formal verification of uml statecharts with real time
play

Formal Verification of UML Statecharts with Real-Time Extensions M. - PowerPoint PPT Presentation

Aug 09, 2023 •89 likes •356 views

Formal Verification of UML Statecharts with Real-Time Extensions M. Oliver M Alexandre David oller Wang Yi Uppsala University BRICS Arhus

  1. � ✁ � ✁ Formal Verification of UML Statecharts with Real-Time Extensions M. Oliver M¨ Alexandre David oller Wang Yi � Uppsala University BRICS ª Arhus ✂☎✄✆✂✞✝✠✟✞✄☛✡✌☞✠✟ ✍✆✄☎✎✑✏☎✒☛✓✕✔☎✔✖✓✗✒✙✘ ✎✙✚✛✎✆✘☎✜✆✜☎✘✆✢☎✍✙✣✛✢✛✟✆✏☎✒☛✓✌✄✙✤ Outline: 1 UML, Statecharts, and Time 2 Semantics for Formal Verification 3 Verifying a Pacemaker with U PPAAL O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 1

  2. Unified Modeling Language (UML) Born from unification of other methods ( Booch, OMT, OOSE) Different views of a system: A) user view - use case diagrams B) structural view - class diagrams C) behavioral view - statecharts D) environmental view - deployment diagrams E) implementation view - component diagrams An evolving standard : 1.3 finished 2000 1.4 finished 2001 2.0 work in progress (4 RFP issued May/Sept) O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 2

  3. ✦ ✥ The Statechart Formalism Features hierarchical state machines parallelism (on any level) history event communication powerful synchronization mechanisms inter-level transitions actions that are dependent on states ✧✩★✫✪✭✬✯✮✰✧✲✱✳✬✴✧✲✵ actions on entry/exit ... O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 3

  4. ❀ ❁ Restricted Statechart Formalism Current restricted features hierarchical state machines ✔ parallelism (on any level) ✔ history ✔ no event communication no sync states no inter-level transitions no actions that are dependent on states no actions on entry/exit ✶✸✷✺✹✼✻✸✽✰✶✲✾✳✻✴✶✲✿ instead: hand-shake style synchronization shared variables O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 4

  5. Real-Time Extensions Clocks (timed) Guards Invariants O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 5

  6. O LIVER M ¨ 6 NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS

  7. A Word on Semantics UML-statecharts: informal (textual) semantic statements ambiguity of text variations over 1.3 / 1.4 / 2.0 implementations make user-driven choices our formalism: rule-based, formal semantic unambiguous not identical, makes clear choices any given formal statechart semantic should be “easy” to translate into it O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 7

  8. ● ❋ ❋ ● Semantic Rules (example) configuration: with control locations valuation of integer variables valuation of clocks history operation: . ❂❄❃❆❅✰❃❈❇❉❃❈❊ a transition JoinEnabled Inv EXIT action O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 8

  9. ❍ Model Checking : description of the system : desired property easier than proving a general theorem completely automatic (’yes’ or counterexample) efficient algorithms tailored for classes of problems O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 9

  10. ❖ ❚ ❚ Real-Time Model Checking with U PPAAL x := 0 C A B count == 4 x <= 5 D x == 5 count := count +1 ✏✞✜✆✎✛✏■✤ ❏▲❑ ✟■▼✆◆ ✏✞✎✙✔☎▼✆◆ Only subset of TCTL supported: ❖◗P❙❘ reachability ❚❱❯❳❲ safety (invariantly ) ❯❳❲ possibly always P❙❘ inevitably ❚❱❯❳❲ P❙❘ unbounded response propositional formula over locations and (existing) clocks O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 10

  11. ❨ From (timed) Statecharts to U PPAAL Rhapsody timed Statechart HTA model TA model flatten ( ❨ ) hierarchical model TA-close hierarchy MODEL-CHECK informal description formal semantics formal semantics O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 11

  12. ❨ From (timed) Statecharts to U PPAAL Rhapsody timed Statechart HTA model TA model flatten ( ❨ ) hierarchical model TA-close hierarchy MODEL-CHECK informal description formal semantics formal semantics NORMALIZATION FLATTENING simplification of data auxiliary locations (safe) omission of c-code auxiliary variables Guiding Principle: Make it easy to adjust to small changes O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 12

  13. ❩ ❩ ❩ ❨ ❩ ❦ ❩ ❩ Soundness &Correctness Translations introduce slack. Thus flatten flatten but ❥ flatten flatten ❬❪❭❴❫❛❵❝❜❡❞❣❢❛❤✸✐ timed flatten ( timed transition system ) traces give rise to project to match timed traces timed traces O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 13

  14. O LIVER M ¨ 14 NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS

  15. Outline of the Flattening 3 phases to flatten a hierarchical structure: 1. Collect instantiations every superstate becomes one (flat) timed automaton 2. Compute global joins mimic synchronization-on-exit in the the flat automata principle: use counters & and add threshold-guard 3. Post-process channel communication a transitions may not synchronize with its own superstate principle: duplicate channels & restrict scope O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 15

  16. ❹ ✉ ❧ ❶ ✈ ✈ ✉ ✈ ❧ r ❧ r ✉ ✈ r r ➄ ⑥ ⑤ ➉ ✉ Example: Flattening the Model of a Human Heart HEART_TIME <= HEART_DELAY_AFTER_V_CONTRACTION VentricularChamberSense! ❿❷➉ ➋➍✈ ➄❷↔❪②✭②❄↕ After_V_Contraction V_listening == 1 HEART_TIME <= 0 ✉♦➔ r❡➣ ➄→➋ ✈❼⑦➙④ VContraction V_listening == 0 ❧✼❸ ❧❷❹✼❺ ✈❙⑦⑨⑧✭⑩❷❶ ⑩✭❻ HEART_TIME == HEART_DELAY_AFTER_V_CONTRACTION ✈①✇③②❙④ xtSgnl_NR_5? ➜➞➝❈➟➡➠➤➢➡➥➦➝➧➥➞➨❳➩❈➩❳➫ ✈①✇③②❙④ xtSgnl_NR_5? HEART_TIME := 0 HEART_TIME := 0 enter_S_in_X_via_V? ♣➈➃➇➉ ➉✭♣s♥❷❿ ➊➇r✭♥s➃ ✈❽②✭②➓➄➇➆➈➄ ✈➌➋➍✈♦➆➈➎ ➃✼➀ ➄❷✈ ♠♦♥q♣sr✭t xtSgnl_NR_5? HEART_TIME <= HEART_ALLOWED_STOP_TIME ✈➑✇③②➒④ Stopped ✈❽②✭②❽❾ r❷❿✼♥➁➀ ♥✼➂ rs➃ S_IDLE HEART_TIME == HEART_ALLOWED_STOP_TIME ✈①✇③②➒④ ♣➈➃➇➉ ➉✭♣s♥❷❿ ➊➇r✭♥➁➃ xtSgnl_NR_5? ➃✼➀ ✈❼⑦➅➄➇➆➈➄ ✈➌➋➍✈♦➆➈➎ HEART_TIME := 0 ❧✭♠♦♥q♣sr✭t ➄❷✈ ❧✭❺ ❶➇➏➍➐✭⑩ r❷❿✼♥➁➀ ♥✼➂ rs➃ ✈❽②✭②❽❾ FLATLINE enter_S_in_X_via_A? xtSgnl_NR_5? ✈①✇③②❙④ HEART_TIME := 0 xtSgnl_NR_5? HEART_TIME == HEART_DELAY_AFTER_A_CONTRACTION ❧✼❸ ❧❷❹✼❺ ✈❼⑦✑⑧✭⑩❷❶ ⑩✭❻ ✈❙⑦➛④ AContraction HEART_TIME <= 0 After_A_Contraction HEART_TIME <= HEART_DELAY_AFTER_A_CONTRACTION inner superstate enter_S_in_X_via_A! S_ACTIVE_in_X enter_S_in_X_via_V! X_AUX_S_A X_AUX_S_V xtSgnl_NR_5! VPace? APace? enterTop? HEART_TIME := 0 xtSgnl_NR_5! HEART_TIME := 0 HEART_TIME := 0 X_IDLE CONNECT_A CONNECT_V outer superstate O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 16

  17. Communication Conflict A A B B c! c_1! c? c_2? cannot keep c rename c inside cannot remove c rename c outside modify other transitions: either choose one of c 1, c 2 or duplicate transition (allow both) O LIVER M ¨ NWPT’01 10 O CTOBER 2001 OLLER : F ORMAL V ERIFICATION OF UML S TATECHARTS WITH R EAL -T IME E XTENSIONS 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Formal Verification of Real Time Systems Timed Automata Radek Pel anek Basic Concepts

Formal Verification of Real Time Systems Timed Automata Radek Pel anek Basic Concepts

Basic Concepts Theoretical Results Practical Verification Summary Formal Verification of Real Time Systems Timed Automata Radek Pel anek Basic Concepts Theoretical Results Practical Verification Summary Aim of the Lecture knowledge of

849 views • 67 slides
Translating SCXML Statecharts to iUML-B State-machines Karla Morris : Sandia National

Translating SCXML Statecharts to iUML-B State-machines Karla Morris : Sandia National

Translating SCXML Statecharts to iUML-B State-machines Karla Morris : Sandia National Laboratories, CA, USA Colin Snook : University of Southampton, UK Motivation Event-B provides verification by formal proof but notation is

488 views • 21 slides
Modelling of NPCs With the use of interacting statecharts Overview Why statecharts?

Modelling of NPCs With the use of interacting statecharts Overview Why statecharts?

Modelling of NPCs With the use of interacting statecharts Overview Why statecharts? Related work My contribution Conclusion 1 Why Statecharts? 2 Turn Based Games Popular examples include computerized board games like Chess

497 views • 35 slides
Real Time Video &amp; Driver ID Verification From Vehicles Context is Everything Just like

Real Time Video &amp; Driver ID Verification From Vehicles Context is Everything Just like

Real Time Video &amp; Driver ID Verification From Vehicles Context is Everything Just like Mission Impossible, but real We develop TRUE real-time wireless video surveillance solutions to some of the worlds most demanding customers, where

562 views • 18 slides
A Survey of Classical, Real-Time, and Time-Bounded Verification Jol Ouaknine Department of

A Survey of Classical, Real-Time, and Time-Bounded Verification Jol Ouaknine Department of

A Survey of Classical, Real-Time, and Time-Bounded Verification Jol Ouaknine Department of Computer Science Oxford University Quantitative Model Checking Winter School, February 2012 The Classical Theory of Verification Automata e T t a

1.6k views • 137 slides
Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply

Model-Checking Acknowledgment Formal Verification Formal verification means to apply mathematical arguments to prove the correctness of systems Systems have bugs Formal verification aims to find and correct such bugs Why? Computer systems

1.42k views • 122 slides
Specification and verification in the field: Applying formal methods to BPF just-in-time

Specification and verification in the field: Applying formal methods to BPF just-in-time

Specification and verification in the field: Applying formal methods to BPF just-in-time compilers in the Linux kernel Luke Nelson, Jacob Van Geffen, Emina Torlak, and Xi Wang University of Washington Goal: formally verified (e)BPF JITs in the

267 views • 22 slides
Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for

Formal Verification and Computer Architecture A Validated Formal Model of the x86 ISA for Analyzing Computing Systems Shilpi Goel shilpi@centtech.com Formal Verification Engineer Centaur Technology, Inc. Software and Reliability Can we rely

1.14k views • 78 slides
Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim

Formal Hardware Verification: getting started Mary Sheeran Making Formal Verification work Aim for automation (bit level) Find niches where formal methods work well Use assertions/ properties first in sim. and then in FV (the acronym is ABV,

1.14k views • 65 slides
Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal

Formal Verification in Industry 1 Formal Verification in Industry John Harrison Intel Corporation The cost of bugs Formal verification Machine-checked proof Automatic and interactive approaches HOL Light Floating point

366 views • 25 slides
Real- -Time Systems Time Systems Real Specification Implementation Task model

Real- -Time Systems Time Systems Real Specification Implementation Task model

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #10 Updated 2009-02-15 Real- -Time Systems Time Systems Real Specification Implementation Task model Execution-time analysis Verification Designing a real-

487 views • 15 slides
Real- -Time Systems Time Systems Real Ada 95 Specification Clocks, time, delay Task

Real- -Time Systems Time Systems Real Ada 95 Specification Clocks, time, delay Task

EDA222/DIT160 Real-Time Systems, Chalmers/GU, 2008/2009 Lecture #4 Updated 2009-01-25 Real- -Time Systems Time Systems Real Ada 95 Specification Clocks, time, delay Task priorities Implementation Verification Ada 95

157 views • 13 slides
WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh

WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh

WP verification methodology and tools Paul Jackson School of Informatics University of Edinburgh Formal Verification Spring 2017 Levels of formal verification Checking freedom from run-time exceptions Dominant level for Spark tools

263 views • 8 slides
Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal

Formal Verification of Floating-Point Arithmetic 1 Formal Verification of Floating-Point Arithmetic John Harrison Intel Corporation Formal verification Machine-checked proof Automatic and interactive approaches HOL Light

539 views • 19 slides
Run-time Verification Oleg Sokolsky CIS 673 Fall 2006 Outline Motivation and overview

Run-time Verification Oleg Sokolsky CIS 673 Fall 2006 Outline Motivation and overview

Run-time Verification Oleg Sokolsky CIS 673 Fall 2006 Outline Motivation and overview Why run-time verification Formal methods and run-time verification Property specification Incremental property checking MaC

952 views • 72 slides
FTRTFT Oldenburg Sep 12, 2002 An Overview of Formal Verification For The Time Triggered

FTRTFT Oldenburg Sep 12, 2002 An Overview of Formal Verification For The Time Triggered

FTRTFT Oldenburg Sep 12, 2002 An Overview of Formal Verification For The Time Triggered Architecture John Rushby Computer Science Laboratory SRI International Menlo Park, California, USA John Rushby, SR I FTRTFT02: 1

826 views • 69 slides
Migration From DB2 in a Large Public Setting: Lessons Learned Bal azs B ar any and

Migration From DB2 in a Large Public Setting: Lessons Learned Bal azs B ar any and

Migration From DB2 in a Large Public Setting: Lessons Learned Bal azs B ar any and Michael Banck PGConf.EU 2017 Introduction Federate state ministry in Germany Hosting by states central IT service centre Michael worked as

685 views • 21 slides
Image Head of IT Knowledge Cluster of Excellence Gestaltung An Interdisciplinary Laboratory

Image Head of IT Knowledge Cluster of Excellence Gestaltung An Interdisciplinary Laboratory

Alexander Struck Image Head of IT Knowledge Cluster of Excellence Gestaltung An Interdisciplinary Laboratory How red tape and other obstacles are holding us back 1 Image About Knowledge Gestaltung An Interdisciplinary Laboratory Me

659 views • 7 slides
Voting Machines and Voting Machines and Automotive Software: Automotive Software: Explorations

Voting Machines and Voting Machines and Automotive Software: Automotive Software: Explorations

Voting Machines and Voting Machines and Automotive Software: Automotive Software: Explorations with SMT at Scale Explorations with SMT at Scale Sanjit A. Seshia Sanjit A. Seshia EECS Department EECS Department UC Berkeley UC Berkeley

493 views • 24 slides
CLIVAR-ICTP Workshop on Decadal Climate Variability and Predictability: Challenges and

CLIVAR-ICTP Workshop on Decadal Climate Variability and Predictability: Challenges and

CLIVAR-ICTP Workshop on Decadal Climate Variability and Predictability: Challenges and Opportunity Workshop Objectives and the CLIVAR DCVP RF International Center for Theoretical Physics (ICTP) Trieste, Italy 16-20 November 2015 Decadal

345 views • 12 slides
Debian Security Team presentation Yves-Alexis Perez SSTIC 2018 Introduction Introduction

Debian Security Team presentation Yves-Alexis Perez SSTIC 2018 Introduction Introduction

Debian Security Team presentation Yves-Alexis Perez SSTIC 2018 Introduction Introduction Debian Security Team presentation SSTIC 2018 1 / 37 corsac debian.org Introduction Who am I? Yves-Alexis Perez (Corsac) ANSSI head of software

795 views • 40 slides
DIMACS Workshop on Facing the Themes Invited participants Challenges of Infectious Diseases in

DIMACS Workshop on Facing the Themes Invited participants Challenges of Infectious Diseases in

DIMACS-SACEMA 2006 Aims and Objectives DIMACS Workshop on Facing the Themes Invited participants Challenges of Infectious Diseases in Organizers Africa: The Role of Mathematical Sponsors Summary of Modelling Workshop Future plans

205 views • 19 slides
Hepatitis Advocacy: Understanding Federal Appropriations March 29, 2018 Phone/Audio Option

Hepatitis Advocacy: Understanding Federal Appropriations March 29, 2018 Phone/Audio Option

Hepatitis Advocacy: Understanding Federal Appropriations March 29, 2018 Phone/Audio Option Call-In #: +1 (213) 929-4232 Attendee Access Code: 962-338-217 All attendees are muted. Questions? Questions? Submit questions in the chat box at

865 views • 40 slides
Accelerating Difference Sally Bonneywell VP Coaching, GSK WBECS 2015 What we are going to cover

Accelerating Difference Sally Bonneywell VP Coaching, GSK WBECS 2015 What we are going to cover

Accelerating Difference Sally Bonneywell VP Coaching, GSK WBECS 2015 What we are going to cover today: 1. How we addressed a really tough organisational problem using Coaching - gender imbalance in leadership teams in GSK 2. Why this is an

287 views • 28 slides

More recommend