Model Checking Parameterized Timed Systems (original) (raw)
Related papers
Undecidability of LTL for Timed Petri Nets
2002
We show undecidability of (action based) linear-time temporal logic (LTL) for timed Petri nets. This is to be contrasted with decidability of both the problem of checking safety properties for timed Petri nets, and the problem of checking LTL formulae for (untimed) Petri nets. The undecidability result is shown through a reduction from a similar problem for lossy counter machines [May00].
Decidability of Properties of Timed-Arc Petri Nets
Lecture Notes in Computer Science, 2000
Timed-arc Petri nets (TAPN's) are not Turing powerful, because, in particular, they cannot simulate a counter with zero testing. Thus, we could think that this model does not increase significantly the expressiveness of untimed Petri nets. But this is not true; in a previous paper we have shown that the differences between them are big enough to make the reachability problem undecidable. On the other hand, coverability and boundedness are proved now to be decidable. This fact is a consequence of the close interrelationship between TAPN's and transfer nets, for which similar results have been recently proved. Finally, we see that if dead tokens are defined as those that cannot be used for firing any transition in the future, we can detect these kind of tokens in an effective way.
Using Forward Reachability Analysis for Verification of Timed Petri Nets
Nord. J. Comput., 2007
We consider verification of safety properties for concurrent real-timed systems modelled as timed Petri nets by performing symbolic forward reachability analysis. We introduce a formalism, called region generators, for representing sets of markings of timed Petri nets. Region generators characterize downward closed sets of regions and provide exact abstractions of sets of reachable states with respect to safety properties. We show that the standard operations needed for performing symbolic reachability analysis are computable for region generators. Since forward reachability analysis is necessarily incomplete, we introduce an acceleration technique to make the procedure terminate more often on practical examples. We have implemented a prototype for analyzing timed Petri nets and used it to verify a parameterized version of Fischer's protocol, Lynch and Shavit's mutual exclusion protocol and a producer-consumer protocol. We also used the tool to extract finite-state abstracti...
Dense-Timed Petri Nets: Checking Zenoness, Token liveness and Boundedness
Logical Methods in Computer Science, 2007
We consider Dense-Timed Petri Nets (TPN), an extension of Petri nets in which each token is equipped with a real-valued clock and where the semantics is lazy (i.e., enabled transitions need not fire; time can pass and disable transitions). We consider the following verification problems for TPNs. (i) Zenoness: whether there exists a zeno-computation from a given marking, i.e., an infinite computation which takes only a finite amount of time. We show decidability of zenoness for TPNs, thus solving an open problem from [dFERA00]. Furthermore, the related question if there exist arbitrarily fast computations from a given marking is also decidable. On the other hand, universal zenoness, i.e., the question if all infinite computations from a given marking are zeno, is undecidable. (ii) Token liveness: whether a token is alive in a marking, i.e., whether there is a computation from the marking which eventually consumes the token. We show decidability of the problem by reducing it to the coverability problem, which is decidable for TPNs. (iii) Boundedness: whether the size of the reachable markings is bounded. We consider two versions of the problem; namely semantic boundedness where only live tokens are taken into consideration in the markings, and syntactic boundedness where also dead tokens are considered. We show undecidability of semantic boundedness, while we prove that syntactic boundedness is decidable through an extension of the Karp-Miller algorithm.
Comparing the Expressiveness of Timed Automata and Timed Extensions of Petri Nets
Lecture Notes in Computer Science
Time dependant models have been intensively studied for many reasons, among others because of their applications in software verification and due to the development of embedded platforms where reliability and safety depend to a large extent on the time features. Many of the time dependant models were suggested as real-time extensions of several well-known untimed models. The most studied formalisms include Networks of Timed Automata which extend the model of communicating finite-state machines with a finite number of real-valued clocks, and timed extensions of Petri nets where the added time constructs include e.g. time intervals that are assigned to the transitions (Time Petri Nets) or to the arcs (Timed-Arc Petri Nets). In this paper, we shall semiformally introduce these models, discuss their strengths and weaknesses, and provide an overview of the known results about the relationships among the models.
Parameterized Model-Checking for Timed-Systems with Conjunctive Guards (Extended Version)
ArXiv, 2014
In this work we extend the Emerson and Kahlon's cutoff theorems for process skeletons with conjunctive guards to Parameterized Networks of Timed Automata, i.e. systems obtained by an \emph{apriori} unknown number of Timed Automata instantiated from a finite set U1,dots,UnU_1, \dots, U_nU1,dots,Un of Timed Automata templates. In this way we aim at giving a tool to universally verify software systems where an unknown number of software components (i.e. processes) interact with continuous time temporal constraints. It is often the case, indeed, that distributed algorithms show an heterogeneous nature, combining dynamic aspects with real-time aspects. In the paper we will also show how to model check a protocol that uses special variables storing identifiers of the participating processes (i.e. PIDs) in Timed Automata with conjunctive guards. This is non-trivial, since solutions to the parameterized verification problem often relies on the processes to be symmetric, i.e. indistinguishable. On the other side, many popular distributed algorithms make use of PIDs and thus cannot directly apply those solutions.
Parameterized Model-Checking for Timed Systems with Conjunctive Guards
In this work we extend the Emerson and Kahlon's cutoff theorems for process skeletons with conjunctive guards to Parameterized Networks of Timed Automata, i.e. systems obtained by an apriori unknown number of Timed Automata instantiated from a finite set U1, . . . , Un of Timed Automata templates. In this way we aim at giving a tool to universally verify software systems where an unknown number of software components (i.e. processes) interact with continuous time temporal constraints. It is often the case, indeed, that distributed algorithms show an heterogeneous nature, combining dynamic aspects with real-time aspects. In the paper we will also show how to model check a protocol that uses special variables storing identifiers of the participating processes (i.e. PIDs) in Timed Automata with conjunctive guards. This is non-trivial, since solutions to the parameterized verification problem often relies on the processes to be symmetric, i.e. indistinguishable. On the other side, many popular distributed algorithms make use of PIDs and thus cannot directly apply those solutions.
Bounded Parametric Verification for Distributed Time Petri Nets with Discrete-Time Semantics
Fundamenta Informaticae, 2010
Bounded Model Checking (BMC) is an efficient technique applicable to verification of temporal properties of (timed) distributed systems. In this paper we show for the first time how to apply BMC to parametric verification of time Petri nets with discrete-time semantics. The properties are expressed by formulas of the logic PRTECTL -a parametric extension of the existential fragment of Computation Tree Logic (CTL).
Comparison of the Expressiveness of Timed Automata and Time Petri Nets
Lecture Notes in Computer Science, 2005
In this paper we consider the model of Time Petri Nets (TPN) where time is associated with transitions. We also consider Timed Automata (TA) as defined by Alur & Dill, and compare the expressiveness of the two models w.r.t. timed language acceptance and (weak) timed bisimilarity. We first prove that there exists a TA A s.t. there is no TPN (even unbounded) that is (weakly) timed bisimilar to A. We then propose a structural translation from TA to (1-safe) TPNs preserving timed language acceptance. Further on, we prove that the previous (slightly extended) translation also preserves weak timed bisimilarity for a syntactical subclass T Asyn(≤, ≥) of TA. For the theory of TPNs, the consequences are: 1) TA, bounded TPNs and 1-safe TPNs are equally expressive w.r.t. timed language acceptance; 2) TA are strictly more expressive than bounded TPNs w.r.t. timed bisimilarity; 3) The subclass T Asyn(≤, ≥), bounded and 1-safe TPNs "à la Merlin" are equally expressive w.r.t. timed bisimilarity.
Model Checking of Time Petri Nets
Petri Net, Theory and Applications, 2008
This paper considers time Petri nets (TPN model) for model checking. The main challenge in model checking techniques is to construct, with lesser resources (time and space), a much coarser abstraction preserving properties of interest. These properties can be verified using standard model checking techniques. In this paper, we review some techniques, proposed in the literature, to model check untimed and timed properties of the TPN.