A Model for Probabilistic Reasoning on Assume/Guarantee Contracts

In this paper, we present a probabilistic adaptation of an Assume/Guarantee contract formalism. For the sake of generality, we assume that the extended state machines used in the contracts and implementations define sets of runs on a given set of variables, that compose by intersection over the common variables. In order to enable probabilistic reasoning, we consider that the contracts dictate how certain input variables will behave, being either non-deterministic, or probabilistic; the introduction of probabilistic variables leading us to tune the notions of implementation, refinement and composition. As shown in the report, this probabilistic adaptation of the Assume/Guarantee contract theory preserves compositionality and therefore allows modular reliability analysis, either with a top-down or a bottom-up approach

Preface Volume 65, Issue 7

AbstractThis volume contains the Proceedings of the International Workshop Validation and Implementation of Scenario-based Specifications (VISS'2002) that was held as satellite event of the 5th European Joint Conferences on Theory and Practice of Software (ETAPS'2002) in Grenoble, France, April 7th, 2002.There is a strong need within systems engineering and software development to improve software design by applying general and flexible tools. Formal tools for describing systems are required for increasing the efficiency of the design process through automated error analysis, integration of specifications into existing tools, and automatical generation of intermediate descriptions.Graphical specification formalisms exhibit an increasing popularity in software development for industrial applications. The prototype of scenario-based, graphical languages is the ITU standardized notation of message sequence charts (MSC). Used for capturing early system requirements, MSCs are particularly suited for designing and validating distributed, reactive systems, in particular telecommunication protocols.The aim of the workshop is to gather a larger community of researchers interested in scenario-based notations for designing distributed systems and to outline new trends and problems in the field.The papers in this volume were reviewed by members of the programme committee: •Benoît Caillaud (IRISA, Rennes) co-chair•Kousha Etessami (Bell Labs, NJ)•Loïc Hélouët (FT R&D, Lannion)•Ferhat Khendek (Concordia, Montréal)•Ingolf Krüger (TUM, Munich)•Anca Muscholl (LIAFA, Paris) chair•Madhavan Mukund (Chennai Math. Inst., Chennai)•Doron Peled (Bell Labs, NJ)•Daniel Vincent (FT R&D, Lannion)We are very grateful to Manfred Broy (TU Munich) and Doron Peled (Texas at Austin) for their enlightening surveys. We also acknowledge the very efficient organization provided by the ETAPS'2002 local committee, in particular the assistance of Susanne Graf. Thanks are also due to IRISA/INRIA at Rennes, France, which has supplied the financial support.May 15th, 2002 Benoît Caillaud and Anca Muschol

Semantics of multi-mode DAE systems

Deliverable D.4.1.1 of the ITEA2 Modrio collaborative projectHybrid systems modelers exhibit a number of difficulties related to the mix of continuous and discrete dynamics and sensitivity to the discretization scheme. Modular modeling, where subsystems models can be simply assembled with no rework, calls for using Differential Algebraic Equations (DAE). In turn, DAE are strictly more difficult than ODE. They require sophisticated pre-processing using various notions of index before they can be submitted to a solver. In this report we study some fundamental issues raised by the modeling and simulation of hybrid systems involving DAEs. The objective of this work is to serve for the evolution and the design of future releases of the Modelica language for such systems. We focus on the following questions: * What is the proper notion of index for a hybrid DAE system? * What are the primitive statements needed for a DAE hybrid systems modeler? The differentiation index for DAE explicitly relies on everything being differentiable. Therefore, generalizations to hybrid systems must be done with caution. We propose relying on non-standard analysis for this. Non-standard analysis formalizes differential equations as discrete step transition systems with infinitesimal time basis. We can thus bring hybrid DAE systems to their nonstandard form, where the notion of difference index can be firmly used. From this study, general hints for future releases of Modelica can be drawn

On the Regularization of Chattering Executions in Real Time Simulation of Hybrid Systems

International audienceIn this paper we present a new method to perform the higher order sliding modes analysis of trajectories of hybrid systems with chattering behavior. This method improves our previous work [AC15] as it modifies numerical simulation algorithms to make them compute the higher order terms of the normal unit vectors of the systems dynamics whenever the first order sliding mode theory cannot be applied. Such modification does not affect the generality of our previous contribution in [AC15]. Our algorithm is general enough to handle both chattering on a single (n−1) switching manifold (i.e. chattering between two dynamics) as well as chattering on the intersection of finitely many intersected (n−1) switching manifolds. In this last case, we show by a special hierarchical application of convex combinations, that unique solutions can be found in general cases when the switching function takes the form of finitely many intersecting manifolds so that an efficient numerical treatment of the sliding motion constrained on the entire discontinuity region (including the switching intersection) is guaranteed. Illustrations of the techniques developed in this article are given on representative examples

A Reduced Index Mode-Independent Structure Model Transformation for Multimode Modelica Models

International audienceSince its 3.3 release, Modelica offers the possibility to specify models of dynamical systems with multiple modes having different DAE-based dynamics. However, the handling of such models by the current Modelica tools is not satisfactory, with mathematically sound models yielding exceptions at runtime. In this article, we propose a systematic way of rewriting a multimode Modelica model, based on the results of an already implemented multimode structural analysis. The rewritten Modelica model is guaranteed to be correctly compiled by state-of-the-art Modelica tools. Simulation results are presented on a simple, yet meaningful, physical system whose original Modelica model is not correctly handled by state-of-the-art Modelica tools

Analyse Structurelle Exacte de Modèles Modelica Multimodes: Vers la Génération de Codes de Simulation Corrects

Since its 3.3 release, Modelica offers the possibility to specify models of dynamical systems with multiple modes having different DAE-based dynamics. However, the handling of such models by the current Modelica tools is not satisfactory, with mathematically sound models yielding exceptions at runtime.In this report, we illustrate this behavior on several small-sized examples, shedding light on the shortcomings of the approximate structural analysis implemented in current Modelica tools. To address part of these issues, we propose a systematic transformation process for multimode Modelica models, based on the results of an already implemented multimode structural analysis, that guarantees that the output Modelica model is correctly compiled by state-of-the-art Modelica tools.Still, this transformation is limited to models that do not exhibit impulsive behaviors at mode changes: the remaining issues illustrated by our introductory examples can only be solved by a structural analysis of mode changes, coupled with a specific handling of impulsive variables. We address these points in this report by proposing, first, a structural analysis method able to handle modes and mode changes in a unified framework, and second, a compile-time identification and characterization of impulsive variables. Implementations of both methods, based on efficient symbolic representations and algorithms, are in the works.Le langage Modelica permet de définir des modèles de systèmes dynamiques possédant plusieurs modes ayant chacun une dynamique spécifiée par un système de DAE différent. Le traitement de tels modèles par les outils Modelica de référence actuels n’est pas satisfaisant, des exceptions survenant à la simulation pour des modèles physiquement corrects.Dans ce rapport, nous illustrons cette problématique sur plusieurs modèles de petite taille. Nous explicitons les deux raisons-clé de la mauvaise prise en charge de ces modèles par les outils Modelica, qui sont l’utilisation d’une analyse structurelle approchée et le manque d’un traitement spécifique des changements de mode.En réponse à ces difficultés, nous proposons, d’une part, une technique de réécriture source à source de modèles Modelica qui assure leur simulation correcte par les outils Modelica actuels, et, d’autre part, une extension de l’analyse structurelle aux changements de mode, doublée d’une analyse à la compilation des éventuels comportements impulsifs d’un modèle. La mise en œuvre efficace de ces méthodes est en cours, grâce à l’utilisation de représentation symboliques issues de la vérification formelle

Compile-Time Impulse Analysis in Modelica

International audienceSince its 3.3 release, Modelica offers the possibility to specify models of dynamical systems with multiple modes having different DAE-based dynamics. However, the handling of mode changes by the current Modelica tools is not satisfactory. An important difficulty is the occurrence of impulsive behavior at some mode changes, for some variables. In this paper, we propose a compile-time algorithm for identifying such impulsive behaviors and quantifying them in terms of their magnitude orders. Such algorithm can be used as an additional step of the structural analysis of Modelica models

A Few Considerations on Structural and Logical Composition in Specification Theories

Over the last 20 years a large number of automata-based specification theories have been proposed for modeling of discrete,real-time and probabilistic systems. We have observed a lot of shared algebraic structure between these formalisms. In this short abstract, we collect results of our work in progress on describing and systematizing the algebraic assumptions in specification theories.Comment: In Proceedings FIT 2010, arXiv:1101.426

Contracts for Abstract Processes in Service Composition

Contracts are a well-established approach for describing and analyzing behavioral aspects of web service compositions. The theory of contracts comes equipped with a notion of compatibility between clients and servers that ensures that every possible interaction between compatible clients and servers will complete successfully. It is generally agreed that real applications often require the ability of exposing just partial descriptions of their behaviors, which are usually known as abstract processes. We propose a formal characterization of abstraction as an extension of the usual symbolic bisimulation and we recover the notion of abstraction in the context of contracts.Comment: In Proceedings FIT 2010, arXiv:1101.426

Contracts for Systems Design: Theory

Aircrafts, trains, cars, plants, distributed telecommunication military or health care systems,and more, involve systems design as a critical step. Complexity has caused system design times and coststo go severely over budget so as to threaten the health of entire industrial sectors. Heuristic methods andstandard practices do not seem to scale with complexity so that novel design methods and tools based on astrong theoretical foundation are sorely needed. Model-based design as well as other methodologies suchas layered and compositional design have been used recently but a unified intellectual framework with acomplete design flow supported by formal tools is still lacking.Recently an “orthogonal” approach has been proposed that can be applied to all methodologies introducedthus far to provide a rigorous scaffolding for verification, analysis and abstraction/refinement: contractbaseddesign. Several results have been obtained in this domain but a unified treatment of the topic that canhelp in putting contract-based design in perspective is missing. This paper intends to provide such treatmentwhere contracts are precisely defined and characterized so that they can be used in design methodologiessuch as the ones mentioned above with no ambiguity. In addition, the paper provides an important linkbetween interface and contract theories to show similarities and correspondences.This paper is complemented by a companion paper where contract based design is illustrated throughuse cases