UPPAAL Model checking Timed Automata
合集下载
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
dacapo_sim fischer5 audio_big bando
2001
CDC’01 6 D EC 2001
14
Benchmarks (with optimizations)
50 45 40 35 Time (s) 30 25 20 15 10 5 0 1999 2000 date
regions: smallest distinguishable sets representing (unions of) zones:
y 2 -2 x 3 8 0 1 -4 8 -3 -8 3 2 -2
zones: convex unions of regions DBMs, CDDs, DDDs, ...
Actor
Protocol
(
model req? ack?
)
model
Actor
Model of Actor I
Model of Actor II
UPPAAL Model
model-
check
Termination
CDC’01 6 D EC 2001
Time Bounds
¨ M. O LIVER M OLLER :
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
2
U PPAAL: Model checking Timed Automata
x == 5
C
count == 3
A
x≤5
B
count : = count+1
D
clock x; int count network of timed automata discrete data types arrays hand-shake synchronization urgency
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER :
template mechanism committed locations forward state-space exploration
y 1 <= x <= 4 1 <= y <= 2
n x>3
x
y := 0
m
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
5
Symbolic Transitions
y 1 <= x <= 4 1 <= y <= 2 y 1 <= x 1 <= y
regions: smallest distinguishable sets representing (unions of) zones:
y 2 -2 x 3 8 0 1 -4 8 -3 -8 3 2 -2
zones: convex unions of regions DBMs, CDDs, DDDs, ...
x
[1 ; 2) [2 ; 3]
z
y
[0;2] y-x ( oo ; -1 ]
y
[0;2]
difference-bounded matrices canonical static
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER :
clock difference diagrams non-canonical flexible
n x>3
x y
delays to
-2 <= x-y <= 3 x y 3<x 1 <= y
intersects to
y := 0
y 3<x 1 <= y
x
-2 <= x-y <= 3 x
m
-2 <= x-y <= 3 x
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
2.00
2.04
2.08 2.12 Version
2.16
2.19
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
12
Internal Optimizations
× committed locations (to reduce interleavings) × active clock reduction × variation of search order × local reduction (compact DBM representation) × global reduction (remove covered states from Passed) ≈ convex hull over-approximation [safe] ≈ bit-state hashing [sound] ... and of course: a lot of software engineering!
@ many other places David Griffioen, Ansgar Fehnker, Frits Vandraager, Klaus Havelund, Theo Ruys, Pedro DArgenio, J-P Katoen, J. Tretmans, Judi Romijn, Ed Brinksma, Franck Cassez, Magnus Lindahl, Francois Laroussinie, Patricia Bouyer, Augusto Burgueno, H. Bowmann, D. Latella, M. Massink, G. Faconti, Kristina Lundqvist, Lars Asplund, Justin Pearson, ...
UPPAAL – P RESENT AND F UTURE
7
Symbolic Transitions
y 1 <= x <= 4 1 <= y <= 2 y 1 <= x 1 <= y
n x>3
x y
delays to
-2 <= x-y <= 3 x y 3<x 1 <= y
intersects to
2
Uppsala University,
3
ª BRICS Arhus
1 Model-checking Timed Automata 2 Internal Optimizations 3 Applications: Protocols & Controllers 4 Extensions of the Modeling Language
Editor Simulator Verifier
Engine
command line .xml file .ta file
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
16
Communication Protocols
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
13
Benchmarks (without optimizations)
50 45 40 35 Time (s) 30 25 20 15 10 5 0 1999 2000 date
Deadlock-Freedom
UPPAAL – P RESENT AND F UTURE
17
Case Studies: Protocols
Philips Audio Protocol [HS95, CAV95, RTSS95, CAV96] Collision-Avoidance Protocol [SPIN95] Bounded Retransmission Protocol [TACAS97] Bang & Olufsen Audio/Video Protocol [RTSS97] TDMA Protocol [PRFTS97] Lip-Synchronization Protocol [FMICS97] Multimedia Streams [DSVIS98] ATM ABR Protocol [CAV99] ABB Fieldbus Protocol [ECRTS2k] IEEE 1394 Firewire Root Contention [STTT’01]
difference-bounded matrices canonical static
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
9
Sets of Clock-Evaluations
y−x≤0
Baidu Nhomakorabea
1≤x<3∧y ≤2∧y−x≤0
UPPAAL – P RESENT AND F UTURE
3
Symbolic Transitions
n x>3
y := 0
m
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
4
Symbolic Transitions
n x>3
x y
delays to
-2 <= x-y <= 3 x
y := 0
x
m
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
6
Symbolic Transitions
y 1 <= x <= 4 1 <= y <= 2 y 1 <= x 1 <= y
¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
dacapo_sim fischer5 audio_big bando ’’ ’’ ’’ ’’
2001
CDC’01 6 D EC 2001
15
Architecture of U PPAAL
GUI
y := 0
y 3<x 1 <= y
x y
-2 <= x-y <= 3 x
m
projects to
-2 <= x-y <= 3 x
3<x y=0 x
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
8
Sets of Clock-Evaluations
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
1
Collaborators
@ UPPsala Wang Yi Johan Bengtsson Paul Pettersson Fredrik Larsson Alexandre David Tobias Amnell Elena Fersmann @ AALborg Kim G. Larsen Arne Skou Carsten Weise ª Kare J. Kristoffersen Gerd Behrmann Thomas Hune ¨ M. Oliver Moller
UPPAAL – P RESENT AND F UTURE
11
Engineering Improvements Dec ’96 - Sept ’98
300 250 Time (s) 200 150 100 50 0
Philips Protocol with Collision Handling Start-up of TDMA Protocol Fischer’s Protocol
y−x≤0
1≤x<3∧y ≤2∧y−x≤0
regions: smallest distinguishable sets representing (unions of) zones:
y 2 x 3 0 -2 -3 z
zones: convex unions of regions DBMs, CDDs, DDDs, ...
z
difference-bounded matrices canonical static
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
10
Sets of Clock-Evaluations
y−x≤0
1≤x<3∧y ≤2∧y−x≤0
U PPAAL - Present and Future
¨ Gerd Behrmann1 , Alexandre David2 , Kim G. Larsen1 , M. Oliver Moller3 , Paul Pettersson2 , Wang Yi2
1
Aalborg University, Outline:
dacapo_sim fischer5 audio_big bando
2001
CDC’01 6 D EC 2001
14
Benchmarks (with optimizations)
50 45 40 35 Time (s) 30 25 20 15 10 5 0 1999 2000 date
regions: smallest distinguishable sets representing (unions of) zones:
y 2 -2 x 3 8 0 1 -4 8 -3 -8 3 2 -2
zones: convex unions of regions DBMs, CDDs, DDDs, ...
Actor
Protocol
(
model req? ack?
)
model
Actor
Model of Actor I
Model of Actor II
UPPAAL Model
model-
check
Termination
CDC’01 6 D EC 2001
Time Bounds
¨ M. O LIVER M OLLER :
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
2
U PPAAL: Model checking Timed Automata
x == 5
C
count == 3
A
x≤5
B
count : = count+1
D
clock x; int count network of timed automata discrete data types arrays hand-shake synchronization urgency
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER :
template mechanism committed locations forward state-space exploration
y 1 <= x <= 4 1 <= y <= 2
n x>3
x
y := 0
m
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
5
Symbolic Transitions
y 1 <= x <= 4 1 <= y <= 2 y 1 <= x 1 <= y
regions: smallest distinguishable sets representing (unions of) zones:
y 2 -2 x 3 8 0 1 -4 8 -3 -8 3 2 -2
zones: convex unions of regions DBMs, CDDs, DDDs, ...
x
[1 ; 2) [2 ; 3]
z
y
[0;2] y-x ( oo ; -1 ]
y
[0;2]
difference-bounded matrices canonical static
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER :
clock difference diagrams non-canonical flexible
n x>3
x y
delays to
-2 <= x-y <= 3 x y 3<x 1 <= y
intersects to
y := 0
y 3<x 1 <= y
x
-2 <= x-y <= 3 x
m
-2 <= x-y <= 3 x
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
2.00
2.04
2.08 2.12 Version
2.16
2.19
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
12
Internal Optimizations
× committed locations (to reduce interleavings) × active clock reduction × variation of search order × local reduction (compact DBM representation) × global reduction (remove covered states from Passed) ≈ convex hull over-approximation [safe] ≈ bit-state hashing [sound] ... and of course: a lot of software engineering!
@ many other places David Griffioen, Ansgar Fehnker, Frits Vandraager, Klaus Havelund, Theo Ruys, Pedro DArgenio, J-P Katoen, J. Tretmans, Judi Romijn, Ed Brinksma, Franck Cassez, Magnus Lindahl, Francois Laroussinie, Patricia Bouyer, Augusto Burgueno, H. Bowmann, D. Latella, M. Massink, G. Faconti, Kristina Lundqvist, Lars Asplund, Justin Pearson, ...
UPPAAL – P RESENT AND F UTURE
7
Symbolic Transitions
y 1 <= x <= 4 1 <= y <= 2 y 1 <= x 1 <= y
n x>3
x y
delays to
-2 <= x-y <= 3 x y 3<x 1 <= y
intersects to
2
Uppsala University,
3
ª BRICS Arhus
1 Model-checking Timed Automata 2 Internal Optimizations 3 Applications: Protocols & Controllers 4 Extensions of the Modeling Language
Editor Simulator Verifier
Engine
command line .xml file .ta file
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
16
Communication Protocols
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
13
Benchmarks (without optimizations)
50 45 40 35 Time (s) 30 25 20 15 10 5 0 1999 2000 date
Deadlock-Freedom
UPPAAL – P RESENT AND F UTURE
17
Case Studies: Protocols
Philips Audio Protocol [HS95, CAV95, RTSS95, CAV96] Collision-Avoidance Protocol [SPIN95] Bounded Retransmission Protocol [TACAS97] Bang & Olufsen Audio/Video Protocol [RTSS97] TDMA Protocol [PRFTS97] Lip-Synchronization Protocol [FMICS97] Multimedia Streams [DSVIS98] ATM ABR Protocol [CAV99] ABB Fieldbus Protocol [ECRTS2k] IEEE 1394 Firewire Root Contention [STTT’01]
difference-bounded matrices canonical static
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
9
Sets of Clock-Evaluations
y−x≤0
Baidu Nhomakorabea
1≤x<3∧y ≤2∧y−x≤0
UPPAAL – P RESENT AND F UTURE
3
Symbolic Transitions
n x>3
y := 0
m
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
4
Symbolic Transitions
n x>3
x y
delays to
-2 <= x-y <= 3 x
y := 0
x
m
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
6
Symbolic Transitions
y 1 <= x <= 4 1 <= y <= 2 y 1 <= x 1 <= y
¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
dacapo_sim fischer5 audio_big bando ’’ ’’ ’’ ’’
2001
CDC’01 6 D EC 2001
15
Architecture of U PPAAL
GUI
y := 0
y 3<x 1 <= y
x y
-2 <= x-y <= 3 x
m
projects to
-2 <= x-y <= 3 x
3<x y=0 x
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
8
Sets of Clock-Evaluations
CDC’01 6 D EC 2001
¨ M. O LIVER M OLLER :
UPPAAL – P RESENT AND F UTURE
1
Collaborators
@ UPPsala Wang Yi Johan Bengtsson Paul Pettersson Fredrik Larsson Alexandre David Tobias Amnell Elena Fersmann @ AALborg Kim G. Larsen Arne Skou Carsten Weise ª Kare J. Kristoffersen Gerd Behrmann Thomas Hune ¨ M. Oliver Moller
UPPAAL – P RESENT AND F UTURE
11
Engineering Improvements Dec ’96 - Sept ’98
300 250 Time (s) 200 150 100 50 0
Philips Protocol with Collision Handling Start-up of TDMA Protocol Fischer’s Protocol
y−x≤0
1≤x<3∧y ≤2∧y−x≤0
regions: smallest distinguishable sets representing (unions of) zones:
y 2 x 3 0 -2 -3 z
zones: convex unions of regions DBMs, CDDs, DDDs, ...
z
difference-bounded matrices canonical static
CDC’01 6 D EC 2001 ¨ M. O LIVER M OLLER : UPPAAL – P RESENT AND F UTURE
10
Sets of Clock-Evaluations
y−x≤0
1≤x<3∧y ≤2∧y−x≤0
U PPAAL - Present and Future
¨ Gerd Behrmann1 , Alexandre David2 , Kim G. Larsen1 , M. Oliver Moller3 , Paul Pettersson2 , Wang Yi2
1
Aalborg University, Outline: