Results 1 - 10
of
47
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract
-
Cited by 3252 (70 self)
- Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
A tutorial on uppaal
, 2004
"... This is a tutorial paper on the tool Uppaal. Its goal is to be a short introduction on the flavor of timed automata implemented in the tool, to present its interface, and to explain how to use the tool. The contribution of the paper is to provide reference examples and modeling patterns. ..."
Abstract
-
Cited by 311 (19 self)
- Add to MetaCart
(Show Context)
This is a tutorial paper on the tool Uppaal. Its goal is to be a short introduction on the flavor of timed automata implemented in the tool, to present its interface, and to explain how to use the tool. The contribution of the paper is to provide reference examples and modeling patterns.
Timed automata: Semantics, algorithms and tools
- Lectures on Concurrency and Petri Nets: Advances in Petri Nets, number 3098 in LNCS
, 2004
"... Abstract. This chapter is to provide a tutorial and pointers to results and related work on timed automata with a focus on semantical and algorithmic aspects of verification tools. We present the concrete and abstract semantics of timed automata (based on transition rules, regions and zones), decisi ..."
Abstract
-
Cited by 171 (4 self)
- Add to MetaCart
(Show Context)
Abstract. This chapter is to provide a tutorial and pointers to results and related work on timed automata with a focus on semantical and algorithmic aspects of verification tools. We present the concrete and abstract semantics of timed automata (based on transition rules, regions and zones), decision problems, and algorithms for verification. A detailed description on DBM (Difference Bound Matrices) is included, which is the central data structure behind several verification tools for timed systems. As an example, we give a brief introduction to the tool UPPAAL. 1
Efficient Verification of Real-Time Systems: Compact Data Structure and State--Space Reduction
- In Proc. of the 18th IEEE Real-Time Systems Symposium
, 1997
"... During the past few years, a number of verification tools have been developed for real-time systems in the framework of timed automata (e.g. Kronos and Uppaal). One of the major problems in applying these tools to industrial-size systems is the huge memory-usage for the exploration of the state-spac ..."
Abstract
-
Cited by 64 (10 self)
- Add to MetaCart
During the past few years, a number of verification tools have been developed for real-time systems in the framework of timed automata (e.g. Kronos and Uppaal). One of the major problems in applying these tools to industrial-size systems is the huge memory-usage for the exploration of the state-space of a network (or product) of timed automata, as the modelcheckers must keep information on not only the control structure of the automata but also the clock values specified by clock constraints. In this paper, we present a compact data structure for representing clock constraints. The data structure is based on an O(n 3 ) algorithm which, given a constraint system over realvalued variables consisting of bounds on differences, constructs an equivalent system with a minimal number of constraints. In addition, we have developed an on-the-fly reduction technique to minimize the space-usage. Based on static analysis of the control structure of a network of timed automata, we are able to comp...
UPPAAL Implementation Secrets
, 2002
"... In this paper we present the continuous and on-going development of datastructures and algorithms underlying the veri cation engine of the tool Uppaal. In particular, we review the datastructures of Dierence Bounded Matrices, Minimal Constraint Representation and Clock Dierence Diagrams used in ..."
Abstract
-
Cited by 44 (14 self)
- Add to MetaCart
In this paper we present the continuous and on-going development of datastructures and algorithms underlying the veri cation engine of the tool Uppaal. In particular, we review the datastructures of Dierence Bounded Matrices, Minimal Constraint Representation and Clock Dierence Diagrams used in symbolic state-space representation and-analysis for real-time systems.
The Power of Reachability Testing for Timed Automata
- THEORETICAL COMPUTER SCIENCE
, 2001
"... The computational engine of the verification tool UPPAAL consists of a collection of efficient algorithms for the analysis of reachability properties of systems. Model-checking of properties other than plain reachability ones may currently be carried out in such a tool as follows. Given a property t ..."
Abstract
-
Cited by 38 (11 self)
- Add to MetaCart
(Show Context)
The computational engine of the verification tool UPPAAL consists of a collection of efficient algorithms for the analysis of reachability properties of systems. Model-checking of properties other than plain reachability ones may currently be carried out in such a tool as follows. Given a property to model-check, the user must provide a test automaton T for it. This test automaton must be such that the original system S has the property expressed by precisely when none of the distinguished reject states of T can be reached in the parallel composition of S with T . This raises the question of which properties may be analyzed by UPPAAL in such a way. This paper gives an answer to this question by providing a complete characterization of the class of properties for which model-checking can be reduced to reachability testing in the sense outlined above. This result is obtained as a corollary of a stronger statement pertaining to the compositionality of the property language considered in this study. In particular, it is shown that our language is the least expressive compositional language that can express a simple safety property stating that no reject state can ever be reached. Finally, the property language characterizing the power of reachability testing is used to provide a definition of characteristic properties with respect to a timed version of the ready simulation preorder, for nodes of -free, deterministic timed automata.
Scaling up UPPAAL: automatic verification of real-time systems using compositionality and abstraction
- Proc. FTRTFT 2000. 84 ALTISEN ET AL
, 2000
"... To combat the state-explosion problem in automatic verification, we present a method for scaling up the real-time verification tool Uppaal by complementing it with methods for abstraction and compositionality. We identify a notion of timed ready simulation which we show is a sound condition for pres ..."
Abstract
-
Cited by 27 (6 self)
- Add to MetaCart
To combat the state-explosion problem in automatic verification, we present a method for scaling up the real-time verification tool Uppaal by complementing it with methods for abstraction and compositionality. We identify a notion of timed ready simulation which we show is a sound condition for preservation of safety properties between realtime systems, and in addition is a precongruence with respect to parallel composition. Thus, it supports both abstraction and compositionality. We furthermore present a method for automatically testing for the existence of a timed ready simulation between real-time systems using the Uppaal tool.
Is your Model Checker on Time? - On the Complexity of Model Checking for Timed Modal Logics
, 2001
"... This paper studies the structural complexity of model checking for several timed modal logics presented in the literature. More precisely, we consider (variations on) the specification formalisms used in the tools CMC and Uppaal, and fragments of a timed -calculus. For each of the logics, we charact ..."
Abstract
-
Cited by 15 (6 self)
- Add to MetaCart
This paper studies the structural complexity of model checking for several timed modal logics presented in the literature. More precisely, we consider (variations on) the specification formalisms used in the tools CMC and Uppaal, and fragments of a timed -calculus. For each of the logics, we characterize the computational complexity of model checking, as well as its specification and program complexity, using (parallel compositions of) timed automata as our system model. In particular, we show that the complexity of model checking for a timed -calculus interpreted over (networks of) timed automata is EXPTIME-complete, no matter whether the complexity is measured with respect to the size of the specification, of the model or of both. All the flavours of model checking for timed versions of Hennessy-Milner logic, and the restricted fragments of the timed µ-calculus studied in the literature on CMC and Uppaal, are shown to be PSPACE-complete or EXPTIME-complete. Amongst the complexity results o ered in the paper is a theorem to the effect that the model checking problem for the sublanguage L s of the timed -calculus, proposed by Larsen, Pettersson and Yi, is PSPACE-complete. This result is accompanied by an array of statements showing that any extension of L s has an EXPTIME-complete model checking problem. We also argue that the model checking problem for the timed propositional µ-calculus T is EXPTIME-complete, thus improving upon results by Henzinger, Nicollin, Sifakis and Yovine.
Stursberg: Verification of PLC Programs given as Sequential Function Charts
- In: Integration of Software Specification Techniques for Applications in Eng., Springer, LNCS
"... Abstract. Programmable Logic Controllers (PLC) are widespread in the manufacturing and processing industries to realize sequential procedures and to avoid safety-critical states. For the specification and the implementation of PLC programs, the graphical and hierarchical language Sequential Function ..."
Abstract
-
Cited by 12 (0 self)
- Add to MetaCart
(Show Context)
Abstract. Programmable Logic Controllers (PLC) are widespread in the manufacturing and processing industries to realize sequential procedures and to avoid safety-critical states. For the specification and the implementation of PLC programs, the graphical and hierarchical language Sequential Function Charts (SFC) is increasingly used in industry. To investigate the correctness of SFC programs with respect to a given set of requirements, this contribution advocates the use of formal verification. We present two different approaches to convert SFC programs algorithmically into automata models that are amenable to model checking. While the first approach translates untimed SFC into the input language of the tool Cadence SMV, the second converts timed SFC into timed automata which can be analyzed by the tool Uppaal. Fordifferent processing system examples, we illustrate the complete verification procedure consisting of controller specification, model transformation, integration of dynamic plant models, and identifying errors in the control program by model checking.
Formal verification of a power controller using the real-time model checker uppaal
- In 5th International AMAST Workshop on Real-Time and Probabilistic Systems, volume Lecture Notes in Computer Science
, 1999
"... Abstract. A real-time system for power-down control in audio/video components is modeled and verified using the real-time model checker UPPAAL. The system is supposed to reside in an audio/video component and control (read from and write to) links to neighbor audio/video components such as TV, VCR a ..."
Abstract
-
Cited by 12 (2 self)
- Add to MetaCart
(Show Context)
Abstract. A real-time system for power-down control in audio/video components is modeled and verified using the real-time model checker UPPAAL. The system is supposed to reside in an audio/video component and control (read from and write to) links to neighbor audio/video components such as TV, VCR and remote–control. In particular, the system is responsible for the powering up and down of the component in between the arrival of data, and in order to do so in a safe way without loss of data, it is essential that no link interrupts are lost. Hence, a component system is a multitasking system with hard real-time requirements, and we present techniques for modeling time consumption in such a multitasked, prioritized system. The work has been carried out in a collaboration between Aalborg University and the audio/video company B&O. By modeling the system, 3 design errors were identified and corrected, and the following verification confirmed the validity of the design but also revealed the necessity for an upper limit of the interrupt frequency. The resulting design has been implemented and it is going to be incorporated as part of a new product line. 1
