Logic-based modeling and analysis of timed systems Matteo Rossi - - PDF document

1 Logic-based modeling and analysis of timed systems

Matteo Rossi Dipartimento di Elettronica ed Informazione Politecnico di Milano

2 Matteo Rossi DEI

The Formal Methods Group

People: Dino Mandrioli Angelo Morzenti Pierluigi San Pietro Matteo Pradella Matteo Rossi Paola Spoletini Carlo A. Furia Research Focus: Formal Methods for Safety-Critical Systems

• modeling
• analysis

Home Page: (old) http://www.elet.polimi.it/res/TRIO/

2

3 Matteo Rossi DEI

Timed Systems Modeling

Foundations: the TRIO language

• first-order temporal logic with a linear, metric notion of time
• parametric with respect to the temporal domain
• N, Z, Q, R, or subsets thereof
• suitable to describe systems both in-the-small and in-the-large
• the latter through modular constructs such as the notion of class

a number of variants and extensions of TRIO have been defined:

• HOT (Higher Order Trio)
• to powerfully represent complex types
• ArchiTRIO
• UML+TRIO, suitable for describing complex systems
• RZ-TRIO
• to seamlessly represent, in the same model, both discrete-time

and continuous-time components

4 Matteo Rossi DEI

ArchiTRIO

The core idea of ArchiTRIO: the first modeling, which involves laying out the system elements and their structure, is carried out with UML (v2.0)

• for this, Class and Composite Structure Diagrams are used

then, when and where needed, the designer can introduce constraints through temporal logic formulas

• the constraints can regard a number of issues: structural properties,

relationships among elements, dynamical properties of the system,

• r a combination thereof

The semantics of ArchiTRIO is formally defined through HOT as a side-effect, ArchiTRIO offers a formal semantics for a subset of UML

3

5 Matteo Rossi DEI

RZ RZ-TRIO

RZ-TRIO is a subset of TRIO such that, under suitable hypotheses and definitions, its formulas maintain the same meaning whether they are interpreted over a discrete or a continuous temporal domain RZ-TRIO can be used to: model heterogeneous system components, some described with a continuous notion of time, some described with a discrete notion of time, in a way that allows them to be seamlessly integrated start with the continuous-time description of a system, then automatically move to a discrete-time counterpart to perform verification in discrete time

• easier to implement and somewhat more efficient than continuous-

time verification

6 Matteo Rossi DEI

Analysis: Model Checking

Model checking TRIO specifications: restricted version of TRIO

• finite quantifications over non-temporal variables
• discrete time

– either bi-infinite or mono-infinite

both future and past temporal operators Peculiarity of the approach: both the system S and the property P to be checked can be expressed as (sets of) TRIO formulas

• purely logic approach

4

7 Matteo Rossi DEI

Model checking: tools and techniques

2 techniques: translation of TRIO formulas into alternating automata, which are then encoded into Promela (SPIN)

• prototype tool: TRIO2PROMELA

Bounded Model Checking

• translation of TRIO formulas into propositional formulas evaluated

with respect to bounded time structures, then input to SAT-solver – this allows time to be infinite (in both directions)

• prototype tool: Zot

8 Matteo Rossi DEI

Analysis: Theorem Proving

An encoding of TRIO into the higher-order logic of PVS has been defined, and some related proof strategies have been implemented Advantages the full power of TRIO can be used time can be continuous Disadvantages not highly automated Using a similar approach, ArchiTRIO models can be translated into the higher-order logic of PVS to perform deductive verification

5

9 Matteo Rossi DEI

Some Applications (past and future)

Energy production and distribution in collaboration with CESI Airport Ground Traffic Control System Ventricular Assist Devices in collaboration with University of Virginia Automotive with European partners Flexible Manufacturing Systems in collaboration with the Department of Mechanics of Politecnico di Milano

10 Matteo Rossi DEI

Projects related to Embedded Systems

Adaptive infrastructures for decentralised organizations (ArtDeco) FIRB project, started in 2006 we focus on modeling issues for distributed systems with heterogeneous components (from high-level services to field sensors) Holistic Design of Embedded Systems (HOLIDEYS) submitted to FP VII Call 1 the project proposal focuses on UML-based techniques for the formal development of heterogeneous embedded systems

• in particular, the focus is on the SysML profile of UML

6

11 Matteo Rossi DEI

References

[1] E. Ciapessoni, A. Coen-Porisini, E. Crivelli, D. Mandrioli, P. Mirandola, and A. Morzenti, From formal models to formally-based methods: an industrial experience, ACM Transactions on Software Engineering and Methodology, vol. 8, n. 1, pp. 79- 113, 1999. [2] M. Pradella, M. Rossi, and D. Mandrioli. ArchiTRIO: A UML-compatible language for architectural description and its formal semantics. In Proc. of FORTE 2005, Lecture Notes in Computer Science 3731, pp. 381-395, 2005. [3] C. A. Furia and M. Rossi. Integrating discrete- and continuous-time metric temporal logics through sampling. In Proc. of FORMATS 2006, Lecture Notes in Computer Science 4202, pp. 215-229, 2006. [4] A. Morzenti, M. Pradella, P. San Pietro, and P. Spoletini. Model-checking TRIO specifications in SPIN. In Proc. of FME 2003, Lecture Notes in Computer Science 2805, pp. 542–561, 2003. [5] M. Pradella, A. Morzenti, and P. San Pietro, The Symmetry of the Past and of the Future: Bi-infinite Time in the Verification of Temporal Properties. In Proc. of ESEC/FSE 2007, to appear. [6] A. Gargantini and A. Morzenti. Automated deductive requirements analysis of critical

• systems. ACM Transactions on Software Engineering and Methodology, vol. 10, n. 3,
• pp. 255–307, 2001.