Temporal Logic Control for Stochastic Linear Systems using Abstraction Refinement of Probabilistic Games

We consider the problem of computing the set of initial states of a dynamical system such that there exists a control strategy to ensure that the trajectories satisfy a temporal logic specification with probability 1 (almost-surely). We focus on discrete-time, stochastic linear dynamics and specifications given as formulas of the Generalized Reactivity(1) fragment of Linear Temporal Logic over linear predicates in the states of the system. We propose a solution based on iterative abstraction-refinement, and turn-based 2-player probabilistic games. While the theoretical guarantee of our algorithm after any finite number of iterations is only a partial solution, we show that if our algorithm terminates, then the result is the set of satisfying initial states. Moreover, for any (partial) solution our algorithm synthesizes witness control strategies to ensure almost-sure satisfaction of the temporal logic specification. We demonstrate our approach on an illustrative case study.Comment: Technical report accompanying HSCC'15 pape

ATOM: an object-based formal method for real-time systems

An object based formal method for the development of real-time systems, called ATOM, is presented. The method is an integration of the real-time formal technique TAM (Temporal Agent Model) with an industry-strength structured methodology known as HRT-HOOD. ATOM is a systematic formal approach based on the refinement calculus. Within ATOM, a formal specification (or abstract description statement) contains Interval Temporal Logic (ITL) description of the timing, functional, and communication behavior of the proposed real-time system. This formal specification can be analyzed and then refined into concrete statements through successive applications of sound refinement laws. Both abstract and concrete statements are allowed to freely intermix. The semantics of the concrete statements in ATOM are defined denotationally in specification-oriented style using ITL.Funding received from the UK Engineering and Physical Sciences Research Council (EPSRC) through the Research Grant GR/M/0258

Library-based scalable refinement checking for contract-based design

Given a global specification contract and a system described by a composition of contracts, system verification reduces to checking that the composite contract refines the specification contract, i.e. that any implementation of the composite contract implements the specification contract and is able to operate in any environment admitted by it. Contracts are captured using high-level declarative languages, for example, linear temporal logic (LTL). In this case, refinement checking reduces to an LTL satisfiability checking problem, which can be very expensive to solve for large composite contracts. This paper proposes a scalable refinement checking approach that relies on a library of contracts and local refinement assertions. We propose an algorithm that, given such a library, breaks down the refinement checking problem into multiple successive refinement checks, each of smaller scale. We illustrate the benefits of the approach on an industrial case study of an aircraft electric power system, with up to two orders of magnitude improvement in terms of execution time. © 2014 EDAA

Verification of Complex Real-time Systems using Rewriting Logic

This paper presents a method for model checking dense complex real-time systems. This approach is implemented at the meta level of the Rewriting Logic system Maude. The dense complex real-time system is specified using a syntax which has the semantics of timed automata and the property is specified with the temporal logic TLTL (Timed LTL). The well known timed automata model checkers Kronos and Uppaal only support TCTL model checking (a very limited fragment in the case of Uppaal). Specification of the TLTL property is reduced to LTL and its temporal constraints are captured in a new timed automaton. This timed automaton will be composed with the original timed automaton representing the semantics of the complex real-time system under analysis. Then, the product timed automaton will be abstracted using partition refinement of state space based on strong bi-simulation. The result is an untimed automaton modulo the TLTL property which represents an equivalent finite state system to be model checked using Maude LTL model checking. This approach is successfully tested on industrial designs

Studying and Analysing Transactional Memory Using Interval Temporal Logic and AnaTempura

Transactional memory (TM) is a promising lock-free synchronisation technique which offers a high-level abstract parallel programming model for future chip multiprocessor (CMP) systems. Moreover, it adapts the well-established popular paradigm of transactions and thus provides a general and flexible way to allow programs to read and modify disparate memory locations atomically as a single operation. In this thesis, we propose a general framework for validating a TM design, starting from a formal specification into a hardware implementation, with its underpinning theory and refinement. A methodology in this work starts with a high-level and executable specification model for an abstract TM with verification for various correctness conditions of concurrent transactions. This model is constructed within a flexible transition framework that allows verifying correctness of a TM system with animation. Then, we present a formal executable specification for a chip-dual single-cycle MIPS processor with a cache coherence protocol and integrate the provable TM system. Finally, we transform the dual processors with the TM from a high-level description into a Hardware Description Language (VHDL), using some proposed refinement and restriction rules. Interval Temporal Logic (ITL) and its programming language subset AnaTempura are used to build, execute and test the model, since they together provide a powerful framework supporting logical reasoning about time intervals as well as programming and simulation

Event Systems and Access Control

We consider the interpretations of notions of access control (permissions, interdictions, obligations, and user rights) as run-time properties of information systems specified as event systems with fairness. We give proof rules for verifying that an access control policy is enforced in a system, and consider preservation of access control by refinement of event systems. In particular, refinement of user rights is non-trivial; we propose to combine low-level user rights and system obligations to implement high-level user rights

Transforming timing diagrams into knowledge acquisition in automated specification

Requirements engineering is an important part of developing programs. It is an essential stage of the software development process that defines what a product or system should to achieve. The UML Timing diagram and Knowledge Acquisition in Automated Specification (KAOS) model are requirements engineering techniques. KAOS is a goal-oriented requirements approach while the Timing diagram is a graphical notation used for explaining software timing requirements. KAOS uses linear temporal logic (LTL) to describe time constraints in goal and operation models. Similarly, the Timing diagram can describe some temporal operators such as X (next), U (until) and R (release) over some period of time. Thus, our aim is to use the Timing diagram to generate parts of a KAOS model. In this paper we demonstrate techniques for creating a KAOS goal model from a Timing diagram. The Timing diagram which is used in this paper is adapted from the UML 2.0 Timing diagram and includes features to support translation into KAOS. We use a case study of a Lift system as an example to explain the translation processes described here

A Survey of Languages for Specifying Dynamics: A Knowledge Engineering Perspective

A number of formal specification languages for knowledge-based systems has been developed. Characteristics for knowledge-based systems are a complex knowledge base and an inference engine which uses this knowledge to solve a given problem. Specification languages for knowledge-based systems have to cover both aspects. They have to provide the means to specify a complex and large amount of knowledge and they have to provide the means to specify the dynamic reasoning behavior of a knowledge-based system. We focus on the second aspect. For this purpose, we survey existing approaches for specifying dynamic behavior in related areas of research. In fact, we have taken approaches for the specification of information systems (Language for Conceptual Modeling and TROLL), approaches for the specification of database updates and logic programming (Transaction Logic and Dynamic Database Logic) and the generic specification framework of abstract state machine