Results 1  10
of
18
The Theory of Hybrid Automata
, 1996
"... A hybrid automaton is a formal model for a mixed discretecontinuous system. We classify hybrid automata acoording to what questions about their behavior can be answered algorithmically. The classification reveals structure on mixed discretecontinuous state spaces that was previously studied on pur ..."
Abstract

Cited by 671 (12 self)
 Add to MetaCart
A hybrid automaton is a formal model for a mixed discretecontinuous system. We classify hybrid automata acoording to what questions about their behavior can be answered algorithmically. The classification reveals structure on mixed discretecontinuous state spaces that was previously studied on purely discrete state spaces only. In particular, various classes of hybrid automata induce finitary trace equivalence (or similarity, or bisimilarity) relations on an uncountable state space, thus permitting the application of various modelchecking techniques that were originally developed for finitestate systems.
What's Decidable about Hybrid Automata?
 Journal of Computer and System Sciences
, 1995
"... . Hybrid automata model systems with both digital and analog components, such as embedded control programs. Many verification tasks for such programs can be expressed as reachability problems for hybrid automata. By improving on previous decidability and undecidability results, we identify a boundar ..."
Abstract

Cited by 364 (16 self)
 Add to MetaCart
. Hybrid automata model systems with both digital and analog components, such as embedded control programs. Many verification tasks for such programs can be expressed as reachability problems for hybrid automata. By improving on previous decidability and undecidability results, we identify a boundary between decidability and undecidability for the reachability problem of hybrid automata. On the positive side, we give an (optimal) PSPACE reachability algorithm for the case of initialized rectangular automata, where all analog variables follow independent trajectories within piecewiselinear envelopes and are reinitialized whenever the envelope changes. Our algorithm is based on the construction of a timed automaton that contains all reachability information about a given initialized rectangular automaton. The translation has practical significance for verification, because it guarantees the termination of symbolic procedures for the reachability analysis of initialized rectangular autom...
Verifying ETLOTOS programs with KRONOS
 In Proc. FORTE'94
, 1994
"... This paper shows that realtime systems described in a reasonable subset of ETLOTOS can be verified with Kronos by compiling them into timed automata. We illustrate the practical interest of our approach with a case study: the TickTock protocol ..."
Abstract

Cited by 51 (10 self)
 Add to MetaCart
(Show Context)
This paper shows that realtime systems described in a reasonable subset of ETLOTOS can be verified with Kronos by compiling them into timed automata. We illustrate the practical interest of our approach with a case study: the TickTock protocol
Computing Accumulated Delays in Realtime Systems
, 1993
"... . We present a verification algorithm for duration properties of realtime systems. While simple realtime properties constrain the total elapsed time between events, duration properties constrain the accumulated satisfaction time of state predicates. We formalize the concept of durations by introdu ..."
Abstract

Cited by 43 (6 self)
 Add to MetaCart
. We present a verification algorithm for duration properties of realtime systems. While simple realtime properties constrain the total elapsed time between events, duration properties constrain the accumulated satisfaction time of state predicates. We formalize the concept of durations by introducing duration measures for timed automata. A duration measure assigns to each finite run of a timed automaton a real number the duration of the run which may be the accumulated satisfaction time of a state predicate along the run. Given a timed automaton with a duration measure, an initial and a final state, and an arithmetic constraint, the durationbounded reachability problem asks if there is a run of the automaton from the initial state to the final state such that the duration of the run satisfies the constraint. Our main result is an (optimal) Pspace decision procedure for the durationbounded reachability problem. 1 Introduction Over the past decade, model checking [CE81, QS81]...
Revisiting Digitization, Robustness, and Decidability for Timed Automata
 In Proceedings of LICS 03
, 2003
"... We consider several questions related to the use of digitization techniques for timed automata. These very successful techniques reduce densetime language inclusion problems to discrete time, but are applicable only when the implementation is closed under digitization and the specification is close ..."
Abstract

Cited by 35 (6 self)
 Add to MetaCart
(Show Context)
We consider several questions related to the use of digitization techniques for timed automata. These very successful techniques reduce densetime language inclusion problems to discrete time, but are applicable only when the implementation is closed under digitization and the specification is closed under inverse digitization. We show that, for timed automata, the former (whether the implementation is closed under digitization) is decidable, but not the latter. We also investigate digitization questions in connection with the robust semantics for timed automata. The robust modelling approach introduces a timing fuzziness through the semantic removal of equality testing. Since its introduction half a decade ago, research into the robust semantics has suggested that it yields roughly the same theory as the standard semantics. This paper shows that, surprisingly, this is not the case: the robust semantics is significantly less tractable, and differs from the standard semantics in many key respects. In particular, the robust semantics yields an undecidable (nonregular) discretetime theory, in stark contrast with the standard semantics. This makes it virtually impossible to apply digitization techniques together with the robust semantics. On the positive side, we show that the robust languages of timed automata remain recursive.
Using Abstractions for the Verification of Linear Hybrid Systems
 Proceedings of the 6th Annual Conference on ComputerAided Verification, Lecture Notes in Computer Science 818
, 1994
"... ions for the Verification of Linear Hybrid Systems ? A. Olivero, J. Sifakis and S. Yovine VERIMAG ?? MiniparcZirst rue Lavoisier 38330 Montbonnot St. Martin, France 1 Introduction Hybrid systems are dynamical systems consisting of interacting discrete and continuous components [NSY91, MMP91]. ..."
Abstract

Cited by 21 (5 self)
 Add to MetaCart
ions for the Verification of Linear Hybrid Systems ? A. Olivero, J. Sifakis and S. Yovine VERIMAG ?? MiniparcZirst rue Lavoisier 38330 Montbonnot St. Martin, France 1 Introduction Hybrid systems are dynamical systems consisting of interacting discrete and continuous components [NSY91, MMP91]. They are used to model the combined behavior of embedded realtime systems and their physical environments. Recently, there have been attempts to develop verification methods for hybrid systems by working in two complementary directions:  The first direction concerns the identification of subclasses of hybrid systems for which there exist decidability results and effective verification methods for various classes of properties. The main decidability results concern very restricted classes of hybrid systems like timed automata [AD90, ACD90, Alu91, NSY91] and integration graphs [KPSY93].  The second direction concerns the elaboration of a general verification methodology for classes of s...
ModelChecking for Weighted Timed Automata
 In Proceeding of FORMATSFTRTFT’04, Lect. Notes Comput. Sci. 3253 , 277–292
, 2004
"... ..."
(Show Context)
About the Expressive Power of CTL combinators
, 1995
"... We present a new and quite surprising result about the expressive power of the 9 U and 8 U combinators in CTL. 1 The CTL logic CTL, the Computation Tree Logic proposed in [2] has been widely considered in literature for the specification of reactive systems [6, 5]. CTL is paradigmatic in the field ..."
Abstract

Cited by 11 (0 self)
 Add to MetaCart
We present a new and quite surprising result about the expressive power of the 9 U and 8 U combinators in CTL. 1 The CTL logic CTL, the Computation Tree Logic proposed in [2] has been widely considered in literature for the specification of reactive systems [6, 5]. CTL is paradigmatic in the field of branchingtime temporal logic because it admits efficient model checking algorithms (see [3]) while remaining very expressive. CTL formulas are built using four combinators: 9X, 8X, 9 U and 8 U, plus atomic propositions a; b; : : : and boolean combinators: (CTL 3) f; g ::= 9Xf j 8Xf j 9[f U g] j 8[f U g] j :f j f g j a j b j : : : where we use the standard abbreviations: ?, ?, f g, . . . for resp. a :a, . . . CTL formulas are interpreted over Kripke structures, i.e. directed graphs where every vertice (the states) carries a boolean valuation for the atomic propositions. See e.g. [5] for formal definitions. Informally, 9Xf means "there exists a next state satisfying f " so that a ...
Modelchecking oneclock priced timed automata
 In FoSSaCS’07: Foundations of Software Science and Computation Structures
, 2007
"... Abstract. We consider the model of priced (a.k.a. weighted) timed automata, an extension of timed automata with cost information on both locations and transitions, and we study various modelchecking problems for that model based on extensions of classical temporal logics with cost constraints on mo ..."
Abstract

Cited by 11 (6 self)
 Add to MetaCart
Abstract. We consider the model of priced (a.k.a. weighted) timed automata, an extension of timed automata with cost information on both locations and transitions, and we study various modelchecking problems for that model based on extensions of classical temporal logics with cost constraints on modalities. We prove that, under the assumption that the model has only one clock, modelchecking this class of models against the logic WCTL, CTL with costconstrained modalities, is PSPACEcomplete (while it has been shown undecidable as soon as the model has three clocks). We also prove that modelchecking WMTL, LTL with costconstrained modalities, is decidable only if there is a single clock in the model and a single stopwatch cost variable (i.e., whose slopes lie in {0, 1}). An interesting direction of realtime modelchecking that has recently received substantial attention is the extension and retargeting of timed automata technology towards optimal scheduling and controller synthesis [AAM06, RLS04, BBL07]. In particular, scheduling problems can often be reformulated in terms of reachability questions with respect to behavioural models where tasks and resources relevant for the scheduling problem in question are modelled as interacting timed automata [BLR05a].
From Duration Calculus To Linear Hybrid Automata
 In CAV, volume 939 of LNCS
"... ) Ahmed Bouajjani 1 ??? , Yassine Lakhnech 2 ?? , and Riadh Robbana 1??? 1 VERIMAG, MiniparcZirst, Rue Lavoisier 38330 Montbonnot StMartin, France. 2 Institut fur Informatik und Praktische Mathematik ChristianAlbrechtsUniversitat zu Kiel, Preußerstr. 19, D24105 Kiel, Germany. Abstract ..."
Abstract

Cited by 10 (1 self)
 Add to MetaCart
(Show Context)
) Ahmed Bouajjani 1 ??? , Yassine Lakhnech 2 ?? , and Riadh Robbana 1??? 1 VERIMAG, MiniparcZirst, Rue Lavoisier 38330 Montbonnot StMartin, France. 2 Institut fur Informatik und Praktische Mathematik ChristianAlbrechtsUniversitat zu Kiel, Preußerstr. 19, D24105 Kiel, Germany. Abstract. We relate two different approaches for the specification and verification of hybrid systems. The first one is logicbased and uses the framework of the Calculus of Durations (CoD), the second one is automatabased and uses algorithmic analysis techniques for hybrid automata. Fragments of CoD have been identified in [13, 19] for the description of control systems and their requirements. We mainly show that the problem of verifying that a CoD control design satisfies a CoD requirement is decidable. This is proved by reducing this verification problem to the reachability problem for a subclass of linear hybrid automata where this problem is decidable. 1 Introduction Since the last few years,...