![Page 1: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/1.jpg)
Verification,Performance Analysis
andController Synthesis
ofReal Time Systems
Kim Guldstrand Larsen
using UPPAAL
![Page 2: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/2.jpg)
Inform
ationsteknologi
UCb
UPPAAL Branches
� Real TimeVerification
� Real Time Scheduling & Performance Evaluation
� Real TimeController Synthesis
� Real TimeTesting
CLASSICCLASSICCLASSIC
TIGATIGATIGA
CORACORACORA
TRONTRONTRON
Modeling FormalismTheoryAlg.& Datastr.ApplicationsOpen ProblemsDEMO’s
![Page 3: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/3.jpg)
Inform
ationsteknologi
UCb
Slides, Reading Material, Challenges,..
www.cs.aau.dk/~kgl/Marktoberdorf08
…/Material.html
![Page 4: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/4.jpg)
Inform
ationsteknologi
UCb
BRICS MachineBasic Research in Computer Science, 1993-2006
5+7+10 M Euro
100
100
Aalborg Aarhus
Tools
Other revelvant projectsARTIST, AMETIST
![Page 5: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/5.jpg)
Inform
ationsteknologi
UCb 5
Tools and BRICS
Logic• Temporal Logic• Modal Logic• MSOL ••
Algorithmic• (Timed) Automata Theory• Graph Theory• BDDs• Polyhedra Manipulation••
Semantics• Concurrency Theory• Abstract Interpretation• Compositionality• Models for real-time
& hybrid systems••
HOL TLP
Applications
PVS ALF
SPINvisualSTATE UPPAAL
1993-2006
![Page 6: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/6.jpg)
Inform
ationsteknologi
UCb
CISS
� National Competence Center 2002 sponsored by:
− Minstry of Tech. & Res. − North Jutland − Aalborg City− Aalborg University
� 40 projects� 20 CISS employees� 25 CISS ass. Res.
� 20 industrial PhDs
Center for Embedded Software Systems
![Page 7: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/7.jpg)
Inform
ationsteknologi
UCb
European Network of Excellence
Testing & VerificationCISS coordinator
ARTEMIS
32 partners
Joseph SifakisCo-winner of Turing Award 2007
ARTIST Director
![Page 8: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/8.jpg)
Inform
ationsteknologi
UCb
� 30-40% of production time is currently spend on elaborate, ad-hoc testing:
− Errors expensive and difficult to fix!
− The potential of existing/improved testing methods and tools is enormous!
− Time-to-market may be shortened considerable by verification and performance analyses of early designs!
Why Verification and Testing
![Page 9: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/9.jpg)
Inform
ationsteknologi
UCb
� IMPORTANCE for EMBEDDED SYSTEMS
− Often safety critical− Often economical critical− Hard to patch
� CHALLENGES for EMBEDDED SYSTEMS
− Correctness of embedded systems depend crucially on use of
resourcese.g. real-time, memory, bandwidth, energy.
− Need for quantitative models
Why Verification and Testing
![Page 10: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/10.jpg)
Modelling,Specification,
and Verification
Kim Guldstrand Larsen
using UPPAAL
CLASSICCLASSICCLASSIC
![Page 11: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/11.jpg)
Inform
ationsteknologi
Collaborators
@UPPsala− Wang Yi− Paul Pettersson− John Håkansson− Anders Hessel− Pavel Krcal− Leonid Mokrushin− Shi Xiaochun
@AALborg− Kim G Larsen− Gerd Behrman − Alexandre David− Jacob I. Rasmussen− Brian Nielsen− Arne Skou− Marius Mikucionis− Thomas Chatain
@Elsewhere− Emmanuel Fleury, Didier Lime, Johan Bengtsson, Fredrik Larsson, Kåre J
Kristoffersen, Tobias Amnell, Thomas Hune, Oliver Möller, Elena Fersman, Carsten Weise, David Griffioen, Ansgar Fehnker, Frits Vandraager, Theo Ruys, Pedro D’Argenio, J-P Katoen, Jan Tretmans, Judi Romijn, Ed Brinksma, Martijn Hendriks, Klaus Havelund, Franck Cassez, Magnus Lindahl, Francois Laroussinie, Patricia Bouyer, Augusto Burgueno, H. Bowmann, D. Latella, M. Massink, G. Faconti, Kristina Lundqvist, Lars Asplund, Justin Pearson...
![Page 12: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/12.jpg)
Inform
ationsteknologi
Real Time Systems
PlantContinuous
Controller ProgramDiscrete
Eg.: Realtime ProtocolsPump ControlAir BagsRobotsCruise ControlABSCD PlayersProduction Lines
Real Time SystemA system where correctness not only depends on the logical order of events but
also on their timing!!
Real Time SystemA system where correctness not only depends on the logical order of events but
also on their timing!!
sensors
actuators
![Page 13: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/13.jpg)
Inform
ationsteknologi
Real Time Model Checking
sensors
actuators
a
cb
1 2
43
a
cb
1 2
43
1 2
43
1 2
43
a
cb
UPPAAL Model
Modelofenvironment(user-supplied /non-determinism)
Model oftasks(automatic?)
PlantContinuous
Controller ProgramDiscrete
SAT φφφφ ??SAT φφφφ ??
![Page 14: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/14.jpg)
Inform
ationsteknologi
??
Real Time Control Synthesis
PlantContinuous
Controller ProgramDiscrete
sensors
actuators
a
cb
1 2
43
a
cb
1 2
43
1 2
43
1 2
43
a
cb
Partial UPPAAL Model
Modelofenvironment(user-supplied)
SAT φφφφ !!SAT φφφφ !!
Synthesisoftasks(automatic)
![Page 15: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/15.jpg)
Timed AutomataAlur & Dill 1989
![Page 16: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/16.jpg)
Inform
ationsteknologi
UCb
Timed Automata
Off Light Brightpress? press?
press?
press?
x:=0 x·3
x>3
Synchronizing action
Synchronizing action
Guard:conjunctions of
x~n» 2{<,·,=¸,>}
Guard:conjunctions of
x~n» 2{<,·,=¸,>}
x: real-valued
clock
x: real-valued
clock
ResetReset
LocationLocation
![Page 17: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/17.jpg)
Inform
ationsteknologi
UCb
Timed Automata semantics
n
m
a
x<=5 & y>3
x := 0
Transitions
( n , x=2.4 , y=3.1415 )( n , x=3.5 , y=4.2415 )
e(1.1)
( n , x=2.4 , y=3.1415 )( m , x=0 , y=3.1415 )
a
State
( location , x=v , y=u ) where v,u are in R
Discrete
Trans
Delay Tr
ans
![Page 18: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/18.jpg)
Inform
ationsteknologi
UCb
Timed Automata
Off Light Brightpress? press?
press?
press?
x:=0
x·3
x>3
Transitions:
( Off , x=0 ) delay 4.32 � ( Off , x=4.32 ) press? � ( Light , x=0 )delay 2.51 � ( Light , x=2.51 )press? � ( Bright , x=2.51 )
Transitions:
( Off , x=0 ) delay 4.32 � ( Off , x=4.32 ) press? � ( Light , x=0 )delay 2.51 � ( Light , x=2.51 )press? � ( Bright , x=2.51 )
![Page 19: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/19.jpg)
Inform
ationsteknologi
UCb
Intelligent Light Control
OffLightx·100
Brightx·100
press? press?
press?
x:=0 x·3
x>3
x=100x:=0
x=100x:=0
x:=0press?x:=0
Using Invariants
x:=0
![Page 20: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/20.jpg)
Inform
ationsteknologi
UCb
n
m
a
x<=5 & y>3
x := 0
Transitions
( n , x=2.4 , y=3.1415 )( n , x=3.5 , y=4.2415 )
e(1.1)
( n , x=2.4 , y=3.1415 )e(3.2)
x<=5
y<=10
g1g2 g3
g4
Timed Automata semanticsInvariants
Invariants ensureprogress !!
Invariants ensureprogress !!
![Page 21: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/21.jpg)
Inform
ationsteknologi
UCb
Intelligent Light Control
Off Light Brightpress? press?
press?
x:=0
x·3
x>3
x·100
x=100x:=0
x·100
x=100x:=0
x:=0
press?x:=0
Invariants
Transitions:( Off , x=0 )
delay 4.32 � ( Off , x=4.32 ) press? � ( Light , x=0 )delay 4.51 � ( Light , x=4.51 )press? � ( Light , x=0 )delay 100 � ( Light , x=100)
τ � ( Off , x=0)
Transitions:( Off , x=0 )
delay 4.32 � ( Off , x=4.32 ) press? � ( Light , x=0 )delay 4.51 � ( Light , x=4.51 )press? � ( Light , x=0 )delay 100 � ( Light , x=100)
τ � ( Off , x=0)
Note:
( Light , x=0 ) delay 103 �
Note:
( Light , x=0 ) delay 103 �X
Invariants ensures progress
Invariants ensures progress
x:=0
![Page 22: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/22.jpg)
Inform
ationsteknologi
UCb
Timed AutomataFormally
![Page 23: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/23.jpg)
Inform
ationsteknologi
UCb
Timed AutomataFormally
![Page 24: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/24.jpg)
Inform
ationsteknologi
UCb
Timed AutomataFormally
![Page 25: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/25.jpg)
Inform
ationsteknologi
UCb
Timed AutomataFormally
![Page 26: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/26.jpg)
Inform
ationsteknologi
UCb
Example
Reachable?
a b
c
With two clocks
![Page 27: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/27.jpg)
Inform
ationsteknologi
UCb
Example
Reachable?
x
y
(L0,x=0,y=0)
a b
c
With two clocks
![Page 28: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/28.jpg)
Inform
ationsteknologi
UCb
Example
Reachable?
x
y
(L0,x=0,y=0)�ε(1.4)(L0,x=1.4,y=1.4)
a b
c
ε(1.4)
With two clocks
![Page 29: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/29.jpg)
Inform
ationsteknologi
UCb
Example
Reachable?
x
y
(L0,x=0,y=0)�ε(1.4)(L0,x=1.4,y=1.4)
�a
(L0,x=1.4,y=0)
a b
c
ε(1.4)
a
With two clocks
![Page 30: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/30.jpg)
Inform
ationsteknologi
UCb
Example
Reachable?
x
y
(L0,x=0,y=0)�ε(1.4)(L0,x=1.4,y=1.4)
�a
(L0,x=1.4,y=0)�ε(1.6)(L0,x=3.0,y=1.6)
�a
(L0,x=3.0,y=0)
a b
c
ε(1.4)
a aε(1.6)
With two clocks
![Page 31: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/31.jpg)
Inform
ationsteknologi
UCb
Networks Light Controller & User
Off Light Brightpress? press?
press?
x:=0
x·3
x>3
x·100
x=100x:=0
x·100
x=100x:=0
x:=0
press?x:=0
Rest Busy
y¸10 y:=0
y·10
press!
press!y:=0
Transitions:
( Off, Rest, x=0, y=0 )delay 20 � ( Off, Rest, x=20, y=20 )press?! � ( Light, Busy, x=0, y=0 )delay 2 � ( Light, Busy, x=2, y=2)press?! � ( Bright, Rest, x=0, y=0)
Transitions:
( Off, Rest, x=0, y=0 )delay 20 � ( Off, Rest, x=20, y=20 )press?! � ( Light, Busy, x=0, y=0 )delay 2 � ( Light, Busy, x=2, y=2)press?! � ( Bright, Rest, x=0, y=0)
Synchronization
x:=0
![Page 32: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/32.jpg)
Inform
ationsteknologi
UCb
Networks of Timed Automata(a’la CCS)
l1
l2
a!
x>=2
x := 0
m1
m2
a?
y<=4
………….Two-way synchronizationon complementaryactions.
Closed Systems!
Two-way synchronizationon complementaryactions.
Closed Systems!
(l1, m1,………, x=2, y=3.5,…..) (l2,m2,……..,x=0, y=3.5, …..)
(l1,m1,………,x=2.2, y=3.7, …..)0.2
ττττExample transitions
If a URGENT CHANNEL
![Page 33: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/33.jpg)
Inform
ationsteknologi
UCb
Network Semantics
A X)s s ,,SS(T T ⊆→×= 20
102121X X
XX 2121
111
s ´ss s
´ss
→→
µ
µ
XX ´s ss s
´ss
2121
222
→→
µ
µ
XX ´s ´ss s
´ss ´ss aa
2121
222111
→→→
τ
XX ´s ´ss s
´ss ´ss)d(e
)d(e)d(e
2121
222111
→ → →
! ?
where
![Page 34: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/34.jpg)
Inform
ationsteknologi
UCb
Network Semantics(URGENT synchronization)
A X)s s ,,SS(T T ⊆→×= 20
102121X X
XX 2121
111
s ´ss s
´ss
→→
µ
µ
XX ´s ss s
´ss
2121
222
→→
µ
µ
XX ´s ´ss s
´ss ´ss aa
2121
222111
→→→
τ
XX ´s ´ss s
´ss ´ss)d(e
)d(e)d(e
2121
222111
→ → →
! ?
where+ U
rgent sy
nchroni
zation
∀d’ < d, ∀u∈ UAct:
¬ ( s1 → → ∧ s2 → → )e(d’) u!e(d’) u?
![Page 35: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/35.jpg)
Light Control Interface
![Page 36: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/36.jpg)
Inform
ationsteknologi
UCb
User Light
Light Control Interface
ControlProgram
Interface
endhold!endhold!
touch!touch!
starthold! starthold! press?press?
release?release?
L++/L--/L:=0
L++/L--/L:=0
press? d release? � touch! 0.5·d·1press? 1 � starthold! press? d release? � endhold! d >1
press? 0.2 release? … press? 0.7 release? … press? 1.0 2.4 release? …
Ø touch! starthold! endhold!
![Page 37: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/37.jpg)
Inform
ationsteknologi
UCb
Light Control Interface
ControlProgram
User
endhold!endhold!
touch!touch!
starthold! starthold! press?press?
release?release?
L++/L--/L:=0
L++/L--/L:=0
![Page 38: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/38.jpg)
Inform
ationsteknologi
UCb
ControlProgram
Light Control Network
endhold!endhold!
touch!touch!
starthold! starthold! press?press?
release?release?
![Page 39: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/39.jpg)
Inform
ationsteknologi
UCb
Validation Light Controller
![Page 40: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/40.jpg)
Timed AutomataModeling
andDecidability
Kim Guldstrand Larsen
![Page 41: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/41.jpg)
Inform
ationsteknologi
UCb
Overview
� BRICK Sorting
� Reachability Checking
− Region Construction
� Bisimulation Checking
� Model Checking
� Trace Inclusion Checking
![Page 42: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/42.jpg)
Brick Sorting
![Page 43: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/43.jpg)
Inform
ationsteknologi
UCb
LEGO Mindstorms/RCX
� Sensors: temperature, light, rotation, pressure.
� Actuators: motors, lamps,
� Virtual machine:
− 10 tasks, 4 timers, 16 integers.
� Several Programming Languages:
− NotQuiteC, Mindstorm, Robotics, legOS, etc.
3 input ports
3 output ports
1 infra-red port
![Page 44: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/44.jpg)
Inform
ationsteknologi
UCb
A Real Real Timed System
ControllerProgram
LEGO MINDSTORM
The PlantConveyor Belt
& Bricks
What is the CONTROL program doing?
![Page 45: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/45.jpg)
Inform
ationsteknologi
UCb
First UPPAAL modelSorting of Lego Boxes
Conveyer Belt
Boxes
Piston
Black
Red9 18 81 90
99
blackred
removeeject
Controller
Ken Tindell
MAIN PUSH
![Page 46: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/46.jpg)
Inform
ationsteknologi
UCb
NQC programs
task PUSH{while(true){
wait(Timer(1)>DELAY && active==1);active=0;Rev(OUT_C,1);Sleep(8);Fwd(OUT_C,1);Sleep(12);Off(OUT_C);
}}
task PUSH{while(true){
wait(Timer(1)>DELAY && active==1);active=0;Rev(OUT_C,1);Sleep(8);Fwd(OUT_C,1);Sleep(12);Off(OUT_C);
}}
int active;int DELAY;int LIGHT_LEVEL;
int active;int DELAY;int LIGHT_LEVEL;
task MAIN{DELAY=75;LIGHT_LEVEL=35;active=0;Sensor(IN_1, IN_LIGHT);Fwd(OUT_A,1);Display(1);
start PUSH;
while(true){
wait(IN_1<=LIGHT_LEVEL);ClearTimer(1);active=1;PlaySound(1);
wait(IN_1>LIGHT_LEVEL);}
}
task MAIN{DELAY=75;LIGHT_LEVEL=35;active=0;Sensor(IN_1, IN_LIGHT);Fwd(OUT_A,1);Display(1);
start PUSH;
while(true){
wait(IN_1<=LIGHT_LEVEL);ClearTimer(1);active=1;PlaySound(1);
wait(IN_1>LIGHT_LEVEL);}
}
![Page 47: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/47.jpg)
Inform
ationsteknologi
UCb
A Black Brick & The Guard
![Page 48: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/48.jpg)
Inform
ationsteknologi
UCb
Control Tasks & Piston
GLOBAL DECLARATIONS:
const int ctime = 75;
int[0,1] active;
clock x, time;
chan eject, ok;
chan blck, red, remove, go;
![Page 49: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/49.jpg)
Inform
ationsteknologi
UCb
The Production Cell in LEGO
Course at DTU, Copenhagen
Rasmus Crüger LundSimon Tune Riemanni
![Page 50: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/50.jpg)
Inform
ationsteknologi
UCb
From RCX to UPPAAL – and back
� Model includesRound-RobinScheduler.
� Compilation of RCX tasks into TA models.
� Presented at ECRTS 2000 in Stockholm.
� From UPPAAL to RCX: MartijnHendriks.
Task MAIN
![Page 51: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/51.jpg)
Inform
ationsteknologi
UCb
www.uppaal.com
![Page 52: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/52.jpg)
DecidabilityThe Region Construction
![Page 53: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/53.jpg)
Inform
ationsteknologi
UCb
Reachability ?
Reachable from initial state (L0,x=0,y=0) ?
a b
c
OBSTACLE:
Uncountably infinite
state space
locations clock-valuations
![Page 54: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/54.jpg)
Inform
ationsteknologi
UCb
Timed AutomataFormally
![Page 55: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/55.jpg)
Inform
ationsteknologi
UCb
![Page 56: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/56.jpg)
Inform
ationsteknologi
UCb
![Page 57: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/57.jpg)
Inform
ationsteknologi
U C b
Timed AutomataFormally
![Page 58: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/58.jpg)
Inform
ationsteknologi
UCb
![Page 59: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/59.jpg)
Inform
ationsteknologi
UCb
![Page 60: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/60.jpg)
Inform
ationsteknologi
UCb
![Page 61: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/61.jpg)
Inform
ationsteknologi
UCb
Stable Quotient
Reachable?
x
y
x
y
Partitioning
a b
c
![Page 62: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/62.jpg)
Inform
ationsteknologi
UCb
Stable Quotient
Reachable?
x
y
x
y
Partitioning
a b
c
![Page 63: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/63.jpg)
Inform
ationsteknologi
UCb
Stable Quotient
Reachable?
x
y
x
y
Partitioning
a b
c
![Page 64: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/64.jpg)
Inform
ationsteknologi
UCb
Stable Quotient
Reachable?
x
y
x
y
Partitioning
a b
c
![Page 65: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/65.jpg)
Inform
ationsteknologi
UCb
Stable Quotient
Reachable?
x
y
x
y
Partitioning
a b
c
![Page 66: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/66.jpg)
Inform
ationsteknologi
UCb
Stable Quotient
Reachable?
x
y
x
y
Partitioning
a b
c
1
23
45
6
0
0 ����εεεε����1����a����2����εεεε����3����a����4����εεεε����5����c����6
![Page 67: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/67.jpg)
Inform
ationsteknologi
UCb
![Page 68: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/68.jpg)
Inform
ationsteknologi
UCb
RegionsFinite Partitioning of State Space
x
y
An equivalence class (i.e. a region)in fact there is only a finite number of regions!!
1 2 3
1
2
![Page 69: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/69.jpg)
Inform
ationsteknologi
UCb
![Page 70: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/70.jpg)
Inform
ationsteknologi
UCb
![Page 71: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/71.jpg)
Inform
ationsteknologi
UCb
RegionsSuccessor Operation (wrt delay)
x
y
An equivalence class (i.e. a region)
Successor regions, Succ(r)
r
1 2 3
1
2
![Page 72: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/72.jpg)
Inform
ationsteknologi
UCb
RegionsReset Operation
x
y
An equivalence class (i.e. a region) r
{x}r
{y}r
r
Resetregions
1 2 3
1
2
![Page 73: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/73.jpg)
Inform
ationsteknologi
UCb
An Example Region Graph
![Page 74: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/74.jpg)
Inform
ationsteknologi
UCb
Modified light switch
![Page 75: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/75.jpg)
Inform
ationsteknologi
UCb
Reachable partof region graph
![Page 76: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/76.jpg)
Inform
ationsteknologi
UCb
![Page 77: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/77.jpg)
Inform
ationsteknologi
UCb
Fundamental Results
� Reachability ☺☺☺☺
� Model-checking ☺☺☺☺
� TCTL, Lnu, Tmu,...
� Bisimulation, Simulation
� Timed ☺☺☺☺ ; Untimed ☺☺☺☺
� Trace-inclusion
� Timed ���� ; Untimed ☺☺☺☺PSPACE-c / E
XPTIM
E-c
![Page 78: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/78.jpg)
Timed Bimulation
Wang’91, Cerans’92
![Page 79: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/79.jpg)
Inform
ationsteknologi
UCb
Timed Bisimulation
( ) ( )( ) ( )
Del.Acta all for
Rt's's'ss'.t't ii)
Rt's't'tt'.s's i)
:holds following
the then sRt whenever if onbisimulati timed a is R
aa
aa
∪∈∧→∃⇒→
∧→∃⇒→
{ }0Rd:dDel ≥∈=
R. onbisimulati timed
some for sRt whenever ts write We ≈
Wang’91
![Page 80: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/80.jpg)
Inform
ationsteknologi
UCb
Timed Simulation
( ) ( )Del.Acta all for
Rt's't'tt'.s's i)
:holds following
the then sRt whenever if simulation timed a is R
aa
∪∈∧→∃⇒→
{ }0Rd:dDel ≥∈=
R. simulation
timed some for sRt iff ts write We p
![Page 81: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/81.jpg)
Inform
ationsteknologi
UCb
Examples
![Page 82: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/82.jpg)
Inform
ationsteknologi
UCb
Towards Timed BisimulationAlgorithm
independent“product-construction”
Cerans’92
![Page 83: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/83.jpg)
Inform
ationsteknologi
UCb
on.bisimulati-product timed some for
Bs whenever TB(s) write We
B's' s.t. 's's' then s's if iii)
B's' s.t. 's's' then s's if ii)
Bs' then s's if i)
:holds following the then Bs whenever
iff onbisimulati-product timed a is B
12
21
aa
aa
d
∈∈→→
∈→→
∈→
∈
Definition
( )21 ss TB(s) ≈⇔Theorem
Towards Timed Bisimulation Algorithm
![Page 84: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/84.jpg)
Inform
ationsteknologi
UCb
Timed Bisimulation Algorithm =Checking for TB-ness using Regions
x
y
AX,R0 AX,R1 AX,R2
AY,R3
a2
a1
1
1
2
AX,R3
![Page 85: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/85.jpg)
Timed Trace InclusionUndecidability
![Page 86: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/86.jpg)
Inform
ationsteknologi
UCb
Timed Trace Languages
� Timed trace(t1,a1),(t2,a2), .., (tk,ak)
where ai is an action and ti 2 R, with ti’snon-decreasing.
L(A)={ (t1,a) , (t2,a) :t1· 1 Æ
t1· t2· t1+1 }
L(X)={(t1,a) , (t2,a) :
t1· t2· 2 }
![Page 87: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/87.jpg)
Inform
ationsteknologi
UCb
Timed Trace Languages
� Timed trace(t1,a1),(t2,a2), .., (tk,ak)
where ai is an action and ti 2 R, with ti’sstrictly increasing.
� PROPOSITIONs− Given a timed automaton A it is UNDECIDABLE whether the set of timed traces of A is the UNIVERSAL set.
− Given two timed automata A and B it is UNDECIDABLE whether the set of timed traces of A is INCLUDED in the set of timed traces of B.
![Page 88: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/88.jpg)
Inform
ationsteknologi
UCb
Two-counter Machine
� M=( {b0,b1,..,bk} , C, D )
where bi’s are instructions C and D are counters ranging
over N. Initially both C and D are 0.
� Instructions (i<k):− Increment bj: C:=C+1 ; goto bl− Decrement bj: if C≠0
then C:=C-1; goto blelse goto bm
� bk represents termination
![Page 89: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/89.jpg)
Inform
ationsteknologi
UCb
Two-counter Machine
� M=( {b0,b1,..,bk} , C, D )
� Configuration of M:( bi , c , d)
where c and d are values of C and D.
� Computation of M is a “valid” sequence of configurations starting with (b0,0,0) and ending with (bk,_,_).
� PROPOSITIONDeciding whether a two-counter machine has a (halting) computation is UNDECIDABLE.
![Page 90: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/90.jpg)
Inform
ationsteknologi
UCb
Timed Trace Language for Two-counter Machine
� Let M be a two-counter machine. We define L(M) to be the set of timed traces over
Σ={b0,..,bk,c,d} such that whenever
(bi0,c0,d0)(bi1,c1,d1)……(bin,cn,dn)
is a computation of M then the timed trace s is in L(M) where:
− Untime(s)= bi0cc0dd0bi1c
c1dd1 … binccnddn
− Time(bj) = j
− “proper matching of c’s and d’s”
![Page 91: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/91.jpg)
Inform
ationsteknologi
UCb
Proper Matching
� Clearly M has a (halting) computation iffL(M)≠Ø
� One can show that L(M)C can be captured by a Timed Automaton (a union of several small ones).
INCREMENT of C
s
![Page 92: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/92.jpg)
Inform
ationsteknologi
UCb
Example Automata
Violation of bi : D:=D+1 ; goto bj
1) Jumping to another instruction than bj:
x:=0
bi
Σ Σ Σ
Σ Σ
Σ \ {bj}
x=1
x:=0
bi c x:=0
x<1
Σ , x< 1 Ç x>1
Σ \ {c} , x=1
2) Decreasing or breaking encoding of C
![Page 93: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/93.jpg)
The UPPAALVerification
Engine
Kim Guldstrand Larsen
![Page 94: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/94.jpg)
Inform
ationsteknologi
UCb
Overview
� Train Crossing− Full Modeling & Specification Formalism
− Schedulability Analysis
� UPPAAL Verification Engine− Symbolic On-the-fly Exploration
− Zones & DBMs
− CDDs
� Verification Options− Over- / Under Approximations
− Storage Strategies
![Page 95: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/95.jpg)
Timed Automata in UPPAALTrain Crossing
![Page 96: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/96.jpg)
Inform
ationsteknologi
UCb
UPPAAL
Graphical Simulator• visualization
and recording• inexpensive
fault detect.• MSCs
Graphical Simulator• visualization
and recording• inexpensive
fault detect.• MSCs
Graphical Design Tool• timed automata• clocks• communication• datatypes & functions• cost variables• uncontr. behaviour
Graphical Design Tool• timed automata• clocks• communication• datatypes & functions• cost variables• uncontr. behaviour
Verifier• exhaustive & automaticchecking of requirements
• diagnostic traces• optimal scheduling •controller synthesis
Verifier• exhaustive & automaticchecking of requirements
• diagnostic traces• optimal scheduling •controller synthesis
Tool Environment for modeling, simulation,
verification, optimization & synthesis
of real-time systems
Tool Environment for modeling, simulation,
verification, optimization & synthesis
of real-time systems
![Page 97: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/97.jpg)
Inform
ationsteknologi
UCb
Train Crossing
River
Crossing
Gate
StopableArea
[10,20]
[7,15]
list
[3,5]
enqueue()dequeue()front()
![Page 98: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/98.jpg)
Inform
ationsteknologi
UCb
Train Crossing
River
Crossing
Gate
StopableArea
[10,20]
[7,15]
list
[3,5]apprstop
leave
go
enqueue()dequeue()front()
id-”parameter”id-”parameter”
Communication via channels!
![Page 99: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/99.jpg)
Queries : Specification Language
![Page 100: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/100.jpg)
Inform
ationsteknologi
UCb
Logical Specifications
� Validation Properties
− Possibly: E<> P
� Safety Properties
− Invariant: A[] P
− Pos. Inv.: E[] P
� Liveness Properties
− Eventually: A<> P
− Leadsto: P � Q
� Bounded Liveness
− Leads to within: P �· t Q
The expressions P and Q must be type safe, side effect free, and evaluate to a boolean.
Only references to integer variables, constants, clocks, and locations are allowed (and arrays of these).
![Page 101: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/101.jpg)
Inform
ationsteknologi
UCb
Logical Specifications
� Validation Properties
− Possibly: E<> P
� Safety Properties
− Invariant: A[] P
− Pos. Inv.: E[] P
� Liveness Properties
− Eventually: A<> P
− Leadsto: P � Q
� Bounded Liveness
− Leads to within: P �· t Q
![Page 102: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/102.jpg)
Inform
ationsteknologi
UCb
Logical Specifications
� Validation Properties
− Possibly: E<> P
� Safety Properties
− Invariant: A[] P
− Pos. Inv.: E[] P
� Liveness Properties
− Eventually: A<> P
− Leadsto: P � Q
� Bounded Liveness
− Leads to within: P �· t Q
![Page 103: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/103.jpg)
Inform
ationsteknologi
UCb
Logical Specifications
� Validation Properties
− Possibly: E<> P
� Safety Properties
− Invariant: A[] P
− Pos. Inv.: E[] P
� Liveness Properties
− Eventually: A<> P
− Leadsto: P � Q
� Bounded Liveness
− Leads to within: P �· t Q
![Page 104: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/104.jpg)
Inform
ationsteknologi
UCb
Logical Specifications
� Validation Properties
− Possibly: E<> P
� Safety Properties
− Invariant: A[] P
− Pos. Inv.: E[] P
� Liveness Properties
− Eventually: A<> P
− Leadsto: P � Q
� Bounded Liveness
− Leads to within: P �· t Q
· t
· t
![Page 105: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/105.jpg)
Inform
ationsteknologi
UCb
Train Crossing
River
Crossing
Gate
StopableArea
[10,20]
[7,15]
list
[3,5]apprstop
leave
go
enqueue()dequeue()front()
id-”parameter”id-”parameter”
Communication via channels!
![Page 106: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/106.jpg)
Inform
ationsteknologi
UCb
Case-Studies: Controllers
� Gearbox Controller [TACAS’98]
� Bang & Olufsen Power Controller [RTPS’99,FTRTFT’2k]
� SIDMAR Steel Production Plant [RTCSA’99, DSVV’2k]
� Real-Time RCX Control-Programs [ECRTS’2k]
� Experimental Batch Plant (2000)
� RCX Production Cell (2000)
� Terma, Verification of Memory Management for Radar (2001)
� Scheduling Lacquer Production (2005)
� Memory Arbiter Synthesis and Verification for a Radar Memory Interface Card [NJC’05]
![Page 107: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/107.jpg)
Inform
ationsteknologi
UCb
Case Studies: Protocols
� Philips Audio Protocol [HS’95, CAV’95, RTSS’95, CAV’96]
� Collision-Avoidance Protocol [SPIN’95]
� Bounded Retransmission Protocol [TACAS’97]
� Bang & Olufsen Audio/Video Protocol [RTSS’97]
� TDMA Protocol [PRFTS’97]
� Lip-Synchronization Protocol [FMICS’97]
� Multimedia Streams [DSVIS’98]
� ATM ABR Protocol [CAV’99]
� Leader Election for Mobile Ad Hoc Networks[Charme05]
� ABB Fieldbus Protocol [ECRTS’2k]
� IEEE 1394 Firewire Root Contention (2000)
� Distributed Agreement Protocol [Formats05]
![Page 108: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/108.jpg)
Zones & DBMs
![Page 109: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/109.jpg)
Inform
ationsteknologi
UCb
RegionsFinite Partitioning of State Space
x
y Time Time Time Time AbstractedAbstractedAbstractedAbstracted BisimulationBisimulationBisimulationBisimulationEquivalence classes (i.e. a region)in fact there is only a finite number of regions!!
1 2 3
1
2
0<x<1 Æ 0<y<1 Æ y-x>0
![Page 110: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/110.jpg)
Inform
ationsteknologi
UCb
ZonesFrom infinite to finite
State(n, x=3.2, y=2.5 )
x
y
x
y
Symbolic state (set)
Zone:conjunction ofx-y<=n, x<=>n
(n, 1·x·4, 1·y· 3)
![Page 111: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/111.jpg)
Inform
ationsteknologi
UCb
Symbolic Transitions
n
m
x>3
y:=0
delays to
conjuncts to
projects to
x
y
1<=x<=41<=y<=3
x
y1<=x, 1<=y-2<=x-y<=3
x
y 3<x, 1<=y-2<=x-y<=3
3<x, y=0
x
y
Thus (n,1<=x<=4,1<=y<=3) =a => (m,3<x, y=0)Thus (n,1<=x<=4,1<=y<=3) =a => (m,3<x, y=0)
a
![Page 112: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/112.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
![Page 113: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/113.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
Delay
![Page 114: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/114.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
Left
![Page 115: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/115.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
Left
![Page 116: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/116.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
Delay
![Page 117: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/117.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
Left
![Page 118: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/118.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
Left
![Page 119: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/119.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
Delay
![Page 120: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/120.jpg)
Inform
ationsteknologi
UCb
Symbolic Exploration
Reachable?
x
y
Down
![Page 121: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/121.jpg)
Inform
ationsteknologi
UCb 29
Forward Reachability
Passed
Waiting Final
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
![Page 122: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/122.jpg)
Inform
ationsteknologi
UCb 30
Forward Reachability
Passed
Waiting Final
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
![Page 123: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/123.jpg)
Inform
ationsteknologi
UCb 31
Forward Reachability
Passed
WaitingFinal?
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
![Page 124: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/124.jpg)
Inform
ationsteknologi
UCb 32
Forward Reachability
Passed
Waiting Final
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆⊆⊆⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
![Page 125: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/125.jpg)
Inform
ationsteknologi
UCb 33
Forward Reachability
Passed
Waiting Final
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆⊆⊆⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
![Page 126: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/126.jpg)
Inform
ationsteknologi
UCb 34
Forward Reachability
Passed
Waiting Final
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆⊆⊆⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
![Page 127: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/127.jpg)
Inform
ationsteknologi
UCb 35
Forward Reachability
Passed
Waiting Final
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆⊆⊆⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
![Page 128: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/128.jpg)
Inform
ationsteknologi
UCb
Bellman 1958, Dill 1989
x<=1y-x<=2z-y<=2z<=9
x<=1y-x<=2z-y<=2z<=9
x<=2y-x<=3y<=3z-y<=3z<=7
x<=2y-x<=3y<=3z-y<=3z<=7
D1
D2
Inclusion
0
x
y
z
1 2
29
0
x
y
z
2 3
37
3
? ?
Graph
Graph
⊆
Canonical Datastructures for Zones
Difference Bounded Matrices
![Page 129: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/129.jpg)
Inform
ationsteknologi
UCb
x<=1y-x<=2z-y<=2z<=9
x<=1y-x<=2z-y<=2z<=9
x<=2y-x<=3y<=3z-y<=3z<=7
x<=2y-x<=3y<=3z-y<=3z<=7
D1
D2
Inclusion
0
x
y
z
1 2
29
ShortestPath
Closure
ShortestPath
Closure
0
x
y
z
1 2
25
0
x
y
z
2 3
37
0
x
y
z
2 3
36
3
3 3
Graph
Graph
? ? ⊆
4
6
Canonical Datastructures for Zones
Difference Bounded Matrices
![Page 130: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/130.jpg)
Inform
ationsteknologi
UCb
x<=1y>=5y-x<=3
x<=1y>=5y-x<=3
D
Emptiness
0y
x1
3
-5
Negative Cycleiffempty solution set
Graph
Compact
Canonical Datastructures for Zones
Difference Bounded Matrices
![Page 131: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/131.jpg)
Inform
ationsteknologi
UCb
1<= x <=41<= y <=3
1<= x <=41<= y <=3
D
Future
x
y
x
y
Future D
0
y
x4
-1
3
-1
ShortestPath Closure
Removeupperboundson clocks
1<=x, 1<=y-2<=x-y<=3
1<=x, 1<=y-2<=x-y<=3
y
x
-1
-1
3
2
0
y
x
-1
-1
3
2
0
4
3
Canonical Datastructures for Zones
Difference Bounded Matrices
![Page 132: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/132.jpg)
Inform
ationsteknologi
UCb
x
y
D
1<=x, 1<=y-2<=x-y<=3
1<=x, 1<=y-2<=x-y<=3
y
x
-1
-1
3
2
0
Remove allbounds involving y
and set y to 0
x
y
{y}D
y=0, 1<=xy=0, 1<=x
Reset
y
x
-1
0
00
Canonical Datastructures for Zones
Difference Bounded Matrices
![Page 133: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/133.jpg)
Inform
ationsteknologi
UCb
x1-x2<=4x2-x1<=10x3-x1<=2x2-x3<=2x0-x1<=3x3-x0<=5
x1-x2<=4x2-x1<=10x3-x1<=2x2-x3<=2x0-x1<=3x3-x0<=5
x1 x2
x3x0
-4
10
22
5
3
x1 x2
x3x0
-4
4
2
2
5
3 3 -2 -2
1
ShortestPath
ClosureO(n^3)
Canonical Datastructures for Zones
Difference Bounded Matrices
![Page 134: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/134.jpg)
Inform
ationsteknologi
UCb
x1-x2<=4x2-x1<=10x3-x1<=2x2-x3<=2x0-x1<=3x3-x0<=5
x1-x2<=4x2-x1<=10x3-x1<=2x2-x3<=2x0-x1<=3x3-x0<=5
x1 x2
x3x0
-4
10
22
5
3
x1 x2
x3x0
-4
4
2
2
5
3
x1 x2
x3x0
-4
22
3
3 -2 -2
1
ShortestPath
ClosureO(n^3)
ShortestPath
ReductionO(n^3) 3
Space worst O(n^2)practice O(n)
RTSS 1997
Canonical Datastructures for Zones
Minimal Constraint Form
![Page 135: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/135.jpg)
Inform
ationsteknologi
UCb
SPACE PERFORMANCE
0
0,1
0,2
0,3
0,4
0,5
0,6
0,7
0,8
0,9
1
Audio
Audio
w Col
B&OBox
Sor
ter
M. P
lant
Fische
r 2Fisc
her 3
Fische
r 4Fisc
her 5
Train C
ross
ing
Per
cent
Minimal Constraint
Global Reduction
Combination
![Page 136: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/136.jpg)
Inform
ationsteknologi
UCb
TIME PERFORMANCE
0
0,5
1
1,5
2
2,5
Audio
Audio
w Col
B&OBox
Sor
ter
M. P
lant
Fische
r 2Fisc
her 3
Fische
r 4Fisc
her 5
Train C
ross
ing
Per
cent Minimal Constraint
Global Reduction
Combination
![Page 137: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/137.jpg)
Clock Difference Diagrams
![Page 138: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/138.jpg)
Inform
ationsteknologi
UCb
Earlier Termination
Passed
Waiting Final
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆⊆⊆⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
Z’⊆⊆⊆⊆ Z’’
![Page 139: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/139.jpg)
Inform
ationsteknologi
UCb
Earlier Termination
Passed
Waiting Final
Init
INITIAL Passed := Ø;Waiting := {(n0,Z0)}
REPEATpick (n,Z) in Waitingif (n,Z) = Final return truefor all (n,Z)→(n’,Z’):if for some (n’,Z’’) Z’⊆⊆⊆⊆ Z’’ continueelse add (n’,Z’) to Waitingmove (n,Z) to Passed
UNTIL Waiting = Øreturn false
Init -> Final ?
PW
Z’⊆⊆⊆⊆ Z’’
Z’⊆⊆⊆⊆ [ Zi
![Page 140: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/140.jpg)
Inform
ationsteknologi
UCb
Clock Difference Diagrams= Binary Decision Diagrams + Difference Bounded Matrices
CDD-representationsCDD-representations
CAV99
� Nodes labeled with differences
� Maximal sharing of substructures (also across different CDDs)
� Maximal intervals
� Linear-time algorithms for set-theoretic operations.
![Page 141: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/141.jpg)
Inform
ationsteknologi
UCb
SPACE PERFORMANCE
0
0,5
1
1,5
2
2,5
3
3,5
4
4,5
Philips
Philps
col
B&O
BRPPow
erDown1
PowerD
own2Daca
poGea
rBox
Fische
r4Fisc
her5
Per
cent
CDD
Reduced CDD
CDD+BDD
![Page 142: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/142.jpg)
Inform
ationsteknologi
UCb
TIME PERFORMANCE
0
1
2
3
4
5
6
Philips
Philps
col
B&O
BRPPow
erDown1
PowerD
own2Daca
poGea
rBox
Fische
r4Fisc
her5
Per
cent
CDD
Reduced CDD
CDD+BDD
![Page 143: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/143.jpg)
Inform
ationsteknologi
UCb
Related & Future Work
� DDD: Andersen et al.
� NDD: Asarin, Bozga, Kerbrat, Maler, Pnueli, Rasse.
� IDD: Strehl, Thiele.
� No efficient algorithm for FUTURE and RESET operation on CDD.
� No canonical form.
� An efficient, fully symbolic engine for TA is still missing!!
![Page 144: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/144.jpg)
Inform
ationsteknologi
UCb
Additional “secrets”
� Sharing among symbolic states
− location vector / discrete values / zones
� Distributed implementation of UPPAAL
� Symmetry Reduction
� Sweep Line Method
� Guiding wrt Heuristic Value
− User-supplied / Auto-generated
� Slicing wrt “C” Code
![Page 145: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/145.jpg)
Inform
ationsteknologi
UCb
Open Problems
� Fully symbolic exploration of TA (both discrete and continuous part) ?
� Canonical form for CDD’s ?
� Partial Order Reduction ?
� Compositional Backwards Reachability ?
� Bounded Model Checking for TA ?
� Exploitation of multi-core processors ?
� …
![Page 146: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/146.jpg)
Inform
ationsteknologi
UCb
x1 x2
x3x0
-4
4
2
2
5
3 3 -2 -2
1
Datastructures for Zones
� Difference Bounded Matrices (DBMs)
� Minimal Constraint Form
[RTSS97]
� Clock Difference Diagrams
[CAV99]
� PW List [SPIN03]
Elegant RUBY bindings for
easy implementations
Alexandre David
![Page 147: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/147.jpg)
Optimal & Real TimeScheduling
Model Checking Technologyusing
CORACORACORA
![Page 148: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/148.jpg)
Informationsteknologi
UCb
Overview
� Timed Automata and Scheduling
� Priced Timed Automata
� Optimal Scheduling
� Optimal Scheduling wrt Multiple Objectives
� Optimal Infinite Scheduling
![Page 149: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/149.jpg)
Informationsteknologi
UCb
� Academic partners:
− Nijmegen
− Aalborg
− Dortmund
− Grenoble
− Marseille
− Twente
− Weizmann
� Industrial Partners
− Axxom
− Bosch
− Cybernetix
− Terma
April 2002 – June 2005 IST-2001-35304
![Page 150: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/150.jpg)
Informationsteknologi
UCb
SIDMAR Overview
Machine 1 Machine 2 Machine 3
Machine 4 Machine 5
Buffer
Continuos Casting Machine
Storage Place
Crane B
Crane A
@10 @20 @10
@10
@40
Lane 1
Lane 2
2 2 2
15
16
INPUTsequenceof steel loads(“pigs”)
OUTPUTsequence of higherquality steel
GOAL: Maximize utilization of plant
GOAL: Maximize utilization of plant
SIDMAR Modelling
Machine 1 Machine 2 Machine 3
Machine 4 Machine 5
Buffer
Continuos Casting Machine
Storage Place
Crane B
Crane A
Lane 1
Lane 2
A Single Load
UPPAAL Model
OBJECTIVES
� powerful, unifying mathematical modelling
� efficient computerized problem-solving tools
� distributed real-time systems
� time-dependent behaviourand dynamic resource allocation
� TIMED AUTOMATA
LTR Project VHS (Verification of Hybrid systems)
![Page 151: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/151.jpg)
Informationsteknologi
UCb
Smart Card PersonalizationCybenetix, France
Maximize throughputMaximize throughput
Piles of blank cards Personalisation
Test
and possiblyreject
U Cb
Adder 1
S = A + S' - A'
Adder 2
T = B + T' - B'
Buffer 1
1 Kbytes
Buffer 2
1 Kbytes
Buffer 9
2 Kbytes
Buffer 8
2 Kbytes
Buffer 7
2 Kbytes
Buffer 6
512 bytes
Buffer 4
2 Kbytes
Buffer 3
512 bytes
Input A8 (100MHz)
A'
S' 16 (100 MHz)
Input B8 (100 MHz)
T'
B'
T
S
Output S Output T
256 (100 MHz)
128 (200 MHz)
SD
RA
M
Buffer 5
512 bytes
B
8 (100MHz)
8 (100MHz)
8 (100MHz)
16 (100 MHz)
16 (100 MHz)
16 (100 MHz)
256 (100 MHz)
256 (100 MHz)
256 (100 MHz)
256 (100 MHz)
256 (100 MHz)
256 (100 MHz)
256 (100 MHz)
256 (100 MHz)
Arbiter
U Cb
Memory Management Radar Video Processing Subsystem
Advanced Noise Advanced Noise Reduction TechniquesReduction Techniques
e1,2
e0,5
e0,4
e0,3
e0,2e2,4
e2,3
e2,2
e1,5
e1,4
e1,3
e3,2
e3,4e3,3
e3,5
e2,5
Sweep Integration
Airp
ort S
urve
illan
ce
Costal Surveillance
echo
9.170 GHz9.438 GHz
Combiner(VP3) F
requ
ency
Div
ersi
ty
combiner
2Ed Brinksma Car Periphery Supervision System: Case Study 3
CPS obtains and makes available for other systems information about environment of a car. This information may be used for:
Parking assistance
Pre-crash detection
Blind spot supervision
Lane change assistance
Stop & go
Etc
Based on Short Range Radar (SRR) technology
The CPS considered in this case study
One sensor group only
(currently 2 sensors)
Only the front sensors and corresponding controllers
Application: pre-crash detection, parking assistance, stop & go
CPS: Informal description
� Cybernetix:− Smart Card Personalization
� Terma:− Memory Interface
� Bosch:− Car Periphery Sensing
� AXXOM:− Lacquer Production
� Benchmarks
Case Studies
ÜberschriftÜberschrift
05.06.2005 Axxom Software AG Seite: 3
Product flow of a Product
Laboratory
Dispersion
Dose Spinner
Mixing Vessel Filling Stations
Storage
CORACORACORA
CLASSICCLASSICCLASSIC
![Page 152: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/152.jpg)
Informationsteknologi
UCb
Real Time Scheduling
5
10
20
25
UNSAFE
SAFE
• Only 1 “Pass”• Cheat is possible(drive close to car with “Pass”)
• Only 1 “Pass”• Cheat is possible(drive close to car with “Pass”)
The Car & Bridge ProblemCAN THEY MAKE IT TO SAFE
WITHIN 70 MINUTES ???
Crossing
Times
Pass
![Page 153: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/153.jpg)
Informationsteknologi
UCb
Real Time Scheduling
SAFE
5
10
20
25
UNSAFE
Solve Scheduling Problem
using UPPAAL
Solve Scheduling Problem
using UPPAAL
![Page 154: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/154.jpg)
Informationsteknologi
UCb
Resources & Tasks
Resource
Task
Shared variable
Synchronization
![Page 155: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/155.jpg)
Informationsteknologi
UCb
Task Graph SchedulingOptimal Static Task Scheduling
� Task P={P1,.., Pm}
� Machines M={M1,..,Mn}
� Duration ∆ ∆ ∆ ∆ : (P£M) ! N1
� < : p.o. on P (pred.)
� A task can be executed only if all predecessors have completed
� Each machine can process at most one task at a time
� Task cannot be preempted.
� Compute schedule with minimum completion-time!
P2 P1
P6 P3 P4
P7 P5
16,10
2,3
2,3
6,6 10,16
2,2 8,2
M = {M1,M2}
![Page 156: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/156.jpg)
Informationsteknologi
UCb
Task Graph SchedulingOptimal Static Task Scheduling
� Task P={P1,.., Pm}
� Machines M={M1,..,Mn}
� Duration ∆ ∆ ∆ ∆ : (P£M) ! N1
� < : p.o. on P (pred.)
P2 P1
P6 P3 P4
P7 P5
16,10
2,3
2,3
6,6 10,16
2,2 8,2
M = {M1,M2}E<> (Task1.End and … and Task7.End)
![Page 157: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/157.jpg)
Informationsteknologi
UCb
Experimental Results
Abdeddaïm, Kerbaa, Maler
Symbolic A*Brand-&-Bound
60 sec
![Page 158: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/158.jpg)
OptimalityPriced Timed Automata
with Paul Pettersson, Thomas Hune, Judi Romijn, Ansgar Fehnker, Ed Brinksma, Frits Vaandrager, Patricia Bouyer, Franck Cassez, Henning Dierks
Emmanuel Fleury, Jacob Rasmussen,..
![Page 159: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/159.jpg)
Informationsteknologi
UCb
EXAMPLE: Optimal rescue plan for cars with
different subscription rates for city driving !
SAFEGolf Citroen
BMW Datsun
9 2
3 10
OPTIMAL PLAN HAS ACCUMULATED COST=195 and TOTAL TIME=65!
5
10
20
25
![Page 160: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/160.jpg)
Informationsteknologi
UCb
Experiments
447406-0-0000
--85time<85
9751085
BD> B< CB> C< CG>
4030201
3782526555CG> G< BG> G<
GD>1111
#Pop’d#ExplTIMECOSTSCHEDULE
COST-rates
40826365170CD> C< CB> C<
CG>10321
35023260140CG> G< BD> C<
CG>4321
23314965195GD> G< CG> G<
BG>10329
263817621538
60CG> G< BD> C<
CG>Min Time
DBCG
![Page 161: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/161.jpg)
Informationsteknologi
UCb
Priced Timed Automata
Alur, Torre, Pappas (HSCC’01)
Behrmann, Fehnker, et all (HSCC’01)
l1l2 l3
x:=0
c+=1
x · 23 · y
c+=4
c’=4 c’=2 ☺☺☺☺0 · y · 4
y · 4x:=0
Timed Automata + COST variable
cost rate
cost update
![Page 162: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/162.jpg)
Informationsteknologi
UCb
Priced Timed Automata
Alur, Torre, Pappas (HSCC’01)
Behrmann, Fehnker, et all (HSCC’01)
l1l2 l3
x:=0
c+=1
x · 23 · y
c+=4
c’=4 c’=2 ☺☺☺☺0 · y · 4
y · 4x:=0
Timed Automata + COST variable
cost rate
cost update
(l1,x=y=0) (l1,x=y=3) (l2,x=0,y=3) (l3,_,_)ε(3)
12 1 4 ∑∑∑∑ c=17
TRACES
![Page 163: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/163.jpg)
Informationsteknologi
UCb
TRACES
Priced Timed Automata
Alur, Torre, Pappas (HSCC’01)
Behrmann, Fehnker, et all (HSCC’01)
l1l2 l3
x:=0
c+=1
x · 23 · y
c+=4
c’=4 c’=2 ☺☺☺☺0 · y · 4
y · 4x:=0
Timed Automata + COST variable
cost rate
cost update
(l1,x=y=0) (l1,x=y=3) (l2,x=0,y=3) (l3,_,_)
(l1,x=y=0) (l1,x=y=2.5) (l2,x=0,y=2.5) (l2,x=0.5,y=3) (l3,_,_)
(l1,x=y=0) (l2,x=0,y=0) (l2,x=3,y=3) (l2,x=0,y=3) (l3,_,_)
ε(3)
ε(2.5) ε(.5)
ε(3)
12 1 4
10 1 1 4
1 6 0 4
∑∑∑∑ c=17
∑∑∑∑ c=16
∑∑∑∑ c=11
Problem :
Find the minimum
cost of reaching lo
cation l3Problem
:
Find the minimum
cost of reaching lo
cation l3
Efficient Implementation:
CAV’01 and TACAS’04
Efficient Implementation:
CAV’01 and TACAS’04
![Page 164: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/164.jpg)
Informationsteknologi
UCb
Optimal Task Graph SchedulingPower-Optimality
� Energy-rates: C : M ! N
� Compute schedule with minimum completion-cost!
P2 P1
P6 P3 P4
P7 P5
16,10
2,3
2,3
6,6 10,16
2,2 8,2
4W 3W
![Page 165: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/165.jpg)
Informationsteknologi
UCb
Aircraft Landing Problem
cost
tE LT
E earliest landing timeT target timeL latest timee cost rate for being earlyl cost rate for being lated fixed cost for being late
e*(T-t)
d+l*(t-T)
Planes have to keep separation distance to avoid turbulences caused by preceding planes
Runway
![Page 166: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/166.jpg)
Informationsteknologi
UCb
Planes have to keep separation distance to avoid turbulences caused by preceding planes
Runway
129: Earliest landing time153: Target landing time559: Latest landing time10: Cost rate for early20: Cost rate for late
Runway handles 2 types of
planes
Modeling ALP with PTA
![Page 167: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/167.jpg)
Informationsteknologi
UCb
Aircraft LandingSource of examples:
Baesley et al’2000
CAV’01
![Page 168: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/168.jpg)
Symbolic ”A*”
![Page 169: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/169.jpg)
Informationsteknologi
UCb
Zones
Operations
x
y
Z
![Page 170: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/170.jpg)
Informationsteknologi
UCb
Priced Zone
x
y
∆4
2-1
Z
22 +−= xyyxCost ),(
CAV’01
![Page 171: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/171.jpg)
Informationsteknologi
UCb
Branch & Bound Algorithm
![Page 172: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/172.jpg)
Optimizationwith Multi Objectives
with Jacob I. Rasmussen
![Page 173: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/173.jpg)
Informationsteknologi
UCb
EXAMPLE: Optimal rescue plan for cars with
different subscription rates for city driving !
SAFEGolf Citroen
BMW Datsun
9 2
3 10
5
10
20
25
UNSAFE
My CAR!
MinimizesCostMYCAR
subject toCostCitroen · 60CostBMW · 90CostDatsun · 10
min CostMYCAR= 270
time = 70
CONDITIONAL
![Page 174: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/174.jpg)
Informationsteknologi
UCb 28
Multiple Objective Scheduling
P2 P1
P6 P3 P4
P7 P5
16,10
2,3
2,3
6,6 10,16
2,2 8,2
4W 3W
cost 1’==4 cost 2’==3
3W
![Page 175: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/175.jpg)
Informationsteknologi
UCb 29
Multiple Objective Scheduling
P2 P1
P6 P3 P4
P7 P5
16,10
2,3
2,3
6,6 10,16
2,2 8,2
4W 3W
cost 1’==4 cost 2’==3
cost 1
cost 2
Pareto Frontier
The Pareto Frontier for
Reachability in Multi Priced Timed Automata
is computable
[Illum, Larsen FoSSaCS05]
![Page 176: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/176.jpg)
BRICS@Aalborg
FMT@Twente
Optimal Infinite
Scheduling
with Ed Brinksma
Patricia Bouyer
Arne Skou
Ulrich Fahrenberg
![Page 177: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/177.jpg)
Informationsteknologi
UCb
EXAMPLE: Optimal WORK plan for cars withdifferent subscription rates for city driving !
Golf Citroen
BMW Datsun
92
3 10
5
10
20
25
maximal 100 min.
at each location
![Page 178: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/178.jpg)
Informationsteknologi
UCb
Workplan I
Datsun
U
BMW
U
Citroen
U
Golf
U
Datsun
S
BMW
S
Citroen
U
Golf
U
Datsun
U
BMW
U
Citroen
U
Golf
U
Datsun
U
BMW
S
Citroen
U
Golf
S
Datsun
U
BMW
U
Citroen
U
Golf
U
Datsun
S
BMW
U
Citroen
S
Golf
U
Datsun
U
BMW
U
Citroen
U
Golf
U
Datsun
S
BMW
U
Citroen
S
Golf
U
ε(25) ε(25)
ε(25)
ε(25)ε(20)
ε(20)
ε(25)
ε(25)
275 275
300
300300
300
300
300
Value of workplan:
(4 x 300) / 90 = 13.33
![Page 179: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/179.jpg)
Informationsteknologi
UCb
Workplan II
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
DatsunBMW
CitroenGolf
25/1255/25 20/180
10/90
5/1025/12510/130
5/65
25/225 10/90 10/0
10/0
5/1025/50
Value of workplan:
560 / 100 = 5.6
![Page 180: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/180.jpg)
Informationsteknologi
UCb 34
Optimal Infinite Scheduling
Maximize throughput:i.e. maximize Reward / Time in the long run!
![Page 181: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/181.jpg)
Informationsteknologi
UCb 35
Optimal Infinite Scheduling
Minimize Energy Consumption:i.e. minimize Cost / Time in the long run
![Page 182: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/182.jpg)
Informationsteknologi
UCb 36
Optimal Infinite Scheduling
Maximize throughput:i.e. maximize Reward / Cost in the long run
![Page 183: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/183.jpg)
Informationsteknologi
UCb
ac1 ac2
ac3 acn
t1 t2t3 tn
σσσσ
Value of path σσσσ: val(σσσσ) = limn!1 acn/tn
Optimal Schedule σσσσ*: val(σσσσ*) = infσ val(σσσσ)
Accumulated cost at step n
Accumulated time:(Car0.Err or Car1.Err or …)
THEOREM: σσσσ* is c
omputable
THEOREM: σσσσ* is c
omputable
Bouyer, Brinksma, Larsen H
SCC’04, FMSD’08
Optimal Infinite Scheduling ILimit Ratio (Pay-off)
![Page 184: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/184.jpg)
Informationsteknologi
UCb
c1 c2
c3 cn
t1 t2t3 tn
σσσσ
Value of path σσσσ: val(σσσσ) =
Optimal Schedule σσσσ*: val(σσσσ*) = infσ val(σσσσ)
Cost of step n
Vol>=Min and Vol<= Max
λ < 1 : discounting factor
Optimal Infinite Scheduling IDiscounting
THEOREM: σσσσ* is c
omputable
THEOREM: σσσσ* is c
omputable
Fahrenberg, Larsen: INFINITY’08
Accumulated time
![Page 185: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/185.jpg)
Informationsteknologi
UCb
Application Dynamic Voltage Scaling
![Page 186: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/186.jpg)
Informationsteknologi
UCb
Future Work & Challenges
���� Optimal Constrained Infinite Strategies for Multi-Priced TA
���� / ☺☺☺☺ Model Checking wrt PTCTL [Raskin et al, FORMATS’04]
[Bouyer, Larsen, Markey FoSSACS07]
���� Efficient implementations of Optimal Infinite Scheduling
���� Negative Cost Rates � Cost Bounded Infinite Runs
[Bouyer, Fahrenberg,Larsen, Markey, SrbaFORMATS08]
![Page 187: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/187.jpg)
Informationsteknologi
UCb
Further Information
www.uppaal.com
![Page 188: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/188.jpg)
Real TimeController Synthesis
withGerd Behrmann, Patricia Bouyer,
Franck Cassez, Agnes Counard, Alexandre DavidEmmanuel Fleury, Didier Lime, Nicolas Markey,
Jean-Francois Raskin
TIGATIGATIGA
![Page 189: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/189.jpg)
Info
rmationste
knolo
gi
UCb
CONCUR 2005, TACAS07, CAV07
www.uppaal.com
![Page 190: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/190.jpg)
Info
rmationste
knolo
gi
UCb
Model Checking
sensors
actuators
a
cb
1 2
43
a
cb
1 2
43
1 2
43
1 2
43
a
cb
UPPAAL Model
Modelofenvironment(user-supplied /non-determinism)
Model oftasks(automatic?)
PlantContinuous
Controller ProgramDiscrete
SAT φφφφ ??SAT φφφφ ??
![Page 191: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/191.jpg)
Info
rmationste
knolo
gi
UCb
??
PlantContinuous
Controller ProgramDiscrete
sensors
actuators
a
cb
1 2
43
a
cb
1 2
43
1 2
43
1 2
43
a
cb
Partial UPPAAL Model
Modelofenvironment(user-supplied)
Synthesisoftasks/scheduler(automatic)
SAT φφφφ !!SAT φφφφ !!
Synthesis
![Page 192: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/192.jpg)
Info
rmationste
knolo
gi
UCb
Model Checking
φ: Never two trains at
the crossing at the
same time
Environment
Controller
![Page 193: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/193.jpg)
Info
rmationste
knolo
gi
UCb
Synthesis
φ: Never two trains at
the crossing at the
same time
Environment
Controller
?
![Page 194: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/194.jpg)
Info
rmationste
knolo
gi
UCb
Synthesis
φ: Never two trains at
the crossing at the
same time
Controllable Uncontrollable
Find strategy for controllable
actions st behaviour satisfies φ
Controller
Environment
Two Player Game
![Page 195: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/195.jpg)
Info
rmationste
knolo
gi
UCb
Untimed and Timed GamesReachability / Safety Games
Uncontrollable
Controllable
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
x¸2
![Page 196: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/196.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Memoryless Strategy:F : Q � Ec
Winning Run:States(ρ) Å G ≠ Ø
Winning Strategy:Runs(F) µ WinRuns
![Page 197: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/197.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Memoryless Strategy:F : Q � Ec
Winning Run ρ:States(ρ) Å G ≠ Ø
Winning Strategy:Runs(F) µ WinRuns
![Page 198: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/198.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Memoryless Strategy:F : Q � Ec
Winning Run ρ :States(ρ) Å G ≠ Ø
Winning Strategy:Runs(F) µ WinRuns
![Page 199: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/199.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Backwards Fixed-Point Computation
cPred(X) = { q2Q | 9 q’2 X. q �c q’}uPred(X) = { q2Q | 9 q’2 X. q �u q’}
π(X) = cPred(X) \ uPred(XC) ]
Theorem:The set of winning states is obtained as the least fixpointof the function:
X aaaa ππππ(X) [ Goal
![Page 200: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/200.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Backwards Fixed-Point Computation
cPred(X) = { q2Q | 9 q’2 X. q �c q’}uPred(X) = { q2Q | 9 q’2 X. q �u q’}
π(X) = cPred(X) \ uPred(XC) ]
Theorem:The set of winning states is obtained as the least fixpointof the function:
X aaaa ππππ(X) [ Goal
![Page 201: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/201.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Backwards Fixed-Point Computation
cPred(X) = { q2Q | 9 q’2 X. q �c q’}uPred(X) = { q2Q | 9 q’2 X. q �u q’}
π(X) = cPred(X) \ uPred(XC) ]
Theorem:The set of winning states is obtained as the least fixpointof the function:
X aaaa ππππ(X) [ Goal
![Page 202: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/202.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Backwards Fixed-Point Computation
cPred(X) = { q2Q | 9 q’2 X. q �c q’}uPred(X) = { q2Q | 9 q’2 X. q �u q’}
π(X) = cPred(X) \ uPred(XC) ]
Theorem:The set of winning states is obtained as the least fixpointof the function:
X aaaa ππππ(X) [ Goal
![Page 203: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/203.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Backwards Fixed-Point Computation
cPred(X) = { q2Q | 9 q’2 X. q �c q’}uPred(X) = { q2Q | 9 q’2 X. q �u q’}
π(X) = cPred(X) \ uPred(XC) ]
Theorem:The set of winning states is obtained as the least fixpointof the function:
X aaaa ππππ(X) [ Goal
![Page 204: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/204.jpg)
Info
rmationste
knolo
gi
UCb
Untimed Games
Uncontrollable
Controllable
Backwards Fixed-Point Computation
cPred(X) = { q2Q | 9 q’2 X. q �c q’}uPred(X) = { q2Q | 9 q’2 X. q �u q’}
π(X) = cPred(X) \ uPred(XC) ]
Theorem:The set of winning states is obtained as the least fixpointof the function:
X aaaa ππππ(X) [ Goal
![Page 205: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/205.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
Uncontrollable
Controllable
x¸2
Memoryless Strategy:F : Q � Ec [ λ
Winning Run:States(ρ) Å G ≠ Ø
Winning Strategy:Runs(F) µ WinRuns
![Page 206: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/206.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
Uncontrollable
Controllable
x¸2
Memoryless Strategy:F : Q � Ec [ λ
Winning Run:States(ρ) Å G ≠ Ø
Winning Strategy:Runs(F) µ WinRuns
x != 1 : λx=1 : c
x<2 : λx¸2 : c
x != 1 : λx=1 : c
Winning (memoryless) strategy)
x<1 : λx¸1 : c
![Page 207: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/207.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games – State-of-the-ArtBackwards Fixed-Point Computation
Theorem:The set of winning states is obtained as the least fixpointof the function: X aaaa ππππ(X) [ Goal
cPred(X) = { q2Q | 9 q’2 X. q �c q’}uPred(X) = { q2Q | 9 q’2 X. q �u q’}Predt(X,Y) = { q2Q | 9 t. qt2X and 8 s·t. qs2YC }
π(X) = Predt[ X [ cPred(X) , uPred(XC) ]
Definitions
X
YPredt(X,Y)
![Page 208: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/208.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games – State-of-the-Art
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
x¸2
Backwards Fixed-Point Computation
0 1 2
![Page 209: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/209.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games – State-of-the-Art
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
x¸2
Backwards Fixed-Point Computation
0 1 2
![Page 210: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/210.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games – State-of-the-Art
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
x¸2
Backwards Fixed-Point Computation
0 1 2
![Page 211: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/211.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games – State-of-the-Art
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
x¸2
Backwards Fixed-Point Computation
0 1 2
![Page 212: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/212.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games – State-of-the-Art
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
x¸2
Backwards Fixed-Point Computation
0 1 2
![Page 213: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/213.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games – State-of-the-Art
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
x¸2
Backwards Fixed-Point Computation
0 1 2
![Page 214: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/214.jpg)
Info
rmationste
knolo
gi
UCb
Timed Games – State-of-the-Art
1
☺☺☺☺2
3
4
����
x>1
x·1
x<1
x:=0
x<1
x·1
x¸2
Backwards Fixed-Point Computation
0 1 2
UPPAAL Tiga
=
On-the-fly algor
ithm for timed
games
[CONCUR’05]
![Page 215: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/215.jpg)
Info
rmationste
knolo
gi
UCb
UPPAAL Tiga
CAV 2007CAV 2007
![Page 216: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/216.jpg)
Info
rmationste
knolo
gi
UCb
UPPAAL TigaCTL Control Objectives
� Reachability properties:− control: A[ p U q ] until
− control: A<> q ⇔ control: A[ true U q ]
� Safety properties:− control: A[ p W q ] weak until
− control: A[] p ⇔ control: A[ p W false ]
� Time-optimality :− control_t*(u,g): A[ p U q ]
� u is an upper-bound to prune the search
� g is the time to the goal from the current state
![Page 217: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/217.jpg)
Info
rmationste
knolo
gi
UCb
Train Crossing
Environment
Controller
φ: Never two trains at
the crossing at the
same time
![Page 218: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/218.jpg)
Info
rmationste
knolo
gi
UCb
A Buggy Brick Sorting Program
16MCD 2001, Twente Kim G. Larsen
UCb First UPPAAL modelSorting of Lego BoxesSorting of Lego BoxesSorting of Lego BoxesSorting of Lego Boxes
Conveyer Belt
Exercise: Design Controller so that only yellew boxes are being pushed out
Boxes
Piston
Black
Yellow
9 18 81 90
99
BlckYel
remove
eject
Controller
Ken Tindell
MAIN PUSH
Conveyer Belt
eject
![Page 219: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/219.jpg)
Info
rmationste
knolo
gi
UCb
Brick Sorting
Piston
Generic Plate
Controller
![Page 220: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/220.jpg)
Info
rmationste
knolo
gi
UCb
Brick Sorting
Piston
Generic Plate
ControllerStrategyfor EJECT
![Page 221: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/221.jpg)
Info
rmationste
knolo
gi
UCb
Production Cell
![Page 222: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/222.jpg)
Info
rmationste
knolo
gi
UCb
Climate Control
With Jan J. JessenJacob I. Rasmussen
![Page 223: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/223.jpg)
Info
rmationste
knolo
gi
UCb
Climate Control
![Page 224: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/224.jpg)
Info
rmationste
knolo
gi
UCb
Obtaining executable code
Stragegy
get0
give0 give0
1
temp0temp0 temp0
get1 get1 get1get1
give1 give1give1 give1
temp1temp1 temp1
objective
hottest
objective
hottest
humid0 humid0
humid1humid1 humid1humid1
have0
morehumidmorehumid
want0
have1
want1
inlet
outlet
heater
dec_humid
morehumidmorehumid
have0have0
want0want0
have1
want1
inlet
outlet
heater
have1
want1
inlet
outlet
humid0
objective
humid1 humid1
dec_humid
morehumid morehumidmorehumid
have0have0
dec_humid
want0want0
have1
want1
have1
want1
humid0
humid1
humid1
dec_humidmorehumid
have0
morehumid
want0
have1
want1
inlet
objective
hottest
humid0
humid1 humid1
dec_humid
morehumid morehumid
have0
want0
have1
temp1 temp1 temp1
hottest hottesthottest
objective
humid0
humid1
humid1
dec_humid
morehumidmorehumid
hottest
give1 give1give1 give1
temp1temp1 temp1
objective
hottest
objective
hottest
humid0
humid1humid1
dec_humid
morehumidmorehumid morehumid
have0have0
want0want0
dec_humid
humid0
objective
humid1humid1
dec_humid
morehumidmorehumid morehumid
have0 have0
dec_humid
want0want0
dec_humid
humid0
humid1 humid1
dec_humidmorehumid
have0
morehumid
want0
dec_humid
objective
hottest
humid0
humid1humid1
dec_humid
morehumidmorehumid morehumid
have0
want0
dec_humid
temp1 temp1 temp1
hottest hottest hottesthottest
objective objective
humid0
humid1humid1
morehumidmorehumid
humid0
humid1humid1
dec_humid
morehumidmorehumid
objectiveobjectiveobjective
humid0
humid1humid1
dec_humid
morehumid
have0
morehumid
dec_humid
want0
have1
want1
humid0humid0
humid1humid1
morehumidmorehumid
dec_humiddec_humid
humid1
morehumidmorehumid
dec_humiddec_humid
hottest hottest
objective objective
humid0
humid1humid1
dec_humid
morehumid
have0
morehumid
want0
have1
humid0
humid1humid1
dec_humid
morehumidmorehumid
get1 get1
give1 give1give1 give1
temp1temp1 temp1
objective
hottest
objective
hottest
humid0
humid1 humid1
dec_humid
morehumid morehumid
have0
humid0
objective
humid1 humid1
dec_humid
morehumid morehumidmorehumid
have0
dec_humid
humid0
humid1
humid1
dec_humid morehumid
have0
morehumid
objective
hottest
humid0
humid1humid1
dec_humid
morehumidmorehumid
have0
temp1temp1 temp1
hottesthottesthottest
objective
humid0
humid1
humid1
dec_humid
morehumidmorehumid
hottest
1296 cases
BDD 289 nodes
![Page 225: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/225.jpg)
Info
rmatio
nste
knolo
gi
UCb
Obtaining executable code
q23
q12
Ttotal
q23
T2
H2
qin3
qout3
Amb
u3
T3
H3
Third Zone Dynamics
Amb
T&H amb
SafeT3
SafeT2
SafeT1
SafeH3
SafeH2
SafeH1
T2
T3
[Q_23]^+_2
[Q_23]^−_2
T objective
H2
H3
H objective
state
Qout
Qin
u
[Q_23]^+_3
[Q_23]^−_3
Right Zone Controller
q12
qout2
qin2
u2
q23
T1
H1
T3
H3
Amb
T2
H2
Middle Zone Dynamics
T1
T2
T3
[Q_12]^+_1
[Q_12]^−_1
[Q_23]^+_3
[Q_23]^−_3
T objective
H1
H2
H3
H objective
state
Qout
Qin
u
[Q_12]^+_2
[Q_12]^−_2
[Q_23]^+_2
[Q_23]^−_2
Middle Zone Controller
T1
T2
[Q_12]^+_2
[Q_12]^−_2
T objective
H1
H2
H objective
state
Qout
Qin
u
[Q_12]^+_1
[Q_12]^−_1
Left zone controller
Htotal
[u3]
[u2]
[u1]
[H3]
[H2]
[H1]
[T3]
[T2]
[T1]
[T3]
[T3]
[T2]
[T2]
[T2]
[T2]
[H3]
[T2]
[H1]
[H2]
[H2]
[H3]
[H2]
[H1]
[T3]
[T2]
[T1]
[u3]
[T1]
[u2]
[u1]
[H3]
[H3]
[H2]
[H2]
[H2]
[H1]
[H1]
[T3]
[T1]
[T1]qout1
qin1
q12p1
q12m1
qout2
qin2
q12p2
q12m2
q23p2
q23m2
qout3
qin3
q23p3
q23m3
Qout1
Qin1
Q12
Qout2
Qin2
Q23
Qin3
Qout3
Flow Calc
qout1
qin1
q12
T2
H2
Amb
u1
T1
H1
First Zone Dynamics
0500100015002000250030003500400011.5
12
12.5
13
13.5
14
14.5
15
15.5
16
16.5
T1
T2
T3
Simulink
![Page 226: Verification , PerformanceAnalysis and Controller ... · Verification , PerformanceAnalysis and Controller Synthesis of Real Time Systems Kim GuldstrandLarsen using UPPAAL. Informationsteknologi](https://reader031.vdocuments.net/reader031/viewer/2022040601/5e9034969455bd0f247b01b3/html5/thumbnails/226.jpg)
Info
rmationste
knolo
gi
UCb
Open Problems
� Priced Timed Games
− Reachability & Model Checking
− Safety
− Negative cost rates
� Probabilistic Priced Timed Automata
� Timed Automata
− Fully Symbolic (CDD)
− Static Analysis & Slicing of C-code
� Timed Games
− Alternating Logics
− Partial Observability
− CEGAR
� Priced Timed Games
− Optimal Infinite Schedules for PTA (zone based)
− Multi-Objective Optimal Scheduling
� APPLICATIONS
� Live Sequence Charts
� Gantt Chart
� Code Generation− From TA models of
controllers
− From stategies
Decid
ability
Effic
iency
Usability
Thanks for your attention!
www.cs.aau.dk