35 research outputs found
Quantitative Safety: Linking Proof-Based Verification with Model Checking for Probabilistic Systems
This paper presents a novel approach for augmenting proof-based verification
with performance-style analysis of the kind employed in state-of-the-art model
checking tools for probabilistic systems. Quantitative safety properties
usually specified as probabilistic system invariants and modeled in proof-based
environments are evaluated using bounded model checking techniques.
Our specific contributions include the statement of a theorem that is central
to model checking safety properties of proof-based systems, the establishment
of a procedure; and its full implementation in a prototype system (YAGA) which
readily transforms a probabilistic model specified in a proof-based environment
to its equivalent verifiable PRISM model equipped with reward structures. The
reward structures capture the exact interpretation of the probabilistic
invariants and can reveal succinct information about the model during
experimental investigations. Finally, we demonstrate the novelty of the
technique on a probabilistic library case study
Markovian Testing Equivalence and Exponentially Timed Internal Actions
In the theory of testing for Markovian processes developed so far,
exponentially timed internal actions are not admitted within processes. When
present, these actions cannot be abstracted away, because their execution takes
a nonzero amount of time and hence can be observed. On the other hand, they
must be carefully taken into account, in order not to equate processes that are
distinguishable from a timing viewpoint. In this paper, we recast the
definition of Markovian testing equivalence in the framework of a Markovian
process calculus including exponentially timed internal actions. Then, we show
that the resulting behavioral equivalence is a congruence, has a sound and
complete axiomatization, has a modal logic characterization, and can be decided
in polynomial time
Communicating Processes with Data for Supervisory Coordination
We employ supervisory controllers to safely coordinate high-level
discrete(-event) behavior of distributed components of complex systems.
Supervisory controllers observe discrete-event system behavior, make a decision
on allowed activities, and communicate the control signals to the involved
parties. Models of the supervisory controllers can be automatically synthesized
based on formal models of the system components and a formalization of the safe
coordination (control) requirements. Based on the obtained models, code
generation can be used to implement the supervisory controllers in software, on
a PLC, or an embedded (micro)processor. In this article, we develop a process
theory with data that supports a model-based systems engineering framework for
supervisory coordination. We employ communication to distinguish between the
different flows of information, i.e., observation and supervision, whereas we
employ data to specify the coordination requirements more compactly, and to
increase the expressivity of the framework. To illustrate the framework, we
remodel an industrial case study involving coordination of maintenance
procedures of a printing process of a high-tech Oce printer.Comment: In Proceedings FOCLASA 2012, arXiv:1208.432
Verifying Real-Time Systems using Explicit-time Description Methods
Timed model checking has been extensively researched in recent years. Many
new formalisms with time extensions and tools based on them have been
presented. On the other hand, Explicit-Time Description Methods aim to verify
real-time systems with general untimed model checkers. Lamport presented an
explicit-time description method using a clock-ticking process (Tick) to
simulate the passage of time together with a group of global variables for time
requirements. This paper proposes a new explicit-time description method with
no reliance on global variables. Instead, it uses rendezvous synchronization
steps between the Tick process and each system process to simulate time. This
new method achieves better modularity and facilitates usage of more complex
timing constraints. The two explicit-time description methods are implemented
in DIVINE, a well-known distributed-memory model checker. Preliminary
experiment results show that our new method, with better modularity, is
comparable to Lamport's method with respect to time and memory efficiency
Modelling Clock Synchronization in the Chess gMAC WSN Protocol
We present a detailled timed automata model of the clock synchronization
algorithm that is currently being used in a wireless sensor network (WSN) that
has been developed by the Dutch company Chess. Using the Uppaal model checker,
we establish that in certain cases a static, fully synchronized network may
eventually become unsynchronized if the current algorithm is used, even in a
setting with infinitesimal clock drifts
A Process Algebra for Supervisory Coordination
A supervisory controller controls and coordinates the behavior of different
components of a complex machine by observing their discrete behaviour.
Supervisory control theory studies automated synthesis of controller models,
known as supervisors, based on formal models of the machine components and a
formalization of the requirements. Subsequently, code generation can be used to
implement this supervisor in software, on a PLC, or embedded microprocessor. In
this article, we take a closer look at the control loop that couples the
supervisory controller and the machine. We model both event-based and
state-based observations using process algebra and bisimulation-based
semantics. The main application area of supervisory control that we consider is
coordination, referred to as supervisory coordination, and we give an academic
and an industrial example, discussing the process-theoretic concepts employed.Comment: In Proceedings PACO 2011, arXiv:1108.145
Towards supervisory control of interactive Markov chains : controllability
We propose a model-based systems engineering framework for supervisory control of
stochastic discrete-event systems with unrestricted nondeterminism. We intend to develop
the proposed framework in four phases outlined in this paper. Here, we study
in detail the first step which comprises investigation of the underlying model and development
of a corresponding notion of controllability. The model of choice is termed
Interactive Markov Chains, which is a natural semantic model for stochastic variants of
process calculi and Petri nets, and it requires a process-theoretic treatment of supervisory
control theory. To this end, we define a new behavioral preorder, termed Markovian
partial bisimulation, that captures the notion of controllability while preserving correct
stochastic behavior. We provide a sound and ground-complete axiomatic characterization
of the preorder and, based on it, we define two notion of controllability. The first notion
conforms to the traditional way of reasoning about supervision and control requirements,
whereas in the second proposal we abstract from the stochastic behavior of the system.
For the latter, we intend to separate the concerns regarding synthesis of an optimal supervisor.
The control requirements cater only for controllability, whereas we ensure that
the stochastic behavior of the supervised plant meets the performance specification by
extracting directive optimal supervisors
Performance-model abstraction in a synthesis-centric model-driven systems engineering framework
Supervisory control theory deals with automated synthesis of models of supervisory controllers that coordinate and control discrete-event high-level system behavior. These controllers ensure safe and nonblocking functioning of the system, but there do not exist efficient synthesis procedures for controllers that can ascertain complex liveness and performance guarantees. To this end, the supervised system must be validated to ensure that the desired functionality and performance is preserved. To verify that the supervised system also satisfies the performance requirements, a performance model is derived by abstracting the model of the supervised system. The latter is modeled by stochastic extensions of discrete-events systems with Markovian (exponential) delays. The resulting performance model is a continuous-time Markov chain with state labels. There exist algorithms for extraction of the Markov process, which optimize the number of states of the performance model. We show that this optimization leads to an abstraction that is not always suitable for performance evaluation by stochastic model checking. The abstracted states form paths that are not justifiable in the original system, which may lead to wrong performance metrics. We formalize the relationship between the original stochastic discrete-event and the performance model, and we propose a new abstraction that does not introduce these insupportable properties in the performance model