigger dynamic service rediscovery following significant context changes, to ensure optimal binding. The adaptation logic is built through the characteristics of the declarative domain-specific Volare Adaptation Policy Specification Language (APSL). Key characteristics of this approach include two-level policy support (providing both device specific and application specific adaptation), integration of a User Preferences Model and high behavioral (parameter adaptation) variability, by allowing multiple weighted adaptation rules to influence each QoS variable. The Volare approach supports unanticipated quantitative long term performance goals (LTPGs) with finite horizons. A use case and a proof-of-concept implementation have been developed on cloud service discovery through a cloud service provider, as well as an appropriate case study, which demonstrates significant savings in battery consumption, provider data usage and monetary cost, compared to unadapted QoS service bindings, while consistently avoiding service disruptions caused by QoS levels that the device cannot support. In addition, adaptation policies using the Volare approach tend to increase in size, in a mostly linear fashion, instead of the combinatorial increase of more conventional situation-action approaches

Model checking PSL safety properties

Model checking is a modern, efficient approach to gaining confidence of the correctness of complex systems. It outperforms conventional testing methods especially in cases where a high degree of confidence in the correctness of the system is required, or when the test runs of the system are difficult to reproduce accurately. In model checking the system is verified against a specification that is expressed in a formal specification language. The main challenges are that the process requires quite a lot of training, experience, and computing power. Recent developments in the field of model checking address all of these issues. Safety properties are a subset of formal specifications that are simpler to verify than formal specifications in the general case. Additionally, safety properties can be used to improve conventional testing methods by observing the behaviour of the system at runtime and reporting the detected violations of the safety properties, which are more expressive than the properties used with conventional testing. In model checking, recognising and separately verifying safety properties can give faster verification times than just processing all properties without a specialised algorithm for safety properties. One of the problems related to model checking is creating specifications that are meaningful to both humans and to model checking tools. One specification language that focuses on this problem is the IEEE 1850 standard Property Specification Language (PSL). It is not as widely supported by academic model checking tools as linear temporal logic (LTL) or computation tree logic (CTL), but it has many features that make writing specifications easier for engineers. This work describes a method for verifying PSL safety properties by converting them to transducers, a variant of symbolic finite automata. The semantics in the most current proposal for the revised PSL standard is reviewed, and additional operators are introduced for formula rewriting. The main contributions of this work are the PSL translation and its proof of correctness with respect to the presented semantics, and a prototype implementation of an algorithm for model checking PSL safety properties. The implementation is built on top of the NuSMV model checker, a modern, open-source tool that previously had little support for PSL. Experiment results are presented to show the feasibility of the implemented approach

Synthèse automatique de circuits numériques à partir de spécifications temporelles

The work presented in this thesis aims at automatically prototype communication and control designs from declarative temporal specifications. From a set of PSL properties, we produce a synthesizable RTL design automatically. The proposed method is modular, in contrast to previously published methods that were based on automata theory. From each property, we produce a component that observes some operands and generates waveforms for the other operands: the reactant. First, a library of primitive reactants has been provided for FL and SERE operators. To this goal, a dependency relation is defined for each operator that expresses the dependency among its operands using the operator's semantics. Then, the dependency relation of each operator is interpreted as a hardware component that implements the operator: the operator's primitive reactant. Using this formalization, a method is proposed to automatically decide which signals of a property are observed and which are generated. In the cases when specifying the signal direction is not possible, a solver is implemented to identify the signal value. In addition, the way of identifying the value of the signal that is generated in several properties is addressed. The final circuit is the interconnection of the properties' reactants and solvers. A prototype tool SyntHorus2, which is an extension to HORUS, has been developed. It takes PSL properties as its inputs, and generates the synthesizable VHDL code of the circuit. In addition, it generates some complementary properties to verify if the set of specification is coherent and complete. The method is efficient, and synthesizes control circuits in a few seconds. Results obtained on classical benchmarks show that our technique compiles properties more efficiently than previous prototype tools.Les travaux présentés dans cette thèse visent à produire automatiquement des prototypes de circuits de communication et de contrôle à partir de spécifications temporelles déclaratives. Partant d'un ensemble de propriétés écrites en langage PSL, nous produisons un modèle RTL synthétisable automatiquement. La méthode proposée est modulaire, contrairement aux méthodes publiées antérieurement qui étaient fondées sur la théorie des automates. Pour chaque propriété, nous produisons un composant qui observe certains opérandes et génère des chronogrammes pour les autres opérandes : le module réactif. Tout d'abord, une bibliothèque des modules réactifs primitifs a été développée pour les opérateurs FL et SERE. Pour ce faire, une relation de dépendance a été définie pour chaque opérateur : fondée sur la sémantique de l'opérateur, elle exprime la dépendance entre ses opérandes. Ensuite, la relation de dépendance de chaque opérateur est interprétée comme un composant matériel qui met en œuvre l'opérateur : c'est le module réactif primitif de l'opérateur. À l'aide de cette formalisation, nous proposons une méthode pour déterminer automatiquement quels signaux d'une propriété sont observés et lesquels sont générés. Dans le cas où il n'est pas possible de déterminer le sens du signal, un solveur est ajouté pour identifier la valeur du signal. Le solveur sert aussi à déterminer la valeur d'un signal généré par plusieurs propriétés. Le circuit final est l'interconnexion des modules réactifs et des solveurs pour l'ensemble des propriétés. Un outil prototype, SyntHorus2, qui est une extension d'HORUS, a été mis développé. Il prend les propriétés PSL comme entrées et génère le code VHDL synthétisable du circuit. En outre, il génère des propriétés complémentaires pour vérifier si l'ensemble des spécifications est cohérent et complet. La méthode est efficace et synthétise des circuits de commande en quelques secondes. Les résultats que nous avons obtenus sur des jeux d'essais classiques montrent que notre technique compile les propriétés plus efficacement que les outils prototypes qui l'ont précédée

The Sinhalese Buddhist Diaspora in the United Kingdom: Negotiating Sinhalese Identity

Sinhalese Buddhist people have been living in the United Kingdom for a period spanning over three generations. They have grown in number rapidly over the last five decades and have organized themselves as a distinctive community. This community has never been subjected to a formal study with regard to their diasporic experience, identity negotiations, Buddhist orientation and homeland relations. This research is aimed at filling this gap of knowledge about the Sinhalese Buddhist diaspora in the United Kingdom and their homeland relations. Firstly, this research is underpinned by a literature review of sources on Sinhala Buddhist history and civilization in Sri Lanka and the Sinhalese presence in the United Kingdom in order to set the background for this research. The review of literature revealed a rich history of Sinhalese Buddhist civilization in Sri Lanka. The written history of the Sinhalese in Sri Lanka and the mythology provide a perspective of the importance given by the Lord Buddha to the Sinhalese nation and Sri Lanka as the guardian of his pure Theravada Buddhist doctrine. The research also includes a review of discourses on diasporic theory to identify attributes or common features of diaspora in order to fully appreciate the diasporic qualities of the Sinhalese community in the UK. This has formed the basis of the empirical research in the UK, which considered Sinhala Buddhist mythology and heritage in Sri Lanka as a variable in their diasporic identity and homeland relations whilst residing in the UK. The researcher himself is a member of the Sinhala Buddhist diasporic community in the United Kingdom. Therefore, this research has utilised ethnographically-informed qualitative research methods to provide a descriptive analysis of the lived experience, identity negotiations and homeland relations of the Sinhala Buddhist community in the United Kingdom. The findings are presented via grounded thematic analysis and represent several facets of the Sinhala Buddhist lifestyle. They support the existence of a well-established, functional first generation of Sinhala Buddhist diasporic community in the United Kingdom, whose members are dynamically involved in their identity maintenance in the host land while developing relentless relationships with their homeland

A methodology for the requirements analysis of critical real-time systems

PhD ThesisThis thesis describes a methodology for the requirements analysis of critical real-time systems. The methodology is based on formal methods, and provides a systematic way in which requirements can be analysed and specifications produced. The proposed methodology consists of a framework with distinct phases of analysis, a set oftechniques appropriate for the issues to be analysed at each phase of the framework, a hierarchical structure of the specifications obtained from the process of analysis, and techniques to perform quality assessment of the specifications. The phases of the framework, which are abstraction levels for the analysis of the requirements, follow directly from a general structure adopted for critical real-time systems. The intention is to define abstraction levels, or domains, in which the analysis of requirements can be performed in terms of specific properties of the system, thus reducing the inherent complexity of the analysis. Depending on the issues to be analysed in each domain, the choice of the appropriate formalism is determined by the set of features, related to that domain, that a formalism should possess. In this work, instead of proposing new formalisms we concentrate on identifying and enumerating those features that a formalism should have. The specifications produced at each phase of the framework are organised by means of a specification hierarchy, which facilitates our assessment of the quality of the requirements specifications, and their traceability. Such an assessment should be performed by qualitative and quantitative means in order to obtain high confidence (assurance) that the level of safety is acceptable. In order to exemplify the proposed methodology for the requirements analysis of critical real-time systems we discuss a case study based on a crossing of two rail tracks (in a model railway), which raises safety issues that are similar to those found at a traditional level crossing (i.e. rail-road)CAPES/Ministry of Education (Brazil