1 / 16

Hybrid Approach to Model-Checking of Timed Automata

Hybrid Approach to Model-Checking of Timed Automata. DAT4 Project Proposal Supervisor: Alexandre David. What is Model-Checking?. Idea: You define a model in a given formalism/language (TA). You give specifications in the form of formulas in a given logic (TCTL) .

brick
Download Presentation

Hybrid Approach to Model-Checking of Timed Automata

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hybrid Approach toModel-Checking ofTimed Automata DAT4 Project Proposal Supervisor: Alexandre David

  2. What is Model-Checking? • Idea: • You define a model in a given formalism/language (TA). • You give specifications in the form of formulas in a given logic (TCTL). • … in a tool(UPPAAL). • You press a button and: • Yes, properties are satisfied (and why). • No, properties are not satisfied (and why).

  3. What is UPPAAL? • Tool developed between Uppsala University and Aalborg University. • Model-checker for Timed Automata. • It has a graphical interface to draw the TA = state machines with clock constraints.

  4. UPPAAL • The GUI (java): • Editor. • Simulator. • Verifier. • The server (C++): • Verification engine (model-checker).

  5. Timed Automata in a Nutshell! Closed system Lamp push? Off push? push? x=0 controller x<=5 Low High x>5 push? User environment push !

  6. TA in UPPAAL • Templates to define processes. • Parameters. • States have invariants (progress). • Access to integer variables and C-like functions and syntax.

  7. So What’s The Problem? • Model-checking here: • Enumerate all the possible states = • State-space exploration (enumerative!). • But… size of the state-space = • # of locations in every process * • # of possible values for every variable * • # of different (not included) zones. • And that’s not good!Known as state-space explosion.

  8. Zones • Symbolic representation of clock constraints = difference bound matrices (DBMs). • Size = (clocks+1)2, # of zones?

  9. Example • Size of the state-space is approximately • 4*4*4*4*4 (=210) * • 2 (1 binary variable) * • # of zones for 5 clocks (DBM 6x6) in this model ~ 4 possible values/clock to simplify = 210= 221 states! • Memory: 5+1+36 integers per state = 168 bytes -> 336MB. • Add 1 process: *4*4…

  10. Don’t Panic! • All the states are not reachable! • Synchronizations and conditions between processes. • The system implements some logic, it does not generate everything… but we still have the explosion.

  11. What’s The Project? Initial state Find a path But how? Breadth first search. Goal state Big fat state-space

  12. Project Idea • Help the search by pruning the state-space! • Cheap backward reachability with an over-approximation. • Use the result to prune the search forward!

  13. The Idea! Initial state Pruned! Goal state Big fat state-space

  14. Hybrid Approach • Use a backward search with an approximation technique (BDD or whatever). • Use the forward exact search and pruning.

More Related