Model-based ased Ve Veri rific icatio ation, Optim imiz - PowerPoint PPT Presentation

Model-based ased Ve Veri rific icatio ation, Optim imiz ization ation, Sy Synthesi hesis s and Perform ormanc ance e Evalu luation tion of Real-Time ime Sy Systems tems Al Alexandr xandre e Dav avid d Ki Kim m G. . La Lars rsen Aa Aalborg org Unive versity rsity, , DENMAR NMARK

Tim imed ed Aut Automa mata ta .. .. and Price ices, s, Games, mes, Probabilities obabilities Al Alexandr xandre e Dav avid d Ki Kim m G. . La Lars rsen Aa Aalborg org Unive versity rsity, , DENMAR NMARK

Aalborg lborg Aalborg Aarhus Copenhagen Aalborg University leading Danish ICT University in terms of Jomfru Ane Gade public investments (33%) ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [3]

CIS ISS S - Center r For Embe bedded dded Softwar tware e Systems ems Regio gional al ICT T Center enter (2003 003- ) 3 research groups   Computer Science  Control Theory  HW/SW- codesign 20 Employed 20  25 25 Associated  20 20 PhD Students  50 Industrial projects 50  10 Elite-students 10  65 65 MDKK  ARTIST Design  ARTEMIS  ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [4]

IDEA 4 CPS CPS Foundations oundations fo for r CPS Inst. of Software Chinese Academy of Sciences, I Beijing, China Technical University of Denmark, D Lyngby, Denmark East China Normal University, E Shanghai, China Aalborg University, A Denmark (2011 011-2014 014) ) + ( (2014 14-2017) 2017) IDEA4C A4CPS S Meeting ng Aalbo borg rg, June 11, 2013, Kim Larse sen [5]

ES are Pervasive vasive Characte cteri ristica stica :  Dedicated function  Complex environment  SW/HW/Mechanics  Autonomous  Ressource constrained : Energy : Bandwidth : Memory : …  Timi iming g con onstrain straints ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [6]

ES are of ofte ten Safet fety Critical itical 300 horse power 100 processors How to achieve ES that are: • correct • predicable • dependable • fault tolerant • ressource minial • cheap .. Model-Based Based Develop lopment ment ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [7]

Model Mo el Che hecki king ng Time Cost Probability No! System Description Debugging Information TOOL Yes Prototypes Requirement Executable Code A ฀ ( req ) A } grant) Test sequences A ฀ ( req ) A } t<30s grant) A ฀ ( req ) A } t<30s,c<5$ grant) A ฀ ( req ) A } t<30s , p>0.90 grant) ICTAC Sch chool ol, , Shanghai 2013 Kim Larse sen [8]

Synt nthesis hesis ? Time Cost Probability No! System Description Debugging Information TOOL Yes Control Strategy Requirement A ฀ ( req ) A } grant) A ฀ ( req ) A } t<30s grant) A ฀ ( req ) A } t<30s,c<5$ grant) A ฀ ( req ) A } t<30s , p>0.90 grant) ICTAC Sch chool ol, , Shanghai 2013 Kim Larse sen [9]

Ov Overview view  Timed med Automata & UPPAAL  Symb mboli olic Verification & UPPAAL Engine, Options CLASSIC  Priced iced Timed Automata and Timed Game ames CORA TIGA  Stochastic chastic Timed Automata Statist tistical ical Model Checking ECDAR SMC (Lecture+Exercise) 4 TRON ICTAC School, ool, Shan anghai i 2013 2013 Kim Larse sen [10 10]

www.cs.aa ww.cs.aau.dk/~kgl/Sh u.dk/~kgl/Shan anghai ghai2013 2013 www.up w.uppaa aal.o l.org rg ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [11 11]

Ti Timed med Aut Automata omata

UPPAAL AAL (1995 995- ) @ AALbor ALborg @UPPsal sala Kim G Larsen  Wang Yi  Alexandre David  Paul Pettersson  Gerd Behrman  John Håkansson  Marius Mikucionis  Anders Hessel  Jacob I. Rasmussen  Pavel Krcal  Arne Skou  Leonid Mokrushin Brian Nielsen   Shi Xiaochun Shuhao Li   UPPAAL Downloads 40000 @Elsewhere 35000 Emmanuel Fleury, Didier Lime, Johan Bengtsson, 30000 y = 3,4322x 2 - 28,247x + 749,99 Fredrik Larsson, Kåre J Kristoffersen, Tobias Amnell, 25000 Thomas Hune, Oliver Möller, Elena Fersman, Carsten Total Downloads 20000 Weise, David Griffioen, Ansgar Fehnker, Jan Tretmans, Frits Vandraager, Theo Ruys, Pedro D’Argenio , J-P 15000 Katoen,, Judi Romijn, Ed Brinksma, Martijn Hendriks, 10000 Klaus Havelund, Franck Cassez, Magnus Lindahl, 5000 Francois Laroussinie, Patricia Bouyer, Augusto 0 Burgueno, H. Bowmann, D. Latella, M. Massink, G. Faconti, Kristina Lundqvist, Lars Asplund, Justin Pearson..... YYMM ICTAC AC School, l, Shanghai ai 2013 2013 Kim Larse sen [13 13]

Real al Time me Systems tems sensors actuators Controller Program Plant Discrete Continuous Eg.: Realtime Protocols Pump Control Real Time System Air Bags A system where correctness not only Robots depends on the logical order of events Cruise Control but also on their timing!! ABS CD Players Production Lines ICTAC AC School, l, Shanghai ai 2013 2013 Kim Larse sen [14 14]

A A Dum umb Ligh ght t Con ontr troller oller ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [15 15]

Timed med Aut utom omata ata [Alur & Dill’ 89] Synchronizing action Reset Clock Guard Conjunctions of x~n x: real-valued clock AD ADD a clock x ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [16 16]

A Timed A med Aut utom omata ata (Semantics) States: Transitions: ( location , x=v) where v 2 R ( Off , x=0 ) delay 4.32  ( Off , x=4.32 ) press?  ( Light , x=0 ) delay 2.51  ( Light , x=2.51 ) press?  ( Bright , x=2.51 ) ICTAC AC School, l, Shanghai ai 2013 2013 Kim Larse sen [17 17]

In Inte tellige lligent nt Ligh ght t Con ontroller troller Invariant (Henzinger) ICTAC AC School, l, Shanghai ai 2013 2013 Kim Larse sen [18 18]

Inte In tellige lligent nt Ligh ght t Con ontroller troller X Note: Transitions: ( Light , x=0 ) delay 103  ( Off , x=0 ) delay 4.32  ( Off , x=4.32 ) press?  ( Light , x=0 ) delay 4.51  ( Light , x=4.51 ) Invariants press?  ( Light , x=0 ) delay 100  ( Light , x=100) ensures   ( Off , x=0) progress ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [19 19]

Timed med Aut utom omata ata (formally) ICTAC AC School, l, Shanghai ai 2013 2013 Kim Larse sen [20 20]

Timed med Aut utom omata ata (formally) ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [21 21]

Timed med Aut utom omata ata (formally) ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [22 22]

Timed med Aut utom omata ata (formally) ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [23 23]

Timed med Aut utom omata: ata: Example mple guard rd synchro chroni nizati ation reset ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [24 24]

Timed med Aut utom omata: ata: Example mple guard rd invariant riant ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [25 25]

Example ample a b c Is L1 reachable ? ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [26 26]

Example ample y a b x c ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [27 27]

Example ample y a b x c ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [28 28]

Example ample y a b a x c ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [29 29]

Example ample y a b a a x c ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [30 30]

Networks Ne tworks Lig ight Controller ller & Us User x:=0 x=100 x:=0 press? press? Off Light Bright x · 3 x · 100 x · 100 x:=0 x:=0 x=100 press? press? x:=0 x>3 Synchronization x:=0 y ¸ 10 press! y:=0 Transition ( Off, Rest, x=0, y=0 ) delay 20  ( Off, Rest, x=20, y=20 ) Rest Busy press?!  ( Light, Busy, x=0, y=0 ) y · 10 delay 2  ( Light, Busy, x=2, y=2) press?!  ( Bright, Rest, x=0, y=0) y:=0 press! ICTAC AC School, l, Shanghai ai 2013 2013 Kim Larse sen [31 31]

Ne Network twork Semantics mantics   1   T T  ( S  S ,  , s s ) X  A 1 2 where X X 2 1 2 0 0   s   s ´ s   s ´ 1 2 1 1 2 2   s   s   s ´ s   s s   s s ´     X 1 2 1 X 2 1 2 1 2 X X a a s   s ´ s   s ´ ! ? 1 2 1 1 2 2  s s   s ´ s ´     1 X 2 1 2 X e ( d ) e ( d ) s     s ´ s     s ´ 1 2 1 1 2 2 e ( d ) s   s     s ´ s ´   X 1 2 1 2 X ICTAC AC School, l, Shanghai ai 2013 Kim Larse sen [32 32]