Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 16 : KRONOS (Model Checking of Real-time Systems)

Published byAlize Grymes Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 16 : KRONOS (Model Checking of Real-time Systems)"— Presentation transcript:

1 Chapter 16 : KRONOS (Model Checking of Real-time Systems)
JIHO YANG

2 What is KRONOS? KRONOS allows analyzing timed automata.
KRONOS is a model checker for the TCTL(Timed CTL) logic. KRONOS checks whether a timed automaton satisfies a TCTL.

3 KRONOS’ Essentials KRONOS is one of the tools, which implements a model checking algorithm for a timed temporal logic (TCTL). KRONOS contains no graphical, no simulation modes. KRONOS is a timed model checker.

4 Railroad crossing example (Two train, a gate, a controller, a counter)

5 Cont.

6 Cont. KRONOS Code (Tr1.tg) /* train1 */ #locs 3 /* number of states*/
#trans 3            /* number of transitions */ #clocks x1            /* clock */ #sync app1 exit1     /* synchronization labels */ loc: 0 prop: far inv: TRUE trans: TRUE => app1;  x1:=0  ; goto 1 loc: 1 prop: near inv: x1 < 30 trans: x1 > 20 and x1 < 30 => enter;   ; goto 2 loc: 2 prop: on inv: x1 < 50 trans: x1 > 20 and x1 < 50 => exit1;   ; goto 0 (trans: x1 > 30 and x1 < 50 => exit1;   ; goto 0)

7 Synchronized Product In order for several components of a system to communicate, KRONOS introduce a synchronization function. KRONOS, a synchronization label is simply obtained by the union of the label sets of the components. A set of transitions are synchronized if and only if each label occurring in one of the transition sets also belongs to one set of another transition.

8 Cont. (example) A1 containts the single transition {a,b}
t1 : q  r1 A2 contains the single transition {b,c} t2 : q  r2

9 Cont. (example) If b is a synchronization label, then the product of automata A1 and A2 contains transition of {a,b,c} q1,q  r1,r2.

10 Kronos code (Example) Extension “.tg” : “timed graph”
Make the product of A1 and A2: A(12) Kronos -out A12.tg A1.tg A2.tg

11 Cont.(Example) Compose the result A(12) with A3:
(we can express kronos code like) Kronos -out A12A3.tg A12.tg A3.tg

12 Cont. The automaton A(12)3 – the product of A1 and A2, and then compose the result A(12) with A3 The automaton A1(23) – the product of A2 and A3, and then compose the result A(23) with A1 It is not easy to use a modular approach.

13 Cont. There is two ways to overcome.
The first one consists in building in a single operation the product of all components of a given system. Kronos code: Kronos –out S.tg Tr1.tg Tr2.tg Gate.tg Contr.tg Ct.tg

14 Cont. The second way: use a special option “-sd”
Kronos –sd –out A12.tg A1.tg A2.tg

15 Model checking The properties to be checked must be expressed by TCTL.
Each being in a separate file with extension “.tctl”

16 Safety property Safety property : Under certain conditions, an event never occur. ……??? “when a train is inside the crossing, the gate is closed.” Safe.tctl : Init impl AB(on impl closed) AB correspond A and G of CTL Impl : Boolean combinator

17 Cont. Verifying safety property KRONOS command:
Kronos –back S.tg safe.tctl (backward analysis) Kronos –forw S.tg safe.tctl (forwards analysis) Safe.eval contains the result

18 Liveness property Liveness property: under certain condition, some event will ultimately occur. “from the moment where no train arrives anymore, the gate will be open after d time units.” Express TCTL

19 Cont. Init => AG (┐near ^ ┐on => ┐E(┐near ^ ┐on ^ ┐open) U (>d) true)) Write KRONOS when d = 20; Init impl AB((not near and not on) impl not((not near and not on and not open) EU{>20} TRUE))

20 Questions…

Download ppt "Chapter 16 : KRONOS (Model Checking of Real-time Systems)"

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Representing Boolean Functions for Symbolic Model Checking Supratik Chakraborty IIT Bombay.

Representing Boolean Functions for Symbolic Model Checking Supratik Chakraborty IIT Bombay.
CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.

CS 267: Automated Verification Lecture 2: Linear vs. Branching time. Temporal Logics: CTL, CTL*. CTL model checking algorithm. Counter-example generation.
Algorithmic Software Verification VII. Computation tree logic and bisimulations.

Algorithmic Software Verification VII. Computation tree logic and bisimulations.
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
François Fages MPRI Bio-info 2005 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraint Programming.

François Fages MPRI Bio-info 2005 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraint Programming.
François Fages MPRI Bio-info 2007 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraint Programming.

François Fages MPRI Bio-info 2007 Formal Biology of the Cell Modeling, Computing and Reasoning with Constraints François Fages, Constraint Programming.
ECE 667 - Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.

ECE Synthesis & Verification - L271 ECE 697B (667) Spring 2006 Synthesis and Verification of Digital Systems Model Checking basics.
Verification of Graph Transformation Systems Arman Sheikholeslami

Verification of Graph Transformation Systems Arman Sheikholeslami
1 MODULE name (parameters) “Ontology” “Program” “Properties” The NuSMV language A module can contain modules Top level: parameters less module Lower level.

1 MODULE name (parameters) “Ontology” “Program” “Properties” The NuSMV language A module can contain modules Top level: parameters less module Lower level.
Game-theoretic approach to the simulation checking problem Peter Bulychev Vladimir Zakharov Lomonosov Moscow State University.

Game-theoretic approach to the simulation checking problem Peter Bulychev Vladimir Zakharov Lomonosov Moscow State University.
Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.

Model Checking I What are LTL and CTL?. and or dreq q0 dack q0bar.
UPPAAL Introduction Chien-Liang Chen.

UPPAAL Introduction Chien-Liang Chen.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
UPPAAL T-shirt to (identifiable)

UPPAAL T-shirt to (identifiable)
Introduction to Uppaal ITV Multiprogramming & Real-Time Systems Anders P. Ravn Aalborg University May 2009.

Introduction to Uppaal ITV Multiprogramming & Real-Time Systems Anders P. Ravn Aalborg University May 2009.
CHAPTER 5: Repetition Control Structure. Objectives  To develop algorithms that use DOWHILE and REPEAT.. UNTIL structures  Introduce a pseudocode for.

CHAPTER 5: Repetition Control Structure. Objectives  To develop algorithms that use DOWHILE and REPEAT.. UNTIL structures  Introduce a pseudocode for.
Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.
1 Mechanical Verification of Timed Automata Myla Archer and Constance Heitmeyer Presented by Rasa Bonyadlou 24 October 2002.

1 Mechanical Verification of Timed Automata Myla Archer and Constance Heitmeyer Presented by Rasa Bonyadlou 24 October 2002.

Similar presentations

Ads by Google