Lecture 2. Decidability and Verification

Similar documents
Timed Automata. Rajeev Alur. University of Pennsylvania

Automatic synthesis of switching controllers for linear hybrid systems: Reachability control

Software Testing IV. Prof. Dr. Holger Schlingloff. Humboldt-Universität zu Berlin

Overview of Timed Automata and UPPAAL

Timed Automata: Semantics, Algorithms and Tools

Lecture 9: Reachability

Model Checking Revision: Model Checking for Infinite Systems Revision: Traffic Light Controller (TLC) Revision: 1.12

Timed Automata From Theory to Implementation

Reducing Clocks in Timed Automata while Preserving Bisimulation

Further Topics in Modelling & Verification

Semantic Subtyping. Alain Frisch (ENS Paris) Giuseppe Castagna (ENS Paris) Véronique Benzaken (LRI U Paris Sud)

want turn==me wait req2==0

Graphical Tool For SC Automata.

AVERIST: An Algorithmic Verifier for Stability

Model Checking for Hybrid Systems

System Correctness. EEC 421/521: Software Engineering. System Correctness. The Problem at Hand. A system is correct when it meets its requirements

On the Language Inclusion Problem for Timed Automata: Closing a Decidability Gap

Automated Formal Methods for Embedded Systems

Overview. Discrete Event Systems - Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?

1. Draw the state graphs for the finite automata which accept sets of strings composed of zeros and ones which:

Lecture 2: Symbolic Model Checking With SAT

Foundations of Computer Science Spring Mathematical Preliminaries

Introduction to Embedded Systems

COMP 763. Eugene Syriani. Ph.D. Student in the Modelling, Simulation and Design Lab School of Computer Science. McGill University

Discrete Mathematics Lecture 4. Harper Langston New York University

Temporal Logic Control of Discrete-Time Piecewise Affine Systems

Implementation of Lexical Analysis

AN ABSTRACTION TECHNIQUE FOR REAL-TIME VERIFICATION

Implementation of Lexical Analysis

Model Checking with Automata An Overview

On the Recognizability of Arrow and Graph Languages

Xuandong Li. BACH: Path-oriented Reachability Checker of Linear Hybrid Automata

LOGIC SYNTHESIS AND VERIFICATION ALGORITHMS. Gary D. Hachtel University of Colorado. Fabio Somenzi University of Colorado.

HyLAA: A Tool for Computing Simulation-Equivalent Reachability for Linear Systems

T Reactive Systems: Kripke Structures and Automata

Formal Methods in Software Engineering. Lecture 07

No model may be available. Software Abstractions. Recap on Model Checking. Model Checking for SW Verif. More on the big picture. Abst -> MC -> Refine

Hybrid Systems Analysis of Periodic Control Systems using Continuization

The UPPAAL Model Checker. Julián Proenza Systems, Robotics and Vision Group. UIB. SPAIN

Temporal Refinement Using SMT and Model Checking with an Application to Physical-Layer Protocols

Parametric Real Time System Feasibility Analysis Using Parametric Timed Automata

Program verification. Generalities about software Verification Model Checking. September 20, 2016

Automated Refinement Checking of Asynchronous Processes. Rajeev Alur. University of Pennsylvania

UPPAAL Tutorial. UPPAAL Family

(Refer Slide Time: 0:19)

Binary Decision Diagrams and Symbolic Model Checking

Specification and Analysis of Real-Time Systems Using Real-Time Maude

Model checking and timed CTL

Implementation of Lexical Analysis

Formal Verification for safety critical requirements From Unit-Test to HIL

Under-Approximation Refinement for Timed Automata

Temporal Logic and Timed Automata

M. De Wulf, L. Doyen,J.-F. Raskin Université Libre de Bruxelles Centre Fédéré en Vérification

Hierarchical Composition and Abstraction In Architecture Models

More on Verification and Model Checking

The SPIN Model Checker

Modeling and Analysis of Fischer s Algorithm

Lecture-12: Closed Sets

Timed Automata with Asynchronous Processes: Schedulability and Decidability

Distributed Systems Programming (F21DS1) Formal Verification

Verifiable Hierarchical Protocols with Network Invariants on Parametric Systems

Research Collection. Formal background and algorithms. Other Conference Item. ETH Library. Author(s): Biere, Armin. Publication Date: 2001

PRISM An overview. automatic verification of systems with stochastic behaviour e.g. due to unreliability, uncertainty, randomisation,

4/6/2011. Model Checking. Encoding test specifications. Model Checking. Encoding test specifications. Model Checking CS 4271

Fachgebiet Softwaretechnik, Heinz Nixdorf Institut, Universität Paderborn. 2.3 Timed Automata and Real-Time Statecharts

Counting multiplicity over infinite alphabets

Behavioural Equivalences and Abstraction Techniques. Natalia Sidorova

Lecture 6. Abstract Interpretation

Past Pushdown Timed Automata and Safety Verification

Fine-grained Compatibility and Replaceability Analysis of Timed Web Service Protocols

Model Checking with Abstract State Matching

Compositional Software Model Checking

Part I: Preliminaries 24

Formal Verification for UML/SysML models

CSE450. Translation of Programming Languages. Lecture 20: Automata and Regular Expressions

MODEL-BASED DESIGN OF CODE FOR PLC CONTROLLERS

Reasoning about Timed Systems Using Boolean Methods

Implementation of Lexical Analysis

Negations in Refinement Type Systems

Verification in Continuous Time Recent Advances

Action Language Verifier, Extended

More on Polynomial Time and Space

Finite State Verification. CSCE Lecture 14-02/25/2016

Hardware Design Verification: Simulation and Formal Method-Based Approaches William K Lam Prentice Hall Modern Semiconductor Design Series

Finite Automata. Dr. Nadeem Akhtar. Assistant Professor Department of Computer Science & IT The Islamia University of Bahawalpur

Verification of Infinite-State Dynamic Systems Using Approximate Quotient Transition Systems

An Introduction to UPPAAL. Purandar Bhaduri Dept. of CSE IIT Guwahati

Real-Time Model-Checking: Parameters Everywhere

ECE 587 Hardware/Software Co-Design Lecture 12 Verification II, System Modeling

Formal Methods for Software Development

Model Checking of Hierarchical State Machines

TAFL 1 (ECS-403) Unit- V. 5.1 Turing Machine. 5.2 TM as computer of Integer Function

A Modeling Framework for Schedulability Analysis of Distributed Avionics Systems. Pujie Han MARS/VPT Thessaloniki, 20 April 2018

Seamless Formal Verification of Complex Event Processing Applications

Logic Model Checking

Applications of Program analysis in Model-Based Design

Model checking pushdown systems

Model Checking. Automatic Verification Model Checking. Process A Process B. when not possible (not AI).

INF672 Protocol Safety and Verification. Karthik Bhargavan Xavier Rival Thomas Clausen

Graph Query Verification using Monadic 2 nd -Order Logic

Transcription:

Lecture 2. Decidability and Verification

model temporal property Model Checker yes error-trace Advantages Automated formal verification, Effective debugging tool Moderate industrial success In-house groups: Intel, Microsoft, Lucent, Motorola Commercial model checkers: FormalCheck by Cadence Obstacles Scalability is still a problem (about 100 state vars) Effective use requires great expertise

Model Checking of Hybrid Systems Is finite state analysis possible? Is reachability problem decidable?

Finite Partitioning Goal: To partition state-space into finitely many equivalence classes so that equivalent states exhibit similar behaviors

Talk Outline! Preliminaries: Transition Systems " Timed Automata and Region Graphs " Equivalences and Finite Quotients " Decidable Problems

Labeled Transition System T " Set Q of states " Set I of initial states " Set L of labels " Set # of labeled transitions of the form q a-> q

Partitions and Quotients " Let T=(Q,I,L,#) be a transition system and be a partitioning of Q (i.e. an equivalence relation on Q) " Quotient T/ is transition system: 1. States are equivalence classes of 2. A state P is initial if it contains a state in I 3. Set of labels is L 4. Transitions: P a-> P if q-a->q for some q in P and some q in P

Language Equivalence " Language of T: Set of possible finite strings over L that can be generated starting from initial states " T and T are language-equivalent iff they generate the same language " Roughly speaking, language equivalent systems satisfy the same set of safety properties

Bisimulation " Relation on QXQ is a bisimulation iff whenever q q then if q-a->u then for some u, u u and q -a->u, and if q -a->u then for some u, u u and q-a->u. " Transition systems T and T are bisimilar if there exists bisimulation on QXQ such that For every q in I, there is q in I, q q and vice versa " Many equivalent characterizations (e.g. game-theoretic) " Roughly speaking, bisimilar systems satisfy the same set of branching-time properties (including safety)

Bisimulation Vs Language equivalence a a a b c b c Language equivalent but not bisimilar Bisimilarity -> Language equivalence

Timed Vs Time-Abstract Relations " Transition system associated with a timed/hybrid automaton: Labels on continuous steps are delays in R Actual delays are suppressed (all continuous steps have same label): Time-abstract " Two versions of language equivalence and two versions of bisimulation " Time-abstract relations enough to capture untimed properties (e.g. reachability, safety)

Time-abstract Vs Timed a b a x:=0 x>10 b Time-abstract equivalent but not timed equivalent Timed equivalence -> Time-abstract equivalence

Talk Outline $ Preliminaries: Transition Systems! Timed Automata and Region Graphs " Equivalences and Finite Quotients " Decidable Problems

Timed Automata (Recap) " Only continuous variables are timers " Invariants and Guards: x<const, x>=const " Actions: x:=0 " Can express lower and upper bounds on delays

Regions Finite partitioning of state space y Definition 2 1 w w iff they satisfy the same set of constraints of the form x i < c, x i = c, x i x j < c, x i x j =c for c <= largest const relevant to x i 1 2 3 x An equivalence class (i.e. a region) in fact there is only a finite number of regions!!

Region Operations y 2 1 {x}r r Reset regions {y}r 1 2 3 x Successor regions, Succ(r) An equivalence class (i.e. a region)

Properties of Regions " The region equivalence relation is a time-abstract bisimulation: Action transitions: If w v and (l,w) -a-> (l,w ) for some w, then v w s.t. (l,v) -a-> (l,v ) Delay transitions: If w v then for all real numbers d, there exists d s.t. w+d v+d " If w v then (l,w) and (l,v) satisfy the same temporal logic formulas

Region graph of a simple timed automata

Region Graphs (Summary) " Finite quotient of timed automaton that is time-abstract bisimilar " Number of regions: (# of locations) times (product of all constants) times (factorial of number of clocks) " Precise complexity class of reachability problem: PSPACE (basically, exponential dependence of clocks/constants unavoidable)

Talk Outline $ Preliminaries: Transition Systems $ Timed Automata and Region Graphs! Equivalences and Finite Quotients " Decidable Problems

Multi-rate Automata " Modest extension of timed automata Dynamics of the form dx = const (rate of a clock is same in all locations) Guards and invariants: x < const, x > const Resets: x := const " Simple translation to timed automata that gives time-abstract bisimilar system by scaling dx = 2 dy = 3 x>5 and y <1 du = 1 dv = 1 u>5/2 and v <1/3

Rectangular Automata " Interesting extension of timed automata Dynamics of the form dx in const interval (rate-bounds of a clock same in all locations) Guards/invariants/resets as before " Translation to multi-rate automata that gives time-abstract language-equiv system dx in [2,3] x>5 v>5, u:=5 x<2 du = 2 dv = 3 u>2, v:=2

Rectangular Automata may not have finite bismilar quotients! x=1, a, x:=0 dx =1 dy in [1,2] y=1, b, y:=0

" Given an initial partitioning P of R k and continuous dynamics dx=f(x), is there a refinement of P that is time-abstract bisimilar to original system? Continuous systems " Counter-example: Spiral. Initial partition: -5<=x<0 and 0<x<=+5

O-minimal Structures " A structure over R is order-minimal if every definable subset is a finite union of points and open intervals " O-minimal structures R with <, +, -, 0, 1 (polyhedral sets) R with <, +, -, *, e x, 0, 1 (semialgebraic sets and exponential trajectories) And many more such as sub-analytic

O-minimal Hybrid Systems " Guards, Flows, Invariants definable in the same o-minimal structure " Edges reset all variables (to constants or intervals) " Thm: O-minimal hybrid systems have finite time-abstract bisimilarity quotients

Talk Outline $ Preliminaries: Transition Systems $ Timed Automata and Region Graphs $ Equivalences and Finite Quotients! Decidable Problems

Decidable Problems " Model checking branching-time properties of timed automata " Reachability in rectangular automata " Timed bisimilarity: are given two timed automata bisimilar? " Optimization: Compute shortest paths (e.g. minimum time reachability) in timed automata with costs on locations and edges " Controller synthesis: Computing winning strategies in timed automata with controllable and uncontrollable transitions

Undecidable Reachability Problems " Timed automata + linear expressions as guards " Multi-rate automata with comparisons among clocks as guards " Timed automata + stop-watches (i.e. clocks that can have rates 0 or 1) Many such results Proofs by encoding Turing machines/2-counter machines Sharp boundary for decidability understood

Start Air-traffic Control Problem as Weigted timed automaton wait2 w 2 : x<2 c 2 : x<1 y<1 x:=0 y>1 c 4 : x>1 y:=0 hold2 w 2 Land1 c 0 +w 2 1<y<2 x>1 Done c 0 c 1 : x<1 y<1 y:=0 c 3 : wait1 w 1 : y<2 x:=0 x>1 hold1 w 1 y>1 land2 c 0 +w 1 y>1 1<x<2

Shortest Paths in WTA Start w 0 x<2 x=2 w 1 Target " Optimum solution may only be a limit " Region graph construction not enough " Algorithm 1. Reduce to Parametric Shortest Path Problem on graphs (PSP) 2. Solve PSP

From WTA to Weighted Graphs w 1 (θ 2 + θ 3 ) wait1 0<y<x<1 (2,1) wait1 y=0 0<x<1 (1,2) hold1 c 3 + w 1 (θ 2 + θ 3 ) x=0 0<y<1 (2,1) c 3 c 3 hold1 hold1 y=0 x=0 (1) x=0 Y>0 ~ (1,2) " Augmented Region Automaton Regions are split in boundary sub-regions

Summary " Decidability only when simple dynamics or decoupled dynamics " Theory of equivalences useful in understanding structural properties

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback