Loading in 5 sec....

Verification of Parameterized Timed SystemsPowerPoint Presentation

Verification of Parameterized Timed Systems

- 130 Views
- Uploaded on

Download Presentation
## PowerPoint Slideshow about ' Verification of Parameterized Timed Systems' - drake-ayers

**An Image/Link below is provided (as is) to download presentation**

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

of

Parameterized Timed Systems

Parosh Aziz Abdulla

Uppsala University

Johann Deneux

Pritha Mahata

Aletta Nylen

- Parameterized Timed Systems
- Syntactic and Semantic Variants

- with one clock
- with several clocks
- discrete time domain

Safety Properties

Parameterized System of Timed Processes –

(Timed Networks)

x:=0

Timed Process:

x<5

Parameterized System:

critical section

x=0

x<1

x>1

Timed Process:

x:=0

Parameterized Network:

arbitrary size

Challenge: arbitrary rather than fixed size

Single Clock Timed Networks - TN(1)

x:=0

Timed Process:

(single clock)

x<5

Parameterized System:

State = Configuration

2.31.45.2 3.7 1.0 8.1

Single Clock Timed Networks - TN(1)

x:=0

Timed Process:

(single clock)

x<5

Parameterized System:

Initial Configurations

0

0 0

0 0 0

0 0 0 0

- Unbounded number of clocks
- Cannot be modeled as timed automata

- Unbounded number of clocks
- Cannot be modeled as timed automata

How to check Safety Properties ?

Equivalence on Configurations

configurations equivalent if they agree (up to cmax) on:

- colours
- integral parts of clock values
- ordering on fractional parts

3.1 4.81.5 6.25.6

3.2 4.81.6 6.45.7

Equivalence on Configurations

configurations equivalent if they agree (up to cmax) on:

- colours
- integral parts of clock values
- ordering on fractional parts

3.1 4.81.5 6.25.6

3.3 1.7 4.8

3.2 4.81.6 6.45.7

Equivalence on Configurations

configurations equivalent if they agree (up to cmax) on:

- colours
- integral parts of clock values
- ordering on fractional parts

3.1 4.81.5 6.25.6

3.3 1.7 4.8

3.11.8 4.9

3.2 4.81.6 6.45.7

x=0

x<1

x>1

x:=0

Safety Properties

3.4 8.1

- mutual exclusion:
- Bad States : # processes in critical section > 1

x=0

x<1

x>1

x:=0

Safety Properties

3.4 8.1

3.3 8.22.31.45.2 3.7

- mutual exclusion:
- Bad States : # processes in critical section > 1

Ideal = Upward closed set of configurations

x=0

x<1

x>1

x:=0

Safety Properties

3.4 8.1

3.3 8.22.31.45.2 3.7

- mutual exclusion:
- Bad States : # processes in critical section > 1

Ideal = Upward closed set of configurations

Safety = reachability of ideals

Backward Reachability Analysis

Pre

Pre

Pre

Pre

initial states

bad states

ideals closed under computing Pre

Backward Reachability Analysis

Pre

Pre

Pre

Pre

initial states

bad states

Ideals

3.1 3.5 7.2 0.54.6

x1

x2

x3

1 x2-x1

2 x2-x3

3.1 7.24.6

minimal requirement

Existential Zone Ideal

Backward Reachability Analysis

Pre

Pre

Pre

Pre

initial states

bad states

Existential Zones

Existential Zones BQO (and therefore WQO)

Existential Zones BQO (and therefore WQO)

Theorem:

Safety properties can be decided for TN(1)

Multi-Clock Timed Networks – TN(K)

x:=0

Timed Process:

y>3

(two clocks)

x<5

Parameterized Network:

Configuration

2.31.45.2 3.7 1.0 8.1

x

y

1.45.60.2 9.2 2.8 0.1

2.31.45.2 3.7 1.0 8.1

x

y

1.45.60.2 9.2 2.8 0.1

0.5

2.81.95.7 4.2 1.5 8.6

x

1.96.10.7 9.7 3.3 0.6

y

y<5

x:=0

x>4

2.31.45.2 3.7 1.0 8.1

x

y

1.45.60.2 9.2 2.8 0.1

2.3 0.0 5.2 3.7 1.0 8.1

x

y

1.4 5.6 0.2 9.2 2.8 0.1

Backward Reachability Analysis

Pre

Pre

Pre

Pre

initial states

bad states

Existential Zones

longer guaranteed !!

x1

y1

x2

y2

x3

y3

x4

y4

x1 < x2 < x3< x4

x3

x1

x2

x3

y1 = x2

y3

y1

y2

y3

y2 = x3

y3 = x4

y4 = x1

longer guaranteed !!

x1

y1

x2

y2

x1 < x2

y1 = x2

x1

x2

y1

y2

y2 = x1

x1

y1

x2

y2

x3

y3

x1 < x2 < x3

x1

x2

x3

y1 = x2

y1

y2

y3

y2 = x3

y3 = x1

x1

y1

x2

y2

x3

y3

Termination no

longer guaranteed !!

x1 < x2 < x3

y1 = x2

x1

x2

x3

y2 = x3

y1

y2

y3

y3 = x1

x1

y1

x2

y2

x3

y3

x4

y4

x1 < x2 < x3< x4

x3

x1

x2

x3

y1 = x2

y3

y1

y2

y3

y2 = x3

y3 = x4

y4 = x1

longer guaranteed !!

Simulation of 2-counter machine by TN(2)

c1++

M:

c2--

c2=0?

Encoding of configurations in M:

- Timed processes:
- One models control state
- Some model c1
- Some model c2
- The rest are idle

Simulation of 2-counter machine

c1++

M:

c2--

c2=0?

Encoding of c1 :

0.1

0.7

0.9

0.3

0.5

0.9

0.1

0.3

0.5

0.7

left end

# c1=3

right end

c1--

Simulating a Decrement

q2

q1

q1

0<x

y=1

x=1

x:=0

y:=0

q2

idle

0.1

0.7

0.9

0.3

0.5

0.9

0.1

0.3

0.5

0.7

c1--

Simulating a Decrement

q2

q1

q1

0<x

y=1

x=1

x:=0

y:=0

q2

idle

0.1

0.7

0.9

0.3

0.5

0.9

0.1

0.3

0.5

0.7

0.1

0.2

0.8

1.0

0.4

0.6

1.0

0.2

0.4

0.6

0.8

c1--

Simulating a Decrement

q2

q1

q1

0<x

y=1

x=1

x:=0

y:=0

q2

idle

0.2

0.8

1.0

0.4

0.6

1.0

0.2

0.4

0.6

0.8

0.2

0.8

0.4

0.6

1.0

0.4

0.6

0.8

c1--

Simulating a Decrement

q2

q1

q1

0<x

y=1

x=1

x:=0

y:=0

q2

idle

0.2

0.8

0.4

0.6

1.0

0.4

0.6

0.8

0

0.8

0.4

0.6

1.0

0.4

0.6

0.8

c1--

Simulating a Decrement

q2

q1

q1

0<x

y=1

x=1

x:=0

y:=0

q2

idle

0

0.8

0.4

0.6

1.0

0.4

0.6

0.8

0

0.8

0.4

0.6

0

0.4

0.6

0.8

c1=0?

q1

q2

q1

x>0

y=1

x=1

y:=0

x:=0

q2

0.2

0.7

0.7

0.2

0.3

0.5

1.0

1.0

0.5

0.5

0

0

0.5

Checking Safety properties undecidable for TN(2)

Discrete Timed Networks - DTN(K)

Clocks interpreted over the discrete time domain

State = Configuration

215 3 1 8

Timed Transitions

215 3 1 8

2

437 5 3 10

cmax = 1

0

4

# processes having:

1

2

- same state
- clock value (up to cmax)

2*

3

0

3

1

0

2*

6

0

5

1

0

2*

8

x=1

x=0

x:=0

0

4

0

5

1

2

1

1

2*

3

2*

3

0

3

0

4

1

0

1

0

2*

6

2*

6

0

5

0

4

1

0

1

0

2*

8

2*

8

Backward Reachability Analysis

Pre

Pre

Pre

Pre

initial states

bad states

Minimal elements

Checking Safety properties decidable for DTN(K)

2 seconds

TPN- Parameterized Lynch-Shavit

25 minutes

- Open timed networks: strict clock constraints
- Closed timed networks: non-strict clock
constraints

undecidable

decidable

Semantic Variants

- Robust timed networks: semantically strict clock
constraints

undecidable

- TN(1) : decidable
- TN(2) : undecidable
- DTN(K) : decidable
- TN(2) open : undecidable
- TN(K) closed : decidable
- TN(2) robust : undecidable

- Acceleration and Widening
- Forward Analysis
- Price Timed Networks
- Stochastic Variants

Download Presentation

Connecting to Server..