TIOA-to-UPPAAL Translator & Front-End Integration

Slides:



Advertisements
Similar presentations
Model Checking Lecture 4. Outline 1 Specifications: logic vs. automata, linear vs. branching, safety vs. liveness 2 Graph algorithms for model checking.
Advertisements

The SPIN System. What is SPIN? Model-checker. Based on automata theory. Allows LTL or automata specification Efficient (on-the-fly model checking, partial.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Interface Theories With Component Reuse Laurent DoyenEPFL Thomas HenzingerEPFL Barbara JobstmannEPFL Tatjana PetrovEPFL.
Models of Concurrency Manna, Pnueli.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Chapter 16 : KRONOS (Model Checking of Real-time Systems)
CS 290C: Formal Models for Web Software Lecture 3: Verification of Navigation Models with the Spin Model Checker Instructor: Tevfik Bultan.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.
1 MODULE name (parameters) “Ontology” “Program” “Properties” The NuSMV language A module can contain modules Top level: parameters less module Lower level.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
UPPAAL Introduction Chien-Liang Chen.
CS 290C: Formal Models for Web Software Lecture 4: Implementing and Verifying Statecharts Specifications Using the Spin Model Checker Instructor: Tevfik.
Timed Automata.
Introduction to Uppaal ITV Multiprogramming & Real-Time Systems Anders P. Ravn Aalborg University May 2009.
UPPAAL Andreas Hadiyono Arrummaisha Adrifina Harya Iswara Aditya Wibowo Juwita Utami Putri.
CSE 522 UPPAAL – A Model Checking Tool Computer Science & Engineering Department Arizona State University Tempe, AZ Dr. Yann-Hang Lee
1 Mechanical Verification of Timed Automata Myla Archer and Constance Heitmeyer Presented by Rasa Bonyadlou 24 October 2002.
Introduction to LUSTRE 22c181 Spring Background Developed in 1980’s at Verimag (Fr) Currently used by Estrel Technologies in Scade development tools.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Enforcing Mutual Exclusion Message Passing. Peterson’s Algorithm for Processes P0 and P1 void P0() { while( true ) { flag[ 0 ] = false; /* remainder */
1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture # 11.
1 Carnegie Mellon UniversitySPINFlavio Lerda SPIN An explicit state model checker.
Chess Review November 21, 2005 Berkeley, CA Edited and presented by A Semantic Unit for Timed Automata Based Modeling Languages Kai Chen ISIS, Vanderbilt.
Beyond HyTech Presented by: Ben Horowitz and Rupak Majumdar Joint work with Tom Henzinger and Howard Wong-Toi.
Timing analysis of an SDL subset in UPPAAL Anders Hessel Institution of Information Technology Department of Computer Systems Uppsala University M.Sc.
The Mana Project Lars Asplund Kristina Lundqvist Uppsala University, Information Technology, Dept of Computer Systems.
CSC 8310 Programming Languages Meeting 2 September 2/3, 2014.
ECE/CS 584: Hybrid Automaton Modeling Framework Executions, Reach set, Invariance Lecture 03 Sayan Mitra.
Presenter : Cheng-Ta Wu Vijay D’silva, S. Ramesh Indian Institute of Technology Bombay Arcot Sowmya University of New South Wales, Sydney.
Timed UML State Machines Ognyana Hristova Tutor: Priv.-Doz. Dr. Thomas Noll June, 2007.
UPPAAL Ghaith Haddad. Introduction UPPAAL is a tool for modeling, validation and verification of real-time systems. Appropriate for systems that can be.
Deep Random Search for Efficient Model Checking of Timed Automata Stony Brook University Radu Grosu Joint work with: X. Huang, S.A. Smolka, W. Tan and.
CEFRIEL Consorzio per la Formazione e la Ricerca in Ingegneria dell’Informazione Politecnico di Milano Model Checking UML Specifications of Real Time Software.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
ECE/CS 584: PVS Tutorial Part 1 Lecture 05 Sayan Mitra 1.
Lecture51 Timed Automata II CS 5270 Lecture 5.
CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.
2/19/20031 Introduction to SMV. 2/19/20032 Useful Links CMU Model checking homepage SMV windows version
Timed I/O Automata: A Mathematical Framework for Modeling and Analyzing Real-Time Systems Frits Vaandrager, University of Nijmegen joint work with Dilsun.
02/04/2008 A Concrete Syntax for UML 2.1 Action Semantics Using +CAL 13th IEEE International Conference on Engineering of Complex Computer Systems – ICECCS.
Lecture 81 Optimizing CTL Model checking + Model checking TCTL CS 5270 Lecture 9.
1 Outline:  Optimization of Timed Systems  TA-Modeling of Scheduling Tasks  Transformation of TA into Mixed-Integer Programs  Tree Search for TA using.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Synchronous Protocol Automata. Formal definitions Definition 1 A synchronous protocol automaton P is defined as a tuple (Q,S,D,V,A,->,clk,q0,qf) Channels.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
1 Chapter 11 Global Properties (Distributed Termination)
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
UPPAAL Real-Time Systems Lab. Seolyoung, Jeong.
CPE555A: Real-Time Embedded Systems
Timed Automata II CS 5270 Lecture Lecture5.
Instructor: Rajeev Alur
VLSI Testing Lecture 6: Fault Simulation
Introduction to LUSTRE and LUKE
Concurrency Specification
Autonomous Cyber-Physical Systems: Synchronous Components: II
Chapter 6 Intermediate-Code Generation
ECE/CS 584: Hybrid Automaton Modeling Framework Simulations and Composition Lecture 05 Sayan Mitra.
ECE/CS 584: Verification of Embedded Computing Systems
Lecture 20 Syed Mansoor Sarwar
An explicit state model checker
Introduction to SMV 2/19/2003.
A Refinement Calculus for Promela
STATE MACHINE AND CONCURRENT PROCESS MODEL
STATE MACHINE AND CONCURRENT
Lecture 9: SMV: An Introduction
Presentation transcript:

TIOA-to-UPPAAL Translator & Front-End Integration Radu Grosu, Scott A. Smolka, Wenkai Tan Stony Brook University VeroModo Workshop, MIT, May 18, 2006

The TIOA-to-Uppaal Translator Uses Front-End to translate TIOA specs into input language of UPPAAL model checker for Timed Automata. Only UPPAAL-compliant subset of TIOA language is translatable.

Translator and the Front-End Implemented as plug-in to TIOA front-end Dynamically loaded to process AST & generate corresponding UPPAAL specification.

Integration with Front-End

UPPAAL-Compliant Subset of TIOA Variable types: only Int, Nat, Real, Const, Boolean and Enumeration are allowed for now Internal actions don't have parameters Effect statements are only assignments Trajectories limited to d(t)=1 Locations enumeration type defines TA states

Translation Scheme TIOA states translated to UPPAAL variables TIOA actions translated to UPPAAL transitions Composite TIOA actions in different primitive automata with same name translated to synchronized transitions in UPPAAL TIOA locations translated to UPPAAL states Stop-When conditions become state invariants

Train-Crossing Example Models a train approaching a crossing. After light is signaled, gate is lowered for train to cross. Each action takes place with a certain urgency.

Train-Crossing Timed Automaton

Train-Crossing Example in TIOA vocabulary Locations types Location enumeration [begin, light, gate] automaton Train imports Locations signature internal coming, approaching, passing states mode : Location := begin, time : Real transitions internal coming pre mode = begin /\ time > 2 eff mode := light; time := 0 internal approaching pre mode = light /\ time > 5 eff mode := gate; time := 0 internal passing pre mode = gate /\ time > 1 eff mode := begin; time := 0 trajectories trajdef begin invariant mode = begin stop when time = 5 evolve d(time) = 1 trajdef light invariant mode = light stop when time = 10 trajdef gate invariant mode = gate stop when time = 2

Generated UPPAAL Code process Train{ clock time; state begin {time<=5}, light {time<=10}, gate {time<=2}; init begin; trans begin -> light { guard time > 2; assign time := 0; }, light -> gate { guard time > 5; assign time := 0; }, gate -> begin { guard time > 1; assign time := 0; }; } system Train;

Fischer Protocol

Fischer in TIOA vocabulary ProgramCounter1 types Location enumeration [idle, request, wait, critical] automaton Fischer(pid : Const) imports ProgramCounter1 signature internal try, abort, enter input read_response(id : Int) output write_set(id : Int), write_exit(id : Int) states mode : Location := idle, turn : Int, time : Real transitions input read_response(id) eff turn := id internal try pre mode = idle /\ turn = 0 eff mode := request; time := 0 output write_set(id) pre mode = request /\ id = pid eff mode := wait; time := 0 internal retry pre mode = wait /\ time > 2 /\ turn ~= pid eff mode := idle internal enter pre mode = wait /\ time > 2 /\ turn = pid eff mode := critical output write_exit(id) pre mode = critical /\ id = 0 trajectories trajdef request invariant mode = request stop when time = 2 evolve d(time) = 1 trajdef traj

Fischer continued input write_set(id) automaton SharedVar signature input write_set(id : Int), write_exit(id : Int) output read_response(id : Int) states turn : Int := 0, send : Bool := true, t : Real transitions output read_response(id) pre send = true /\ id = turn eff send := false input write_set(id) eff send := true; turn := id input write_exit(id) trajectories trajdef traj evolve d(t) = 1 automaton sys components fischer1 : Fischer(1); fischer2 : Fischer(2); fischer3 : Fischer(3); SharedVar

Generated UPPAAL Code int id; urgent broadcast chan read_response; broadcast chan write_set,write_exit; process Fischer(const pid){ int turn; clock time; state idle, request {time <=2}, wait, critical; init idle; trans idle -> idle { sync read_response?; assign turn := id; }, request -> request { sync read_response?; assign turn := id; }, wait -> wait { sync read_response?; assign turn := id; }, critical -> critical { sync read_response?; assign turn := id; }, idle -> request { guard turn == 0; assign time := 0; }, request -> wait { guard sync write_set!; assign id := pid,time := 0; }, wait -> idle { guard time > 2 && turn != pid; }, wait -> critical { guard time > 2 && turn == pid; }, critical -> idle { guard sync write_exit!; assign id := 0; }; }

UPPAAL Code continued process SharedVar{ int turn := 0; bool send := true; clock t; state default; init default; trans default -> default { guard send == true; sync read_response!; assign id := turn,send := false; }, default -> default { sync write_set?; assign send := true,turn := id; }, default -> default { sync write_exit?; assign send := true,turn := id; };} fischer1 := Fischer(1); fischer2 := Fischer(2); fischer3 := Fischer(3); system fischer1, fischer2, fisher3, ShardVar;

Future work Semantics checking for UPPAAL compliancy Monte Carlo model checking for TIOA Efficient sampling of transition graphs

Efficient Sampling of Transition Graphs Basic idea (tree growth in nature): From all root-successors, randomly walk to a leaf Then repeat the following: Uniformly pick a node from the ones visited Randomly walk to a leaf from this node Check property on all intermediate nodes

Fischer Protocol (buggy) Processes Tree Sampling UPPAAL 2 0.002 0.021 4 0.008 0.041 8 0.083 1.280 12 0.524 18.61 16 1.018 oom

Bang & Olufson Audio/Video Protocol Senders Tree Sampling UPPAAL 2 0.041 0.174 3 14 1.05 4 32 10.1 5 8(min) 2(min) 6 37(min) oom

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.