Mechanical verification of timed automata: a case study (original) (raw)
Related papers
Modeling Timed Automata Theory in PVS
A mechanized system called FVofTA (Formal Verification of Timed Automata) for specifying and reasoning about real-time systems using TA (Timed Automata) theory in PVS (Prototype Verification System) is proposed in this paper. This system includes two parts: one for modeling real-time system using TA template in PVS and the other for proof intending for formal verification of real-times system. The first part of this system is given via a case study in this paper. The formal verification results for this case study show that our modeling method is effective. The method used in this system reflects the nature of the theory TA modeling and is easily grasped by the general user. specification and verification of real-time systems modeled as TA. Then we introduce the application of the methods of mechanical proof (7). The methods used in this paper are part of FVofTA under development. FVofTA will provide a mechanical assistance that allows humans to specify and reason about real-time sy...
TAME: A Specialized Specification and Verification System for Timed Automata
1996
Assuring the correctness of speci cations of realtime systems can involve signi cant human e ort. The use of a mechanical theorem prover to encode such speci cations and to verify their properties could signicantly reduce this e ort. A barrier to routinely encoding and mechanically verifying speci cations has been the need rst to master the speci cation language and logic of a general theorem proving system. Our approach to overcoming this barrier is to provide mechanical support for producing speci cations and verifying proofs, specialized for particular mathematical models and proof techniques. We are currently developing a mechanical veri cation system called T AME Timed Automata Modeling Environment that provides this specialized support using SRI's Prototype V eri cation System PVS. Our system is intended t o p ermit steps in reasoning similar to those in hand proofs that use model-speci c techniques. TAME has recently been used to detect errors in a realistic example.
Translating Timed I/O Automata Specifications for Theorem Proving in PVS
Lecture Notes in Computer Science, 2005
The timed input/output automaton modeling framework is a mathematical framework for specification and analysis of systems that involve discrete and continuous evolution. In order to employ an interactive theorem prover in deducing properties of a timed input/output automaton, its statetransition based description has to be translated to the language of the theorem prover. This thesis describes a tool for translating from TIOA, the formal language for describing timed input/output automata, to the language of the Prototype Verification System (PVS)-a specification system with an integrated interactive theorem prover. We describe the translation scheme, discuss the design decisions, and briefly present case studies to illustrate the application of the translator in the verification process.
Verification of continuous dynamical systems by timed automata
Formal Methods in System Design, 2011
This paper presents a method for abstracting continuous dynamical systems by timed automata. The abstraction is based on partitioning the state space of a dynamical system using positive invariant sets, which form cells that represent locations of a timed automaton. The abstraction is intended to enable formal verification of temporal properties of dynamical systems without simulating any system trajectory, which is currently not possible. Therefore, conditions for obtaining sound, complete, and refinable abstractions are set up. The novelty of the method is the partitioning of the state space, which is generated utilizing sub-level sets of Lyapunov functions, as they are positive invariant sets. It is shown that this partition generates sound and complete abstractions. Furthermore, the complete abstractions can be composed of multiple timed automata, allowing parallelization of the verification process. The proposed abstraction is applied to two examples, which illustrate how sound and complete abstractions are generated and the type of specification we can check. Finally, an example shows how the compositionality of the abstraction can be used to analyze a high-dimensional system.
Verifying Hybrid Systems Modeled as Timed Automata: A Case Study
1997
Verifying properties of hybrid systems can be highly complex. To reduce the effort required to produce a correct proof, the use of mechanical verification techniques is promising. Recently, we extended a mechanical verification system, originally developed to reason about deterministic real-time automata, to verify properties of hybrid systems. To evaluate our approach, we applied our extended proof system to a solution, based on the Lynch-Vaandrager timed automata model, of the Steam Boiler Controller problem, a hybrid systems benchmark. This paper reviews our mechanical verification system, which builds on SRI's Prototype Verification System (PVS), and describes the features we added to handle hybrid systems. It also discusses some errors we detected in applying our system to the benchmark problem. We conclude with a summary of insights we acquired in using our system to specify and verify hybrid systems.
From Timed Automata to Logic - and Back
BRICS Report Series, 1995
One of the most successful techniques for automatic verification is that of model checking. For finite automata there exist since long extremely efficient model-checking algorithms, and in the last few years these algorithms have been made applicable to the verification of real-time automata using the region-techniques of Alur and Dill. In this paper, we continue this transfer of existing techniques from the setting of finite (untimed) automata to that of timed automata. In particular, a timed logic L ν is put forward, which is sufficiently expressive that we for any timed automaton may construct a single characteristic L ν formula uniquely characterizing the automaton up to timed bisimilarity. Also, we prove decidability of the satisfiability problem for L ν with respect to given bounds on the number of clocks and constants of the timed automata to be constructed. None of these results have as yet been succesfully accounted for in the presence of time 1. * This work has been supported by the European Communities under CONCUR2, BRA 7166 † Basic Research in Computer Science, Centre of the Danish National Research Foundation. 1 An exception occurs in Alur's thesis [Alu91] in which a decidability result is presented for a linear timed logic called MITL.
Developing strategies for specialized theorem proving about untimed, timed, and hybrid I/O automata
In this paper we discuss how we intend to develop a specialized theorem proving environment for the Hybrid I/O Automata (HIOA) framework 6] over the PVS 10] theorem prover, and some of the issues involved. In particular, we describe approaches to using PVS that allow and encourage the development of useful proof strategies, and note some desired PVS features that would further help us to do so for our HIOA environment.
Proving properties of real-time systems through logical specifications and Petri net models
IEEE Transactions on Software Engineering, 1994
The problem of formally analyzing properties of real-time systems is addressed. A method is proposed that allows specifying system properties in the TRIO language (an extension of temporal logic suitable to deal explicitly with the "time" variable and to measure it) and modeling the system as a timed Petri net. It is argued that such an approach is more general than analyzing program properties. The proof method is based on an axiomatization of timed Petri nets in terms of TRIO so that their properties can be derived as suitable theorems in much the same spirit as classical Hoare's method allows proving properties of programs coded in a Pascal-like language. The method is then exemplified through two classical "benchmarks" of the literature on concurrent and real-time systems, namely an elevator system and the dining philosophers problem. A thorough review of the related literature and a comparison thereof with the new method is also provided. Possible alternative methods, theoretical extensions, and practical applications are briefly discussed.
Specifying and proving properties of timed I/O automata using Tempo
Design Automation for Embedded Systems, 2008
Timed I/O automata (TIOA) is a mathematical framework for modeling and verification of distributed systems that involve discrete and continuous dynamics. TIOA can be used for example, to model a real-time software component controlling a physical process. The TIOA model is sufficiently general to subsume other models in use for timed systems. The Tempo Toolset, currently under development, is aimed at supporting system development based on TIOA specifications. The Tempo Toolset is an extension of the IOA toolkit, which provides a specification simulator, a code generator, and both model checking and theorem proving support for analyzing specifications. This paper focuses on the modeling of timed systems and their properties with TIOA and on the use of TAME4TIOA, the TAME 1 (Timed Automata Modeling Environment) based theorem proving support provided in Tempo, for proving system properties, including timing properties. Several examples are provided by way of illustration.
Towards Integrated Verification of Timed Transition Models
Fundamenta Informaticae, 2006
This paper describes an attempt to combine theorem proving and model-checking to for- mally verify real-time systems in a discrete time setting. T he Timed Automata Modeling Environ- ment (TAME) has been modified to provide a formal model for Time Transition Models (TTMs) in the PVS proof checker. Strong and weak state-event observation equivalences are formalized in PVS for state-event