Zones From infinte to finite - PowerPoint PPT Presentation

About This Presentation
Title:

Zones From infinte to finite

Description:

Verifikation af realtids systemer i UPPAAL Kim G. Larsen BRICS_at_Aalborg – PowerPoint PPT presentation

Number of Views:110
Avg rating:3.0/5.0
Slides: 62
Provided by: cs1116
Category:

less

Transcript and Presenter's Notes

Title: Zones From infinte to finite


1
Verifikation af realtids systemer i UPPAAL
Kim G. LarsenBRICS_at_Aalborg
2
Research ProfileDistributed Systems Semantics
Unit
3
BRICS Machine Basic Research in Computer Science
304040 Millkr
100
100
Tools
Other revelvant projects UPPAAL, VHS,
VVS, WOODDES
Aarhus
Aalborg
4
Tools and BRICS
Applications
visualSTATE
UPPAAL
SPIN
PVS
HOL
ALF
TLP
  • Semantics
  • Concurrency Theory
  • Abstract Interpretation
  • Compositionality
  • Models for real-time
  • hybrid systems
  • Algorithmic
  • (Timed) Automata Theory
  • Graph Theory
  • BDDs
  • Polyhedra Manipulation
  • Logic
  • Temporal Logic
  • Modal Logic
  • MSOL

5
A REAL real time system
Klaus Havelund, NASA
6
Embedded Systems
SyncMaster 17GLsi
Mobile Phone
Telephone
Digital Watch
Tamagotchi
7
Introducing, Detecting and Repairing Errors
Liggesmeyer 98
8
Introducing, Detecting and Repairing Errors
Liggesmeyer 98
9
Suggested Solution?
  • Model based
  • validation, verfication and testing of software
    and hardware

10
Verification Validation
Analysis
Design Model
Specification
Implementation
Testing
11
Verification Validation
Analysis
Validation
Design Model
Specification
Verification Refusal
UML
SDL
Implementation
Testing
12
Verification Validation
Analysis
Validation
Design Model
Specification
Verification Refusal
UML
Model Extraction
SDL
Automatic Code generation
Implementation
Testing
13
Verification Validation
Analysis
Validation
Design Model
Specification
Verification Refusal
UML
Model Extraction
SDL
Automatic Test generation
Automatic Code generation
Implementation
Testing
14
How?
  • Unified Model State Machine!

y!
b?
a
Output ports
x
Input ports
b?
y
b
a?
x!
Control states
15
Tamagotchi
C
A
B
ALIVE
Passive
Feeding
Light
Meal
A
B
A
Health Health-1
A
B
Clean
Care
Snack
A
Health0 or Age2.000
A
A
Play
Discipline
Medicine
DEAD
Tick
A
A
HealthHealth-1 AgeAge1
16
SYNCmaster
17
Digital Watch
18
visualSTATE
VVS w Baan Visualstate, DTU (CIT project)
  • Hierarchical state systems
  • Flat state systems
  • Multiple and inter-related state machines
  • Supports UML notation
  • Device driver access

19
The SDL Editor
The SDL Editor
Process level
20
SPIN, Gerald Holzmann ATT
21
UPPAAL
22
State Explosion problem
M2
M1
a
1
2
c
b
4
3
M1 x M2
1,a
4,a
1,b
2,b
1,c
2,c
3,a
4,a
3,b
4,b
3,c
4,c
Provably theoretical intractable
All combinations exponential in no. of
components
23
Train Simulator
VVS visualSTATE
1421 machines 11102 transitions 2981 inputs 2667
outputs 3204 local states Declare state sp.
10476
BUGS ?
Our techniuqes has reduced verification time
with several orders of magnitude (ex 14 days to
6 sec)
24
Tool Support (model checking)
System Description A
No! Debugging Information
TOOL
Yes, Prototypes Executable Code Test
sequences
Requirement F
Tools Telelogic, Verilog, UPPAAL,
SPIN, MV, Statemate, visualSTATE, FormalCheck,
VeriSoft, Java Pathfinder,
25
www.uppaal.com
UPPAAL
Modelling and Verification of Real Time systems
UPPAAL2k gt 800 users gt 35 countries
26
Collaborators
  • _at_AALborg
  • Kim G Larsen
  • Arne Skou
  • Paul Pettersson
  • Carsten Weise
  • Kåre J Kristoffersen
  • Gerd Behrman
  • Thomas Hune
  • Oliver Möller
  • Nicky Oliver Bodentien
  • Lasse Poulsen
  • _at_UPPsala
  • Wang Yi
  • Johan Bengtsson
  • Paul Pettersson
  • Fredrik Larsson
  • Alexandre David
  • Tobias Amnell
  • Oliver Möller
  • _at_Elsewhere
  • David Griffioen, Ansgar Fehnker, Frits
    Vandraager, Klaus Havelund, Theo Ruys, Pedro
    DArgenio, J-P Katoen, J. Tretmans,Judi Romijn,
    Ed Brinksma, Franck Cassez, Magnus Lindahl,
    Francois Laroussinie, Patricia Bouyer, Augusto
    Burgueno, H. Bowmann, D. Latella, M. Massink, G.
    Faconti, Kristina Lundqvist, Lars Asplund, Justin
    Pearson...

27
Hybrid Real Time Systems
Computer Science
Control Theory
sensors
Task
Task
Task
Task
actuators
Controller Program Discrete
Plant Continuous
Eg.
Pump Control Air Bags Robots Cruise
Control ABS CD Players Production Lines
Real Time System A system where correctness not
only depends on the logical order of events but
also on their timing
28
Construction of UPPAAL models
Controller Program Discrete
Plant Continuous
sensors
Task
Task
Task
Model of tasks (automatic?)
Task
actuators
Model of environment (user-supplied)
UPPAAL Model
29
Timed Automata
Alur Dill 1990
Clocks x, y
Guard Boolean combination of integer bounds on
clocks and clock-differences.
n
Reset Action perfomed on clocks
Action used for synchronization
xlt5 ygt3
State ( location , xv , yu ) where v,u are
in R
a
Transitions
x 0
a
( n , x2.4 , y3.1415 )
( m , x0 , y3.1415 )
m
e(1.1)
( n , x2.4 , y3.1415 )
( n , x3.5 , y4.2415 )
30
Timed Automata Invariants
n
Clocks x, y
xlt5
Transitions
xlt5 ygt3
e(3.2)
Location Invariants
( n , x2.4 , y3.1415 )

a
e(1.1)
( n , x2.4 , y3.1415 )
( n , x3.5 , y4.2415 )
x 0
m
Invariants ensure progress!!
ylt10
g4
g1
g3
g2
31
The UPPAAL Model Networks of Timed Automata
Integer Variables .
m1
l1
Two-way synchronization on complementary
actions. Closed Systems!
xgt2 i3
ylt4
.

a!
a?

x 0 ii4

l2
m2
Example transitions
(l1, m1,, x2, y3.5, i3,..)
(l2,m2,..,x0, y3.5, i7,..)
(l1,m1,,x2.2, y3.7, I3,..)
tau
0.2
If a URGENT CHANNEL
32
Timed Automata in UPPAAL
  • Timed (Safety) Automata urgent actions
    urgent locations committed locations
    data-variables (with bounded domains) arrays of
    data-variables constants guards and
    assignments over data-variables and arrays
    templates with local clocks, data-variables, and
    constants.

33
Declarations in UPPAAL
clock x1, , xn int i1, , im chan a1, ,
ao const c1 n1, , cp np Examples clock x,
y int i, J0 int0,1 k5 const delay 5, true
1, false 0
Array k of five booleans.
34
Timed Automata in UPPAAL
location invariants
clock assignments
n
xlt5
clock assignments
clock natural number and
xlt5 ygt3
a
clock guards
x 0
data guards
m
ylt10
g4
g1
g3
g2
35
Urgent Channels
urgent chan hurry
  • Informal Semantics
  • There will be no delay if transition with urgent
    action can be taken.Restrictions
  • No clock guard allowed on transitions with
    urgent actions.
  • Invariants and data-variable guards are allowed.

36
Urgent Locations
Click Urgent in State Editor.
  • Informal Semantics
  • No delay in urgent location.Note the use of
    urgent locations reduces the number of clocks
  • in a model, and thus the complexity of the
    analysis.

37
Committed Locations
Click Committed in State Editor.
  • Informal Semantics
  • No delay in committed location.
  • Next transition must involve automata in
    committed location. Note the use of committed
    locations reduces the number of
  • clocks in a model, and allows for more space and
    time efficient
  • analysis.

38
UPPAAL Specification Language
  • A p (AG p)
  • Eltgt p (EF p)
  • p a.l gd gc p and p
  • p or p not p p imply p
  • ( p )

clock guards
data guards
process location
39
BRICK SORTING
40
First UPPAAL modelSorting of Lego Boxes
Ken Tindell
Piston
Boxes
eject
remove
99
Conveyer Belt
red
81
18
90
9
Blck Rd
Controller
Black
MAIN
PUSH
Exercise Design Controller so that only
black boxes are being pushed out

41
NQC programs
int active int DELAY int LIGHT_LEVEL
task MAIN DELAY75 LIGHT_LEVEL35
active0 Sensor(IN_1, IN_LIGHT)
Fwd(OUT_A,1) Display(1) start PUSH
while(true) wait(IN_1ltLIGHT_LEVEL)
ClearTimer(1) active1 PlaySound(1)
wait(IN_1gtLIGHT_LEVEL)
task PUSH while(true) wait(Timer(1)gtDELAY
active1) active0 Rev(OUT_C,1)
Sleep(8) Fwd(OUT_C,1) Sleep(12)
Off(OUT_C)
42
From RCX to UPPAAL
Task MAIN
  • Model includes Round-Robin Scheduler.
  • Compilation of RCX tasks into TA models.
  • Presented at ECRTS 2000

43
The Production Cell Course at DTU, Copenhagen
Production Cell
44
TRAIN CROSSING
45
Train Crossing
Stopable Area
10,20
3,5
Crossing
7,15
River
Queue
Gate
46
Train Crossing
Communication via channels and shared variable.
Stopable Area
10,20
appr, stop
3,5
leave
Crossing
7,15
el
go
River
empty nonempty hd, add,rem
Queue
Gate
47
Communication Protocols
  • CSMA/CD
  • BRP

48
CSMA/CD protocol MAC layer
EVENTS
send - service provided by Mac which reacts by
transmitting a message, rec - (receive)
service provided by Mac, indicates that
a message is ready to be received, b - (begin)
Mac begins message transmission to M, e - (end)
Mac terminates message transmission to M, br -
(begin receive) M begins message delivery to Mac,
er - (end receive) M terminates message delivery
to Mac, b - (collision) Mac is notified that a
collision has occurred on M.
49
Philips Bounded Retransmission Protocol
  • DArgenio et.al. 97

50
Protocol Overview
  • Protocol developed by Philips.
  • Transfer data between Audio/Video components via
    infra-red communication.
  • Data files sent in smaller chunks.
  • Problem Unreliable communication medium.
  • Sender retransmit if receiver respond too late.
  • Receiver abort if sender sends too late.

51
Overview of BRP
Input file p1, , pn
Output p1, , pn
Sender
Receiver
S
R
BRP
pi
K
lossy
ack
L
lossy
52
How It Works
more parts will follow
  • Sender input file p1, , pn.
  • S sends (p1,FST,0), (p2,INC,1), ,
    (pn-1,INC,1), (pn,OK,0).
  • R sends ack, , ack.
  • S retransmits pi if timeout.
  • Receiver recives p1, , pn.
  • Sender and Receiver receives NOK or OK.

first part of file
whole file OK
53
Case Studies Protocols
  • Philips Audio Protocol HS95, CAV95, RTSS95,
    CAV96
  • Collision-Avoidance Protocol SPIN95
  • Bounded Retransmission Protocol TACAS97
  • Bang Olufsen Audio/Video Protocol RTSS97
  • TDMA Protocol PRFTS97
  • Lip-Synchronization Protocol FMICS97
  • Multimedia Streams DSVIS98
  • ATM ABR Protocol CAV99
  • ABB Fieldbus Protocol ECRTS2k
  • IEEE 1394 Firewire Root Contention (2000)

54
Case-Studies Controllers
  • Gearbox Controller TACAS98
  • Bang Olufsen Power Controller
    RTPS99,FTRTFT2k
  • SIDMAR Steel Production Plant RTCSA99, DSVV2k
  • Real-Time RCX Control-Programs ECRTS2k
  • Experimental Batch Plant (2000)
  • RCX Production Cell (2000)

55
BRP Model Overview
Input file p1, , pn
Output p1, , pn
Sender
Receiver
ok, nok, dk
IND, ok, nok
S
R
BRP
(pi,INDication,abit)
K
lossy
L
lossy
ack
56
The Lossy Media
one-place capacity
delay
value-passing
lossy may drop messages
57
Bounded Retransmission
  • S sends a chunk pi and waits for ack from R.
  • If timeout the chunk is retransmitted.
  • If too many timeout the transmission fails (NOK
    is sent to Sender).
  • If whole file successfully sent OK is sent to
    Sender.
  • Receiver is similar.

58
Process S
59
Process R
60
The Sender and Receiver
61
If you want to know more
  • Test Verification
  • http//www.cs.auc.dk/ejersbo/tov/Plan.html
  • BRICS_at_Aalborg
  • http//www.cs.auc.dk/research/FS/
  • UPPAAL
  • http//www.uppaal.com
  • WOODDES, ATT (VHS)
  • http//www.docs.uu.se/docs/rtmv/wooddes/
  • http//www-verimag.imag.fr/VHS/main.html
  • Strategic Directions in Computing Research Formal
    Methods Working Group, ACM June 1996
  • http//www.cs.cmu.edu/afs/cs/usr/wing/www/mit/mit.
    html
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Zones From infinte to finite" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!