SAT-Based Bounded Model Checking for Timed Systems
gilles audemard2002
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Enormous progress has been achieved in the last decade in the verification of timed systems, making it possible to analyze significant real-world protocols. An open challenge is the identification of fully symbolic verification techniques, able to deal effectively with the finite state component as well as with the timing aspects. In this paper we propose a new, symbolic verification technique that extends the Bounded Model Checking (BMC) approach for the verification of timed systems. The approach is based on the following ingredients. First, a BMC problem for timed systems is reduced to the satisfiability of a math-formula, i.e., a boolean combination of propositional variables and linear mathematical relations over real variables (used to represent clocks). Then, an appropriate solver, called MATHSAT, is used to check the satisfiability of the math-formula. The solver is based on the integration of SAT techniques with some specialized decision procedures for linear mathematical constraints, and requires polynomial memory. Our methods allow for handling expressive properties in a fully-symbolic way. A preliminary experimental evaluation confirms the potential of the approach.
Related papers
Bounded Model Checking for Timed Systems
2002
Enormous progress has been achieved in the last decade in the verification of timed systems, making it possible to analyze significant real-world protocols. An open challenge is the identification of fully symbolic verification techniques, able to deal effectively with the finite state component as well as with the timing aspects. In this paper we propose a new, symbolic verification technique that extends the Bounded Model Checking (BMC) approach for the verification of timed systems. The approach is based on the following ingredients. First, a BMC problem for timed systems is reduced to the satisfiability of a math-formula, i.e., a boolean combination of propositional variables and linear mathematical relations over real variables (used to represent clocks). Then, an appropriate solver, called MATHSAT, is used to check the satisfiability of the math-formula. The solver is based on the integration of SAT techniques with some specialized decision procedures for linear mathematical constraints, and requires polynomial memory. Our methods allow for handling expressive properties in a fully-symbolic way. A preliminary experimental evaluation confirms the potential of the approach.
On the symbolic verification of timed systems
1999
This paper describes how to analyze a timed system symbolically. That is, given a symbolic representation of a set of (timed) states (as an expression), we describe how to determine an expression that represents the set of states that can be reached either by firing a discrete transition or by advancing time. These operations are used to determine the set of reachable states symbolically. We also show how to symbolically determine the set of states that can reach a given set of states (i.e., a backwards step), thus making it possible to verify TCTL-formulae symbolically. The analysis is fully symbolic in the sense that both the discrete and the continuous part of the state space are represented symbolically. Furthermore, both the synchronous and asynchronous concurrent composition of timed systems can be performed symbolically. The symbolic representations are given as formulae expressed in a simple first-order logic over difference constraints containing only the Boolean operators and existential quantification. Together with a recently developed data structure for efficient manipulations of the logic, the symbolic representation provides the potential of drastically increasing the size of timed systems that can be verified in practice.
Fully Symbolic Model Checking of Timed Systems using Difference Decision Diagrams
Electronic Notes in Theoretical Computer Science, 2001
Current approaches for analyzing timed systems are based on an explicit enumeration of the discrete states and thus these techniques are only capable of analyzing systems with a handful of timers and a few thousand states. We address this limitation by describing how to analyze a timed system fully symbolically, i.e., by representing sets of discrete states and their associated timing information implicitly. We demonstrate the e ciency of the symbolic technique by computing the set of reachable states for a non-trivial timed system and compare the results with the state-of-the-art tools Kronos and Uppaal. With an implementation based on difference decision diagrams, the runtimes are several orders of magnitudes better. The key operation in obtaining these results is the ability t o a d v ance time symbolically. We s h o w how to do this e ciently by essentially quantifying out a s p e c i a l v ariable z which is used to represent the constant zero. The symbolic manipulations given in this paper are su cient t o v erify TCTL-formulae fully symbolically.
Efficient timed model checking for discrete-time systems
Theoretical Computer Science, 2006
We consider model checking of timed temporal formulae in durational transition graphs (DTGs), i.e., Kripke structures where transitions have integer durations. Two semantics for DTGs are presented and motivated. We consider timed versions of CTL where subscripts put quantitative constraints on the time it takes before a property is satisfied.
Symbolic Verification and Analysis of Discrete Timed Systems
Formal Methods in System Design, 2003
This paper presents a novel approach for real-time model checking. It combines the efficiency of traditional symbolic model checking with possibilities to describe and specify real-time systems. Using multi-terminal binary decision diagrams to represent time and time intervals, it becomes possible to transfer efficient algorithms and optimization heuristics known from standard CTL model checking to real-time applications. By introducing a
Time-Darts: A Data Structure for Verification of Closed Timed Automata
Electronic Proceedings in Theoretical Computer Science, 2012
Symbolic data structures for model checking timed systems have been subject to a significant research, with Difference Bound Matrices (DBMs) still being the preferred data structure in several mature verification tools. In comparison, discretization offers an easy alternative, with all operations having linear-time complexity in the number of clocks, and yet valid for a large class of closed systems. Unfortunately, fine-grained discretization causes itself a state-space explosion. We introduce a new data structure called time-darts for the symbolic representation of state-spaces of timed automata. Compared with the complete discretization, a single time-dart allows to represent an arbitrary large set of states, yet the time complexity of operations on time-darts remain linear in the number of clocks. We prove the correctness of the suggested reachability algorithm and perform several experiments in order to compare the performance of time-darts and the complete discretization. The main conclusion is that in all our experiments the time-dart method outperforms the complete discretization and it scales significantly better for models with larger constants.
Symbolic Model Checking for Probabilistic Timed Automata
2004
Probabilistic timed automata are timed automata extended with discrete probability distributions, and can be used to model timed randomised protocols or faulttolerant systems. We present symbolic model-checking algorithms for probabilistic timed automata to verify both qualitative temporal logic properties, corresponding to satisfaction with probability 0 or 1, and quantitative properties, corresponding to satisfaction with arbitrary probability. The algorithms operate on zones, which represent sets of valuations of the probabilistic timed automaton's clocks. Our method considers only those system behaviours which guarantee the divergence of time with probability 1. The paper presents a symbolic framework for the verification of probabilistic timed automata against the probabilistic, timed temporal logic PTCTL. We also report on a prototype implementation of the algorithms using Difference Bound Matrices, and present the results of its application to the CSMA/CD and FireWire root contention protocol case studies.
Automatic verification of timed concurrent constraint programs
Theory and Practice of Logic Programming, 2006
The language Timed Concurrent Constraint (tccp) is the extension over time of the Concurrent Constraint Programming (cc) paradigm that allows us to specify concurrent systems where timing is critical, for example reactive systems. Systems which may have an infinite number of states can be specified in tccp. Model checking is a technique which is able to verify finite-state systems with a huge number of states in an automatic way. In the last years several studies have investigated how to extend model checking techniques to systems with an infinite number of states. In this paper we propose an approach which exploits the computation model of tccp. Constraint based computations allow us to define a methodology for applying a model checking algorithm to (a class of) infinite-state systems. We extend the classical algorithm of model checking for LTL to a specific logic defined for the verification of tccp and to the tccp Structure which we define in this work for modeling the program be...
Checking MTL Properties of Discrete Timed Automata via Bounded Model Checking
We investigate a SAT-based bounded model checking (BMC) method for MTL (metric temporal logic) that is interpreted over linear discrete infinite time models generated by discrete timed automata. In particular, we translate the existential model checking problem for MTL to the existential model checking problem for a variant of linear temporal logic (called HLTL), and we provide a SAT-based BMC technique for HLTL. We show how to implement the BMC technique for HLTL and discrete timed automata, and as a case study we apply the technique in the analysis of TGPP, a Timed Generic Pipeline Paradigm modelled by a network of discrete timed automata.
Automatic Verification of Timed Circuits
Computer Aided Verification, 1994
This paper presents a new formalism and a new algorithm for verifying timed circuits. The formalism, called orbital nets, allows hierarchical verification based on a behavioral semantics of timed trace theory. We present improvements to a geometric timing algorithm that take advantage of concurrency by using partial orders to reduce the time and space requirements of verification. This algorithm has been fully automated and incorporated into a design system for timed circuits, and experimental results demonstrate that this verification algorithm is practical for realistic examples.
Related topics
Related papers
SAT-based Bounded Model Checking for Timed Interpreted Systems and the RTECTLK properties
Prace Naukowe. Matematyka, 2015
We define an SAT-based bounded model checking (BMC) method for RTECTLK (the existential fragment of the real-time computation tree logic with knowledge) that is interpreted over timed models generated by timed interpreted systems. Specifically, we translate the model checking problem for RTECTLK to the model checking problem for a variant of branching temporal logic (called EyCTLK) interpreted over an abstract model, and we redefine an SAT-based BMC technique for EyCTLK.
On-the-fly symbolic model checking for real-time systems
2002
This paper presents an on-the-fly and symbolic algorithm for checking whether a timed automaton satisfies a formula of a timed temporal logic which is more expressive than TCTL. The algorithm is on-the-fly in the sense that the state-space is generated dynamically and only the minimal amount of information required by the verification procedure is stored in memory. The algorithm is symbolic in the sense that it manipulates sets of states, instead of states, which are represented as boolean combinations of linear inequalities of clocks. We show how a prototype implementation of our algorithm has improved the performances of the tool KRONOS for the verification of the FDDI protocol.
Verification of Timed Systems Using POSETs
Computer Aided Verification, 1998
This paper presents a new algorithm for efficiently verifying timed systems. The new algorithm represents timing information using geometric regions and explores the timed state space by considering partially ordered sets of events rather than linear sequences. This approach avoids the explosion of timed states typical of highly concurrent systems by dramatically reducing the ratio of timed states to untimed states in a system. A general class of timed systems which include both event and level causality can be specified and verified. This algorithm is applied to several recent timed benchmarks showing orders of magnitude improvement in runtime and memory usage.
Symbolic Model Checking for Simply-Timed Systems
Lecture Notes in Computer Science, 2004
We describe OBDD-based symbolic model checking algorithms for simply-timed systems, i.e. finite state graphs where transitions carry a duration. These durations can be arbitrary natural numbers. A simple and natural semantics for these systems opens the way for improved efficiency. Our algorithms have been implemented in NuSMV and perform well in practice (on standard case studies).
Verification of timed circuits with symbolic delays
ASP-DAC 2004: Asia and South Pacific Design Automation Conference 2004 (IEEE Cat. No.04EX753), 2004
When time is incorporated in the specification of discrete systems, the complexity of verification grows exponentially. When the temporal behavior is specified with symbols, the verification problem becomes even more difficult. This paper presents a formal verification technique for timed circuits with symbolic delays. The approach is able to provide a set of sufficient linear constraints on the symbols that guarantee the correctness of the circuit. The applicability of the technique is shown by solving the problem of automatic discovery of linear constraints on input and gate delays that guarantee the correct behavior of asynchronous circuits.
Checking EMTLK properties of timed interpreted systems via bounded model checking
We investigate a SAT-based bounded model checking (BMC) method for EMTLK (the existential fragment of the metric temporal logic with knowledge) that is interpreted over timed models generated by timed interpreted systems (TIS). In particular, we translate the existential model checking problem for EMTLK to the existential model checking problem for a variant of linear temporal logic (called HLTLK), and we provide a SAT-based BMC technique for HLTLK. We illustrate how TISs can be applied to the analysis of a variant of a Generic Timed Pipeline Paradigm scenario.
Simple Bounded MTLK Model Checking for Timed Interpreted Systems
2017
We present a new translation of Metric Temporal Logic with knowledge operators (MTLK) to the Linear Temporal Logic with knowledge operators and with a new set of the atomic propositions (\({\mathrm{{\mathrm{{LTL}}}}_\mathrm{q}\mathrm {K}}\)). We investigate a SAT-based bounded model checking (BMC) method for MTLK. The semantics of MTLK is defined over timed interpreted systems (TIS). We show how to implement the bounded model checking technique for \({\mathrm{{\mathrm{{LTL}}}}_\mathrm{q}\mathrm {K}}\) and timed interpreted systems, and as a case study, we apply the technique in the analysis of the Timed Generic Pipeline Paradigm modelled by TIS. We also present the differences between the old translation of MTLK and the new one. The theoretical description is supported by the experimental results that demonstrate the efficiency of the method.
An efficient algorithm for real-time symbolic model checking
Proceedings ED&TC European Design and Test Conference, 1996
The verification of real-time properties requires model checking techniques for quantitative temporal structures and real-time temporal logics. However, up to now, most of those problems were solved by a translation into a standard CTL model checking problem with unit-delay structures. Although usual CTL model checkers like SMV can be used then, the translation leads to large structures and CTL formulas, such that the verification requires large computation times and only small circuits can be verified. In this paper a new model checking algorithm for quantitative temporal structures and quantitative temporal logic is presented, which avoids these drawbacks. Motivated by lowlevel circuit verification, the implemented prover can be used for verifying general real-time systems. Although it has been proved that the complexity of the new algorithm is identical to the corresponding CTL model checking problem, the application of the new algorithms leads to significant better runtimes and larger verifiable structures. The paper presents the underlying algorithms, the complexity proof, implementational issues and concludes with experimental results, demonstrating the advantages of our approach.
Model Checking Parameterized Timed Systems
2005
In recent years, there has been much advancement in the area of verification of infinite-state systems. A system can have an infinite state-space due to unbounded data structures such as counters, clocks, stacks, queues, etc. It may also be infinitestate due to parameterization, i.e., the possibility of having an arbitrary number of components in the system. For parameterized systems, we are interested in checking correctness of all the instances in one verification step. In this thesis, we consider systems which contain both sources of infiniteness, namely: (a) real-valued clocks and (b) parameterization. More precisely, we consider two models : (a) the timed Petri net (TPN) model which is an extension of the classical Petri net model; and (b) the timed network (TN) model in which an arbitrary number of timed automata run in parallel. We consider verification of safety properties for timed Petri nets using forward analysis. Since forward analysis is necessarily incomplete, we provide a semi-algorithm augmented with an acceleration technique in order to make it terminate more often on practical examples. Then we consider a number of problems which are generalisations of the corresponding ones for timed automata and Petri nets. For instance, we consider zenoness where we check the existence of an infinite computation with a finite duration. We also consider two variants of the boundedness problem: syntactic boundedness in which both live and dead tokens are considered; semantic boundedness where only live tokens are considered. We show that the former problem is decidable, while the latter is not. Finally, we show undecidability of LTL model checking both for dense and discrete timed Petri nets. Next we consider timed networks. We show undecidability of safety properties in case each component is equipped with two or more clocks. This result contrasts previous decidability result for the case where each component has a single clock. Also, we show that the problem is decidable when clocks range over the discrete time domain. This decidability result holds when the processes have any finite number of clocks. Furthermore, we outline the border between decidability and undecidability of safety for TNs by considering several syntactic and semantic variants.
Symbolic model checking of real-time systems
Proceedings Eighth International Symposium on Temporal Representation and Reasoning. TIME 2001, 2000
We present a new real-time temporal logic for the specification and verification of discrete quantitative temporal properties. This logic is an extension of the well-known logic CTL. Its semantics is defined on discrete time transition systems which are in turn interpreted in an abstract manner instead of the usual stuttering interpretation. Hence, our approach directly supports abstractions of real-time systems by ignoring irrelevant qualitative properties, but without loosing any quantitative information. We analyse the complexity of the presented model checking algorithm and furthermore present a fragment of the logic that can be efficiently checked.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.