Symbolic Verification and Analysis of Discrete Timed Systems
Thomas Kropf2003, Formal Methods in System Design
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
This paper presents a novel approach for real-time model checking. It combines the efficiency of traditional symbolic model checking with possibilities to describe and specify real-time systems. Using multi-terminal binary decision diagrams to represent time and time intervals, it becomes possible to transfer efficient algorithms and optimization heuristics known from standard CTL model checking to real-time applications. By introducing a
Related papers
Symbolic model checking of real-time systems
Proceedings Eighth International Symposium on Temporal Representation and Reasoning. TIME 2001, 2000
We present a new real-time temporal logic for the specification and verification of discrete quantitative temporal properties. This logic is an extension of the well-known logic CTL. Its semantics is defined on discrete time transition systems which are in turn interpreted in an abstract manner instead of the usual stuttering interpretation. Hence, our approach directly supports abstractions of real-time systems by ignoring irrelevant qualitative properties, but without loosing any quantitative information. We analyse the complexity of the presented model checking algorithm and furthermore present a fragment of the logic that can be efficiently checked.
Fully Symbolic Model Checking of Timed Systems using Difference Decision Diagrams
Electronic Notes in Theoretical Computer Science, 2001
Current approaches for analyzing timed systems are based on an explicit enumeration of the discrete states and thus these techniques are only capable of analyzing systems with a handful of timers and a few thousand states. We address this limitation by describing how to analyze a timed system fully symbolically, i.e., by representing sets of discrete states and their associated timing information implicitly. We demonstrate the e ciency of the symbolic technique by computing the set of reachable states for a non-trivial timed system and compare the results with the state-of-the-art tools Kronos and Uppaal. With an implementation based on difference decision diagrams, the runtimes are several orders of magnitudes better. The key operation in obtaining these results is the ability t o a d v ance time symbolically. We s h o w how to do this e ciently by essentially quantifying out a s p e c i a l v ariable z which is used to represent the constant zero. The symbolic manipulations given in this paper are su cient t o v erify TCTL-formulae fully symbolically.
On-the-fly symbolic model checking for real-time systems
2002
This paper presents an on-the-fly and symbolic algorithm for checking whether a timed automaton satisfies a formula of a timed temporal logic which is more expressive than TCTL. The algorithm is on-the-fly in the sense that the state-space is generated dynamically and only the minimal amount of information required by the verification procedure is stored in memory. The algorithm is symbolic in the sense that it manipulates sets of states, instead of states, which are represented as boolean combinations of linear inequalities of clocks. We show how a prototype implementation of our algorithm has improved the performances of the tool KRONOS for the verification of the FDDI protocol.
An efficient algorithm for real-time symbolic model checking
Proceedings ED&TC European Design and Test Conference, 1996
The verification of real-time properties requires model checking techniques for quantitative temporal structures and real-time temporal logics. However, up to now, most of those problems were solved by a translation into a standard CTL model checking problem with unit-delay structures. Although usual CTL model checkers like SMV can be used then, the translation leads to large structures and CTL formulas, such that the verification requires large computation times and only small circuits can be verified. In this paper a new model checking algorithm for quantitative temporal structures and quantitative temporal logic is presented, which avoids these drawbacks. Motivated by lowlevel circuit verification, the implemented prover can be used for verifying general real-time systems. Although it has been proved that the complexity of the new algorithm is identical to the corresponding CTL model checking problem, the application of the new algorithms leads to significant better runtimes and larger verifiable structures. The paper presents the underlying algorithms, the complexity proof, implementational issues and concludes with experimental results, demonstrating the advantages of our approach.
Model-checking for real-time systems
Logic in Computer Science, …, 1990
This research extends CTL model-checking to the analysis of real-time systems, whose correctness depends on the magnitudes of the timing delays. For specifications, the syntax of CTL is extended to allow quantitative temporal operators. The formulas of the resulting logic, TCTL, are interpretation over continuous computation trees, trees in which paths are maps from the set of nonnegative reals to system states. To model finite-state systems the notion of timed graphs is introduced-state-transition graphs extended with a ...
Efficient timed model checking for discrete-time systems
Theoretical Computer Science, 2006
We consider model checking of timed temporal formulae in durational transition graphs (DTGs), i.e., Kripke structures where transitions have integer durations. Two semantics for DTGs are presented and motivated. We consider timed versions of CTL where subscripts put quantitative constraints on the time it takes before a property is satisfied.
A Tutorial Introduction to Symbolic Model Checking
Logic for concurrency and synchronisation, 2003
Bounded Model Checking for Timed Systems
2002
Enormous progress has been achieved in the last decade in the verification of timed systems, making it possible to analyze significant real-world protocols. An open challenge is the identification of fully symbolic verification techniques, able to deal effectively with the finite state component as well as with the timing aspects. In this paper we propose a new, symbolic verification technique that extends the Bounded Model Checking (BMC) approach for the verification of timed systems. The approach is based on the following ingredients. First, a BMC problem for timed systems is reduced to the satisfiability of a math-formula, i.e., a boolean combination of propositional variables and linear mathematical relations over real variables (used to represent clocks). Then, an appropriate solver, called MATHSAT, is used to check the satisfiability of the math-formula. The solver is based on the integration of SAT techniques with some specialized decision procedures for linear mathematical constraints, and requires polynomial memory. Our methods allow for handling expressive properties in a fully-symbolic way. A preliminary experimental evaluation confirms the potential of the approach.
Verifying Real-Time Systems using Explicit-time Description Methods
Computing Research Repository, 2009
Timed model checking has been extensively researched in recent years. Many new formalisms with time extensions and tools based on them have been presented. On the other hand, Explicit-Time Description Methods aim to verify real-time systems with general untimed model checkers. Lamport presented an explicit-time description method using a clock-ticking process (Tick) to simulate the passage of time together with a group of global variables for time requirements. This paper proposes a new explicit-time description method with no reliance on global variables. Instead, it uses rendezvous synchronization steps between the Tick process and each system process to simulate time. This new method achieves better modularity and facilitates usage of more complex timing constraints. The two explicit-time description methods are implemented in DIVINE, a well-known distributed-memory model checker. Preliminary experiment results show that our new method, with better modularity, is comparable to Lamport's method with respect to time and memory efficiency.
Automated verification of timed transition models
Real-time systems occur in many safety critical applications. Automated verification of crucial system properties is therefore desirable. This paper discusses a timed iransilion model (TTM) for real-time systems, and summarizes recently developed procedures for automated verification of a class of temporal logic properties for finite state systems. The procedures axe linear in the size of the system reachability graph. The verification procedures have been implemented in Prolog. In hard real-time systems, the correctness of the system depends not only on the logical result of the system behaviour, but Mso on the time at which the results are produced. Such systems are at the heart of many safety critical applications such as nuclear reactors, communication networks and avionics. Automatic verification of crucial system properties is therefore desirable. In this paper, the notion of a timed transition model (TTM) is provided as a generic computational model for real-time systems. Real-time temporal logic (RTTL) is used for specifying the properties to be verified. The following steps are involved in verifying a given property.
Related papers
Symbolic model checking for event-driven real-time systems
ACM Transactions on Programming Languages and Systems, 1997
In this article, we consider symbolic model checking for event-driven real-time systems. We first propose a Synchronous Real-Time Event Logic (SREL) for capturing the formal semantics of synchronous, event-driven real-time systems. The concrete syntax of these systems is given in terms of a graphical programming language called Modechart, by Jahanian and Mok, which can be translated into SREL structures. We then present a symbolic model-checking algorithm for SREL. In particular, we give an efficient algorithm for constructing OBDDs (Ordered Binary Decision Diagrams) for linear constraints among integer variables. This is very important in a BDD-based symbolic model checker for real-time systems, since timing and event occurrence constraints are used very often in the specification of these systems. We have incorporated our construction algorithm into the SMV v2.3 from Carnegie-Mellon University and have been able to achieve one to two orders of magnitude in speedup and space saving when compared to the implementation of timing and event-counting functions by integer arithmetics provided by SMV.
Symbolic Model-Checking for Real-Time Circuits and Specifications
1995
The verification of real-time properties requires model checking techniques for quantitative temporal structures and real-time temporal logics. However, up to now, most of those problems were solved by a translation into a standard CTL model checking problem with unit-delay structures. Although usual CTL model checkers like SMV can be used then, the translation leads to large structures and CTL formulas, such that the verification requires large computation times and only small circuits can be verified. In this paper a new model checking algorithm for quantitative temporal structures and quantitative temporal logic is presented, which avoids these drawbacks. Motivated by low-level circuit verification, the implemented prover can be used for verifying general real-time systems. Although it has been proved that the complexity of the new algorithm is identical to the corresponding CTL model checking problem, the application of the new algorithms leads to significant better runtimes and larger verifiable structures. The paper presents the underlying algorithms, the complexity proof, implementational issues and concludes with experimental results, demonstrating the advantages of our approach.
Analysis of Real-Time Systems with CTL Model Checkers
Electronic Notes in Theoretical Computer Science, 2005
This paper presents a new method for model checking dense real-time systems. The dense realtime system is modeled by a timed automaton and the property is specified with the temporal logic TCTL. Specification of the TCTL property is reduced to CTL and its temporal constraints are captured in a new timed automaton. This timed automaton will be composed with the original timed automaton specifying the real-time system under analysis. Then, the product timed automaton will be abstracted using partition refinement of state space based on strong bi-simulation. The result is an untimed automaton modulo the TCTL property which represents an equivalent finite state system to be model checked using existing CTL model checking tools.
On the symbolic verification of timed systems
1999
This paper describes how to analyze a timed system symbolically. That is, given a symbolic representation of a set of (timed) states (as an expression), we describe how to determine an expression that represents the set of states that can be reached either by firing a discrete transition or by advancing time. These operations are used to determine the set of reachable states symbolically. We also show how to symbolically determine the set of states that can reach a given set of states (i.e., a backwards step), thus making it possible to verify TCTL-formulae symbolically. The analysis is fully symbolic in the sense that both the discrete and the continuous part of the state space are represented symbolically. Furthermore, both the synchronous and asynchronous concurrent composition of timed systems can be performed symbolically. The symbolic representations are given as formulae expressed in a simple first-order logic over difference constraints containing only the Boolean operators and existential quantification. Together with a recently developed data structure for efficient manipulations of the logic, the symbolic representation provides the potential of drastically increasing the size of timed systems that can be verified in practice.
A Comparative Study of Decision Diagrams for Real-Time Model Checking
Lecture Notes in Computer Science, 2018
The timed automata model, introduced by Alur and Dill, provides a powerful formalism for describing real-time systems. Over the last two decades, several dense-time model checking tools have been developed based on that model. This paper considers the verification of a set of interesting real-time distributed protocols using dense-time model checking technology. More precisely, we model and verify the distributed timed two phase commit protocol, and two well-known benchmarks, the Token-Ring-FDDI protocol, and the CSMA/CD protocol, in three different state-of-the-art real-time model checkers: UPPAAL, RED, and Rabbit. We illustrate the use of these tools using one of the case studies. Finally, several interesting conclusions have been drawn about the performance, usability, and the capability of each tool.
Symbolic Model Checking for Simply-Timed Systems
Lecture Notes in Computer Science, 2004
We describe OBDD-based symbolic model checking algorithms for simply-timed systems, i.e. finite state graphs where transitions carry a duration. These durations can be arbitrary natural numbers. A simple and natural semantics for these systems opens the way for improved efficiency. Our algorithms have been implemented in NuSMV and perform well in practice (on standard case studies).
Symboloc Model Checking for Event-Driven Real-Time Systems
1997
In this article, we consider symbolic model checking for event-driven real-time systems. We first propose a Synchronous Real-Time Event Logic (SREL) for capturing the formal semantics of synchronous, event-driven real-time systems. The concrete syntax of these systems is given in terms of a graphical programming language called Modechart, by Jahanian and Mok, which can be translated into SREL structures. We then present a symbolic model-checking algorithm for SREL. In particular, we give an efficient algorithm for constructing OBDDs (Ordered Binary Decision Diagrams) for linear constraints among integer variables. This is very important in a BDD-based symbolic model checker for real-time systems, since timing and event occurrence constraints are used very often in the specification of these systems. We have incorporated our construction algorithm into the SMV v2.3 from Carnegie-Mellon University and have been able to achieve one to two orders of magnitude in speedup and space saving when compared to the implementation of timing and event-counting functions by integer arithmetics provided by SMV.
Predicate Diagrams for the Verification of Real-Time Systems
Electronic Notes in Theoretical Computer Science, 2006
We propose a format of predicate diagrams for the verification of real-time systems. We consider systems that are defined as extended timed graphs, a format that combines timed automata and constructs for modeling data, possibly over infinite domains. Predicate diagrams are succinct and intuitive representations of Boolean abstractions. They also represent an interface between deductive tools used to establish the correctness of an abstraction, and model checking tools that can verify behavioral properties of finite-state models. The contribution of this paper is to extend the format of predicate diagrams to timed systems. We also establish a set of verification conditions that are sufficient to prove that a given predicate diagram is a correct abstraction of an extended timed graph. The formalism is supported by a toolkit, and we demonstrate its use at the hand of Fischer's real-time mutualexclusion protocol.
Model-based variable and transition orderings for efficient symbolic model checking
FM 2006: Formal …, 2006
HORAE is an interactive system which supports composing and reasoning of Timed CSP process descriptions. Timed CSP extends CSP by introducing the capability to quantify temporal aspects of sequencing and synchronization. It is a powerful language to model real-time reactive systems. However, there is no verification tool support for proving critical properties over systems modeled using Timed CSP. HORAE, using Constraint Logic Programming (CLP) as the underlying reasoning support, is capable to prove traditional safety properties and beyond, such as the reachability, deadlock-freeness, timewise refinement relationship, lower or upper bound of variables, and etc.
Symbolic model checking of timed guarded commands using difference decision diagrams
The Journal of Logic and Algebraic Programming, 2002
We describe a novel methodology for analyzing timed systems symbolically. Given a formula representing a set of states, we describe how to determine a new formula that represents the set of states reachable by taking a discrete transition or by advancing time. The symbolic representations are given as formulae expressed in a simple first-order logic over difference constraints of the form x − y d which can be combined with Boolean operators and existentially quantified. We also show how to symbolically determine the set of states that can reach a given set of states (i.e., a backward step), thus making it possible to verify timed CTL-formulae symbolically. The main contribution is a way of advancing time symbolically essentially by quantifying out a special variable z which is used to represent the current zero point in time. We also describe a data structure called DDDs for representing difference constraint formulae, and we demonstrate the efficiency of the symbolic technique by analyzing two scheduling protocols using a DDD-based model checker.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.