Results 1  10
of
65
W (2002) Formal verification of UML statecharts with realtime extensions
 In: Proc. 5th International Conference on Fundamental Approaches to Software Engineering (FASE 2002), Lecture Notes in Computer Science
"... Abstract. We present a framework for formal verification of a realtime extension of UML statecharts. For clarity, we restrict ourselves to a reasonable subset of the rich UML statechart model and extend this with realtime constructs (clocks, timed guards, and invariants). We equip the obtained for ..."
Abstract

Cited by 43 (2 self)
 Add to MetaCart
Abstract. We present a framework for formal verification of a realtime extension of UML statecharts. For clarity, we restrict ourselves to a reasonable subset of the rich UML statechart model and extend this with realtime constructs (clocks, timed guards, and invariants). We equip the obtained formalism, called hierarchical timed automata (HTA), with an operational semantics. We outline a translation of one HTA to a network of flat timed automata, that can serve as input to the realtime model checking tool Uppaal. This translation can be used to faithfully verify deadlockfreedom, safety, and unbounded response properties of the HTA model. We report on an XMLbased implementation of this translation, use the wellknown pacemaker example to illustrate our technique, and report runtime data for the formal verification part. 1
Preemptive JobShop Scheduling using Stopwatch Automata
 IN TACAS ’02: PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS
, 2002
"... In this paper we show how the problem of jobshop scheduling where the jobs are preemptible can be modeled naturally as a shortest path problem defined on an extension of timed automata, namely stopwatch automata where some of the clocks might be freezed at certain states. Although standard verif ..."
Abstract

Cited by 37 (2 self)
 Add to MetaCart
(Show Context)
In this paper we show how the problem of jobshop scheduling where the jobs are preemptible can be modeled naturally as a shortest path problem defined on an extension of timed automata, namely stopwatch automata where some of the clocks might be freezed at certain states. Although standard verification problems on stopwatch automata are known to be undecidable, we show that due to wellknown properties of optimal schedules, the shortest path in the automaton belongs to a finite class of acyclic paths where transitions occur at integer points in time, and hence the problem is solvable. We present several algorithms and heuristics for finding the shortest paths in such automata and test their implementation on numerous benchmark examples.
UPPAAL  Present and Future
, 2001
"... Uppaal is a tool for modelling, simulation and verification of realtime systems, developed jointly by BRICS at Aalborg University and the Department of Computer Systems at Uppsala University. The tool is appropriate for systems that can be modelled as a collection of nondeterministic processes wit ..."
Abstract

Cited by 29 (3 self)
 Add to MetaCart
Uppaal is a tool for modelling, simulation and verification of realtime systems, developed jointly by BRICS at Aalborg University and the Department of Computer Systems at Uppsala University. The tool is appropriate for systems that can be modelled as a collection of nondeterministic processes with finite control structure and realvalued clocks, communicating through channels or shared variables. Typical application areas include realtime controllers and communication protocols in particular, those where timing aspects are critical. In this paper, we review the status of the currently distributed version of the tool as well as facilities to be found in upcoming releases.
E.: StateDensity Functions over DBM Domains in the Analysis of NonMarkovian Models
 IEEE Trans. on SW Eng
, 2009
"... Abstract—Quantitative evaluation of models with generally distributed transitions requires the analysis of nonMarkovian processes that may be not isomorphic to their underlying untimed models and may include any number of concurrent nonexponential timers. The analysis of stochastic Time Petri Nets ..."
Abstract

Cited by 22 (17 self)
 Add to MetaCart
(Show Context)
Abstract—Quantitative evaluation of models with generally distributed transitions requires the analysis of nonMarkovian processes that may be not isomorphic to their underlying untimed models and may include any number of concurrent nonexponential timers. The analysis of stochastic Time Petri Nets (sTPNs) copes with the problem by covering the state space with stochastic classes, which extend the theory of Difference Bounds Matrix (DBM) with a state probability density function. As a core step, the analysis process requires symbolic manipulation of density functions supported over DBM domains. We characterize and engineer the critical steps of this derivation. We first show that the statedensity function accepts a continuous piecewise representation over a partition in DBMshaped subdomains. We then develop a closedform symbolic calculus of statedensity functions under the assumption that transitions in the sTPN model have expolynomial distributions over possibly bounded intervals. The calculus shows that within each subdomain, the statedensity function is a multivariate expolynomial function, and it makes explicit the way in which this form evolves and grows in complexity as the state accumulates memory through subsequent transitions. This enables an efficient implementation of the analysis process and provides the formal basis that supports the introduction of an imprecise analysis based on the approximation of statedensity functions through Bernstein Polynomials. The approximation attacks practical and theoretical limits in the applicability of stochastic state classes and devises a new approach to the analysis of nonMarkovian models, relying on approximations in the state space rather than in the structure of the model. Index Terms—Correctness verification, performance and dependability, quantitative evaluation, stochastic Time Petri nets, densetime statespace analysis, Difference Bounds Matrix, Markov Renewal Theory, approximate statespace representation, density function approximation, Bernstein polynomials. Ç 1
Time Petri nets with inhibitor hyperarcs: formal semantics and state space computation
 Proceedings of the 25th International Conference on Applications and Theory of Petri Nets
, 2004
"... Abstract. In this paper, we define Time Petri Nets with Inhibitor Hyperarcs (IHTPN) as an extension of Ttime Petri nets where time is associated with transitions. In this model, we consider stopwatches associated with transitions which can be reset, stopped and started by using classical arcs and ..."
Abstract

Cited by 21 (4 self)
 Add to MetaCart
(Show Context)
Abstract. In this paper, we define Time Petri Nets with Inhibitor Hyperarcs (IHTPN) as an extension of Ttime Petri nets where time is associated with transitions. In this model, we consider stopwatches associated with transitions which can be reset, stopped and started by using classical arcs and branch inhibitor hyperarcs introduced by Janicki and Koutny [1]. We give a formal semantics for IHTPNs in terms of Timed Transition Systems and we position IHTPNs with regard to other classes of Petri nets. We provide a method for computing the state space of IHTPNs. We first propose an exact computation using a general polyhedron representation of time constraints, then we propose an overapproximation of the polyhedra to allow a more efficient compact abstract representations of the state space based on DBM (Difference
Timed State Space Analysis of Real Time Preemptive Systems
"... A modeling notation is introduced which extends Time Petri Nets with an additional mechanism of resource assignment which makes the progress of timed transitions be dependent on the availability of a set of preemptable resources. The resulting notation, which we call Preemptive Time Petri Nets, p ..."
Abstract

Cited by 18 (16 self)
 Add to MetaCart
A modeling notation is introduced which extends Time Petri Nets with an additional mechanism of resource assignment which makes the progress of timed transitions be dependent on the availability of a set of preemptable resources. The resulting notation, which we call Preemptive Time Petri Nets, permits natural description of complex real time systems running under preemptive scheduling, with periodic, sporadic and oneshot processes, with nondeterministic execution times, with semaphore synchronizations and precedence relations deriving from internal task sequentialization and from interprocess communication, running on multiple processors.
The Complete Proof Theory of Hybrid Systems
, 2011
"... as representing the official policies, either expressed or implied, of any sponsoring institution or government. Keywords: proof theory; hybrid dynamical systems; differential dynamic logic; axiomatization; Hybrid systems are a fusion of continuous dynamical systems and discrete dynamical systems. T ..."
Abstract

Cited by 17 (12 self)
 Add to MetaCart
as representing the official policies, either expressed or implied, of any sponsoring institution or government. Keywords: proof theory; hybrid dynamical systems; differential dynamic logic; axiomatization; Hybrid systems are a fusion of continuous dynamical systems and discrete dynamical systems. They freely combine dynamical features from both worlds. For that reason, it has often been claimed that hybrid systems are more challenging than continuous dynamical systems and than discrete systems. We now show that, prooftheoretically, this is not the case. We present a complete prooftheoretical alignment that interreduces the discrete dynamics and continuous dynamics of hybrid systems. We give a sound and complete axiomatization of hybrid systems relative to continuous dynamical systems and a sound and complete axiomatization of hybrid systems relative to discrete dynamical systems. Thanks to our axiomatization, proving properties of hybrid systems is exactly the same as proving properties of continuous dynamical systems and again, exactly the same as proving properties of discrete dynamical systems. This fundamental cornerstone sheds light on the nature of hybridness and enables flexible and provably perfect combinations of discrete reasoning with continuous reasoning that lift to all aspects of hybrid systems and their fragments. 1
Logics of Dynamical Systems
"... We study the logic of dynamical systems, that is, logics and proof principles for properties of dynamical systems. Dynamical systems are mathematical models describing how the state of a system evolves over time. They are important in modeling and understanding many applications, including embedded ..."
Abstract

Cited by 15 (15 self)
 Add to MetaCart
We study the logic of dynamical systems, that is, logics and proof principles for properties of dynamical systems. Dynamical systems are mathematical models describing how the state of a system evolves over time. They are important in modeling and understanding many applications, including embedded systems and cyberphysical systems. In discrete dynamical systems, the state evolves in discrete steps, one step at a time, as described by a difference equation or discrete state transition relation. In continuous dynamical systems, the state evolves continuously along a function, typically described by a differential equation. Hybrid dynamical systems or hybrid systems combine both discrete and continuous dynamics. Distributed hybrid systems combine distributed systems with hybrid systems, i.e., they are multiagent hybrid systems that interact through remote communication or physical interaction. Stochastic hybrid systems combine stochastic
On reachability for hybrid automata over bounded time
 In ICALP (2), volume 6756 of Lecture Notes in Computer Science
, 2011
"... Abstract. This paper investigates the timebounded version of the reachability problem for hybrid automata. This problem asks whether a given hybrid automaton can reach a given target location within T time units, where T is a constant rational value. We show that, in contrast to the classical (unbo ..."
Abstract

Cited by 11 (4 self)
 Add to MetaCart
(Show Context)
Abstract. This paper investigates the timebounded version of the reachability problem for hybrid automata. This problem asks whether a given hybrid automaton can reach a given target location within T time units, where T is a constant rational value. We show that, in contrast to the classical (unbounded) reachability problem, the timedbounded version is decidable for rectangular hybrid automata provided only nonnegative rates are allowed. This class of systems is of practical interest and subsumes, among others, the class of stopwatch automata. We also show that the problem becomes undecidable if either diagonal constraints or both negative and positive rates are allowed. 1