Introduction to Uppaal ITV Multiprogramming & Real-Time Systems Anders P. Ravn Aalborg University May 2009

Networks of Timed Automata

X = {x 1, … x n } - clock variables (V, E) – control graph init: V  pred(X) inv: V  pred(X) jump: E  pred(X  X’) event: E   Timed Automaton - Syntax x’ = x-1  

Q – states, e.g. (v=”Off”,x = 17.5) Q 0 – initial states, Q 0  Q A – labels  – transition relation, A  Q  Q Labelled Transition Systems a post a (R) = { q’ | q  R and q  q’} pre a (R) = { q | q’  R and q  q’} a a

Transition Semantics of TA X = {x 1, … x n } - clock variables (V, E) – control graph init: V  pred(X) inv: V  pred(X) jump: E  pred(X  X’) event: E   Q - states – {(v,x) | v  V and inv(v)[X := x]}. x’ = x-1   Q 0 – initial states - {(v,x)  Q | init(v)[X := x]} A - labels -   R  0 { (v,x) –  (v’,x’) | e  E(v,v’) and event(e) =  and jump(e) [X := x]} { (v,x) –  (v,x+  ) |   R  0}.

Q - states, {(v,x) | v  V and inv(v)[X := x]} Q 0 – initial states, … A - labels, …  - transition relation, A  Q  Q Trace Semantics a Trajectory:  = where q 0  Q 0 and q i –a i  q i+1, i  0 Live Transition System: (S, L = {  | infinite from S}) Machine Closed:  finite from S,   prefix(L) Duration of  is sum of time labels. S is non-Zeno: duration of   L diverges, Machine closed

Q - states Q 0 – initial states, … A - labels, …  - transition relation, A  Q  Q Composition of Transition Systems a S = S1 || S2 with  : A1  A2  A Q = Q1  Q2 Q 0 = Q1 0  Q2 0 (q1,q2) –a  (q1’,q2’) iff (qi –ai  qi’, i=1,2 and a = a1  a2 Remark p 7

Verification Tasks Reachability of (v,x) – finitary, time-abstract trace inclusion Emptiness – time-abstract trace inclusion Trace (finitary) inclusion Time-abstract (finitary) trace inclusion

CTL