Symboloc Model Checking for Event-Driven Real-Time Systems
Aloysius Mok1997
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
In this article, we consider symbolic model checking for event-driven real-time systems. We first propose a Synchronous Real-Time Event Logic (SREL) for capturing the formal semantics of synchronous, event-driven real-time systems. The concrete syntax of these systems is given in terms of a graphical programming language called Modechart, by Jahanian and Mok, which can be translated into SREL structures. We then present a symbolic model-checking algorithm for SREL. In particular, we give an efficient algorithm for constructing OBDDs (Ordered Binary Decision Diagrams) for linear constraints among integer variables. This is very important in a BDD-based symbolic model checker for real-time systems, since timing and event occurrence constraints are used very often in the specification of these systems. We have incorporated our construction algorithm into the SMV v2.3 from Carnegie-Mellon University and have been able to achieve one to two orders of magnitude in speedup and space saving when compared to the implementation of timing and event-counting functions by integer arithmetics provided by SMV.
Related papers
Symbolic model checking for event-driven real-time systems
ACM Transactions on Programming Languages and Systems, 1997
In this article, we consider symbolic model checking for event-driven real-time systems. We first propose a Synchronous Real-Time Event Logic (SREL) for capturing the formal semantics of synchronous, event-driven real-time systems. The concrete syntax of these systems is given in terms of a graphical programming language called Modechart, by Jahanian and Mok, which can be translated into SREL structures. We then present a symbolic model-checking algorithm for SREL. In particular, we give an efficient algorithm for constructing OBDDs (Ordered Binary Decision Diagrams) for linear constraints among integer variables. This is very important in a BDD-based symbolic model checker for real-time systems, since timing and event occurrence constraints are used very often in the specification of these systems. We have incorporated our construction algorithm into the SMV v2.3 from Carnegie-Mellon University and have been able to achieve one to two orders of magnitude in speedup and space saving when compared to the implementation of timing and event-counting functions by integer arithmetics provided by SMV.
Predicate Diagrams for the Verification of Real-Time Systems
Electronic Notes in Theoretical Computer Science, 2006
We propose a format of predicate diagrams for the verification of real-time systems. We consider systems that are defined as extended timed graphs, a format that combines timed automata and constructs for modeling data, possibly over infinite domains. Predicate diagrams are succinct and intuitive representations of Boolean abstractions. They also represent an interface between deductive tools used to establish the correctness of an abstraction, and model checking tools that can verify behavioral properties of finite-state models. The contribution of this paper is to extend the format of predicate diagrams to timed systems. We also establish a set of verification conditions that are sufficient to prove that a given predicate diagram is a correct abstraction of an extended timed graph. The formalism is supported by a toolkit, and we demonstrate its use at the hand of Fischer's real-time mutualexclusion protocol.
Symbolic model checking of real-time systems
Proceedings Eighth International Symposium on Temporal Representation and Reasoning. TIME 2001, 2000
We present a new real-time temporal logic for the specification and verification of discrete quantitative temporal properties. This logic is an extension of the well-known logic CTL. Its semantics is defined on discrete time transition systems which are in turn interpreted in an abstract manner instead of the usual stuttering interpretation. Hence, our approach directly supports abstractions of real-time systems by ignoring irrelevant qualitative properties, but without loosing any quantitative information. We analyse the complexity of the presented model checking algorithm and furthermore present a fragment of the logic that can be efficiently checked.
Scenario-based verification of real-time systems using Uppaal
Formal Methods in System Design, 2010
This article proposes two approaches to tool-supported automatic verification of dense real-time systems against scenario-based requirements, where a system is modeled as a network of timed automata (TAs) or as a set of driving live sequence charts (LSCs), and a requirement is specified as a separate monitored LSC chart.
A constraint-based approach for specification and verification of real-time systems
1997
We develop a general constraint logic programming (CLP) based framework for specification and verification of real-time systems. Our framework is based on the notion of timed automata that have traditionally been used for specihing real-time systems. In our framework, a user models the ordering of real-time events as the grammar of a language accepted by a timed automata, the real-time constraints on these events are then captured as denotations of the grammar productions specijied by the usel: The grammar can be speciJied as a Definite Clause Grammar (DCG), while the denotations can be speccped in constraint logic. The resulting specijication can hence be regarded as a constraint logic program (CLP), and is executable. Many interesting properties of the real-time system can be verc3ed by posing appropriate queries to this CLP program. A major advantage of our approach is that it is constructive in nature, i.e., it can be used for computing the conditions under which a property will holdfor a given real-time system. Our framework also suggests new types of formalisms that we call Constraint Automata and Timed Push-down Automata.
Modeling and verification of real-time systems based on equations
Science of Computer Programming, 2007
We describe timed observational transition systems (TOTSs). TOTSs are written in terms of equations. By regarding equations as left-to-right rewrite rules, rewriting, together with induction and/or case analysis, can be used to verify that timing properties hold for TOTSs. Concretely, CafeOBJ, an algebraic specification language, is used to specify TOTSs and verify that TOTSs have timing properties by writing proofs, or proof scores. Two case studies are used to demonstrate how to model real-time systems based on TOTSs, specify TOTSs in CafeOBJ and verify that TOTSs have timing properties with the CafeOBJ system.
Scenario and property checking of real-time systems using a synchronous approach
Fourth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing. ISORC 2001, 2001
This paper addresses the design of control-dominated systems using a synchronous approach and the UML. The work aims at formally checking the design: scenarios/controller consistency, and safety properties. For this, a strengthening of UML behavioral models is necessary: SyncCharts are used instead of Statecharts, and Sequence Diagrams are modified by adding synchronously sound constructs akin to Message Sequence Charts. The formal foundations of the approach and the associated tools are briefly presented.
Temporal logics for real-time system specification
ACM Computing Surveys, 2000
The specification of reactive and real-time systems must be supported by formal, mathematically-founded methods in order to be satisfactory and reliable. Temporal logics have been used to this end for several years. Temporal logics allow the specification of system behavior in terms of logical formulas, including temporal constraints, events, and the relationships between the two. In the last ten years, temporal logics have reached a high degree of expressiveness. Most of the temporal logics proposed in the last few years can be used for specifying reactive systems, although not all are suitable for specifying real-time systems. In this paper we present a series of criteria for assessing the capabilities of temporal logics for the specification, validation, and verification of real-time systems. Among the criteria are the logic's expressiveness, the logic's order, presence of a metric for time, the type of temporal operators, the fundamental time entity, and the structure of time. We examine a selection of temporal logics proposed in the literature. To make the comparison clearer, a set of typical specifications is identified and used with most of the temporal logics considered, thus presenting the reader with a number of real examples.
Logic Based Abstractions of Real-Time Systems
2000
When verifying concurrent systems described by transition systems, state explosion is one of the most serious problems. If quantitative temporal information (expressed by clock ticks) is considered, state explosion is even more serious. We present a notion of abstraction of transition systems, where the abstraction is driven by the formulae of a quantitative temporal logic, called qu-mu-calculus, defined in the paper. The abstraction is based on a notion of bisimulation equivalence, called ρ, n -equivalence, where ρ is a set of actions and n is a natural number. It is proved that two transition systems are ρ, n -equivalent iff they give the same truth value to all qu-mu-calculus formulae such that the actions occurring in the modal operators are contained in ρ, and with time constraints whose values are less than or equal to n. We present a non-standard (abstract) semantics for a timed process algebra able to produce reduced transition systems for checking formulae. The abstract semantics, parametric with respect to a set ρ of actions and a natural number n, produces a reduced transition system ρ, nequivalent to the standard one. A transformational method is also defined, by means of which it is possible to syntactically transform a program into a smaller one, still preserving ρ, n -equivalence.
Formal Verification of Internal Block Diagram of Sys ML for Modeling Real Time System
SysML is a graphical modeling language that is mostly used for the graphical representation of real-time systems, complex systems, safely critical systems, and embedded systems. In this paper, we present a methodology based on model checking tool for the correction and verification of SysML internal block diagram with discrete time constraint. We describe the mapping of SysML internal block diagram to PRISM input language and use Probabilistic Computational Tree Logic (PCTL) for the verification of properties. The methodology provides more reliable and quick results for the development of real time systems as PRISM supports parallel composition of components. Finally, we present the effectiveness of our approach with the help of a case study of real-time system. The discrete time factor is included in the case study to evaluate the performance characteristics of system functionality.
Related papers
Model-checking for real-time systems
Logic in Computer Science, …, 1990
This research extends CTL model-checking to the analysis of real-time systems, whose correctness depends on the magnitudes of the timing delays. For specifications, the syntax of CTL is extended to allow quantitative temporal operators. The formulas of the resulting logic, TCTL, are interpretation over continuous computation trees, trees in which paths are maps from the set of nonnegative reals to system states. To model finite-state systems the notion of timed graphs is introduced-state-transition graphs extended with a ...
On-the-fly symbolic model checking for real-time systems
2002
This paper presents an on-the-fly and symbolic algorithm for checking whether a timed automaton satisfies a formula of a timed temporal logic which is more expressive than TCTL. The algorithm is on-the-fly in the sense that the state-space is generated dynamically and only the minimal amount of information required by the verification procedure is stored in memory. The algorithm is symbolic in the sense that it manipulates sets of states, instead of states, which are represented as boolean combinations of linear inequalities of clocks. We show how a prototype implementation of our algorithm has improved the performances of the tool KRONOS for the verification of the FDDI protocol.
Verifying Real-Time Systems with Standard Tools
The TTM/RTTL framework allows for the speciflcation, devel- opment and veriflcation of discrete real-time properties of reactive systems. Timed transition systems (TTMs) is the underlying compu- tational model, and real-time temporal logic (RTTL) is the require- ments speciflcation language. In this paper, we provide a conversion procedure for mapping a timed transition system into a flnite state fair transition systems. This means that eÆcient (untimed) tools for state exploration can be used to check the properties of real-time systems. The procedure has been implemented in the Statetime toolset for the TTM/RTTL framework.
A Comparative Study of Decision Diagrams for Real-Time Model Checking
Lecture Notes in Computer Science, 2018
The timed automata model, introduced by Alur and Dill, provides a powerful formalism for describing real-time systems. Over the last two decades, several dense-time model checking tools have been developed based on that model. This paper considers the verification of a set of interesting real-time distributed protocols using dense-time model checking technology. More precisely, we model and verify the distributed timed two phase commit protocol, and two well-known benchmarks, the Token-Ring-FDDI protocol, and the CSMA/CD protocol, in three different state-of-the-art real-time model checkers: UPPAAL, RED, and Rabbit. We illustrate the use of these tools using one of the case studies. Finally, several interesting conclusions have been drawn about the performance, usability, and the capability of each tool.
Explicit clock temporal logic in constraint checking for real-time systems
Annual Review in Automatic Programming, 1991
This paper introduces a knowledge-based approach to ensure the integrity of information in a real-time database (rtdb). A form of explicit clock temporal logic (called TLrt) useful in specifying timing constraints on controller actions, rtdb items, and constraints in a real-time constraint base (rtcb), is presented. Timing as well as other forms of constraints are stored in the rtcb.
A Graphical Language for Specifying and Analyzing Real-Time Systems
Integrated Computer-Aided Engineering, 1998
We present Graphical Communicating Shared Resources GCSR, a formal language for the speci cation and analysis of real-time systems, including their functional, temporal and resource requirements. GCSR supports the explicit representation of system resources and priorities to arbitrate resource contentions. These features allow a designer to examine resource inherent constraints and to experiment with various resource allocations and scheduling disciplines in order to produce a more dependable speci cation. In addition, GCSR di ers from other graphical languages through its wellde ned notions of modularity and hierarchy: dependencies between system components, expressed as communication events, can have a limited scope of visibility, and control ow b e t ween components is clearly represented as either an interrupt or exception, i.e., voluntary release of control. Furthermore, GCSR has a precise operational semantics and notions of equivalence that allow the execution and formal analysis of a speci cation. We present the GCSR language, its toolset, and how properties, e.g., safety can be analyzed within GCSR.
Automatic verification of real-time communicating systems by constraint-solving
1994
Abstract. In this paper, an algebra of timed processes with real-valued clocks is presented, which may serve as a description language for networks of timed automata. We show that requirements such as a process will never reach an undesired state" can be verified by solving a simple class of constraints on the clock-variables. A symbolic on-the-fly reachability algorithm for the language has been developed and implemented as a software tool based on constraint-solving techniques.
Time properties verification of UML/MARTE real-time systems
Proceedings of the 2014 IEEE 15th International Conference on Information Reuse and Integration (IEEE IRI 2014), 2014
UML and MARTE are standardized modeling languages widely used in industry for the design of realtime systems. However, formal verification at early phases of the system lifecycle for UML/MARTE models remains an open issue mainly for dependability features. In this paper, we show how we can provide a formal verification of time properties from a UML/MARTE description. For this, we translate this latter description expressed (Timed Computation Tree Logic). We illustrate the proposed approach on a case study derived from a real-time asynchronous system (Integrated Modular Avionics (IMA)-based airborne system).
Symbolic Verification and Analysis of Discrete Timed Systems
Formal Methods in System Design, 2003
This paper presents a novel approach for real-time model checking. It combines the efficiency of traditional symbolic model checking with possibilities to describe and specify real-time systems. Using multi-terminal binary decision diagrams to represent time and time intervals, it becomes possible to transfer efficient algorithms and optimization heuristics known from standard CTL model checking to real-time applications. By introducing a
GCSR: a Graphical Language with Algebraic Semantics for the Specification of Real-Time Systems
Technical Reports (CIS), 1995
Graphical Communicating Shared Resources, GCSR, is a formal language for specifying real-time systems including their functional and resource requirements. A GCSR specification consists of a set of nodes that are connected with directed, labeled edges, which describe possible execution flows. Nodes represent instantaneous selection aniong execution flows, or time and resource consuming system activities. In addition, a node can represent a system subcomponent, which allows modular, hierarchical, thus, scalable system specifications. Edges are labeled with instantaneous communication actions or time to describe the duration of activities in the source node. GCSR sup-~o r t s the explicit representation of resources and priorities to resolve resource contention. The semantics of GCSR is the Algebra of Communicating Shared Resources, a timed process algebra with operational semantics that makes GCSR specifications executable. Furthermore, the process algebra provides behavioral equivalence relations between GCSR specifications. These equivalence relations can be used to replace a GCSR specification with an equivalent specification inside another, and to minimize a GCSR specification in terms of the number of nodes and edges. The paper defines the GCSR language, describes GCSR specification reductions that preserve the specification behaviors, and illustrates GCSR with example design specifications. '
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.