Results 11  20
of
662
Computational techniques for the verification of hybrid systems
 Proceedings of the IEEE
, 2003
"... Hybrid system theory lies at the intersection of the fields of engineering control theory and computer science verification. It is defined as the modeling, analysis, and control of systems that involve the interaction of both discrete state systems, represented by finite automata, and continuous sta ..."
Abstract

Cited by 72 (9 self)
 Add to MetaCart
Hybrid system theory lies at the intersection of the fields of engineering control theory and computer science verification. It is defined as the modeling, analysis, and control of systems that involve the interaction of both discrete state systems, represented by finite automata, and continuous state dynamics, represented by differential equations. The embedded autopilot of a modern commercial jet is a prime example of a hybrid system: the autopilot modes correspond to the application of different control laws, and the logic of mode switching is determined by the continuous state dynamics of the aircraft, as well as through interaction with the pilot. To understand the behavior of hybrid systems, to simulate, and to control these systems, theoretical advances, analyses, and numerical tools are needed. In this paper, we first present a general model for a hybrid system along with an overview of methods for verifying continuous and hybrid systems. We describe a particular verification
Timed Regular Expressions
 Journal of the ACM
, 2001
"... In this paper we define timed regular expressions, a formalism for specifying discrete behaviors augmented with timing information, and prove that its expressive power is equivalent to the timed automata of Alur and Dill. This result is the timed analogue of Kleene Theorem and, similarly to that re ..."
Abstract

Cited by 66 (21 self)
 Add to MetaCart
(Show Context)
In this paper we define timed regular expressions, a formalism for specifying discrete behaviors augmented with timing information, and prove that its expressive power is equivalent to the timed automata of Alur and Dill. This result is the timed analogue of Kleene Theorem and, similarly to that result, the hard part in the proof is the translation from automata to expressions. This result is extended from finite to infinite (in the sense of B uchi) behaviors. In addition to these fundamental results, we give a clean algebraic framework for two commonlyaccepted formalism for timed behaviors, timeevent sequences and piecewiseconstant signals. 1
The Impressive Power of Stopwatches
 IN PROC. OF CONCUR 2000: CONCURRENCY THEORY
, 2000
"... In this paper we define and study the class of stopwatch automata which are timed automata augmented with stopwatches and unobservable behaviour. In particular, we investigate the expressive power of this class of automata, and show as a main result that any finite or infinite timed language accept ..."
Abstract

Cited by 66 (11 self)
 Add to MetaCart
In this paper we define and study the class of stopwatch automata which are timed automata augmented with stopwatches and unobservable behaviour. In particular, we investigate the expressive power of this class of automata, and show as a main result that any finite or infinite timed language accepted by a linear hybrid automaton is also acceptable by a stopwatch automaton. The consequences of this result are twofold: firstly, it shows that the seemingly minor upgrade from timed automata to stopwatch automata immediately yields the full expressive power of linear hybrid automata. Secondly, reachability analysis of linear hybrid automata may effectively be reduced to reachability analysis of stopwatch automata. This, in turn, may be carried out using an easy (overapproximating) extension of the efficient reachability analysis for timed automata to stopwatch automata. We report on preliminary experiments on analyzing translations of linear hybrid automata using a stopwatchextension of the realtime verification tool UPPAAL.
Reachability Analysis of Hybrid Systems via Predicate Abstraction
 Hybrid Systems: Computation and Control, Fifth International Workshop, LNCS 2289
, 2002
"... Predicate abstraction has emerged to be a powerful technique for extracting finitestate models from infinitestate discrete programs. This paper presents algorithms and tools for reachability analysis of hybrid systems by combining the notion of predicate abstraction with recent techniques for appr ..."
Abstract

Cited by 62 (8 self)
 Add to MetaCart
(Show Context)
Predicate abstraction has emerged to be a powerful technique for extracting finitestate models from infinitestate discrete programs. This paper presents algorithms and tools for reachability analysis of hybrid systems by combining the notion of predicate abstraction with recent techniques for approximating the set of reachable states of linear systems using polyhedra. Given a hybrid system and a set of userdefined predicates, we consider the finite discrete quotient whose states correspond to all possible truth assignments to the input predicates. The tool performs an onthefly exploration of the abstract system by using weakest preconditions to compute abstract transitions corresponding to the discrete switches and conservative polyhedral approximations to compute abstract transitions corresponding to continuous flows. Compared to tools such as Checkmate and d/dt, this approach requires significantly less computational resources as the emphasis is shifted from computing the reachable set to searching in the abstract quotient. We demonstrate the feasibility of the proposed technique by analyzing a parametric timingbased mutual exclusion protocol and safety of a simple controller for vehicle coordination.
The Theory of Timed I/O Automata
, 2003
"... This paper presents the Timed Input/Output Automaton (TIOA) modeling framework, a basic mathematical framework to support description and analysis of timed systems. An important feature of this model is its support for decomposing timed system descriptions. In particular, the framework includes a no ..."
Abstract

Cited by 60 (18 self)
 Add to MetaCart
(Show Context)
This paper presents the Timed Input/Output Automaton (TIOA) modeling framework, a basic mathematical framework to support description and analysis of timed systems. An important feature of this model is its support for decomposing timed system descriptions. In particular, the framework includes a notion of external behavior for a timed I/O automaton, which captures its discrete interactions with its environment. The framework also denes what it means for one TIOA to implement another, based on an inclusion relationship between their external behavior sets, and de nes notions of simulations, which provide sucient conditions for demonstrating implementation relationships. The framework includes a composition operation for TIOAs, which respects external behavior, and a notion of receptiveness, which implies that a TIOA does not block the passage of time. The TIOA framework supports the statement and verication of safety and liveness properties for timed systems. It denes what it means for a property to be a safety or a liveness property, includes basic results about safetyliveness classication, and
Scheduling a Steel Plant with Timed Automata
 In Sixth International Conference on RealTime Computing Systems and Applications (RTCSA’99). IEEE Computer
, 1999
"... Scheduling in an environment with constraints of many different types is known to be a hard problem. We tackle this problem for an integrated steel plant in Ghent, Belgium, using UPPAAL, a model checker for networks of timed automata. We show how to translate schedulability to reachability, enabling ..."
Abstract

Cited by 60 (5 self)
 Add to MetaCart
(Show Context)
Scheduling in an environment with constraints of many different types is known to be a hard problem. We tackle this problem for an integrated steel plant in Ghent, Belgium, using UPPAAL, a model checker for networks of timed automata. We show how to translate schedulability to reachability, enabling us to use UPPAAL's model checking algorithms. 1. Introduction This report is a result of the participation of CSI Nijmegen in the European Union Esprit long term research project Verification of Hybrid Systems (http://wwwverimag. imag.fr//VHS/). The Esprit program was set up to improve the takeup of modern information technologies in industry. The VHS project in particular is meant to stimulate research in the area of hybrid systems. These systems typically consist of digital components in a continuous environment. The correct behavior depends strongly on the interaction between the digital components, say the controller, and the controlled process. Hybrid systems are important in numero...
Guided Synthesis of Control Programs Using UPPAAL
, 2000
"... In this paper we address the problem of scheduling and synthesizing distributed control programs for a batch production plant. We use a timed automata model of the batch plant and the verification tool UPPAAL to solve the scheduling problem. The plant model aims at faithfully reflecting the level of ..."
Abstract

Cited by 58 (27 self)
 Add to MetaCart
(Show Context)
In this paper we address the problem of scheduling and synthesizing distributed control programs for a batch production plant. We use a timed automata model of the batch plant and the verification tool UPPAAL to solve the scheduling problem. The plant model aims at faithfully reflecting the level of abstraction required for synthesizing control programs from generated timed traces. Therefore it quickly becomes too detailed and complicated for automatic synthesis. To solve this problem we present a general way of adding guidance to a model by augmenting it with additional guidance variables and decorating the transitions with extra guards. Applying this technique have made synthesis of control programs feasible for a plant producing as many as 60 batches. In comparison, we could only handle plants producing two batches without using guides. The synthesized control programs have been executed in a physical plant. This proved useful in validating the correctness of the plant model and in ...
Model checking timed UML state machines and collaborations
 7th Intl. Symp. Formal Techniques in RealTime and Fault Tolerant Systems (FTRTFT 2002
, 2002
"... Abstract. We describe a prototype tool, hugo/RT, that is designed to automatically verify whether the timed state machines in a UML model interact according to scenarios specified by timeannotated UML collaborations. Timed state machines are compiled into timed automata that exchange signals and op ..."
Abstract

Cited by 58 (2 self)
 Add to MetaCart
(Show Context)
Abstract. We describe a prototype tool, hugo/RT, that is designed to automatically verify whether the timed state machines in a UML model interact according to scenarios specified by timeannotated UML collaborations. Timed state machines are compiled into timed automata that exchange signals and operations via a network automaton. A collaboration with time constraints is translated into an observer timed automaton. The model checker uppaal is called upon to verify the timed automata representing the model against the observer timed automaton. 1
Monitoring, Testing, and Debugging of Distributed RealTime Systems
, 2000
"... Testing is an important part of any software development project, and can typically surpass more than half of the development cost. For safetycritical computer based systems, testing is even more important due to stringent reliability and safety requirements. However, most safetycritical comput ..."
Abstract

Cited by 56 (1 self)
 Add to MetaCart
Testing is an important part of any software development project, and can typically surpass more than half of the development cost. For safetycritical computer based systems, testing is even more important due to stringent reliability and safety requirements. However, most safetycritical computer based systems are realtime systems, and the majority of current testing and debugging techniques have been developed for sequential (non realtime) programs. These techniques are not directly applicable to realtime systems, since they disregard issues of timing and concurrency. This means that existing techniques for reproducible testing and debugging cannot be used. Reproducibility is essential for regression testing and cyclic debugging, where the same test cases are run repeatedly with the intention of verifying modified program code or to track down errors. The current trend of consumer and industrial applications goes from single microcontrollers to sets of distributed microcontrollers, which are even more challenging than handling realtime persee, since multiple loci of observation and control additionally must be considered. In this thesis we try to remedy these problems by presenting an integrated approach to monitoring, testing, and debugging of distributed realtime systems. For monitoring
Distributing Timed Model Checking  How the Search Order Matters
, 2000
"... In this paper we address the problem of distributing model checking of timed automata. We demonstrate through four real life examples that the combined processing and memory resources of multiprocessor computers can be effectively utilized. The approach assumes a distributed memory model and is appl ..."
Abstract

Cited by 54 (7 self)
 Add to MetaCart
In this paper we address the problem of distributing model checking of timed automata. We demonstrate through four real life examples that the combined processing and memory resources of multiprocessor computers can be effectively utilized. The approach assumes a distributed memory model and is applied to both a network of workstations and a symmetric multiprocessor machine. However, certain unexpected phenomena have to be taken into account. We show how in the timed case the search order of the state space is crucial for the effectiveness and scalability of the exploration. An effective heuristic to counter the effect of the search order is provided. Some of the results open up for improvements in the single processor case.