P.R. D'Argenio, J-P. Katoen, T. Ruys, and J. Tretmans. Modeling and Verifying a Bounded Retransmission Protocol. In [5], pages 114--128.  Home/Search   Document Not in Database   Summary   Related Articles   Check

.... from l i can synchronize on an urgent channel then E i = D i free(a i ; border(a i ; E i 1 ) Otherwise, E i = D i free(a i ; border(a i ; E i 1 # I(l i 1 ) A Examples 22 A Examples The case studies and examples where Uppaal has been applied includes: a Bounded Retransmission Protocol [8], a Box Sorter Unit [14] two version of Philips AudioControl Protocol [7, 16, 5] several versions of Fischers Protocol [2, 15] a Steam Generator [3] a Train Gate Controller [10] a Manufacturing Plant [9] a Mine Pump Controller [13] and a Water Tank [19] In [8] Uppaal was applied to ....

.... Bounded Retransmission Protocol [8] a Box Sorter Unit [14] two version of Philips AudioControl Protocol [7, 16, 5] several versions of Fischers Protocol [2, 15] a Steam Generator [3] a Train Gate Controller [10] a Manufacturing Plant [9] a Mine Pump Controller [13] and a Water Tank [19] In [8] Uppaal was applied to investigate to what extent real time aspects are important to guarantee the correctness of a bounded retransmission protocol. The protocol, which is based on the alternating bit protocol, is used to transfer files over lossy communication channels. When transmission faults ....

P.R. D'Argenio, J.-P., Katoen, T. Ruys, and J. Tretmans. Modeling and Verifying a Bounded Retransmission Protocol. In Proc. of COST 247, International Workshop on Applied Formal Methods in System Design, 1996. Also available as Technical Report CTIT 96-22, University of Twente, July 1996.

....error was not found using conventional testing methods. Using Uppaal, an error trace is automatically produced which revealed the error, furthermore, a correction is suggested and automatically proved using Uppaal. D Argenio et al. applied Uppaal to the bounded retransmission protocol protocol [3, 4]. The protocol was proposed and studied at COST 247, International Workshop on Applied Formal Methods in System Design. It is based on the alternating bit protocol, but allows for a bounded number of retransmissions, as it is intended for use over lossy communication channels. It is reported that ....

P.R. D'Argenio, J.-P., Katoen, T. Ruys, and J. Tretmans. Modeling and Verifying a Bounded Retransmission Protocol. In Proc. of COST 247, International Workshop on Applied Formal Methods in System Design, 1996. Also available as Technical Report CTIT 96-22, University of Twente, July 1996.

....known examples are the steam generator, the train gate controller, the manufacturing plant, and the mine pump controller. Real Time Communication Protocols: Uppaal has been mainly applied to model and verify protocols where correct timing is critical, including the Bounded Retransmission Protocol [5], the Collision Avoidance Protocol [8] and the Audio Control Protocol designed by Philips [12, 2] In terms of complexity, Philips Audio Control Protocol with bus collision is the most comprehensive case study so far where Uppaal has been applied. The protocol was developed by Philips to exchange ....

P.R. D'Argenio, J.-P., Katoen, T. Ruys, and J. Tretmans. Modeling and Verifying a Bounded Retransmission Protocol. In Proc. of COST 247, International Workshop on Applied Formal Methods in System Design, 1996. Also available as Technical Report CTIT 96-22, University of Twente, July 1996.

....election algorithm illustrated in Fig. 1, nonstan3. The Spin model checker software can be retrieved by anonymous ftp from directory netlib s;in on host netlib.bell labs.com. dard mutual exclusion algorithms [37] communications network design problems [65] or protocol design problems [2] [3], 22] 23] 7] 16] 36] 51] In the course of the work on SPIN, we have also constructed verification models for, e.g. the Cambridge ring protocol [56] and the IEEE logical link control protocol LLC 802.2 [52] Others constructed fragments of larger protocol applications such as XTP [70] ....

P.R. D'Argenio, J.P. Katoen, T. Ruys, and J. Tretmans, "Modeling and Verifying a Bounded Retransmission Protocol," Proc. COST 247 Int'l Workshop Applied Formal Methods in System Design, Maribor, Slovenia, June 1996.

....[1] Verification is the process of checking whether a design satisfies some properties. In order to formally verify a design, the model and the required properties must be formally described. The bounded retransmission protocol (BRP) has been introduced by Philips Research Laboratory (e.g. [4, 6]) The BRP is based on the well known alternating bit protocol, but it is more complicated due to a bounded number of retransmissions and real time aspects. We modelled and verified it with VIS. VIS (Verification Interacting with Synthesis) is a powerful BDD based tool for verification, synthesis, ....

....synchronous communication. The model itself has to assure that signals are not being lost. We modelled all signals except indications with wires, which could have a value YES or NO. A signal is present if the value is set to YES. 3. 1 The BRP model Our model of the BRP is similar to that from [4]. The model is composed of 6 different modules (Figure 1) timer, channel, producer, sender, consumer, and receiver. Timer has two input wires (StartT imer, StopTimer) an output wire (T imeOut) and a register. When timer is running, its register is incremented by one in every cycle. Signal ....

[Article contains additional citation context not shown here]

P. R. D'Argenio, J.P. Katoen, T. Ruys, and J. Tretmans. Modeling and Verifying a Bounded Retransmission Protocol. In [1], pages 114--127.

....Uppaal. Bounded Retransmission Protocol: The protocol is proposed and studied at COST 247, International Workshop on Applied Formal Methods in System Design. It is based on the alternating bit protocol over a lossy communication channel, but allows for a bounded number of retransmissions. In [13, 14], it is reported that a number of properties of the protocol is automatically checked with Uppaal. In particular, it is shown that the correctness of the protocol is dependent on correctly chosen time out values. Collision Avoidance Protocol: The protocol in [20] is implemented on top of an ....

P.R. D'Argenio, J.-P., Katoen, T. Ruys, and J. Tretmans. Modeling and Verifying a Bounded Retransmission Protocol. In Proc. of COST 247, International Workshop on Applied Formal Methods in System Design, 1996. Also available as Technical Report CTIT 96-22, University of Twente, July 1996.

....to behaviours which allow the progress of time, a notion which also corresponds to realisable behaviours. An example of a real time system which could be subject to these techniques is the bounded retransmission protocol, which is modelled as a network of purely nondeterministic timed automata in [9]. Each communication channel is represented as a timed automaton which features a nondeterministic choice over two edges, one of which corresponds to the correct transmission of the message, the other to the message s loss. Using our framework, the relative likelihood of such a loss occurring ....

P. D'Argenio, J.-P. Katoen, T. Ruys, and J. Tretmans. Modeling and verifying a bounded retransmission protocol. In Z. Brezocnik and T. Kapus, editors, Proc. of COST 247 International Workshop on Applied Formal Methods in System Design, Maribor, Slovenia, Technical Report. University of Maribor, 1996.

....compare the relevance of the modeling assumptions made by others we check, using Spin, the correctness of our protocol description when omitting the timing aspects. Due to the recent improvements of Uppaal this paper contains substantially more complete verifications than reported earlier by us [6]. In particular, we could obtain tight constraints on the timing aspects of the BRP. The full report of this work appeared in [7] 2 Service specification Rout Sout S in i s l : hd 1 ; dn i e : h(e 1 ; i 1 ) e k ; i k )i Schematic view of the FTS. Signatures of the input and ....

P.R. D'Argenio, J-P. Katoen, T. Ruys, and J. Tretmans. Modeling and Verifying a Bounded Retransmission Protocol. In [5], pages 114--128.

....compare the relevance of the modeling assumptions made by others we check, using Spin, the correctness of our protocol description when omitting the timing aspects. Due to the recent improvements of Uppaal this paper contains substantially more complete verifications than reported earlier by us [6]. In particular, we could obtain tight constraints on the timing aspects of the BRP. The full report of this work appeared in [7] 2 Service specification Rout Sout S in i s l : hd 1 ; dn i e : h(e 1 ; i 1 ) e k ; i k )i Schematic view of the FTS. Signatures of the input and ....

P.R. D'Argenio, J-P. Katoen, T. Ruys, and J. Tretmans. Modeling and Verifying a Bounded Retransmission Protocol. In [5], pages 114--128.

....compare the relevance of the modeling assumptions made by others we check, using Spin, the correctness of our protocol description when omitting the timing aspects. Due to the recent improvements of Uppaal this paper contains substantially more complete verifications than reported earlier by us [7]. In particular, we could obtain tight constraints on the timing aspects of the BRP under which it conforms to the FTS. 2 The file transfer service 2.1 Informal description As for many transmission protocols, the service delivered by the BRP behaves like a buffer, i.e. it reads data from one ....

....in transit at the same time. This property is of interest, since it allows one to verify the protocol more efficiently by changing the process K jj L, where jj denotes independent parallelism, into process Lines (see Figure 6) which is a smaller process with one location and one clock less. In [7] we performed this in order to reduce the memory consumption of a previous version of Uppaal. This trick was not necessary in our latest work using Uppaal 1.99. F F F F F F F F F F F F F F F F F u: 0 u: 0 u: 0 u: 0 u: 0u: 0u: 0u: 0u: 0 u: 0 u: 0 u: 0 u: 0 u: 0 u: 0 u: 0 u: 0 u 0, ....

P.R. D'Argenio, J-P. Katoen, T. Ruys, and J. Tretmans. Modeling and verifying a Bounded Retransmission Protocol. In [6]. Also available as CTIT Technical Report 96-22.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC