1 / 76

Verification of Parameterized Timed Systems

Verification of Parameterized Timed Systems. Parosh Aziz Abdulla Uppsala University. Johann Deneux Pritha Mahata Aletta Nylen. Outline. Parameterized Timed Systems Syntactic and Semantic Variants. with one clock with several clocks discrete time domain. Safety Properties.

drake-ayers
Download Presentation

Verification of Parameterized Timed Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Verification of Parameterized Timed Systems Parosh Aziz Abdulla Uppsala University Johann Deneux Pritha Mahata Aletta Nylen

  2. Outline • Parameterized Timed Systems • Syntactic and Semantic Variants • with one clock • with several clocks • discrete time domain Safety Properties

  3. Parameterized System of Timed Processes – (Timed Networks) x:=0 Timed Process: x<5 Parameterized System:

  4. Single Clock Timed Networks - TN(1) x:=0 Timed Process: (single clock) x<5 Parameterized System:

  5. Fischer’s Protocol critical section x=0 x<1 x>1 Timed Process: x:=0 Parameterized Network: arbitrary size Challenge: arbitrary rather than fixed size

  6. Single Clock Timed Networks - TN(1) x:=0 Timed Process: (single clock) x<5 Parameterized System: State = Configuration 2.31.45.2 3.7 1.0 8.1

  7. Single Clock Timed Networks - TN(1) x:=0 Timed Process: (single clock) x<5 Parameterized System: Initial Configurations 0 0 0 0 0 0 0 0 0 0

  8. Timed Transitions 2.31.45.2 3.7 0.0 8.1 0.5 2.81.95.7 4.2 0.5 8.6

  9. Discrete Transitions x:=0 x<5 2.31.45.2 3.7 1.0 8.1 2.31.4 0.0 3.7 1.0 8.1

  10. TN(1) : • Unbounded number of clocks • Cannot be modeled as timed automata

  11. TN(1) : • Unbounded number of clocks • Cannot be modeled as timed automata How to check Safety Properties ?

  12. Equivalence on Configurations configurations equivalent if they agree (up to cmax) on: • colours • integral parts of clock values • ordering on fractional parts 3.1 4.81.5 6.25.6 3.2 4.81.6 6.45.7

  13. Equivalence on Configurations configurations equivalent if they agree (up to cmax) on: • colours • integral parts of clock values • ordering on fractional parts 3.1 4.81.5 6.25.6 3.3 1.7 4.8 3.2 4.81.6 6.45.7

  14. Equivalence on Configurations configurations equivalent if they agree (up to cmax) on: • colours • integral parts of clock values • ordering on fractional parts 3.1 4.81.5 6.25.6 3.3 1.7 4.8 3.11.8 4.9 3.2 4.81.6 6.45.7

  15. < Ordering on Configurations c1 c2 iff c3 : • c1 c3 • c3 c2 4.96.45.7 3.1 4.81.5 6.25.6

  16. < Ordering on Configurations c1 c2 iff c3 : • c1 c3 • c3 c2 4.96.45.7 4.8 6.25.6 3.1 4.81.5 6.25.6

  17. section critical x=0 x<1 x>1 x:=0 Safety Properties 3.4 8.1 • mutual exclusion: • Bad States : # processes in critical section > 1

  18. critical section x=0 x<1 x>1 x:=0 Safety Properties 3.4 8.1 3.3 8.22.31.45.2 3.7 • mutual exclusion: • Bad States : # processes in critical section > 1 Ideal = Upward closed set of configurations

  19. critical section x=0 x<1 x>1 x:=0 Safety Properties 3.4 8.1 3.3 8.22.31.45.2 3.7 • mutual exclusion: • Bad States : # processes in critical section > 1 Ideal = Upward closed set of configurations Safety = reachability of ideals

  20. Checking Safety Properties: Backward Reachability Analysis initial states bad states

  21. Checking Safety Properties: Backward Reachability Analysis Pre initial states bad states

  22. Checking Safety Properties: Backward Reachability Analysis Pre Pre Pre Pre initial states bad states

  23. Properties of -- Monotonicity c3 c1 c2

  24. Properties of -- Monotonicity c3 c1 c4 c2

  25. Properties of -- Monotonicity c3 c1 c5 c4 c2

  26. Properties of -- Monotonicity c3 c1 c5 c4 c2 c6

  27. Properties of -- Monotonicity c3 c1 c5 c4 c2 c6

  28. Monotonicity ideals closed under computing Pre

  29. Monotonicity ideals closed under computing Pre I

  30. Monotonicity ideals closed under computing Pre I

  31. Monotonicity ideals closed under computing Pre I

  32. Monotonicity ideals closed under computing Pre Pre(I) I

  33. Checking Safety Properties: Backward Reachability Analysis Pre Pre Pre Pre initial states bad states Ideals

  34. Existential Zones x1 x2 x3 1 x2-x1 2 x2-x3

  35. Existential Zones x1 x2 x3 1 x2-x1 2 x2-x3 3.1 7.24.6

  36. Existential Zones 3.1 3.5 7.2 0.54.6 x1 x2 x3 1 x2-x1 2 x2-x3 3.1 7.24.6 minimal requirement

  37. Existential Zones 3.1 3.5 7.2 0.54.6 x1 x2 x3 1 x2-x1 2 x2-x3 3.1 7.24.6 minimal requirement Existential Zone Ideal

  38. Existential Zones – Computing Pre x1 x2 x3 1 x2-x1 2 x2-x3

  39. Existential Zones – Computing Pre x1 x2 x3 1 x2-x1 4 x 2 x 2 x2-x3 x1 x2 x4 x5 1 x2-x1 4 x4 2 x5

  40. Checking Safety Properties: Backward Reachability Analysis Pre Pre Pre Pre initial states bad states Existential Zones

  41. Termination Existential Zones BQO (and therefore WQO)

  42. Termination Existential Zones BQO (and therefore WQO) Theorem: Safety properties can be decided for TN(1)

  43. Multi-Clock Timed Networks – TN(K) x:=0 Timed Process: y>3 (two clocks) x<5 Parameterized Network: Configuration 2.31.45.2 3.7 1.0 8.1 x y 1.45.60.2 9.2 2.8 0.1

  44. Timed Transitions 2.31.45.2 3.7 1.0 8.1 x y 1.45.60.2 9.2 2.8 0.1 0.5 2.81.95.7 4.2 1.5 8.6 x 1.96.10.7 9.7 3.3 0.6 y

  45. Discrete Transitions y<5 x:=0 x>4 2.31.45.2 3.7 1.0 8.1 x y 1.45.60.2 9.2 2.8 0.1 2.3 0.0 5.2 3.7 1.0 8.1 x y 1.4 5.6 0.2 9.2 2.8 0.1

  46. x1 y1 x2 y2 1 y2 - x1 2 x2 - y1 xi and yi belong to the same process

  47. Checking Safety Properties: Backward Reachability Analysis Pre Pre Pre Pre initial states bad states Existential Zones

  48. Termination no longer guaranteed !! x1 y1 x2 y2 x3 y3 x4 y4 x1 < x2 < x3< x4 x3 x1 x2 x3 y1 = x2 y3 y1 y2 y3 y2 = x3 y3 = x4 y4 = x1

  49. Termination no longer guaranteed !! x1 y1 x2 y2 x1 < x2 y1 = x2 x1 x2 y1 y2 y2 = x1

  50. Termination no longer guaranteed !! x1 y1 x2 y2 x1 < x2 y1 = x2 x1 x2 y1 y2 y2 = x1 x1 y1 x2 y2 x3 y3 x1 < x2 < x3 x1 x2 x3 y1 = x2 y1 y2 y3 y2 = x3 y3 = x1

More Related