Download presentation

1
**UPPAAL T-shirt to (identifiable)**

download no 40 Formal Methods Automatic Validation and Verification Tools Kim Guldstrand Larsen Institute of Computer Science Aalborg University Formal Methods seems to be finding its way into industrial software engineering practice. In particular, methods based on fully automatic verification tools have for a long time been established practice for hardware designs. Today, an increasing number of (commercial) tools offering automatic verification support for industrial designs of embedded systems, real-time systems, and communication protocols are emerging. The scalability of these tools has been significantly improved due to recent, scientific advances in the underlying algorithmic techniques, which have allowed for large industrial applications to be verified. The talk will present the tool UPPAAL, a tool suite for validating and verifying real-time system models. The tool has been developed since 1995 in collaboration between Aalborg and Uppsala Universities. The presentation will be based on on-line demonstration and survey the industrial applications of UPPAAL. The final part of the talk will address the tool visualSTATE, a commercial tool for automatic validation and verification of embedded system models In addition visualSTATE allows for automatic generation of efficient code for a number of platforms. Resent collaboration between visualSTATE, and DTU has resulted in truely significant advances in the size of systems which may be dealt with. Timed CTL Model Checking Region Automata Kim Guldstrand Larsen Paul Pettersson

2
Timed CTL IDA foredrag

3
Light Switch Switch may be turned on whenever at least 2 time units has elapsed since last “turn off” Light automatically switches off after 9 time units. push push click

4
**Semantics clock valuations: state:**

Semantics of timed automata is a labeled transition system where action transition delay Transition g a r l l’

5
Semantics: Example push push click

6
**TCTL = CTL + Time constraints over formula clocks and automata clocks**

“freeze operator” introduces new formula clock z E[ f U f ], A[ f U f ] - like in CTL No EX f

7
Derived Operators = Along any path f holds continuously until within 7 time units y becomes valid. = The property f may becomes valid within 5 time units.

8
Light Switch (cont) push push click

9
**Timeliness Properties**

receive(m) always occurs within 5 time units after send(m) receive(m) may occur exactly 11 time units after send(m) putbox occurs periodically (exactly) every 25 time units (note: other putbox’s may occur in between)

10
**Fischer’s Protocol A simple MUTEX Algorithm**

2 V Criticial Section Init V=1 A1 V:=1 V=1 B1 CS1 V:=2 V=2 A2 B2 CS2

11
**Fischer’s Protocol A simple MUTEX Algorithm**

2 V Criticial Section X<1 X:=0 X>1 Init V=1 A1 V:=1 V=1 B1 CS1 Y>1 Y<1 Y:=0 V:=2 V=2 A2 B2 CS2

12
Paths push Example: push click

13
Elapsed time in path Example: s= D(s,1)=3.5, D(s,6)=3.5+9=12.5

14
TCTL Semantics s - (location, clock valuation) w - formula clock valuation PM(s) - set of paths from s Pos(s) - positions in s D(s,i) - elapsed time (i,d) <<(i’,d’) iff (i<j) or ((i=j) and (d<d’))

15
**Region Automata Model Checking**

IDA foredrag

16
Infinite State Space?

17
**Regions Finite partitioning of state space**

”Definition” y 2 1 1 2 3 x

18
**Regions Finite partitioning of state space**

”Definition” y 2 1 1 2 3 x max determined by timed automata (and formula)

19
**Regions Finite partitioning of state space**

Alternative to JPK Definition y 2 1 1 2 3 x max determined by timed automata (and formula)

20
**Regions Finite partitioning of state space**

Definition y 2 1 1 2 3 x An equivalence class (i.e. a region) in fact there is only a finite number of regions!!

21
**Regions Finite partitioning of state space**

Definition y 2 1 r 1 2 3 x Successor regions, Succ(r) An equivalence class (i.e. a region)

22
**Regions Finite partitioning of state space**

Definition y 2 1 THEOREM r {x}r {y}r 1 2 3 x Reset regions An equivalence class (i.e. a region) r

23
**Region graph of a simple timed automata**

24
**Fischers again A1 B1 CS1 A2 B2 CS2 Y<1 X:=0 Y:=0 X>1 Y>1**

V:=1 V=1 A2 B2 CS2 V:=2 V=2 Y<1 X:=0 Y:=0 X>1 Y>1 X<1 Untimed case Timed case Partial Region Graph A1,A2,v=1 A1,A2,v=1 x=y=0 A1,A2,v=1 0 <x=y <1 A1,A2,v=1 x=y=1 A1,A2,v=1 1 <x,y A1,B2,v=2 A1,B2,v=2 0 <x<1 y=0 A1,B2,v=2 0 <y < x<1 A1,B2,v=2 0 <y < x=1 y=0 A1,B2,v=2 0 <y<1 1 <x A1,CS2,v=2 A1,B2,v=2 1 <x,y A1,B2,v=2 y=1 1 <x B1,CS2,v=1 A1,CS2,v=2 1 <x,y CS1,CS2,v=1 No further behaviour possible!!

25
Modified light switch

26
Reachable part of region graph Properties

27
**Roughly speaking.... Model checking a timed automata**

against a TCTL-formula amounts to model checking its region graph against a CTL-formula

28
Problem to be solved Model Checking TCTL is PSPACE-hard

29
END IDA foredrag

Similar presentations

OK

Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.

Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google

Probability for kids ppt on batteries Ppt on as 14 amalgamation symbol Ppt on yoga and aerobics Download ppt on oxidation and reduction reactions Electronics ieee papers ppt on sustainable buildings Ppt on acid-base indicators color change Ppt on transformational leadership Ias 33 earnings per share ppt online Ppt on itc group of hotels Ppt on media and communication