805 research outputs found
Recommended from our members
Software integration testing based on communication coverage criteria and partial model generation
This paper considers the problem of integration testing the components of a timed distributed software system. We assume that communication between the components is specified using timed interface automata and use computational tree logic (CTL) to define communication-based coverage criteria that refer to send- and receive-statements and communication paths. The proposed method enables testers to focus during component integration on such parts of the specification, e.g. behaviour specifications or Markovian usage models, that are involved in the communication between components to be integrated. A more specific application area of this approach is the integration of test-models, e.g. a transmission gear can be tested based on separated models for the driver behaviour, the engine condition, and the mechanical and hydraulical transmission states. Given such a state-based specification of a distributed system and a concrete coverage goal, a model checker is used in order to determine the coverage or generate test sequences that achieve the goal. Given the generated test sequences we derive a partial test-model of the components from which the test sequences are derived. The partial model can be used to drive further testing and can also be used as the basis for producing additional partial models in incremental integration testing. While the process of deriving the test sequences could suffer from a combinatorial explosion, the effort required to generate the partial model is polynomial in the number of test sequences and their length. Thus, where it is not feasible to produce test sequences that achieve a given type of coverage it is still possible to produce a partial model on the basis of test sequences generated to achieve some other criterion. As a result, the process of generating a partial model has the potential to scale to large industrial software systems. While a particular model checker, UPPAAL, was used, it should be relatively straightforward to adapt the approach for use with other CTL based model checkers. A potential additional benefit of the approach is that it provides a visual description of the state-based testing of distributed systems, which may be beneficial in other contexts such as education and comprehension
Timed Parity Games: Complexity and Robustness
We consider two-player games played in real time on game structures with
clocks where the objectives of players are described using parity conditions.
The games are \emph{concurrent} in that at each turn, both players
independently propose a time delay and an action, and the action with the
shorter delay is chosen. To prevent a player from winning by blocking time, we
restrict each player to play strategies that ensure that the player cannot be
responsible for causing a zeno run. First, we present an efficient reduction of
these games to \emph{turn-based} (i.e., not concurrent) \emph{finite-state}
(i.e., untimed) parity games. Our reduction improves the best known complexity
for solving timed parity games. Moreover, the rich class of algorithms for
classical parity games can now be applied to timed parity games. The states of
the resulting game are based on clock regions of the original game, and the
state space of the finite game is linear in the size of the region graph.
Second, we consider two restricted classes of strategies for the player that
represents the controller in a real-time synthesis problem, namely,
\emph{limit-robust} and \emph{bounded-robust} winning strategies. Using a
limit-robust winning strategy, the controller cannot choose an exact
real-valued time delay but must allow for some nonzero jitter in each of its
actions. If there is a given lower bound on the jitter, then the strategy is
bounded-robust winning. We show that exact strategies are more powerful than
limit-robust strategies, which are more powerful than bounded-robust winning
strategies for any bound. For both kinds of robust strategies, we present
efficient reductions to standard timed automaton games. These reductions
provide algorithms for the synthesis of robust real-time controllers
How to stop time stopping
Zeno-timelocks constitute a challenge for the formal verification of timed automata: they are difficult to detect, and the verification of most properties (e.g., safety) is only correct for timelock-free models. Some time ago, Tripakis proposed a syntactic check on the structure of timed automata: If a certain condition (called strong non-zenoness) is met by all the loops in a given automaton, then zeno-timelocks are guaranteed not to occur. Checking for strong non-zenoness is efficient, and compositional (if all components in a network of automata are strongly non-zeno, then the network is free from zeno-timelocks). Strong non-zenoness, however, is sufficient-only: There exist non-zeno specifications which are not strongly non-zeno. A TCTL formula is known that represents a sufficient-and-necessary condition for non-zenoness; unfortunately, this formula requires a demanding model-checking algorithm, and not all model-checkers are able to express it. In addition, this algorithm provides only limited diagnostic information. Here we propose a number of alternative solutions. First, we show that the compositional application of strong non-zenoness can be weakened: Some networks can be guaranteed to be free from Zeno-timelocks, even if not every component is strongly non-zeno. Secondly, we present new syntactic, sufficient-only conditions that complement strong non-zenoness. Finally, we describe a sufficient-and-necessary condition that only requires a simple form of reachability analysis. Furthermore, our conditions identify the cause of zeno-timelocks directly on the model, in the form of unsafe loops. We also comment on a tool that we have developed, which implements the syntactic checks on Uppaal models. The tool is also able to derive, from those unsafe loops in a given automaton (in general, an Uppaal model representing a product automaton of a given network), the reachability formulas that characterise the occurrence of zeno-timelocks. A modified version of the CSMA/CD protocol is used as a case-study
Revisiting Robustness in Priced Timed Games
Priced timed games are optimal-cost reachability games played between two
players---the controller and the environment---by moving a token along the
edges of infinite graphs of configurations of priced timed automata. The goal
of the controller is to reach a given set of target locations as cheaply as
possible, while the goal of the environment is the opposite. Priced timed games
are known to be undecidable for timed automata with or more clocks, while
they are known to be decidable for automata with clock.
In an attempt to recover decidability for priced timed games Bouyer, Markey,
and Sankur studied robust priced timed games where the environment has the
power to slightly perturb delays proposed by the controller. Unfortunately,
however, they showed that the natural problem of deciding the existence of
optimal limit-strategy---optimal strategy of the controller where the
perturbations tend to vanish in the limit---is undecidable with or more
clocks. In this paper we revisit this problem and improve our understanding of
the decidability of these games. We show that the limit-strategy problem is
already undecidable for a subclass of robust priced timed games with or
more clocks. On a positive side, we show the decidability of the existence of
almost optimal strategies for the same subclass of one-clock robust priced
timed games by adapting a classical construction by Bouyer at al. for one-clock
priced timed games
Parity Games on Temporal Graphs
Temporal graphs are a popular modelling mechanism for dynamic complex systems
that extend ordinary graphs with discrete time. Simply put, time progresses one
unit per step and the availability of edges can change with time. We consider
the complexity of solving -regular games played on temporal graphs
where the edge availability is ultimately periodic and fixed a priori.
We show that solving parity games on temporal graphs is decidable in PSPACE,
only assuming the edge predicate itself is in PSPACE. A matching lower bound
already holds for what we call punctual reachability games on static graphs,
where one player wants to reach the target at a given, binary encoded, point in
time. We further study syntactic restrictions that imply more efficient
procedures. In particular, if the edge predicate is in and is monotonically
increasing for one player and decreasing for the other, then the complexity of
solving games is only polynomially increased compared to static graphs
TkT: Automatic Inference of Timed and Extended Pushdown Automata
To mitigate the cost of manually producing and maintaining models capturing software specifications, specification mining techniques can be exploited to automatically derive up-to-date models that faithfully represent the behavior of software systems. So far, specification mining solutions focused on extracting information about the functional behavior of the system, especially in the form of models that represent the ordering of the operations. Well-known examples are finite state models capturing the usage protocol of software interfaces and temporal rules specifying relations among system events. Although the functional behavior of a software system is a primary aspect of concern, there are several other non-functional characteristics that must be typically addressed jointly with the functional behavior of a software system. Efficiency is one of the most relevant characteristics. In fact, an application delivering the right functionalities inefficiently has a big chance to not satisfy the expectation of its users. Interestingly, the timing behavior is strongly dependent on the functional behavior of a software system. For instance, the timing of an operation depends on the functional complexity and size of the computation that is performed. Consequently, models that combine the functional and timing behaviors, as well as their dependencies, are extremely important to precisely reason on the behavior of software systems. In this paper, we address the challenge of generating models that capture both the functional and timing behavior of a software system from execution traces. The result is the Timed k-Tail (TkT) specification mining technique, which can mine finite state models that capture such an interplay: the functional behavior is represented by the possible order of the events accepted by the transitions, while the timing behavior is represented through clocks and clock constraints of different nature associated with transitions. Our empirical evaluation with several libraries and applications show that TkT can generate accurate models, capable of supporting the identification of timing anomalies due to overloaded environment and performance faults. Furthermore, our study shows that TkT outperforms state-of-the-art techniques in terms of scalability and accuracy of the mined models
Simple Priced Timed Games Are Not That Simple
Priced timed games are two-player zero-sum games played on priced timed
automata (whose locations and transitions are labeled by weights modeling the
costs of spending time in a state and executing an action, respectively). The
goals of the players are to minimise and maximise the cost to reach a target
location, respectively. We consider priced timed games with one clock and
arbitrary (positive and negative) weights and show that, for an important
subclass of theirs (the so-called simple priced timed games), one can compute,
in exponential time, the optimal values that the players can achieve, with
their associated optimal strategies. As side results, we also show that
one-clock priced timed games are determined and that we can use our result on
simple priced timed games to solve the more general class of so-called
reset-acyclic priced timed games (with arbitrary weights and one-clock)
Recommended from our members
Using formal methods to support testing
Formal methods and testing are two important approaches that assist in the development of high quality software. While traditionally these approaches have been seen as rivals, in recent
years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing
- âŠ